From patchwork Sat Apr 23 18:14:52 2022 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Numan Siddique X-Patchwork-Id: 1621431 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::137; helo=smtp4.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature RSA-PSS (4096 bits) server-digest SHA256) (No client certificate requested) by bilbo.ozlabs.org (Postfix) with ESMTPS id 4Klzw11pZlz9s2R for ; Sun, 24 Apr 2022 04:15:13 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 9C81B4086A; Sat, 23 Apr 2022 18:15:10 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id KUnxO6lK3WMI; Sat, 23 Apr 2022 18:15:09 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [140.211.9.56]) by smtp4.osuosl.org (Postfix) with ESMTPS id 454FF40438; Sat, 23 Apr 2022 18:15:08 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 17825C0032; Sat, 23 Apr 2022 18:15:08 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id AD4E5C002D for ; Sat, 23 Apr 2022 18:15:07 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id 962DC8249E for ; Sat, 23 Apr 2022 18:15:07 +0000 (UTC) X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id EAAKMMCWKoVw for ; Sat, 23 Apr 2022 18:15:06 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.8.0 Received: from relay12.mail.gandi.net (relay12.mail.gandi.net [217.70.178.232]) by smtp1.osuosl.org (Postfix) with ESMTPS id 2E03781CDB for ; Sat, 23 Apr 2022 18:15:05 +0000 (UTC) Received: (Authenticated sender: numans@ovn.org) by mail.gandi.net (Postfix) with ESMTPSA id C71AF200008; Sat, 23 Apr 2022 18:15:02 +0000 (UTC) From: numans@ovn.org To: dev@openvswitch.org Date: Sat, 23 Apr 2022 14:14:52 -0400 Message-Id: <20220423181452.3698721-1-numans@ovn.org> X-Mailer: git-send-email 2.35.1 MIME-Version: 1.0 Subject: [ovs-dev] [PATCH ovn] ovn-northd: Add flow to use eth.src if nd.tll is 0 in put_nd() action. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" From: Numan Siddique Presently OVN assumes that an IPv6 Neigh Adv packet will have the target link layer option preset. But that's not the case all the time. This field is optional and as per rfc4861 (quoted below). Target link-layer address The link-layer address for the target, i.e., the sender of the advertisement. This option MUST be included on link layers that have addresses when responding to multicast solicitations. When responding to a unicast Neighbor Solicitation this option SHOULD be included. The option MUST be included for multicast solicitations in order to avoid infinite Neighbor Solicitation "recursion" when the peer node does not have a cache entry to return a Neighbor Advertisements message. When responding to unicast solicitations, the option can be omitted since the sender of the solicitation has the correct link- layer address; otherwise, it would not be able to send the unicast solicitation in the first place. However, including the link-layer address in this case adds little overhead and eliminates a potential race condition where the sender deletes the cached link-layer address prior to receiving a response to a previous solicitation. If target link layer option is not present, then ovn-controller learns the mac binding with 00:00:00:00:00:00 address which is not correct. This patch fixes the issue by adding the below logical flow in router pipeline: table=2 (lr_in_learn_neighbor), priority=95 , match=(nd_na && nd.tll == 0), action=(put_nd(inport, nd.target, eth.src); next;) Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=2078026 Signed-off-by: Numan Siddique Acked-by: Dumitru Ceara --- northd/northd.c | 6 ++++++ northd/ovn-northd.8.xml | 6 ++++++ tests/ovn-northd.at | 23 +++++++++++++++++++++++ 3 files changed, 35 insertions(+) diff --git a/northd/northd.c b/northd/northd.c index bc195146d0..8c4187eae1 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -10943,6 +10943,12 @@ build_neigh_learning_flows_for_lrouter( copp_meter_get(COPP_ARP, od->nbr->copp, meter_groups)); + ovn_lflow_metered(lflows, od, S_ROUTER_IN_LEARN_NEIGHBOR, 95, + "nd_na && nd.tll == 0", + "put_nd(inport, nd.target, eth.src); next;", + copp_meter_get(COPP_ND_NA, od->nbr->copp, + meter_groups)); + ovn_lflow_metered(lflows, od, S_ROUTER_IN_LEARN_NEIGHBOR, 90, "nd_na", "put_nd(inport, nd.target, nd.tll); next;", copp_meter_get(COPP_ND_NA, od->nbr->copp, diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml index db4f4d267c..d95e9c3fd2 100644 --- a/northd/ovn-northd.8.xml +++ b/northd/ovn-northd.8.xml @@ -2307,6 +2307,12 @@ next; put_arp(inport, arp.spa, arp.sha); next; +
  • + A priority-95 flow with the match nd_na && + nd.tll == 0 and applies the action + put_nd(inport, nd.target, eth.src); next; +
    • +
  • A priority-90 flow with the match nd_na and applies the action diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index adb3043853..163287edfa 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -6664,3 +6664,26 @@ ovn-nbctl --may-exist static-mac-binding-add lr0-p0 192.168.10.100 00:00:22:33:5 wait_row_count Static_MAC_Binding 1 logical_port=lr0-p0 ip=192.168.10.100 mac="00\:00\:22\:33\:55\:66" AT_CLEANUP + +AT_SETUP([LR neighbor lookup and learning flows]) +ovn_start + +# Create logical routers +ovn-nbctl --wait=sb lr-add lr0 + +ovn-sbctl dump-flows lr0 > lrflows +AT_CAPTURE_FILE([lrflows]) + +AT_CHECK([cat lrflows | grep -e lr_in_lookup_neighbor -e lr_in_learn_neighbor | sort], [0], [dnl + table=1 (lr_in_lookup_neighbor), priority=0 , match=(1), action=(reg9[[2]] = 1; next;) + table=1 (lr_in_lookup_neighbor), priority=100 , match=(arp.op == 2), action=(reg9[[2]] = lookup_arp(inport, arp.spa, arp.sha); next;) + table=1 (lr_in_lookup_neighbor), priority=100 , match=(nd_na), action=(reg9[[2]] = lookup_nd(inport, nd.target, nd.tll); next;) + table=1 (lr_in_lookup_neighbor), priority=100 , match=(nd_ns), action=(reg9[[2]] = lookup_nd(inport, ip6.src, nd.sll); next;) + table=2 (lr_in_learn_neighbor), priority=100 , match=(reg9[[2]] == 1), action=(next;) + table=2 (lr_in_learn_neighbor), priority=90 , match=(arp), action=(put_arp(inport, arp.spa, arp.sha); next;) + table=2 (lr_in_learn_neighbor), priority=90 , match=(nd_na), action=(put_nd(inport, nd.target, nd.tll); next;) + table=2 (lr_in_learn_neighbor), priority=90 , match=(nd_ns), action=(put_nd(inport, ip6.src, nd.sll); next;) + table=2 (lr_in_learn_neighbor), priority=95 , match=(nd_na && nd.tll == 0), action=(put_nd(inport, nd.target, eth.src); next;) +]) + +AT_CLEANUP