From patchwork Fri Feb 2 13:49:33 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1894556 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=MlThMm9I; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TRHG42JmTz1yhq for ; Sat, 3 Feb 2024 00:50:04 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id 0099D60797; Fri, 2 Feb 2024 13:50:02 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org 0099D60797 Authentication-Results: smtp3.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=MlThMm9I X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id S5ulCBJpNRFR; Fri, 2 Feb 2024 13:50:01 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp3.osuosl.org (Postfix) with ESMTPS id E3D9D60B48; Fri, 2 Feb 2024 13:49:59 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org E3D9D60B48 Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id A1866C007C; Fri, 2 Feb 2024 13:49:59 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp1.osuosl.org (smtp1.osuosl.org [140.211.166.138]) by lists.linuxfoundation.org (Postfix) with ESMTP id F33DAC0072 for ; Fri, 2 Feb 2024 13:49:58 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp1.osuosl.org (Postfix) with ESMTP id DC8D183906 for ; Fri, 2 Feb 2024 13:49:58 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org DC8D183906 Authentication-Results: smtp1.osuosl.org; dkim=pass (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=MlThMm9I X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp1.osuosl.org ([127.0.0.1]) by localhost (smtp1.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id GU83Ax5t6L2q for ; Fri, 2 Feb 2024 13:49:58 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp1.osuosl.org (Postfix) with ESMTPS id 2A36482EDB for ; Fri, 2 Feb 2024 13:49:58 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp1.osuosl.org 2A36482EDB DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706881797; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=x+I7m6BnzI2kry9nxwR/6NkYzTeeO43hRe+ewa25bRE=; b=MlThMm9Insf0N9l5jaGcTyatne3XXc/6gPVcrNZeHThmLkO776YLLb+KhbmPnQPLjzptqD O58/GptfHdd+Dx1yFM2B56fEXHszxVV9dfGd83Z2OF0Dld50YnIL4ycmbUZuowL34nMO2n 8MN9dv9yqjzKHxhBlZKd8bQ72IIDYxw= Received: from mail-pj1-f69.google.com (mail-pj1-f69.google.com [209.85.216.69]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-341-GHljabZTOkKDeNArUNvK1Q-1; Fri, 02 Feb 2024 08:49:56 -0500 X-MC-Unique: GHljabZTOkKDeNArUNvK1Q-1 Received: by mail-pj1-f69.google.com with SMTP id 98e67ed59e1d1-29608f00cbbso2001334a91.2 for ; Fri, 02 Feb 2024 05:49:55 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706881794; x=1707486594; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=x+I7m6BnzI2kry9nxwR/6NkYzTeeO43hRe+ewa25bRE=; b=hEuMDsLUU1l3ktLURfCswWX1i1OJDQXoy4HPJ/y5ep3O5DTIOT2jLnZkIrqQGI6YVE a7vsDRyGweEEnjyen0zNgytLbc9Yc0sREwGeODIZzAGMV7k8D60HVxnuYZl3+XqVzAkz KdI6HLJV4O9MMuQv38v8q5VwshkhFgK6CVuRI66VJdsm33ZV4u0u2ZpH2/BXVyCPIYMu /Tuhpn9CXk6ssldKF24UC8IrmgVVk08g43ZR1VhWrLNq0vjlGgCRqkKFxYoN8O2b5lw3 iRftqn2UfvkLBtKp/iKHT3cPX/hmLcwqwmimhC9YCWyljwarMHBXrnN1nemMrQlPXzNJ AbJA== X-Gm-Message-State: AOJu0YzsO4S3X7eQ2zaxMWk0kxQm2KgiT1vbMtOCkN1UNSfcRbE1Ths2 eWvPDLxUUkiQmsWjAuzkrIoFdMyboapx8WO1OFE6B01761cCkxBsVvwaXKDjV+Ktge5RliNfblx sv67jXcWDDE7QZC2b70N62GkcMYolWf0o7qmdQ/SuoNdKNyb2fyiXaKgrPhmiDqOG3jWqSaHvQh M90HE9ozx1FcjjAsq20yYTMKBq25LKkIw2mkQpb3ZU73saxoKwDQ== X-Received: by 2002:a17:90b:3846:b0:296:2383:fb80 with SMTP id nl6-20020a17090b384600b002962383fb80mr3836934pjb.26.1706881794738; Fri, 02 Feb 2024 05:49:54 -0800 (PST) X-Google-Smtp-Source: AGHT+IG3nfTgJYOsqiTYhCrWeEisvPn5bRmaprok3CNSmt5Eov7q8X+gw9ASeaNMVfh9V4UwaHTRZg== X-Received: by 2002:a17:90b:3846:b0:296:2383:fb80 with SMTP id nl6-20020a17090b384600b002962383fb80mr3836918pjb.26.1706881794360; Fri, 02 Feb 2024 05:49:54 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCXBW1TUxkIGk9rbwjyloFx4aA54sS8p1QYl73xvT+3v6zjaAJfxu5WWWDtZHdcvI5IUD2fM7g+6jJLufIJTQszFvE1K Received: from localhost (net-93-71-3-198.cust.vodafonedsl.it. [93.71.3.198]) by smtp.gmail.com with ESMTPSA id c15-20020a170903234f00b001d9351f63d4sm1626119plh.68.2024.02.02.05.49.53 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Feb 2024 05:49:54 -0800 (PST) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Fri, 2 Feb 2024 14:49:33 +0100 Message-ID: X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: dceara@redhat.com Subject: [ovs-dev] [PATCH v2 ovn 1/3] test: Fix false positive in BFD system test. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Fix regression introduce in BFD system tests Acked-by: Mark Michelson Fixes: 1655a6c146ca ("northd, utils: support for RouteTables in LRs") Signed-off-by: Lorenzo Bianconi --- tests/system-ovn.at | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/tests/system-ovn.at b/tests/system-ovn.at index cb4124b70..9ecb29cdb 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -6831,7 +6831,7 @@ route_uuid=$(fetch_column nb:logical_router_static_route _uuid ip_prefix="100.0. check ovn-nbctl --wait=hv sync wait_column "up" nb:bfd status logical_port=rp-public -OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 | grep 'match=(ip4.dst == 100.0.0.0/8)' | grep -q 172.16.1.50]) +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep -q 172.16.1.50]) # un-associate the bfd connection and the static route check ovn-nbctl clear logical_router_static_route $route_uuid bfd @@ -6861,7 +6861,7 @@ stopping ]) wait_column "down" nb:bfd status logical_port=rp-public -OVS_WAIT_UNTIL([test "$(ovn-sbctl dump-flows R1 | grep 'match=(ip4.dst == 100.0.0.0/8)' | grep 172.16.1.50)" = ""]) +OVS_WAIT_UNTIL([test "$(ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep 172.16.1.50)" = ""]) # remove bfd entry ovn-nbctl destroy bfd $uuid From patchwork Fri Feb 2 13:49:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1894557 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=jTOo3vdO; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [IPv6:2605:bc80:3010::133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TRHGB1lhDz23g7 for ; Sat, 3 Feb 2024 00:50:10 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id E594D43763; Fri, 2 Feb 2024 13:50:07 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org E594D43763 Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=jTOo3vdO X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id aGdxvhuRX9hX; Fri, 2 Feb 2024 13:50:06 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTPS id A8ECC43723; Fri, 2 Feb 2024 13:50:05 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org A8ECC43723 Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 77CA1C0072; Fri, 2 Feb 2024 13:50:05 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 0206CC0037 for ; Fri, 2 Feb 2024 13:50:04 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 771304373A for ; Fri, 2 Feb 2024 13:50:02 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 771304373A X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id VJiL5u1Q4frU for ; Fri, 2 Feb 2024 13:50:02 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.133.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id A0E6F43727 for ; Fri, 2 Feb 2024 13:50:01 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org A0E6F43727 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706881800; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=LHrJ1gctrlqDgE+aRW3GXCmt+GM3BQGYUqs9u/QBr04=; b=jTOo3vdOEEAESdYNp27yeM2U+eJMGx+mGwXnsTDKZgpBp02zoXG4uZIWy06qYz0cEm7a8L QwhEHY6lrc1r03Yw5SvGZUacbkwz706/LyK/nng2lMPijGNY16Fy1IiNPChcDbuxw8qesU 6wag/ryTia0H9hlyWLZtdGdwAOVjK8Q= Received: from mail-pl1-f198.google.com (mail-pl1-f198.google.com [209.85.214.198]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-124-4RsT9TaLMgWW7eK-VpGZbA-1; Fri, 02 Feb 2024 08:49:59 -0500 X-MC-Unique: 4RsT9TaLMgWW7eK-VpGZbA-1 Received: by mail-pl1-f198.google.com with SMTP id d9443c01a7336-1d78e48085bso21259405ad.3 for ; Fri, 02 Feb 2024 05:49:59 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706881798; x=1707486598; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=LHrJ1gctrlqDgE+aRW3GXCmt+GM3BQGYUqs9u/QBr04=; b=oUcqc7r+0b1mXO5BTAtt4VIrUDwdHkmEFMA9WUjnw6sh5gpDvGh/2V0K+WiPCC/Seg az+GWpx9BYbJnc1+c6RjxWv/P6YLIunAomLut0t+Jzx5WEJHQrHtS0+YIPAjZs36GavQ KZjVsFqHnk11vwDlMz5kO4xFSAzJKQkfDVm3gR8o+B9u0nA8FqAQyIDZ+KsYCBa9WLJd 8ZUscgcdGMI0QU1vDKUnhLqyW8pXtfT0kgEB/EE701/+yN1ilK31xz++rgVQcWYl10Py FhkmNJHMKANOVCH+wFu0qVlcV8HoP55OqB0v67OZ4ga8L0mrQ+Q1Hg9RmxSN1XP5afrE +tuQ== X-Gm-Message-State: AOJu0YxzaTrlTMd6mFEohGgkPW/FvhA2eCyxZ/LTEOLE8QCqkWmuXzbz yv18AUyTdDFxv1EklZ6yEPD8AzlgDlsZVYMdZZgTsVSSwIh9xVViHKr3ZD5qtOCBVdnt8/hU2i0 4sReliO8InOYrNH5cRX/EfWNQCgBFqqyFaaRsO/Hf0/RiY3SjByclN6J3Ihsuxlqux78aZ9S+8b U+IWq3GOSNNNe7BFxtIDTvGm3y9Xi0d+cVfjxD2gS1QFW4f6YKlQ== X-Received: by 2002:a17:902:6b46:b0:1d9:3bb5:2819 with SMTP id g6-20020a1709026b4600b001d93bb52819mr2269210plt.34.1706881798174; Fri, 02 Feb 2024 05:49:58 -0800 (PST) X-Google-Smtp-Source: AGHT+IEcaJAVvvNJXXxLUhXX1uvE2A29/a4mxVMfvSj4rPB2uPfj2TjFmZ2K7ETh7V8fsju4qPVZWQ== X-Received: by 2002:a17:902:6b46:b0:1d9:3bb5:2819 with SMTP id g6-20020a1709026b4600b001d93bb52819mr2269193plt.34.1706881797780; Fri, 02 Feb 2024 05:49:57 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCWPN6v4INrkbnTzTV2RKCqKFBTDxweHO3cGScLtwXyGYWlI6XBB1aUaIxI39mAxzbs7uubAQ5omLdAKJRF2u/cWBNGd Received: from localhost (net-93-71-3-198.cust.vodafonedsl.it. [93.71.3.198]) by smtp.gmail.com with ESMTPSA id ks14-20020a170903084e00b001d95a6983b0sm1625643plb.87.2024.02.02.05.49.57 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Feb 2024 05:49:57 -0800 (PST) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Fri, 2 Feb 2024 14:49:34 +0100 Message-ID: <6924c3f70d8972bb93d93628fd5cd291f9c32fe0.1706881571.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: dceara@redhat.com Subject: [ovs-dev] [PATCH v2 ovn 2/3] ovn-nbctl: Fix nbctl_pre_lr_route_add for BFD. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" In order to properly check if we already have a running BFD session for the next hop used by the brand new route, load logical port column of the nb BFD table in nbctl_pre_lr_route_add routine. Acked-by: Mark Michelson Fixes: db6d30783bec ("ovn-nbctl: Don't replicate entire database unnecessarily.") Signed-off-by: Lorenzo Bianconi --- utilities/ovn-nbctl.c | 1 + 1 file changed, 1 insertion(+) diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c index 526369b68..0586eccdb 100644 --- a/utilities/ovn-nbctl.c +++ b/utilities/ovn-nbctl.c @@ -4394,6 +4394,7 @@ nbctl_pre_lr_route_add(struct ctl_context *ctx) ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_port_col_name); ovsdb_idl_add_column(ctx->idl, &nbrec_bfd_col_dst_ip); + ovsdb_idl_add_column(ctx->idl, &nbrec_bfd_col_logical_port); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_static_route_col_ip_prefix); From patchwork Fri Feb 2 13:49:35 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Lorenzo Bianconi X-Patchwork-Id: 1894558 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (1024-bit key; unprotected) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=GTkqVORx; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=140.211.166.133; helo=smtp2.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4TRHGW3dt5z1yQ0 for ; Sat, 3 Feb 2024 00:50:27 +1100 (AEDT) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 4EAA943794; Fri, 2 Feb 2024 13:50:25 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 4EAA943794 Authentication-Results: smtp2.osuosl.org; dkim=fail reason="signature verification failed" (1024-bit key) header.d=redhat.com header.i=@redhat.com header.a=rsa-sha256 header.s=mimecast20190719 header.b=GTkqVORx X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id dLUMs1kaQnPJ; Fri, 2 Feb 2024 13:50:23 +0000 (UTC) Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp2.osuosl.org (Postfix) with ESMTPS id 501F34374D; Fri, 2 Feb 2024 13:50:22 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 501F34374D Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id 25FC8C007C; Fri, 2 Feb 2024 13:50:22 +0000 (UTC) X-Original-To: ovs-dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp2.osuosl.org (smtp2.osuosl.org [140.211.166.133]) by lists.linuxfoundation.org (Postfix) with ESMTP id 1F8B3C0037 for ; Fri, 2 Feb 2024 13:50:21 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp2.osuosl.org (Postfix) with ESMTP id 5DF664374D for ; Fri, 2 Feb 2024 13:50:09 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org 5DF664374D X-Virus-Scanned: amavisd-new at osuosl.org Received: from smtp2.osuosl.org ([127.0.0.1]) by localhost (smtp2.osuosl.org [127.0.0.1]) (amavisd-new, port 10024) with ESMTP id T2a6wnYHVGel for ; Fri, 2 Feb 2024 13:50:06 +0000 (UTC) Received: from us-smtp-delivery-124.mimecast.com (us-smtp-delivery-124.mimecast.com [170.10.129.124]) by smtp2.osuosl.org (Postfix) with ESMTPS id F20634375C for ; Fri, 2 Feb 2024 13:50:05 +0000 (UTC) DKIM-Filter: OpenDKIM Filter v2.11.0 smtp2.osuosl.org F20634375C DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=redhat.com; s=mimecast20190719; t=1706881804; h=from:from:reply-to:subject:subject:date:date:message-id:message-id: to:to:cc:cc:mime-version:mime-version:content-type:content-type: content-transfer-encoding:content-transfer-encoding: in-reply-to:in-reply-to:references:references; bh=MLXWxMeDKUbz+019hl3VA1zxGptxYMpiMKZ/qST1Zpk=; b=GTkqVORxCzXQHkmGQN6NTFFzusMLDXdqgrpy5IV4blTTdAyj+8yDFVBqpGvpOcOPjBkp8k 600Di9ygbrPBolCKAQafPzKMT+R7kIuigudWOENfdwrMgIzx462q74t6GnIHc5COt7T3zx yMOnlA0yg6uJpRYKpGXCVde8pNYLqwo= Received: from mail-lf1-f71.google.com (mail-lf1-f71.google.com [209.85.167.71]) by relay.mimecast.com with ESMTP with STARTTLS (version=TLSv1.3, cipher=TLS_AES_256_GCM_SHA384) id us-mta-35-_GG5hsVPPYqOPtGpuivpWw-1; Fri, 02 Feb 2024 08:50:03 -0500 X-MC-Unique: _GG5hsVPPYqOPtGpuivpWw-1 Received: by mail-lf1-f71.google.com with SMTP id 2adb3069b0e04-51139386817so467740e87.2 for ; Fri, 02 Feb 2024 05:50:03 -0800 (PST) X-Google-DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=1e100.net; s=20230601; t=1706881801; x=1707486601; h=content-transfer-encoding:mime-version:references:in-reply-to :message-id:date:subject:cc:to:from:x-gm-message-state:from:to:cc :subject:date:message-id:reply-to; bh=MLXWxMeDKUbz+019hl3VA1zxGptxYMpiMKZ/qST1Zpk=; b=GMp4OZsFRrA9hAv3QSzCG4hqB9fZGZGVinrgHiTnDMSu3aj0O6RGHiTX9Wosy36pk3 V1JBUGrN+JK78rWfo1AZDv5biVJvZSTkr+ZOm1PVl6t3w+26gGhzTzqGtnVuZ28KQQ/p X7GTpaT4grQDv5dkHNNAtZgi7ttR+J4Jj+kMsNTXbNiQsP+j0bJXXGIoywChLBmnqI5c JNBMxz4+ZEoXf+yF/gYTF6BPp0hVmpx/ARAu+oVsxY3JR2XZtfO1TWq0cH+aFfiF2zoI BLyF67VB0svwMpifN0jPCTKhzX8m2B9yzkzikalUCz7291kfsXcoObaBstSMR+Z25W8d e37Q== X-Gm-Message-State: AOJu0YwkK06kpJhCO/ErvfTnpS4EIQKSGWHS0lMwXX8VfI7/06rhxGvl KjBCvtcjhXRsHAbFZzejHBC3QKo0V61LggOrx8HJ4+PGCRzfzqELxCOs3KSmBHDX0RKKKYnHKh6 CkZTY553Q7TYaiPiwpv0P/9RN4ttFy3Jj7Ih/qoRrqkZM3NTZEdrdxXL8801DgniXLxQbqD7xXF SOZ6UjV0Iu9guF1eQP0KJLaia7hv9bL6RICSY7m6vfXdD0Co+uYA== X-Received: by 2002:a05:6512:280f:b0:511:169c:8f59 with SMTP id cf15-20020a056512280f00b00511169c8f59mr1702116lfb.56.1706881801177; Fri, 02 Feb 2024 05:50:01 -0800 (PST) X-Google-Smtp-Source: AGHT+IFqqvr7ObFRc4QofRweokgbUd+VodpEx35HnrEylNBQzbSeMHq1giBo/IGU0dOFUd4R94ruhg== X-Received: by 2002:a05:6512:280f:b0:511:169c:8f59 with SMTP id cf15-20020a056512280f00b00511169c8f59mr1702083lfb.56.1706881800610; Fri, 02 Feb 2024 05:50:00 -0800 (PST) X-Forwarded-Encrypted: i=0; AJvYcCWQFuvMlDHPPuANSW0DNuw9TiNusWqYeDk0wNUcTZ06VltH/Vx2vYodKFxddulZ1/yk4qC3gwfNjEEUKu+ofUbwkotK Received: from localhost (net-93-71-3-198.cust.vodafonedsl.it. [93.71.3.198]) by smtp.gmail.com with ESMTPSA id n3-20020a0565120ac300b005113bbd2db5sm26968lfu.176.2024.02.02.05.49.59 (version=TLS1_3 cipher=TLS_AES_256_GCM_SHA384 bits=256/256); Fri, 02 Feb 2024 05:50:00 -0800 (PST) From: Lorenzo Bianconi To: ovs-dev@openvswitch.org Date: Fri, 2 Feb 2024 14:49:35 +0100 Message-ID: <3ce65e66bfbcb5fa155b0b5f97333b417b81230a.1706881571.git.lorenzo.bianconi@redhat.com> X-Mailer: git-send-email 2.43.0 In-Reply-To: References: MIME-Version: 1.0 X-Mimecast-Spam-Score: 0 X-Mimecast-Originator: redhat.com Cc: dceara@redhat.com Subject: [ovs-dev] [PATCH v2 ovn 3/3] northd: Add BFD support for ECMP route policy. X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.15 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" Similar to OVN static routes, introduce the capability to link a BFD session for OVN reroute policies. Reported-at: https://issues.redhat.com/browse/FDP-234 Signed-off-by: Lorenzo Bianconi Acked-by: Mark Michelson --- NEWS | 1 + northd/northd.c | 86 ++++++++++++++++++++++++++++++---- ovn-nb.ovsschema | 9 +++- ovn-nb.xml | 7 +++ tests/ovn-nbctl.at | 6 +++ tests/ovn-northd.at | 20 +++++++- tests/system-ovn.at | 51 ++++++++++++++++++-- utilities/ovn-nbctl.8.xml | 8 ++++ utilities/ovn-nbctl.c | 97 ++++++++++++++++++++++++++++++++++++++- 9 files changed, 267 insertions(+), 18 deletions(-) diff --git a/NEWS b/NEWS index 6553bd078..d4227ac99 100644 --- a/NEWS +++ b/NEWS @@ -18,6 +18,7 @@ Post v23.09.0 - Support selecting encapsulation IP based on the source/destination VIF's settting. See ovn-controller(8) 'external_ids:ovn-encap-ip' for more details. + - Introduce next-hop BFD availability check for OVN reroute policies. OVN v23.09.0 - 15 Sep 2023 -------------------------- diff --git a/northd/northd.c b/northd/northd.c index d2091d4bc..ae50e4ff9 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -10991,10 +10991,63 @@ get_outport_for_routing_policy_nexthop(struct ovn_datapath *od, return NULL; } +static struct ovs_mutex bfd_lock = OVS_MUTEX_INITIALIZER; + +static bool check_bfd_state( + const struct nbrec_logical_router_policy *rule, + const struct hmap *bfd_connections, + struct ovn_port *out_port, + const char *nexthop) +{ + struct in6_addr nexthop_v6; + bool is_nexthop_v6 = ipv6_parse(nexthop, &nexthop_v6); + bool ret = true; + + for (size_t i = 0; i < rule->n_bfd_sessions; i++) { + /* Check if there is a BFD session associated to the reroute + * policy. */ + const struct nbrec_bfd *nb_bt = rule->bfd_sessions[i]; + struct in6_addr dst_ipv6; + bool is_dst_v6 = ipv6_parse(nb_bt->dst_ip, &dst_ipv6); + + if (is_nexthop_v6 ^ is_dst_v6) { + continue; + } + + if ((is_nexthop_v6 && !ipv6_addr_equals(&nexthop_v6, &dst_ipv6)) || + strcmp(nb_bt->dst_ip, nexthop)) { + continue; + } + + if (strcmp(nb_bt->logical_port, out_port->key)) { + continue; + } + + struct bfd_entry *bfd_e = bfd_port_lookup(bfd_connections, + nb_bt->logical_port, + nb_bt->dst_ip); + ovs_mutex_lock(&bfd_lock); + if (bfd_e) { + bfd_e->ref = true; + } + + if (!strcmp(nb_bt->status, "admin_down")) { + nbrec_bfd_set_status(nb_bt, "down"); + } + + ret = strcmp(nb_bt->status, "down"); + ovs_mutex_unlock(&bfd_lock); + break; + } + + return ret; +} + static void build_routing_policy_flow(struct hmap *lflows, struct ovn_datapath *od, const struct hmap *lr_ports, const struct nbrec_logical_router_policy *rule, + const struct hmap *bfd_connections, const struct ovsdb_idl_row *stage_hint) { struct ds match = DS_EMPTY_INITIALIZER; @@ -11019,6 +11072,11 @@ build_routing_policy_flow(struct hmap *lflows, struct ovn_datapath *od, rule->priority, nexthop); return; } + + if (!check_bfd_state(rule, bfd_connections, out_port, nexthop)) { + return; + } + uint32_t pkt_mark = smap_get_uint(&rule->options, "pkt_mark", 0); if (pkt_mark) { ds_put_format(&actions, "pkt.mark = %u; ", pkt_mark); @@ -11060,6 +11118,7 @@ static void build_ecmp_routing_policy_flows(struct hmap *lflows, struct ovn_datapath *od, const struct hmap *lr_ports, const struct nbrec_logical_router_policy *rule, + const struct hmap *bfd_connections, uint16_t ecmp_group_id) { ovs_assert(rule->n_nexthops > 1); @@ -11088,6 +11147,9 @@ build_ecmp_routing_policy_flows(struct hmap *lflows, struct ovn_datapath *od, struct ds match = DS_EMPTY_INITIALIZER; struct ds actions = DS_EMPTY_INITIALIZER; + size_t *valid_nexthops = xcalloc(rule->n_nexthops, sizeof *valid_nexthops); + size_t n_valid_nexthops = 0; + for (size_t i = 0; i < rule->n_nexthops; i++) { struct ovn_port *out_port = get_outport_for_routing_policy_nexthop( od, lr_ports, rule->priority, rule->nexthops[i]); @@ -11105,6 +11167,13 @@ build_ecmp_routing_policy_flows(struct hmap *lflows, struct ovn_datapath *od, goto cleanup; } + if (!check_bfd_state(rule, bfd_connections, out_port, + rule->nexthops[i])) { + continue; + } + + valid_nexthops[n_valid_nexthops++] = i + 1; + ds_clear(&actions); uint32_t pkt_mark = smap_get_uint(&rule->options, "pkt_mark", 0); if (pkt_mark) { @@ -11140,12 +11209,12 @@ build_ecmp_routing_policy_flows(struct hmap *lflows, struct ovn_datapath *od, "; %s = select(", REG_ECMP_GROUP_ID, ecmp_group_id, REG_ECMP_MEMBER_ID); - for (size_t i = 0; i < rule->n_nexthops; i++) { + for (size_t i = 0; i < n_valid_nexthops; i++) { if (i > 0) { ds_put_cstr(&actions, ", "); } - ds_put_format(&actions, "%"PRIuSIZE, i + 1); + ds_put_format(&actions, "%"PRIuSIZE, valid_nexthops[i]); } ds_put_cstr(&actions, ");"); ovn_lflow_add_with_hint(lflows, od, S_ROUTER_IN_POLICY, @@ -11153,6 +11222,7 @@ build_ecmp_routing_policy_flows(struct hmap *lflows, struct ovn_datapath *od, ds_cstr(&actions), &rule->header_); cleanup: + free(valid_nexthops); ds_destroy(&match); ds_destroy(&actions); } @@ -11236,8 +11306,6 @@ route_hash(struct parsed_route *route) (uint32_t)route->plen); } -static struct ovs_mutex bfd_lock = OVS_MUTEX_INITIALIZER; - static bool find_static_route_outport(struct ovn_datapath *od, const struct hmap *lr_ports, const struct nbrec_logical_router_static_route *route, bool is_ipv4, @@ -13856,7 +13924,8 @@ build_mcast_lookup_flows_for_lrouter( static void build_ingress_policy_flows_for_lrouter( struct ovn_datapath *od, struct hmap *lflows, - const struct hmap *lr_ports) + const struct hmap *lr_ports, + const struct hmap *bfd_connections) { ovs_assert(od->nbr); /* This is a catch-all rule. It has the lowest priority (0) @@ -13877,11 +13946,11 @@ build_ingress_policy_flows_for_lrouter( if (is_ecmp_reroute) { build_ecmp_routing_policy_flows(lflows, od, lr_ports, rule, - ecmp_group_id); + bfd_connections, ecmp_group_id); ecmp_group_id++; } else { build_routing_policy_flow(lflows, od, lr_ports, rule, - &rule->header_); + bfd_connections, &rule->header_); } } } @@ -16316,7 +16385,8 @@ build_lswitch_and_lrouter_iterate_by_lr(struct ovn_datapath *od, lsi->bfd_connections); build_mcast_lookup_flows_for_lrouter(od, lsi->lflows, &lsi->match, &lsi->actions); - build_ingress_policy_flows_for_lrouter(od, lsi->lflows, lsi->lr_ports); + build_ingress_policy_flows_for_lrouter(od, lsi->lflows, lsi->lr_ports, + lsi->bfd_connections); build_arp_resolve_flows_for_lrouter(od, lsi->lflows); build_check_pkt_len_flows_for_lrouter(od, lsi->lflows, lsi->lr_ports, &lsi->match, &lsi->actions, diff --git a/ovn-nb.ovsschema b/ovn-nb.ovsschema index b2e0993e0..cec02a172 100644 --- a/ovn-nb.ovsschema +++ b/ovn-nb.ovsschema @@ -1,7 +1,7 @@ { "name": "OVN_Northbound", - "version": "7.2.0", - "cksum": "1069338687 34162", + "version": "7.2.1", + "cksum": "4156161406 34467", "tables": { "NB_Global": { "columns": { @@ -477,6 +477,11 @@ "nexthop": {"type": {"key": "string", "min": 0, "max": 1}}, "nexthops": {"type": { "key": "string", "min": 0, "max": "unlimited"}}, + "bfd_sessions": {"type": {"key": {"type": "uuid", + "refTable": "BFD", + "refType": "weak"}, + "min": 0, + "max": "unlimited"}}, "options": { "type": {"key": "string", "value": "string", "min": 0, "max": "unlimited"}}, diff --git a/ovn-nb.xml b/ovn-nb.xml index 765ffcf2e..d35c34517 100644 --- a/ovn-nb.xml +++ b/ovn-nb.xml @@ -3682,6 +3682,13 @@ or

+ +

+ Reference to row if the route policy has associated + some BFD sessions. +

+ +

Marks the packet with the value specified when the router policy diff --git a/tests/ovn-nbctl.at b/tests/ovn-nbctl.at index 7f37d7716..b15b5cfd3 100644 --- a/tests/ovn-nbctl.at +++ b/tests/ovn-nbctl.at @@ -2189,6 +2189,12 @@ AT_CHECK([ovn-nbctl lr-policy-add lr0 100 "ip4.src == 1.1.2.0/24" allow pkt_mark AT_CHECK([ovn-nbctl lr-policy-add lr0 101 "ip4.src == 2.1.1.0/24" allow]) AT_CHECK([ovn-nbctl lr-policy-add lr0 101 "ip4.src == 2.1.2.0/24" drop]) AT_CHECK([ovn-nbctl lr-policy-add lr0 101 "ip6.src == 2002::/64" drop]) +AT_CHECK([ovn-nbctl --bfd lr-policy-add lr0 103 "ip4.src == 1.2.3.0/24" reroute 192.168.1.1], [1], [], + [ovn-nbctl: out lrp not found for 192.168.1.1 nexthop +]) +AT_CHECK([ovn-nbctl --bfd lr-policy-add lr0 103 "ip4.src == 1.2.3.0/24" drop], [1], [], + [ovn-nbctl: BFD is valid only with reroute action. +]) dnl Incomplete option set. AT_CHECK([ovn-nbctl lr-policy-add lr0 200 "ip4.src == 1.1.4.0/24" reroute 192.168.0.10 foo], [1], [], diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index 67e81ddba..5407bd381 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -3624,7 +3624,7 @@ AT_KEYWORDS([northd-bfd]) ovn_start check ovn-nbctl --wait=sb lr-add r0 -for i in $(seq 1 7); do +for i in $(seq 1 9); do check ovn-nbctl --wait=sb lrp-add r0 r0-sw$i 00:00:00:00:00:0$i 192.168.$i.1/24 check ovn-nbctl --wait=sb ls-add sw$i check ovn-nbctl --wait=sb lsp-add sw$i sw$i-r0 @@ -3688,6 +3688,24 @@ bfd2_uuid=$(fetch_column bfd _uuid logical_port=r0-sw2) check ovn-sbctl set bfd $bfd2_uuid status=up wait_column up nb:bfd status logical_port=r0-sw2 +# Create reroute policies associated with BFD sessions +check ovn-nbctl lr-route-del r0 +check ovn-nbctl --bfd lr-policy-add r0 100 "ip4.src == 1.2.3.0/24" reroute 192.168.8.2 +wait_column down bfd status logical_port=r0-sw8 + +bfd_route_policy_uuid=$(fetch_column nb:bfd _uuid logical_port=r0-sw8) +AT_CHECK([ovn-nbctl list logical_router_policy | grep -q $bfd_route_policy_uuid]) + +check ovn-nbctl lr-policy-del r0 +check ovn-nbctl --bfd lr-policy-add r0 100 "ip4.src == 2.3.4.0/24" reroute 192.168.9.2,192.168.9.3,192.168.9.4 + +wait_column down bfd status dst_ip=192.168.9.2 +wait_column down bfd status dst_ip=192.168.9.3 +wait_column down bfd status dst_ip=192.168.9.4 + +bfd_route_policy_uuid=$(fetch_column nb:bfd _uuid logical_port=r0-sw9) +AT_CHECK([ovn-nbctl list logical_router_policy | sed s/,//g | grep -q "$bfd_route_policy_uuid"]) + AT_CLEANUP ]) diff --git a/tests/system-ovn.at b/tests/system-ovn.at index 9ecb29cdb..8e3acd57e 100644 --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -6837,6 +6837,15 @@ OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == check ovn-nbctl clear logical_router_static_route $route_uuid bfd wait_column "admin_down" nb:bfd status logical_port=rp-public OVS_WAIT_UNTIL([ip netns exec server bfdd-control status | grep -qi state=Down]) + +check ovn-nbctl --bfd lr-policy-add R1 100 "ip4.src == 200.0.0.0/8" reroute 172.16.1.50 +wait_column "up" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_policy |grep 'ip4.src == 200.0.0.0/8' |grep -q 172.16.1.50]) + +check ovn-nbctl lr-policy-del R1 +wait_column "admin_down" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ip netns exec server bfdd-control status | grep -qi state=Down]) + NS_CHECK_EXEC([server], [tcpdump -nni s1 udp port 3784 -Q in > bfd.pcap &]) sleep 5 kill $(pidof tcpdump) @@ -6844,25 +6853,57 @@ AT_CHECK([grep -qi bfd bfd.pcap],[1]) # restart the connection check ovn-nbctl set logical_router_static_route $route_uuid bfd=$uuid +check ovn-nbctl --bfd lr-policy-add R1 100 "ip4.src == 200.0.0.0/8" reroute 172.16.1.50 wait_column "up" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep -q 172.16.1.50]) +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_policy |grep 'ip4.src == 200.0.0.0/8' |grep -q 172.16.1.50]) + +# stop bfd endpoint +NS_CHECK_EXEC([server], [bfdd-control stop], [0], [dnl +stopping +]) +wait_column "down" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([test "$(ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep 172.16.1.50)" = ""]) +OVS_WAIT_UNTIL([test "$(ovn-sbctl dump-flows R1 |grep lr_in_policy |grep 'ip4.src == 200.0.0.0/8' |grep 172.16.1.50)" = ""]) + # switch to gw router configuration check ovn-nbctl clear logical_router_static_route $route_uuid bfd -wait_column "admin_down" nb:bfd status logical_port=rp-public -OVS_WAIT_UNTIL([ip netns exec server bfdd-control status | grep -qi state=Down]) +check ovn-nbctl lr-policy-del R1 check ovn-nbctl clear logical_router_port rp-public gateway_chassis check ovn-nbctl set logical_router R1 options:chassis=hv1 check ovn-nbctl set logical_router_static_route $route_uuid bfd=$uuid + +# restart bfdd +NS_CHECK_EXEC([server], [bfdd-beacon --listen=172.16.1.50], [0]) +NS_CHECK_EXEC([server], [bfdd-control allow 172.16.1.1], [0], [dnl +Allowing connections from 172.16.1.1 +]) + wait_column "up" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep -q 172.16.1.50]) + +check ovn-nbctl clear logical_router_static_route $route_uuid bfd +wait_column "admin_down" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ip netns exec server bfdd-control status | grep -qi state=Down]) +ovn-nbctl destroy bfd $uuid +check_row_count bfd 0 + +# create reroute route policy +check ovn-nbctl --bfd lr-policy-add R1 100 "ip4.src == 210.0.0.0/8" reroute 172.16.1.50 +wait_column "up" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ovn-sbctl dump-flows R1 |grep lr_in_policy |grep 'ip4.src == 210.0.0.0/8' |grep -q 172.16.1.50]) + +check ovn-nbctl lr-policy-del R1 +wait_column "admin_down" nb:bfd status logical_port=rp-public +OVS_WAIT_UNTIL([ip netns exec server bfdd-control status | grep -qi state=Down]) +uuid=$(fetch_column nb:bfd _uuid logical_port="rp-public") # stop bfd endpoint NS_CHECK_EXEC([server], [bfdd-control stop], [0], [dnl stopping ]) -wait_column "down" nb:bfd status logical_port=rp-public -OVS_WAIT_UNTIL([test "$(ovn-sbctl dump-flows R1 |grep lr_in_ip_routing |grep 'ip4.dst == 100.0.0.0/8' |grep 172.16.1.50)" = ""]) - # remove bfd entry ovn-nbctl destroy bfd $uuid check_row_count bfd 0 diff --git a/utilities/ovn-nbctl.8.xml b/utilities/ovn-nbctl.8.xml index 6f74bd557..5aa01f2f8 100644 --- a/utilities/ovn-nbctl.8.xml +++ b/utilities/ovn-nbctl.8.xml @@ -1119,6 +1119,14 @@ duplicated routing policy results in error.

+

+ --bfd option is used to link a BFD session to the + OVN reroute policy. OVN will look for an already running BFD + session using next-hop as lookup key in the BFD table. + If the lookup fails, a new entry in the BFD table will be created + using the nexthop as dst_ip. +

+

The following example shows a policy to lr1, which will drop packets from192.168.100.0/24. diff --git a/utilities/ovn-nbctl.c b/utilities/ovn-nbctl.c index 0586eccdb..5db1fc136 100644 --- a/utilities/ovn-nbctl.c +++ b/utilities/ovn-nbctl.c @@ -4014,14 +4014,26 @@ normalize_addr_str(const char *orig_addr) return ret; } +static bool +ip_in_lrp_networks(const struct nbrec_logical_router_port *lrp, + const char *ip_s); + static void nbctl_pre_lr_policy_add(struct ctl_context *ctx) { ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_col_name); + ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_col_ports); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_col_policies); + ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_port_col_name); + ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_port_col_mac); + ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_port_col_networks); + ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_policy_col_priority); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_policy_col_match); + + ovsdb_idl_add_column(ctx->idl, &nbrec_bfd_col_dst_ip); + ovsdb_idl_add_column(ctx->idl, &nbrec_bfd_col_logical_port); } static void @@ -4158,6 +4170,81 @@ nbctl_lr_policy_add(struct ctl_context *ctx) nbrec_logical_router_update_policies_addvalue(lr, policy); + struct shash_node *bfd = shash_find(&ctx->options, "--bfd"); + const struct nbrec_bfd **bfd_sessions = NULL; + + if (bfd) { + if (!reroute) { + ctl_error(ctx, "BFD is valid only with reroute action."); + goto free_nexthops; + } + + bfd_sessions = xcalloc(n_nexthops, sizeof *bfd_sessions); + size_t j, n_bfd_sessions = 0; + + for (i = 0; i < n_nexthops; i++) { + for (j = 0; j < lr->n_ports; j++) { + if (ip_in_lrp_networks(lr->ports[j], nexthops[i])) { + break; + } + } + + if (j == lr->n_ports) { + ctl_error(ctx, "out lrp not found for %s nexthop", + nexthops[i]); + goto free_nexthops; + } + + struct in6_addr nexthop_v6; + bool is_nexthop_v6 = ipv6_parse(nexthops[i], &nexthop_v6); + const struct nbrec_bfd *iter, *nb_bt = NULL; + + NBREC_BFD_FOR_EACH (iter, ctx->idl) { + struct in6_addr dst_ipv6; + bool is_dst_v6 = ipv6_parse(iter->dst_ip, &dst_ipv6); + + if (is_nexthop_v6 ^ is_dst_v6) { + continue; + } + + /* match endpoint ip. */ + if ((is_nexthop_v6 && + !ipv6_addr_equals(&nexthop_v6, &dst_ipv6)) || + strcmp(iter->dst_ip, nexthops[i])) { + continue; + } + + /* match outport. */ + if (strcmp(iter->logical_port, lr->ports[j]->name)) { + continue; + } + + nb_bt = iter; + break; + } + + /* Create the BFD session if it does not already exist. */ + if (!nb_bt) { + nb_bt = nbrec_bfd_insert(ctx->txn); + nbrec_bfd_set_dst_ip(nb_bt, nexthops[i]); + nbrec_bfd_set_logical_port(nb_bt, lr->ports[j]->name); + } + + for (j = 0; j < n_bfd_sessions; j++) { + if (bfd_sessions[j] == nb_bt) { + break; + } + } + if (j == n_bfd_sessions) { + bfd_sessions[n_bfd_sessions++] = nb_bt; + } + } + nbrec_logical_router_policy_set_bfd_sessions( + policy, (struct nbrec_bfd **) bfd_sessions, n_bfd_sessions); + } + +free_nexthops: + free(bfd_sessions); for (i = 0; i < n_nexthops; i++) { free(nexthops[i]); } @@ -4282,8 +4369,11 @@ print_routing_policy(const struct nbrec_logical_router_policy *policy, policy->match, policy->action); } - if (!smap_is_empty(&policy->options)) { + if (!smap_is_empty(&policy->options) || policy->n_bfd_sessions) { ds_put_format(s, "%15s", ""); + if (policy->n_bfd_sessions) { + ds_put_cstr(s, "bfd,"); + } struct smap_node *node; SMAP_FOR_EACH (node, &policy->options) { ds_put_format(s, "%s=%s,", node->key, node->value); @@ -4305,6 +4395,8 @@ nbctl_pre_lr_policy_list(struct ctl_context *ctx) ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_policy_col_nexthops); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_policy_col_action); ovsdb_idl_add_column(ctx->idl, &nbrec_logical_router_policy_col_options); + ovsdb_idl_add_column(ctx->idl, + &nbrec_logical_router_policy_col_bfd_sessions); } static void @@ -7900,7 +7992,8 @@ static const struct ctl_command_syntax nbctl_commands[] = { /* Policy commands */ { "lr-policy-add", 4, INT_MAX, "ROUTER PRIORITY MATCH ACTION [NEXTHOP] [OPTIONS - KEY=VALUE ...]", - nbctl_pre_lr_policy_add, nbctl_lr_policy_add, NULL, "--may-exist", RW }, + nbctl_pre_lr_policy_add, nbctl_lr_policy_add, NULL, "--may-exist,--bfd?", + RW }, { "lr-policy-del", 1, 3, "ROUTER [{PRIORITY | UUID} [MATCH]]", nbctl_pre_lr_policy_del, nbctl_lr_policy_del, NULL, "--if-exists", RW }, { "lr-policy-list", 1, 1, "ROUTER", nbctl_pre_lr_policy_list,