From patchwork Thu Aug 19 15:30:12 2021
Content-Type: text/plain; charset="utf-8"
MIME-Version: 1.0
Content-Transfer-Encoding: 7bit
X-Patchwork-Submitter: Vladislav Odintsov <odivlad@gmail.com>
X-Patchwork-Id: 1518723
Return-Path: <ovs-dev-bounces@openvswitch.org>
X-Original-To: incoming@patchwork.ozlabs.org
Delivered-To: patchwork-incoming@bilbo.ozlabs.org
Authentication-Results: ozlabs.org;
 spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org
 (client-ip=140.211.166.136; helo=smtp3.osuosl.org;
 envelope-from=ovs-dev-bounces@openvswitch.org; receiver=<UNKNOWN>)
Authentication-Results: ozlabs.org;
	dkim=fail reason="signature verification failed" (2048-bit key;
 unprotected) header.d=gmail.com header.i=@gmail.com header.a=rsa-sha256
 header.s=20161025 header.b=uNmL7Gvt;
	dkim-atps=neutral
Received: from smtp3.osuosl.org (smtp3.osuosl.org [140.211.166.136])
	(using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits)
	 key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest
 SHA256)
	(No client certificate requested)
	by ozlabs.org (Postfix) with ESMTPS id 4Gr7y05KjJz9s5R
	for <incoming@patchwork.ozlabs.org>; Fri, 20 Aug 2021 01:30:32 +1000 (AEST)
Received: from localhost (localhost [127.0.0.1])
	by smtp3.osuosl.org (Postfix) with ESMTP id 51F4D60634;
	Thu, 19 Aug 2021 15:30:30 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Received: from smtp3.osuosl.org ([127.0.0.1])
	by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
	with ESMTP id u_W3iYNCbG_l; Thu, 19 Aug 2021 15:30:26 +0000 (UTC)
Received: from lists.linuxfoundation.org (lf-lists.osuosl.org
 [IPv6:2605:bc80:3010:104::8cd3:938])
	by smtp3.osuosl.org (Postfix) with ESMTPS id A478F613A0;
	Thu, 19 Aug 2021 15:30:25 +0000 (UTC)
Received: from lf-lists.osuosl.org (localhost [127.0.0.1])
	by lists.linuxfoundation.org (Postfix) with ESMTP id 7B862C0010;
	Thu, 19 Aug 2021 15:30:25 +0000 (UTC)
X-Original-To: dev@openvswitch.org
Delivered-To: ovs-dev@lists.linuxfoundation.org
Received: from smtp4.osuosl.org (smtp4.osuosl.org [140.211.166.137])
 by lists.linuxfoundation.org (Postfix) with ESMTP id 15C2DC000E
 for <dev@openvswitch.org>; Thu, 19 Aug 2021 15:30:24 +0000 (UTC)
Received: from localhost (localhost [127.0.0.1])
 by smtp4.osuosl.org (Postfix) with ESMTP id 05F6640611
 for <dev@openvswitch.org>; Thu, 19 Aug 2021 15:30:24 +0000 (UTC)
X-Virus-Scanned: amavisd-new at osuosl.org
Authentication-Results: smtp4.osuosl.org (amavisd-new);
 dkim=pass (2048-bit key) header.d=gmail.com
Received: from smtp4.osuosl.org ([127.0.0.1])
 by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024)
 with ESMTP id 6rW1C2lHy4Zb for <dev@openvswitch.org>;
 Thu, 19 Aug 2021 15:30:19 +0000 (UTC)
X-Greylist: whitelisted by SQLgrey-1.8.0
Received: from mail-ej1-x633.google.com (mail-ej1-x633.google.com
 [IPv6:2a00:1450:4864:20::633])
 by smtp4.osuosl.org (Postfix) with ESMTPS id 96D6F40341
 for <dev@openvswitch.org>; Thu, 19 Aug 2021 15:30:19 +0000 (UTC)
Received: by mail-ej1-x633.google.com with SMTP id b15so13694487ejg.10
 for <dev@openvswitch.org>; Thu, 19 Aug 2021 08:30:19 -0700 (PDT)
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=gmail.com; s=20161025;
 h=from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=8r9IWPiAZFVX8Zv7SvgG2h0mWZJSMhAKVsGvPaXWCzE=;
 b=uNmL7GvtoG4lAh7T1zqYEv/pGQMuDDNDYcPZtM835sxbbr4aLHBnez5gnVBM+W0vRT
 45vim8iQhldULNXM12PQ133It+/f4aFyLGVeswEPxMcCDViUpQsY/oy/Ddvh9Dkb81o1
 50zp1cmEEDsQhmyHIpyJPzBHahkcxKUU4VTcuoyTrI5CL2zTuz3vvlsMXVixY5KQeuaC
 d0P/4iDn5oaRjEJ4q2xqzpb6FIwviteAIWd7Wb2WmhoktYv7bB/drgFY3UQYc/nIyWBf
 Lg3o0u/L0+snP0i1TO1rS7XEKHYOnN2YNMriOuuHbCM7LeXqaiS57MMa+mh1pQmOC31z
 EQlg==
X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed;
 d=1e100.net; s=20161025;
 h=x-gm-message-state:from:to:cc:subject:date:message-id:mime-version
 :content-transfer-encoding;
 bh=8r9IWPiAZFVX8Zv7SvgG2h0mWZJSMhAKVsGvPaXWCzE=;
 b=AG9EHIwqVfRQleq8mjUq5Uc/85UjVgJn5Jgs31SZN4dshXbvvjg/FkaFp5klKGZTiG
 ysJ9UJxLnSv+8+LfLKdPoLXIaBvYiEUvoFkKf8aXvh7I2F8+k+3mRrnykQHXIC3fCgOU
 DoKmjq0HG0LB94ymgyRkr/pzY2+9d4Ofk/7KCQCs+nFZ7CXXlyRYmpMqLA/414tC8MW8
 9jcrs3TWgIH1d8/YW0OaE1/VxDFncbm/kVbLOkViTw/Mbi+MA3SMxWJaKZhnjR5cf4nt
 CLcdCIvRf4o2k/q/8Ic4FpjdMYA+PgvFIsTzerF2LtEBndFN4tWCZIQaX/T73X48hF0O
 Uoww==
X-Gm-Message-State: AOAM533WdW9LuPdJiBdX/3q5/knKbW+zzLTavugJZtMh+3nf8mpZxKKQ
 P37DbYk3vRcz38fgjim1g2Vfxhw/TMQ=
X-Google-Smtp-Source: 
 ABdhPJwqo2B6gS/r1vDpI/D5P/xupOFMVDDL6m2aCipl/vrk8l0tRCWx/zBhCNqclEYtDyG6Z5RRFw==
X-Received: by 2002:a17:907:1744:: with SMTP id
 lf4mr16182977ejc.52.1629387017317;
 Thu, 19 Aug 2021 08:30:17 -0700 (PDT)
Received: from localhost.localdomain ([85.187.18.208])
 by smtp.gmail.com with ESMTPSA id r27sm1883271edb.66.2021.08.19.08.30.14
 (version=TLS1_2 cipher=ECDHE-ECDSA-AES128-GCM-SHA256 bits=128/128);
 Thu, 19 Aug 2021 08:30:16 -0700 (PDT)
From: Vladislav Odintsov <odivlad@gmail.com>
To: dev@openvswitch.org
Date: Thu, 19 Aug 2021 18:30:12 +0300
Message-Id: <20210819153012.82531-1-odivlad@gmail.com>
X-Mailer: git-send-email 2.30.0
MIME-Version: 1.0
Cc: Vladislav Odintsov <odivlad@gmail.com>
Subject: [ovs-dev] [PATCH ovn v2] ic: learn routes to LR only from
	corresponding transit switch
X-BeenThere: ovs-dev@openvswitch.org
X-Mailman-Version: 2.1.15
Precedence: list
List-Id: <ovs-dev.openvswitch.org>
List-Unsubscribe: <https://mail.openvswitch.org/mailman/options/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=unsubscribe>
List-Archive: <http://mail.openvswitch.org/pipermail/ovs-dev/>
List-Post: <mailto:ovs-dev@openvswitch.org>
List-Help: <mailto:ovs-dev-request@openvswitch.org?subject=help>
List-Subscribe: <https://mail.openvswitch.org/mailman/listinfo/ovs-dev>,
 <mailto:ovs-dev-request@openvswitch.org?subject=subscribe>
Errors-To: ovs-dev-bounces@openvswitch.org
Sender: "dev" <ovs-dev-bounces@openvswitch.org>

This commit fixes an error where in case of LRs were connected
between different AZs with ovn-ic, their routes were leaking
from one LR attached to its transit switch to another LR
attached to another transit switch.

Testcase, which reproduces described problem is added as well.

Signed-off-by: Vladislav Odintsov <odivlad@gmail.com>
---
v1 -> v2:
 - Address Han's review comments:
   - Make comments and test more clear to understand.
   - Use ovsdb_idl_index to optimize transit switch lookup.
---
 ic/ovn-ic.c     | 17 ++++++++++++++-
 tests/ovn-ic.at | 55 +++++++++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 71 insertions(+), 1 deletion(-)

diff --git a/ic/ovn-ic.c b/ic/ovn-ic.c
index d69583956..75e798cd1 100644
--- a/ic/ovn-ic.c
+++ b/ic/ovn-ic.c
@@ -67,6 +67,7 @@ struct ic_context {
     struct ovsdb_idl_index *sbrec_chassis_by_name;
     struct ovsdb_idl_index *sbrec_port_binding_by_name;
     struct ovsdb_idl_index *icsbrec_port_binding_by_ts;
+    struct ovsdb_idl_index *icsbrec_route_by_ts;
 };
 
 struct ic_state {
@@ -1156,7 +1157,14 @@ sync_learned_route(struct ic_context *ctx,
 {
     ovs_assert(ctx->ovnnb_txn);
     const struct icsbrec_route *isb_route;
-    ICSBREC_ROUTE_FOR_EACH (isb_route, ctx->ovnisb_idl) {
+    const struct icsbrec_route *isb_route_key =
+        icsbrec_route_index_init_row(ctx->icsbrec_route_by_ts);
+
+    icsbrec_route_index_set_transit_switch(isb_route_key,
+                                           ic_lr->isb_pb->transit_switch);
+
+    ICSBREC_ROUTE_FOR_EACH_EQUAL (isb_route, isb_route_key,
+                                  ctx->icsbrec_route_by_ts) {
         if (isb_route->availability_zone == az) {
             continue;
         }
@@ -1208,6 +1216,8 @@ sync_learned_route(struct ic_context *ctx,
                 ic_lr->lr, nb_route);
         }
     }
+    icsbrec_route_index_destroy_row(isb_route_key);
+
     /* Delete extra learned routes. */
     struct ic_route_info *route_learned, *next;
     HMAP_FOR_EACH_SAFE (route_learned, next, node, &ic_lr->routes_learned) {
@@ -1678,6 +1688,10 @@ main(int argc, char *argv[])
         = ovsdb_idl_index_create1(ovnisb_idl_loop.idl,
                                   &icsbrec_port_binding_col_transit_switch);
 
+    struct ovsdb_idl_index *icsbrec_route_by_ts
+        = ovsdb_idl_index_create1(ovnisb_idl_loop.idl,
+                                  &icsbrec_route_col_transit_switch);
+
     /* Main loop. */
     exiting = false;
     state.had_lock = false;
@@ -1718,6 +1732,7 @@ main(int argc, char *argv[])
                 .sbrec_port_binding_by_name = sbrec_port_binding_by_name,
                 .sbrec_chassis_by_name = sbrec_chassis_by_name,
                 .icsbrec_port_binding_by_ts = icsbrec_port_binding_by_ts,
+                .icsbrec_route_by_ts = icsbrec_route_by_ts,
             };
 
             if (!state.had_lock && ovsdb_idl_has_lock(ovnsb_idl_loop.idl)) {
diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
index 2a4fba031..ee78f4794 100644
--- a/tests/ovn-ic.at
+++ b/tests/ovn-ic.at
@@ -315,6 +315,61 @@ OVS_WAIT_WHILE([ovn_as az2 ovn-nbctl lr-route-list lr2 | grep learned | grep 192
 # AZ1 shouldn't learn 10.11 any more.
 OVS_WAIT_WHILE([ovn_as az1 ovn-nbctl lr-route-list lr1 | grep learned | grep 10.11])
 
+# cleanup
+ovn-ic-nbctl --if-exists ts-del ts1
+ovn_as az1 ovn-nbctl lr-del lr1
+ovn_as az2 ovn-nbctl lr-del lr2
+
+# Create new transit switches and LRs. Test topology is next:
+# logical router (lr11) - transit switch (ts11) - logical router (lr12)
+# logical router (lr21) - transit switch (ts22) - logical router (lr22)
+#
+# lr12 has static route 10.0.0.0/24 and directly connected network 192.168.0.0/24
+for i in 1 2; do
+    ovn_as az$i
+
+    # Ensure route learning at AZ level
+    ovn-nbctl set nb_global . options:ic-route-learn=true
+    # Ensure route advertising at AZ level
+    ovn-nbctl set nb_global . options:ic-route-adv=true
+    # Drop blacklist
+    ovn-nbctl remove nb_global . options ic-route-blacklist
+
+    for j in 1 2; do
+        ts=ts$j$j
+        ovn-ic-nbctl --may-exist ts-add $ts
+
+        # Create LRP and connect to TS
+        lr=lr$j$i
+        echo lr: $lr, ts: $ts
+        ovn-nbctl lr-add $lr
+        ovn-nbctl lrp-add $lr lrp-$lr-$ts aa:aa:aa:aa:aa:0$j 169.254.100.$i/24
+        ovn-nbctl lsp-add $ts lsp-$ts-$lr \
+                -- lsp-set-addresses lsp-$ts-$lr router \
+                -- lsp-set-type lsp-$ts-$lr router \
+                -- lsp-set-options lsp-$ts-$lr router-port=lrp-$lr-$ts
+    done
+done
+
+# Create directly-connected routes
+ovn_as az2 ovn-nbctl lrp-add lr12 lrp-lr12-ls2 aa:aa:aa:aa:bb:01 "192.168.0.1/24"
+ovn_as az2 ovn-nbctl lr-route-add lr12 10.10.10.0/24 192.168.0.10
+
+echo az1
+ovn_as az1 ovn-nbctl show
+echo az2
+ovn_as az2 ovn-nbctl show
+
+# Test routes from lr12 were learned to lr11
+AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr11 |
+             grep learned | awk '{print $1, $2}' | sort], [0], [dnl
+10.10.10.0/24 169.254.100.2
+192.168.0.0/24 169.254.100.2
+])
+
+# Test routes from lr12 didn't leak as learned to lr21
+AT_CHECK([ovn_as az1 ovn-nbctl lr-route-list lr21], [0], [])
+
 OVN_CLEANUP_IC([az1], [az2])
 
 AT_CLEANUP