Hi Lorenzo, On 3/18/26 4:55 PM, Lorenzo Bianconi wrote: > Introduce disable_garp_rarp option in the Logical_Router table in order > to disable GARP/RARP announcements by all the peer ports of this logical > router. > Please note this is a patch specific for ovn branch-24.03. >
We can't apply a backport only to branch-24.03. We need to apply it to all the branches in between 24.03 and main (or whatever branch the feature was added on, in this case 25.09) too. This patch doesn't apply on 25.03. Please post a branch-25.09 (and if needed a branch-25.03 and 24.09) patch first. Thanks, Dumitru > Reported-at: https://issues.redhat.com/browse/FDP-1537 > Signed-off-by: Lorenzo Bianconi <[email protected]> > --- > controller/pinctrl.c | 36 ++++++++++++++++- > northd/northd.c | 5 +++ > ovn-nb.xml | 9 +++++ > tests/ovn.at | 93 ++++++++++++++++++++++++++++++++++++++++++++ > 4 files changed, 141 insertions(+), 2 deletions(-) > > diff --git a/controller/pinctrl.c b/controller/pinctrl.c > index f48475004..1e1735c64 100644 > --- a/controller/pinctrl.c > +++ b/controller/pinctrl.c > @@ -5920,6 +5920,28 @@ ip_mcast_querier_wait(long long int query_time) > } > } > > +static bool > +garp_rarp_is_enabled(struct ovsdb_idl_index *sbrec_port_binding_by_name, > + const struct sbrec_port_binding *pb) > +{ > + if (smap_get_bool(&pb->options, "disable_garp_rarp", false)) { > + return false; > + } > + > + /* Check if GARP probing is disabled on the peer logical router. */ > + const struct sbrec_port_binding *peer = lport_get_peer( > + pb, sbrec_port_binding_by_name); > + if (!peer) { > + peer = lport_get_l3gw_peer(pb, sbrec_port_binding_by_name); > + } > + if (peer && smap_get_bool(&peer->datapath->external_ids, > + "disable_garp_rarp", false)) { > + return false; > + } > + > + return true; > +} > + > /* Get localnet vifs, local l3gw ports and ofport for localnet patch ports. > */ > static void > get_localnet_vifs_l3gwports( > @@ -5967,6 +5989,11 @@ get_localnet_vifs_l3gwports( > strcmp(iface_rec->link_state, "up")) { > continue; > } > + > + if (!garp_rarp_is_enabled(sbrec_port_binding_by_name, pb)) { > + continue; > + } > + > struct local_datapath *ld > = get_local_datapath(local_datapaths, > pb->datapath->tunnel_key); > @@ -5995,8 +6022,9 @@ get_localnet_vifs_l3gwports( > sbrec_port_binding_index_set_datapath(target, ld->datapath); > SBREC_PORT_BINDING_FOR_EACH_EQUAL (pb, target, > sbrec_port_binding_by_datapath) { > - if ((!strcmp(pb->type, "l3gateway") && pb->chassis == chassis) > - || !strcmp(pb->type, "patch")) { > + if (((!strcmp(pb->type, "l3gateway") && pb->chassis == chassis) > + || !strcmp(pb->type, "patch")) && > + garp_rarp_is_enabled(sbrec_port_binding_by_name, pb)) { > sset_add(local_l3gw_ports, pb->logical_port); > } > } > @@ -6129,6 +6157,10 @@ get_nat_addresses_and_keys(struct ovsdb_idl_index > *sbrec_port_binding_by_name, > continue; > } > > + if (!garp_rarp_is_enabled(sbrec_port_binding_by_name, pb)) { > + continue; > + } > + > if (pb->n_nat_addresses) { > for (int i = 0; i < pb->n_nat_addresses; i++) { > consider_nat_address(sbrec_port_binding_by_name, > diff --git a/northd/northd.c b/northd/northd.c > index 7055bdd7b..4c113b97e 100644 > --- a/northd/northd.c > +++ b/northd/northd.c > @@ -789,6 +789,11 @@ ovn_datapath_update_external_ids(struct ovn_datapath *od) > smap_add_format(&ids, "mac_binding_age_threshold", > "%u", age_threshold); > } > + > + bool disable_garp_rarp = smap_get_bool(&od->nbr->options, > + "disable_garp_rarp", false); > + smap_add_format(&ids, "disable_garp_rarp", > + disable_garp_rarp ? "true" : "false"); > } > > sbrec_datapath_binding_set_external_ids(od->sb, &ids); > diff --git a/ovn-nb.xml b/ovn-nb.xml > index 38245162f..203ff991d 100644 > --- a/ovn-nb.xml > +++ b/ovn-nb.xml > @@ -2844,6 +2844,15 @@ or > </p> > > </column> > + > + <column name="options" key="disable_garp_rarp" > + type='{"type": "boolean"}'> > + <p> > + If set to <code>true</code>, GARP and RARP announcements are not > + sent by all the VIF peer ports of this logical router. > + The default value is <code>false</code>. > + </p> > + </column> > </group> > > <group title="Common Columns"> > diff --git a/tests/ovn.at b/tests/ovn.at > index 844f544fa..f663c79bd 100644 > --- a/tests/ovn.at > +++ b/tests/ovn.at > @@ -40702,3 +40702,96 @@ AT_CHECK([ovs-ofctl dump-flows br-int > table=$acl_in_eval | grep -q "tp_dst=80"], > OVN_CLEANUP([hv1]) > AT_CLEANUP > ]) > + > +OVN_FOR_EACH_NORTHD([ > +AT_SETUP([Disabling RARP/GARP announcements from Router options]) > +ovn_start > + > +net_add n1 > + > +sim_add hv1 > +as hv1 > +ovs-vsctl add-br br-phys > +ovs-vsctl set open . external-ids:ovn-bridge-mappings=phys:br-phys > +ovn_attach n1 br-phys 192.168.0.1 > + > +check ovs-vsctl add-port br-phys snoopvif -- set Interface snoopvif > options:tx_pcap=hv1/snoopvif-tx.pcap options:rxq_pcap=hv1/snoopvif-rx.pcap > +check ovs-vsctl add-port br-int vif1 -- set Interface vif1 > external-ids:iface-id=lsp1 > +check ovs-vsctl add-port br-int vif2 -- set Interface vif2 > external-ids:iface-id=lsp2 > + > +check ovs-vsctl set Open_vSwitch . external-ids:garp-max-timeout-sec=1 > + > +check ovn-nbctl ls-add ls1 > +check ovn-nbctl lsp-add ls1 ln1 > +check ovn-nbctl lsp-set-addresses ln1 unknown > +check ovn-nbctl lsp-set-type ln1 localnet > +check ovn-nbctl lsp-set-options ln1 network_name=phys > +check ovn-nbctl lsp-add ls1 lsp1 > +check ovn-nbctl lsp-set-addresses lsp1 "00:00:00:00:00:12 192.168.1.2" > +check ovn-nbctl --wait=hv sync > + > +check ovn-nbctl ls-add ls2 > +check ovn-nbctl lsp-add ls2 lsp2 > +check ovn-nbctl lsp-set-addresses lsp2 "00:00:00:00:00:13 10.0.0.2" > +check ovn-nbctl --wait=hv sync > + > +check ovn-nbctl lr-add lr1 > +check ovn-nbctl set Logical_Router lr1 options:disable_garp_rarp="true" > +check ovn-nbctl lrp-add lr1 lrp1 00:00:00:00:00:11 192.168.1.1/24 > +check ovn-nbctl lrp-add lr1 lrp2 00:00:00:00:00:14 10.0.0.1/24 > +check ovn-nbctl lsp-add ls1 ls-lrp1 \ > + -- set Logical_Switch_Port ls-lrp1 type=router \ > + options:router-port=lrp1 addresses=\"00:00:00:00:00:11\" > +check ovn-nbctl lsp-add ls2 ls-lrp2 \ > + -- set Logical_Switch_Port ls-lrp2 type=router \ > + options:router-port=lrp2 addresses=\"00:00:00:00:00:14\" > +check ovn-nbctl lsp-set-options ls-lrp1 router-port=lrp1 > nat-addresses="router" > +check ovn-nbctl lr-nat-add lr1 snat 192.168.1.10 10.0.0.0/24 > +check ovn-nbctl lrp-set-gateway-chassis lrp1 hv1 > +check ovn-nbctl --wait=hv sync > + > +wait_for_ports_up > + > +garp_lrp=$(fmt_pkt "Ether(dst='ff:ff:ff:ff:ff:ff', src='00:00:00:00:00:11')/ > \ > + ARP(hwsrc='00:00:00:00:00:11', psrc='192.168.1.1', > pdst='192.168.1.1')") > +garp_vif=$(fmt_pkt "Ether(dst='ff:ff:ff:ff:ff:ff', src='00:00:00:00:00:12')/ > \ > + ARP(hwsrc='00:00:00:00:00:12', psrc='192.168.1.2', > pdst='192.168.1.2')") > +garp_nat=$(fmt_pkt "Ether(dst='ff:ff:ff:ff:ff:ff', src='00:00:00:00:00:11')/ > \ > + ARP(hwsrc='00:00:00:00:00:11', psrc='192.168.1.10', > pdst='192.168.1.10')") > +# GARP packet for vif > +echo $garp_vif > expected > +OVN_CHECK_PACKETS_UNIQ([hv1/snoopvif-tx.pcap], [expected]) > +$PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/snoopvif-tx.pcap > > hv1/snoopvif-tx.packets > +AT_CHECK([grep -q "$garp_lrp" hv1/snoopvif-tx.packets], [1]) > +AT_CHECK([grep -q "$garp_nat" hv1/snoopvif-tx.packets], [1]) > + > +# GARP packet for lrp > +echo $garp_lrp >> expected > +echo $garp_nat >> expected > +check ovn-nbctl --wait=hv set Logical_Router lr1 > options:disable_garp_rarp="false" > +OVN_CHECK_PACKETS_UNIQ([hv1/snoopvif-tx.pcap], [expected]) > + > +# Check for GW router > +check ovn-nbctl lrp-del-gateway-chassis lrp1 hv1 > +check ovn-nbctl set Logical_Router lr1 options:chassis="hv1" > +check ovn-nbctl set Logical_Router lr1 options:disable_garp_rarp="true" > +check ovn-nbctl --wait=hv sync > + > +sleep_controller hv1 > +reset_pcap_file snoopvif hv1/snoopvif > +wake_up_controller hv1 > + > +echo $garp_vif > expected > +OVN_CHECK_PACKETS_UNIQ([hv1/snoopvif-tx.pcap], [expected]) > +$PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/snoopvif-tx.pcap > > hv1/snoopvif-tx.packets > +AT_CHECK([grep -q "$garp_lrp" hv1/snoopvif-tx.packets], [1]) > +AT_CHECK([grep -q "$garp_nat" hv1/snoopvif-tx.packets], [1]) > + > +echo $garp_lrp >> expected > +echo $garp_nat >> expected > +check ovn-nbctl set Logical_Router lr1 options:disable_garp_rarp="false" > +check ovn-nbctl --wait=hv sync > +OVN_CHECK_PACKETS_UNIQ([hv1/snoopvif-tx.pcap], [expected]) > + > +AT_CLEANUP > +]) _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
