From patchwork Wed Jul 17 09:03:34 2024 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Priyankar Jain X-Patchwork-Id: 1961489 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@legolas.ozlabs.org Authentication-Results: legolas.ozlabs.org; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=proofpoint20171006 header.b=If8U3VPU; dkim=fail reason="signature verification failed" (2048-bit key; unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=selector1 header.b=U6x5U6ca; dkim-atps=neutral Authentication-Results: legolas.ozlabs.org; spf=pass (sender SPF authorized) smtp.mailfrom=openvswitch.org (client-ip=2605:bc80:3010::136; helo=smtp3.osuosl.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=patchwork.ozlabs.org) Received: from smtp3.osuosl.org (smtp3.osuosl.org [IPv6:2605:bc80:3010::136]) (using TLSv1.3 with cipher TLS_AES_256_GCM_SHA384 (256/256 bits) key-exchange X25519 server-signature ECDSA (secp384r1) server-digest SHA384) (No client certificate requested) by legolas.ozlabs.org (Postfix) with ESMTPS id 4WP93T0Y7pz1xqc for ; Wed, 17 Jul 2024 19:04:04 +1000 (AEST) Received: from localhost (localhost [127.0.0.1]) by smtp3.osuosl.org (Postfix) with ESMTP id B4C6660AC3; Wed, 17 Jul 2024 09:04:02 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp3.osuosl.org ([127.0.0.1]) by localhost (smtp3.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id P_AaeiQ-txYd; Wed, 17 Jul 2024 09:04:01 +0000 (UTC) X-Comment: SPF check N/A for local connections - client-ip=2605:bc80:3010:104::8cd3:938; helo=lists.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver= DKIM-Filter: OpenDKIM Filter v2.11.0 smtp3.osuosl.org E160A607C5 Authentication-Results: smtp3.osuosl.org; dkim=fail reason="signature verification failed" (2048-bit key, unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=proofpoint20171006 header.b=If8U3VPU; dkim=fail reason="signature verification failed" (2048-bit key, unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=selector1 header.b=U6x5U6ca Received: from lists.linuxfoundation.org (lf-lists.osuosl.org [IPv6:2605:bc80:3010:104::8cd3:938]) by smtp3.osuosl.org (Postfix) with ESMTPS id E160A607C5; Wed, 17 Jul 2024 09:04:00 +0000 (UTC) Received: from lf-lists.osuosl.org (localhost [127.0.0.1]) by lists.linuxfoundation.org (Postfix) with ESMTP id BE760C0A97; Wed, 17 Jul 2024 09:04:00 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@lists.linuxfoundation.org Received: from smtp4.osuosl.org (smtp4.osuosl.org [IPv6:2605:bc80:3010::137]) by lists.linuxfoundation.org (Postfix) with ESMTP id 8C1FCC0A96 for ; Wed, 17 Jul 2024 09:03:59 +0000 (UTC) Received: from localhost (localhost [127.0.0.1]) by smtp4.osuosl.org (Postfix) with ESMTP id 61ED2407D6 for ; Wed, 17 Jul 2024 09:03:59 +0000 (UTC) X-Virus-Scanned: amavis at osuosl.org Received: from smtp4.osuosl.org ([127.0.0.1]) by localhost (smtp4.osuosl.org [127.0.0.1]) (amavis, port 10024) with ESMTP id 8LJ5_TdPUK26 for ; Wed, 17 Jul 2024 09:03:57 +0000 (UTC) Received-SPF: Pass (mailfrom) identity=mailfrom; client-ip=148.163.151.68; helo=mx0a-002c1b01.pphosted.com; envelope-from=priyankar.jain@nutanix.com; receiver= DMARC-Filter: OpenDMARC Filter v1.4.2 smtp4.osuosl.org 64A39407C6 Authentication-Results: smtp4.osuosl.org; dmarc=pass (p=none dis=none) header.from=nutanix.com DKIM-Filter: OpenDKIM Filter v2.11.0 smtp4.osuosl.org 64A39407C6 Authentication-Results: smtp4.osuosl.org; dkim=pass (2048-bit key, unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=proofpoint20171006 header.b=If8U3VPU; dkim=pass (2048-bit key, unprotected) header.d=nutanix.com header.i=@nutanix.com header.a=rsa-sha256 header.s=selector1 header.b=U6x5U6ca Received: from mx0a-002c1b01.pphosted.com (mx0a-002c1b01.pphosted.com [148.163.151.68]) by smtp4.osuosl.org (Postfix) with ESMTPS id 64A39407C6 for ; Wed, 17 Jul 2024 09:03:56 +0000 (UTC) Received: from pps.filterd (m0127838.ppops.net [127.0.0.1]) by mx0a-002c1b01.pphosted.com (8.18.1.2/8.18.1.2) with ESMTP id 46H7ZnXq007249 for ; Wed, 17 Jul 2024 02:03:56 -0700 DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; h= cc:content-transfer-encoding:content-type:date:from:message-id :mime-version:subject:to; s=proofpoint20171006; bh=KIe5pJwani4+l sTNMnD2BEil6wnf+rpFFqgnRs5hUbk=; b=If8U3VPUv21Y2uCoq6HH8lsrf94gb j07a/Eji/aKAa8bAjzn3efRFoLAqsSc8as1pK1sueoPwRu5fzGzUDj6EemfQJ9K2 oXZ2rZGW3YjvZbUbH8IPzPgcFqdN6rSWPXsRzagpxnngtJU8a3snTecFNJ+3lb6s xMx/1hgn9c8UH8YNj4/44IjqpKinejvHt8BQI6+TwBH3cfJiPxuyxksXvLn8zUo9 wD5zAYOCbj1jkUCy1MYCfM2HGsF9JdQrQcPMGfNZvjjMOkpiDcIBLxRwabcHOQPD /RP0RxfQGgimx81uHX/dultEDsYdoMh/Ct91r+bLq3ktTrVk376lYnl2g== Received: from bn1pr04cu002.outbound.protection.outlook.com (mail-eastus2azlp17010005.outbound.protection.outlook.com [40.93.12.5]) by mx0a-002c1b01.pphosted.com (PPS) with ESMTPS id 40dwjbsjqp-1 (version=TLSv1.2 cipher=ECDHE-RSA-AES256-GCM-SHA384 bits=256 verify=NOT) for ; Wed, 17 Jul 2024 02:03:55 -0700 (PDT) ARC-Seal: i=1; a=rsa-sha256; s=arcselector10001; d=microsoft.com; cv=none; b=JUZIWWsYa8/OMOUWJ2KnXOgULBa6IpvnG466M1C+d+iMWCnAV5LONjZzWk33ue55TkAGmIpPaq1UvfMvoNEb7Pju6bk4ov/DTPHmhhnk/qtLgFgP7t372a5fIXoeuI5JZ/bD2PQy1ZN/+E7KbOkgMbviGO7HuSYU/CfNLX9BuGZRwVY2jjubjktf3I6KfWEdq0prenLySrfj5kEX9/koLBD4c0xeUb2JekEaOfiAAqAqMLkwHzId7bAPyaTL/E8yEcSfMFPw03t+9RmdnelXWLwwJtu6IHHsWUXPKPNf5JXb6Ue3lfKeQ1SNVKEWlmyCkkBNRAXiHpDACdnsEhU6lA== ARC-Message-Signature: i=1; a=rsa-sha256; c=relaxed/relaxed; d=microsoft.com; s=arcselector10001; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-AntiSpam-MessageData-ChunkCount:X-MS-Exchange-AntiSpam-MessageData-0:X-MS-Exchange-AntiSpam-MessageData-1; bh=KIe5pJwani4+lsTNMnD2BEil6wnf+rpFFqgnRs5hUbk=; b=NpvvfcLpj9dwbPasfwju5rOZ2oHucXZRiYoZGCDKnFON4pgnwWh3A7GjcXAMtWFN4EJMEgfrGN9K/7xUU+LixJrAgJKcIj6gJr8jCanQknw9YiHVZE7C9soHTjnfL1ZmvWMHwWLn7t9njEcs0sdVxsplSsvrdOTzgoxD3aLhXpzZr9jG7wELC1kyhXtVpq+wL2rCtZTm1P2Sv7mp4otppvOJA4jw3PZ+eBUIsJ2AflhRGAMt20erhvfSvLBROdr7wJkduPZbppyetTJIECYCQxQuBtnuZgJqlUhPqgWgbVR2nWnV/nu8aWDRiRaO/VNw17d5MW3pO3QSZzVsSbSe8Q== ARC-Authentication-Results: i=1; mx.microsoft.com 1; spf=pass smtp.mailfrom=nutanix.com; dmarc=pass action=none header.from=nutanix.com; dkim=pass header.d=nutanix.com; arc=none DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=nutanix.com; s=selector1; h=From:Date:Subject:Message-ID:Content-Type:MIME-Version:X-MS-Exchange-SenderADCheck; bh=KIe5pJwani4+lsTNMnD2BEil6wnf+rpFFqgnRs5hUbk=; b=U6x5U6caAHlK56UwDIMtdWtabbe6e+voVGza8c86H+vq7oJjOllAJ9b/Xmk6UCnsDCrG7x420bhq+gmatyONNX0hl4Q+Qz5Mf3U9DLTpe7n7M7TDnoPr9lzPrKNCmJky5uNXxnSI+0ddkG3eZG4i3p4tf0sHt4P48oa/7+doHvj/BUyLrX2V7uix4QCm24cPxICvDCg8VDaZfkXFvnT3hPB5TFZmhWjUsrGAz/Uu6k1DExfnLegJg5YRvlcwkcVVKUFKV4GvwrDo0nkvMmB3EhLIr8/qZrcfAHcz1zWapL9kVfLazVr/asoYjMFxzCM5gZRmD7csHKrc1AuF6dT5Mw== Received: from PH0PR02MB7496.namprd02.prod.outlook.com (2603:10b6:510:16::12) by CO6PR02MB7521.namprd02.prod.outlook.com (2603:10b6:303:ad::10) with Microsoft SMTP Server (version=TLS1_2, cipher=TLS_ECDHE_RSA_WITH_AES_256_GCM_SHA384) id 15.20.7762.30; Wed, 17 Jul 2024 09:03:52 +0000 Received: from PH0PR02MB7496.namprd02.prod.outlook.com ([fe80::d47d:ed:381c:b8d5]) by PH0PR02MB7496.namprd02.prod.outlook.com ([fe80::d47d:ed:381c:b8d5%4]) with mapi id 15.20.7762.027; Wed, 17 Jul 2024 09:03:52 +0000 From: Priyankar Jain To: dev@openvswitch.org Date: Wed, 17 Jul 2024 14:33:34 +0530 Message-Id: <20240717090334.3957-1-priyankar.jain@nutanix.com> X-Mailer: git-send-email 2.39.2 (Apple Git-143) X-ClientProxiedBy: MA0PR01CA0103.INDPRD01.PROD.OUTLOOK.COM (2603:1096:a01:af::17) To PH0PR02MB7496.namprd02.prod.outlook.com (2603:10b6:510:16::12) MIME-Version: 1.0 X-MS-PublicTrafficType: Email X-MS-TrafficTypeDiagnostic: PH0PR02MB7496:EE_|CO6PR02MB7521:EE_ X-MS-Office365-Filtering-Correlation-Id: 03867f03-420d-430e-d908-08dca63f610a x-proofpoint-crosstenant: true X-MS-Exchange-SenderADCheck: 1 X-MS-Exchange-AntiSpam-Relay: 0 X-Microsoft-Antispam: BCL:0; ARA:13230040|52116014|376014|366016|1800799024|38350700014; X-Microsoft-Antispam-Message-Info: vfgFdq/JIEJXbwjst8GUd8RVTZxmy04XgTrN0AH5xgV0HSy7T9SYjyPtoTPElZJV2Pkx3VWU4Kp1on1j+WEB3ngr5f90Xoko+zHZDqU3gBZC7zzy4NfKod65i8fSymF+8rWLo5OxdyBYArdyZeWfGziGwCtsVM8f10eth+CatG5g63UN46AynHdwJ6Rx4t4zI21inpr9/Clk03PyrVNQ4ry2jMSp5hPsG0qtp3RBPV8lhOTpNaxIyVRa51I2FA0NOylO2modghP1wz6WoRPCHsL4eG708fejYemanqyAH+dF1kTppsOauSOrDC3ze/B7h23lhheC0tbA3kAQLkE6xPcu66aJnCVkVRCsaDLvXkZEawQg+3YYslg1ALU4F1lbGmgdM3XbCJqnJOGCDSwHJxC42sWCY7sybWHrzCs2VjqNW2/wi7nJ9fQEIq97YH9eUSSmYroKTVGIKvj2kCMHFXE6SUoCoZ8jKQcyaimy0okkke0FPuGPeArpZ0r5Yr7Z6ulfQUBQ/i/R0vIHHzTL8vCz2+fVnRrA1iAelUnuwWPFbbAVrQD703X4nEqZ4eW+IdWR77hwFyIa7om9tIplO4Np8kNMYrqaRmWvP3Mlku9XeZcSBGcGfiqGP0KLJEgGxGWV0g4uQJFBL18UztpCxuMB1MvIKTnxNTKdIX2m+RMz7Gyn4Wb1g1K+RXAWkGFUG9ed7FYXB/mtueQ7WM8ZmxEV7oOR/E980MA6Zey4yNr4+1VKpJoHGDQKv8U8nQILT4FJ024uZ/Nr+pCyjdgmY2UoDahXegEXuXGF4GFS8l3UDfoZBshDvzwj4sFWBIMzvxkiNxZLcNFHDCJ3Nfh3GX3V1i5zeh/wKE6VGFYi8w+/+mPW5usVoOdxWyAishuQ/b0wqIKgl3JJmYGg0xTy99b3t83EYw+WVptAYi4ZFoPxHOiP6MXqyekZ3MtTm7YUjHnQ34KS/8aXJraVjYMr49NtD1ctuhZNdQSIDoLPfpyhNPQa5XrVqWVgci5OGhvWciArr4opb1L7nn9of1EUn4wwwhNdoykdRg8vQc+GdIFiZS05orXPtYA5sQkfvCCrIBMBCJZJNTVPsBUqaCS2p5iz7dCRYv50M/Rc0hMOOJ1Ii0J/YWP0ywm1Tft/of2RT++AkDHmA3t+8ks2ll+7PbxWbizqKk+Bc4mwvl5m5Ta6GK+f3kaOu4RV79We0wPqhH0/DU5OP0EZDwSiytmGM5DRBqMVtNSWgJIHYMM5bybH9N+1KUCwI4CK+t6L8G5Kw2FpVkxiCzxjxelG9uu6o+o+6ZT7Bv0MzUq+WNv1yDoQnwj4RM5Ku5yACnP8K6QcSGebSfORrHSJEXtU/ZfT18AdcuHvpaaI3ka6uCJcZhCO2CQUfpZ9jw2W/tMH0uvTliQsqbHA17MuC+xhlmjOig== X-Forefront-Antispam-Report: CIP:255.255.255.255; CTRY:; LANG:en; SCL:1; SRV:; IPV:NLI; SFV:NSPM; H:PH0PR02MB7496.namprd02.prod.outlook.com; PTR:; CAT:NONE; SFS:(13230040)(52116014)(376014)(366016)(1800799024)(38350700014); DIR:OUT; SFP:1102; X-MS-Exchange-AntiSpam-MessageData-ChunkCount: 1 X-MS-Exchange-AntiSpam-MessageData-0: bfhAPm32Duvz2gdlLvjPOu7Mubyv0giFJLtpRZeSA7XuOLMLfPlNUK08m1d8l7IjGZZVoePWi1swhKMU18XbMcO5w9D+UpC7FsJvrcg0jxxmCBJ8z/AcpbpV/eoo0MU9LxGVq+MPtQ7jaiZifXT0ldzuWLHkOyNe+MxOLfl8XFa7DkUX1lFCIu1caPCO9ALxtNtj5a5dC+DyWm2UvVHIswbwoDLUgpMfCZPnYz4fXoK8Bi7FsOoGUKGXKIDxPE+nQr06zF2SQ+hE02cvFIkV4AeHDtgVFg3VZjBVzg6x2iBih8xAQKmj98PrT313PnfubKFPNNKycQ9sofISPxttvl3I4rfI9SMdB12YYo6u9lAM2iEiPz/0is3wEVWYHWxHKmHC/wxrS5yXbnfqm2gXAEjOAh28pbeZzLb2aCcpRHMiAWRc1WCMRvcWSEN5Zvow90QaExHMBBFplmS3+O6ALcpXFfJ7lj/V+254jq1ADxUnhIRQNEFpen7uxK4pbS7lHiwmVFXbVRLAQgas5jcHnrb7V71ieMZ3lWuC4Qbryc5WSgGGgutDv85qap+9w0JT7pqR972LEGte9RuVx5AEhBoiJ2EFDfA/fCZ32netoViuMXvDp7eq9F0G+QrwRl/bRriDgjhzvNZZ4nMFv+qP8U3DnpW7WGexfM3KVL1QdRAljMMgP9pn9SW5NeMKmw8Q63W1ruv/M9bG2GtfJbn2R5mk5js28TXv8Amfsf+wb85rWAkiA5r2DfBfqofPVLUlCBWnPgBRrZUEoCRD8lMro3SqXnRZNUTbHf3bgmX8uMf8OURHTTnVZTTej/+ITL3fPYH6vvmJzyIUKKXlXIj4BOIl6xNoMk8RY+XmPDsj0B1IIdiArHsITdgAlzm5bGenzuuhd//kmyg1OOrBPwD5DoKNlAnGOE6NPSMC0Yt53jBmq6atS89T+WyK7jI2rJUTWG8iShhuZvx9kDjiWavzVPGFOJ9ISeotiJwf34dOD3enRZcIVmRoqGUK21nTAmA1TdUzgUmuNX4NdCswBPYGtD4Kiet+bIaya0an66V84QN5ECFMzn/8kwWfMAa1w/9JmcJ4n2PX9q6RGI43LsXNYTl9F0fTp/vFZFuNTYgS7A20Xnir9fxSRwo13jQYm9ycBjRhgmk/TX16SZwcG/UDOwW4mBx4+iWnFUWDdbRj070pfGg3jJQAQQu28Pt9CvvJPPlLB/f8/YjPyor4a5rG0tFH6MudlwP4GYT/BeKIboHQwJW0uYnK7r5nfgovcWd9rkmfywRb1JBfiPS2gtHFNuDF0fUKHoAbzi8+pEUkrunJ3ljCq9I4GkKzz0akRa8FlMabrsXP7Ctww/i1be7wVGQm9M1kQlIsrW1Zz7mWDyyYqTx434oUHdPA3ZV2FslMNontvPnMvLSqr1ACmLPzjr3n7jwLRsvPhMMFGmn+hshQ8sMZ/EtY/WTXPU1QBKMpMUDPgsbCwqaXwVtttdI6vGUUpdB5yQ6DF2NvO/rBiOm3N8N3XiTWkxzrgPksm2BogqmaAM6Le8xrPD16bTV8whR2r+vFBcLGVgtoxQOp2xF1RBxf69tbe+ICaS6nOPlxz6xinh93Tj7XdU5CEl1u/A== X-OriginatorOrg: nutanix.com X-MS-Exchange-CrossTenant-Network-Message-Id: 03867f03-420d-430e-d908-08dca63f610a X-MS-Exchange-CrossTenant-AuthSource: PH0PR02MB7496.namprd02.prod.outlook.com X-MS-Exchange-CrossTenant-AuthAs: Internal X-MS-Exchange-CrossTenant-OriginalArrivalTime: 17 Jul 2024 09:03:52.4088 (UTC) X-MS-Exchange-CrossTenant-FromEntityHeader: Hosted X-MS-Exchange-CrossTenant-Id: bb047546-786f-4de1-bd75-24e5b6f79043 X-MS-Exchange-CrossTenant-MailboxType: HOSTED X-MS-Exchange-CrossTenant-UserPrincipalName: jTyOOwTc1ed1ORhjEL4LpEzDDXqH6s7NP/clUUn/8vo3jGlQUf9uVKR59Op6MZ5e+ngTUwMUsOoxqg5rwcoLFTPrcoZYFzBY57eBF9S06CE= X-MS-Exchange-Transport-CrossTenantHeadersStamped: CO6PR02MB7521 X-Proofpoint-GUID: k0fRqQ9s5uqN8pKu3Ipx_8efxfUXUtC4 X-Proofpoint-ORIG-GUID: k0fRqQ9s5uqN8pKu3Ipx_8efxfUXUtC4 X-Proofpoint-Virus-Version: vendor=baseguard engine=ICAP:2.0.293,Aquarius:18.0.1039,Hydra:6.0.680,FMLib:17.12.28.16 definitions=2024-07-17_05,2024-07-16_02,2024-05-17_01 X-Proofpoint-Spam-Reason: safe Subject: [ovs-dev] [PATCH ovn] northd: Allow Load balancer to be attached to router with multiple GW ports X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.30 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Errors-To: ovs-dev-bounces@openvswitch.org Sender: "dev" This commit removes the restriction of support LB for router with only <= 1 Distributed gateway ports. Added datapath and logical flows validation cases. Signed-off-by: Priyankar Jain --- northd/en-lr-stateful.c | 12 --- northd/northd.c | 12 +-- tests/ovn-northd.at | 86 +++++++++++++++++++++ tests/ovn.at | 167 ++++++++++++++++++++++++++++++++++++++++ 4 files changed, 260 insertions(+), 17 deletions(-) diff --git a/northd/en-lr-stateful.c b/northd/en-lr-stateful.c index baf1bd2f8..f09691af6 100644 --- a/northd/en-lr-stateful.c +++ b/northd/en-lr-stateful.c @@ -516,18 +516,6 @@ lr_stateful_record_create(struct lr_stateful_table *table, table->array[od->index] = lr_stateful_rec; - /* Load balancers are not supported (yet) if a logical router has multiple - * distributed gateway port. Log a warning. */ - if (lr_stateful_rec->has_lb_vip && lr_has_multiple_gw_ports(od)) { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1); - VLOG_WARN_RL(&rl, "Load-balancers are configured on logical " - "router %s, which has %"PRIuSIZE" distributed " - "gateway ports. Load-balancer is not supported " - "yet when there is more than one distributed " - "gateway port on the router.", - od->nbr->name, od->n_l3dgw_ports); - } - return lr_stateful_rec; } diff --git a/northd/northd.c b/northd/northd.c index 6898daa00..e6f53f361 100644 --- a/northd/northd.c +++ b/northd/northd.c @@ -11026,10 +11026,9 @@ static void build_distr_lrouter_nat_flows_for_lb(struct lrouter_nat_lb_flows_ctx *ctx, enum lrouter_nat_lb_flow_type type, struct ovn_datapath *od, + struct ovn_port *dgp, struct lflow_ref *lflow_ref) { - struct ovn_port *dgp = od->l3dgw_ports[0]; - const char *undnat_action; switch (type) { @@ -11060,7 +11059,7 @@ build_distr_lrouter_nat_flows_for_lb(struct lrouter_nat_lb_flows_ctx *ctx, if (ctx->lb_vip->n_backends || !ctx->lb_vip->empty_backend_rej) { ds_put_format(ctx->new_match, " && is_chassis_resident(%s)", - od->l3dgw_ports[0]->cr_port->json_key); + dgp->cr_port->json_key); } ovn_lflow_add_with_hint__(ctx->lflows, od, S_ROUTER_IN_DNAT, ctx->prio, @@ -11263,8 +11262,11 @@ build_lrouter_nat_flows_for_lb( if (!od->n_l3dgw_ports) { bitmap_set1(gw_dp_bitmap[type], index); } else { - build_distr_lrouter_nat_flows_for_lb(&ctx, type, od, - lb_dps->lflow_ref); + for (int i = 0; i < od->n_l3dgw_ports; i++) { + struct ovn_port *dgp = od->l3dgw_ports[i]; + build_distr_lrouter_nat_flows_for_lb(&ctx, type, od, dgp, + lb_dps->lflow_ref); + } } if (lb->affinity_timeout) { diff --git a/tests/ovn-northd.at b/tests/ovn-northd.at index a389d1988..5be48f49e 100644 --- a/tests/ovn-northd.at +++ b/tests/ovn-northd.at @@ -12721,3 +12721,89 @@ AT_CHECK([ovn-sbctl dump-flows lr | grep lr_in_dnat | ovn_strip_lflows], [0], [d AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD_NO_HV([ +AT_SETUP([ovn-northd -- LB on Lr with multiple gw ports]) +AT_KEYWORDS([lb-multiple-l3dgw-ports]) +ovn_start + +# Logical network: +# 1 Logical Router, 3 bridged Logical Switches, +# 1 gateway chassis attached to each corresponding LRP. +# LB added attached to DR +# +# | S1 (gw1) +# | +# ls ---- DR -- S3 (gw3) +# (20.0.0.0/24) | +# | S2 (gw2) +# +# Validate basic LB logical flows. + +check ovn-sbctl chassis-add gw1 geneve 127.0.0.1 +check ovn-sbctl chassis-add gw2 geneve 128.0.0.1 +check ovn-sbctl chassis-add gw3 geneve 129.0.0.1 + +check ovn-nbctl lr-add DR +check ovn-nbctl lrp-add DR DR-S1 02:ac:10:01:00:01 172.16.1.1/24 +check ovn-nbctl lrp-add DR DR-S2 03:ac:10:01:00:01 172.16.2.1/24 +check ovn-nbctl lrp-add DR DR-S3 04:ac:10:01:00:01 172.16.3.1/24 +check ovn-nbctl lrp-add DR DR-ls 05:ac:10:01:00:01 20.0.0.1/24 + +check ovn-nbctl ls-add S1 +check ovn-nbctl lsp-add S1 S1-DR +check ovn-nbctl lsp-set-type S1-DR router +check ovn-nbctl lsp-set-addresses S1-DR router +check ovn-nbctl --wait=sb lsp-set-options S1-DR router-port=DR-S1 + +check ovn-nbctl ls-add S2 +check ovn-nbctl lsp-add S2 S2-DR +check ovn-nbctl lsp-set-type S2-DR router +check ovn-nbctl lsp-set-addresses S2-DR router +check ovn-nbctl --wait=sb lsp-set-options S2-DR router-port=DR-S2 + +check ovn-nbctl ls-add S3 +check ovn-nbctl lsp-add S3 S3-DR +check ovn-nbctl lsp-set-type S3-DR router +check ovn-nbctl lsp-set-addresses S3-DR router +check ovn-nbctl --wait=sb lsp-set-options S3-DR router-port=DR-S3 + +check ovn-nbctl ls-add ls +check ovn-nbctl lsp-add ls ls-DR +check ovn-nbctl lsp-set-type ls-DR router +check ovn-nbctl lsp-set-addresses ls-DR router +check ovn-nbctl --wait=sb lsp-set-options ls-DR router-port=DR-ls + +check ovn-nbctl lrp-set-gateway-chassis DR-S1 gw1 +check ovn-nbctl lrp-set-gateway-chassis DR-S2 gw2 +check ovn-nbctl lrp-set-gateway-chassis DR-S3 gw3 + +check ovn-nbctl lb-add lb-1 20.0.0.10:80 20.0.0.8:80,20.0.0.9:80 tcp +check ovn-nbctl lr-lb-add DR lb-1 + +check ovn-nbctl --wait=sb sync + +ovn-sbctl dump-flows DR > lrflows +AT_CAPTURE_FILE([lrflows]) + +# Check the flows in lr_in_dnat stage +AT_CHECK([grep lr_in_dnat lrflows | grep priority=120 | grep cr-DR | ovn_strip_lflows], [0], [dnl + table=??(lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 20.0.0.10 && tcp && tcp.dst == 80 && is_chassis_resident("cr-DR-S1")), action=(ct_lb(backends=20.0.0.8:80,20.0.0.9:80);) + table=??(lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 20.0.0.10 && tcp && tcp.dst == 80 && is_chassis_resident("cr-DR-S2")), action=(ct_lb(backends=20.0.0.8:80,20.0.0.9:80);) + table=??(lr_in_dnat ), priority=120 , match=(ct.new && !ct.rel && ip4 && ip4.dst == 20.0.0.10 && tcp && tcp.dst == 80 && is_chassis_resident("cr-DR-S3")), action=(ct_lb(backends=20.0.0.8:80,20.0.0.9:80);) +]) +# Check the flows in lr_in_gw_redirect stage +AT_CHECK([grep lr_in_gw_redirect lrflows | grep priority=200 | grep cr-DR | ovn_strip_lflows], [0], [dnl + table=??(lr_in_gw_redirect ), priority=200 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && outport == "DR-S1"), action=(outport = "cr-DR-S1"; next;) + table=??(lr_in_gw_redirect ), priority=200 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && outport == "DR-S2"), action=(outport = "cr-DR-S2"; next;) + table=??(lr_in_gw_redirect ), priority=200 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && outport == "DR-S3"), action=(outport = "cr-DR-S3"; next;) +]) +# Check the flows in lr_out_undnat stage +AT_CHECK([grep lr_out_undnat lrflows | grep priority=120 | grep cr-DR | ovn_strip_lflows], [0], [dnl + table=??(lr_out_undnat ), priority=120 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && (inport == "DR-S1" || outport == "DR-S1") && is_chassis_resident("cr-DR-S1")), action=(ct_dnat;) + table=??(lr_out_undnat ), priority=120 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && (inport == "DR-S2" || outport == "DR-S2") && is_chassis_resident("cr-DR-S2")), action=(ct_dnat;) + table=??(lr_out_undnat ), priority=120 , match=(ip4 && ((ip4.src == 20.0.0.8 && tcp.src == 80) || (ip4.src == 20.0.0.9 && tcp.src == 80)) && (inport == "DR-S3" || outport == "DR-S3") && is_chassis_resident("cr-DR-S3")), action=(ct_dnat;) +]) + +AT_CLEANUP +]) diff --git a/tests/ovn.at b/tests/ovn.at index 185ba4a21..8e8c102c0 100644 --- a/tests/ovn.at +++ b/tests/ovn.at @@ -38426,3 +38426,170 @@ OVN_CLEANUP([hv1],[hv2]) AT_CLEANUP ]) + +OVN_FOR_EACH_NORTHD([ +AT_SETUP([Multiple DGP and LB traffic]) +AT_KEYWORDS([dgp-lb]) +AT_SKIP_IF([test $HAVE_SCAPY = no]) +ovn_start + +# Logical network: +# 1 Logical Router, 2 bridged Logical Switches, 1 Logical switch +# 1 gateway chassis attached to each corresponding LRP. +# LB added attached to DR +# +# | public (gw1) (172.168.0.0/24) +# | +# sw0 --- lr0 --- public2 (gw2) (173.168.0.0./24) +# (10.0.0.0/24) +# +# Routes (lr0): +# +# 173.0.0.0/24 ----> 173.168.0.1 (public2) +# default ----> 172.168.0.1 (public) +# +# +# Validate Traffic from public to LB and its response. +# Validate traffic from public2 to LB and its response. + +test_ip_req_packet() { + local src_mac="$1" + local dst_mac="$2" + local src_ip="$3" + local dst_ip="$4" + local sport=$5 + local iface=$6 + + local packet=$(fmt_pkt "Ether(dst='${dst_mac}', src='${src_mac}')/ + IP(dst='${dst_ip}', src='${src_ip}')/ \ + UDP(sport=${sport}, dport=4369)") + + as hv1 reset_pcap_file hv1-vif1 hv1/vif1 + as hv2 reset_pcap_file hv2-vif1 hv2/vif1 + as hv2 reset_pcap_file hv2-vif2 hv2/vif2 + check as hv2 ovs-appctl netdev-dummy/receive $iface $packet +} + +test_ip_rep_packet() { + local src_mac="$1" + local dst_mac="$2" + local src_ip="$3" + local dst_ip="$4" + local dport=$5 + + local packet=$(fmt_pkt "Ether(dst='${dst_mac}', src='${src_mac}')/ + IP(dst='${dst_ip}', src='${src_ip}')/ \ + UDP(sport=4369, dport=${dport})") + + check as hv1 ovs-appctl netdev-dummy/receive hv1-vif1 $packet +} + +net_add n + +sim_add hv1 +as hv1 +check ovs-vsctl add-br br-phys +ovn_attach n br-phys 192.168.0.1 +check ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys +check ovs-vsctl -- add-port br-int hv1-vif1 -- \ + set interface hv1-vif1 external-ids:iface-id=sw0-port1 \ + options:tx_pcap=hv1/vif1-tx.pcap \ + options:rxq_pcap=hv1/vif1-rx.pcap + +sim_add hv2 +as hv2 +check ovs-vsctl add-br br-phys +ovn_attach n br-phys 192.168.0.2 +check ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys +check ovs-vsctl -- add-port br-int hv2-vif1 -- \ + set interface hv2-vif1 external-ids:iface-id=public-port1 \ + options:tx_pcap=hv2/vif1-tx.pcap \ + options:rxq_pcap=hv2/vif1-rx.pcap +check ovs-vsctl -- add-port br-int hv2-vif2 -- \ + set interface hv2-vif2 external-ids:iface-id=public2-port1 \ + options:tx_pcap=hv2/vif2-tx.pcap \ + options:rxq_pcap=hv2/vif2-rx.pcap + +check ovn-nbctl ls-add sw0 +check ovn-nbctl lsp-add sw0 sw0-port1 +check ovn-nbctl lsp-set-addresses sw0-port1 "50:54:00:00:00:01 10.0.0.2" + +check ovn-nbctl ls-add public +check ovn-nbctl lsp-add public ln-public +check ovn-nbctl lsp-set-type ln-public localnet +check ovn-nbctl lsp-set-addresses ln-public unknown +check ovn-nbctl lsp-set-options ln-public network_name=phys +check ovn-nbctl lsp-add public public-port1 +check ovn-nbctl lsp-set-addresses public-port1 "50:54:00:00:00:88 172.168.0.200" + +check ovn-nbctl ls-add public2 +check ovn-nbctl lsp-add public2 ln-public2 +check ovn-nbctl lsp-set-type ln-public2 localnet +check ovn-nbctl lsp-set-addresses ln-public2 unknown +check ovn-nbctl lsp-set-options ln-public2 network_name=phys +check ovn-nbctl lsp-add public2 public2-port1 +check ovn-nbctl lsp-set-addresses public2-port1 "50:54:00:00:00:99 173.168.0.200" + +check ovn-nbctl lr-add lr0 +check ovn-nbctl lrp-add lr0 lr0-sw0 00:00:00:00:ff:01 10.0.0.1/24 +check ovn-nbctl lsp-add sw0 sw0-lr0 +check ovn-nbctl lsp-set-type sw0-lr0 router +check ovn-nbctl lsp-set-addresses sw0-lr0 router +check ovn-nbctl lsp-set-options sw0-lr0 router-port=lr0-sw0 + +check ovn-nbctl lrp-add lr0 lr0-public 00:00:20:20:12:13 172.168.0.1/24 +check ovn-nbctl lsp-add public public-lr0 +check ovn-nbctl lsp-set-type public-lr0 router +check ovn-nbctl lsp-set-addresses public-lr0 router +check ovn-nbctl lsp-set-options public-lr0 router-port=lr0-public + +check ovn-nbctl lrp-add lr0 lr0-public2 00:00:20:20:12:14 173.168.0.1/24 +check ovn-nbctl lsp-add public2 public2-lr0 +check ovn-nbctl lsp-set-type public2-lr0 router +check ovn-nbctl lsp-set-addresses public2-lr0 router +check ovn-nbctl lsp-set-options public2-lr0 router-port=lr0-public2 + + +check ovn-nbctl lrp-set-gateway-chassis lr0-public hv2 20 +check ovn-nbctl lrp-set-gateway-chassis lr0-public2 hv2 20 + +check ovn-nbctl lr-route-add lr0 173.168.0.0/24 173.168.0.1 +check ovn-nbctl lr-route-add lr0 0.0.0.0/0 172.168.0.1 + +wait_for_ports_up +OVN_POPULATE_ARP + + +check ovn-nbctl lb-add lb0 172.168.0.10:4369 10.0.0.2:4369 udp +check ovn-nbctl lr-lb-add lr0 lb0 + +ovn-sbctl lflow-list lr0 + +# send UDP request to the load-balancer VIP from public switch 1 +test_ip_req_packet "50:54:00:00:00:88" "00:00:20:20:12:13" "172.168.0.200" "172.168.0.10" 53 hv2-vif1 +OVS_WAIT_UNTIL([test $($PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | wc -l) -ge 1]) +# send UDP reply from sw0-port1 +test_ip_rep_packet "50:54:00:00:00:01" "00:00:00:00:ff:01" "10.0.0.2" "172.168.0.200" 53 +# packet sent by the load balancer VIP +packet=$(fmt_pkt "Ether(dst='50:54:00:00:00:88', src='00:00:20:20:12:13')/ + IP(dst='172.168.0.200', src='172.168.0.10', ttl=63)/ \ + UDP(sport=4369, dport=53)") +echo $packet > expected +OVN_CHECK_PACKETS_REMOVE_BROADCAST([hv2/vif1-tx.pcap], [expected]) + +# send UDP request to the load-balancer VIP from public switch 2 +test_ip_req_packet "50:54:00:00:00:99" "00:00:20:20:12:14" "173.168.0.200" "172.168.0.10" 54 hv2-vif2 +OVS_WAIT_UNTIL([test $($PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap | wc -l) -ge 1]) +# send UDP reply from sw0-port1 +test_ip_rep_packet "50:54:00:00:00:01" "00:00:00:00:ff:01" "10.0.0.2" "173.168.0.200" 54 +# packet sent by the load balancer VIP +packet=$(fmt_pkt "Ether(dst='50:54:00:00:00:99', src='00:00:20:20:12:14')/ + IP(dst='173.168.0.200', src='172.168.0.10', ttl=63)/ \ + UDP(sport=4369, dport=54)") +echo $packet > expected +OVN_CHECK_PACKETS_REMOVE_BROADCAST([hv2/vif2-tx.pcap], [expected]) + + +OVN_CLEANUP([hv1],[hv2]) +AT_CLEANUP +])