On Thu, Jan 30, 2025 at 10:00:56AM +0100, [email protected] wrote:
> Thanks for the feedback Felix
>
> On Wed, 2025-01-29 at 17:17 +0100, Felix Huettner wrote:
> > Hi Martin,
> >
> > i took a look now at the actual patch. Please find some comments
> > below.
> >
> > On Thu, Jan 23, 2025 at 02:59:30PM +0100, Martin Kalcok wrote:
> > > This change builds on top of the new "dynamic routing" OVN feature
> > > that allows advertising routes to the fabric network. When LR
> > > option
> > > "dynamic-routing" is set on the router, following two new LRP
> > > options
> > > become available:
> > >
> > > * redistribute-nat - When set to "true", ovn-controller will
> > > advertise
> > > routes for external NAT IPs valid for the LRP.
> > > * redistribute-lb-vips - When set to "true", ovn-controller will
> > > advertise
> > > host routes to LB VIPs via the LRP.
> > >
> > > Co-authored-by: Frode Nordahl <[email protected]>
> > > Signed-off-by: Frode Nordahl <[email protected]>
> > > Signed-off-by: Martin Kalcok <[email protected]>
> > > ---
> > > NEWS | 4 +
> > > northd/en-advertised-route-sync.c | 11 +
> > > northd/inc-proc-northd.c | 4 +
> > > northd/northd.c | 98 +++++++-
> > > northd/northd.h | 4 +
> > > ovn-nb.xml | 31 +++
> > > tests/system-ovn.at | 379
> > > ++++++++++++++++++++++++++++++
> > > 7 files changed, 530 insertions(+), 1 deletion(-)
> > >
> > > diff --git a/NEWS b/NEWS
> > > index f526013f1..ad5b74b2e 100644
> > > --- a/NEWS
> > > +++ b/NEWS
> > > @@ -24,6 +24,10 @@ Post v24.09.0
> > > a lower priority than static routes.
> > > - Add the option "dynamic-routing-connected-as-host-routes" to
> > > LRPs. If set
> > > to true then connected routes are announced as individual
> > > host routes.
> > > + - Add 'redistribute-lb-vips' LRP option. If set to true, the
> > > LRP can be used
> > > + to advertise host paths to the Load Balancer VIPs associated
> > > with the LR.
> > > + - Add 'redistribute-nat' LRP option. If set to true, the LRP
> > > can be used
> > > + to advertise external NAT IPs associated with it.
> > >
> > > OVN v24.09.0 - 13 Sep 2024
> > > --------------------------
> > > diff --git a/northd/en-advertised-route-sync.c b/northd/en-
> > > advertised-route-sync.c
> > > index 065c73861..b6786b3af 100644
> > > --- a/northd/en-advertised-route-sync.c
> > > +++ b/northd/en-advertised-route-sync.c
> > > @@ -421,9 +421,20 @@ advertised_route_table_sync(
> > > "dynamic-routing-static"))
> > > {
> > > continue;
> > > }
> > > + if (route->source == ROUTE_SOURCE_NAT &&
> > > + !smap_get_bool(&route->out_port->nbrp->options,
> > > + "redistribute-nat", false)) {
> > > + continue;
> > > + }
> >
> > For the ROUTE_SOURCE_NAT you could probably also set tracked_port if
> > you
> > want. You would however need to find the LSP that the NAT points to.
> > This would allow you to have different priorities on the advertised
> > routes depending on locality.
>
> Yeah, as you discussed in the other thread with fnordahl, getting the
> backing LSP might be tricky since there may be none at the time of
> LB/NAT rule creation. but I'm looking into it.
>
> >
> > > + if (route->source == ROUTE_SOURCE_LB &&
> > > + !smap_get_bool(&route->out_port->nbrp->options,
> > > + "redistribute-lb-vips", false)) {
> > > + continue;
> > > + }
> > >
> > > char *ip_prefix = normalize_v46_prefix(&route->prefix,
> > > route->plen);
> > > +
> > > ar_sync_to_sb(ovnsb_txn, &sync_routes,
> > > route->od->sb,
> > > route->out_port->sb,
> > > diff --git a/northd/inc-proc-northd.c b/northd/inc-proc-northd.c
> > > index ab500a86a..36e1d9993 100644
> > > --- a/northd/inc-proc-northd.c
> > > +++ b/northd/inc-proc-northd.c
> > > @@ -262,6 +262,10 @@ void inc_proc_northd_init(struct
> > > ovsdb_idl_loop *nb,
> > > engine_add_input(&en_routes, &en_bfd, NULL);
> > > engine_add_input(&en_routes, &en_northd,
> > > routes_northd_change_handler);
> > > + engine_add_input(&en_routes, &en_lr_nat,
> > > + NULL);
> > > + engine_add_input(&en_routes, &en_lb_data,
> > > + NULL);
> > >
> > > engine_add_input(&en_bfd_sync, &en_bfd, NULL);
> > > engine_add_input(&en_bfd_sync, &en_nb_bfd, NULL);
> > > diff --git a/northd/northd.c b/northd/northd.c
> > > index 23b0769fe..e86208ef8 100644
> > > --- a/northd/northd.c
> > > +++ b/northd/northd.c
> > > @@ -11435,6 +11435,96 @@ parsed_routes_add_connected(const struct
> > > ovn_datapath *od,
> > > }
> > > }
> > >
> > > +static void
> > > +parsed_routes_add_nat(const struct ovn_datapath *od,
> > > + const struct ovn_port *op,
> > > + struct hmap *routes)
> > > +{
> > > + if (!op->nbrp || !smap_get_bool(&op->nbrp->options,
> > > + "redistribute-nat", false)) {
> > > + return;
> > > + }
> > > +
> > > + size_t n_nats = 0;
> > > + char **nats = NULL;
> > > + nats = get_nat_addresses(op, &n_nats, false, false, NULL,
> > > true);
> > > +
> > > + for (size_t i = 0; i < n_nats; i++) {
> > > + struct lport_addresses *laddrs = xzalloc(sizeof *laddrs);
> > > + int ofs = 0;
> > > + extract_addresses(nats[i], laddrs, &ofs);
> > > + for (int j = 0; j < laddrs->n_ipv4_addrs; j++) {
> > > + struct ipv4_netaddr *addr = &laddrs->ipv4_addrs[j];
> > > + struct in6_addr prefix;
> > > + ip46_parse(addr->network_s, &prefix);
> > > +
> > > + parsed_route_add(od, NULL, &prefix, addr->plen,
> > > + false, addr->addr_s, op,
> > > + 0, false,
> > > + false, NULL, ROUTE_SOURCE_NAT,
> > > + &op->nbrp->header_, routes);
> > > + }
> > > + for (int j = 0; j < laddrs->n_ipv6_addrs; j++) {
> > > + struct ipv6_netaddr *addr = &laddrs->ipv6_addrs[j];
> > > + parsed_route_add(od, NULL, &addr->addr, addr->plen,
> > > + false, addr->addr_s, op,
> > > + 0, false,
> > > + false, NULL, ROUTE_SOURCE_NAT,
> > > + &op->nbrp->header_, routes);
> > > + }
> > > + destroy_lport_addresses(laddrs);
> > > + free(nats[i]);
> > > + }
> > > + free(nats);
> > > +}
> > > +
> > > +static void
> > > +parsed_routes_add_lb(const struct ovn_datapath *od,
> > > + const struct ovn_port *op,
> > > + struct hmap *routes)
> > > +{
> > > + if (!op->nbrp || !smap_get_bool(&op->nbrp->options,
> > > + "redistribute-lb-vips",
> > > false)) {
> > > + return;
> > > + }
> > > +
> > > + for (size_t i = 0; i < od->nbr->n_load_balancer; i++) {
> > > + struct ovn_northd_lb *lb = ovn_northd_lb_create(
> > > + od->nbr-
> > > >load_balancer[i]);
> > > + for (size_t j = 0; j < lb->n_vips; j++) {
> > > + const struct ovn_lb_vip *lb_vip = &lb->vips[j];
> > > + if (find_lport_address(&op->lrp_networks, lb_vip-
> > > >vip_str)) {
> > > + int plen = lb_vip->address_family == AF_INET ? 32
> > > : 128;
> > > + parsed_route_add(od, NULL, &lb_vip->vip, plen,
> > > + false, lb_vip->vip_str, op,
> > > + 0, false,
> > > + false, NULL, ROUTE_SOURCE_LB,
> > > + &op->nbrp->header_, routes);
> > > + }
> > > + }
> > > + }
> > > +
> > > + for (size_t i = 0; i < od->nbr->n_load_balancer_group; i++) {
> > > + struct nbrec_load_balancer_group *lb_group =
> > > + od->nbr->load_balancer_group[i];
> > > + for (size_t j = 0; j < lb_group->n_load_balancer; j++) {
> > > + struct ovn_northd_lb *lb =
> > > + ovn_northd_lb_create(lb_group->load_balancer[j]);
> > > + for (size_t k = 0; k < lb->n_vips; k++) {
> > > + const struct ovn_lb_vip *lb_vip = &lb->vips[k];
> > > + if (find_lport_address(&op->lrp_networks, lb_vip-
> > > >vip_str)) {
> > > + int plen = lb_vip->address_family == AF_INET ?
> > > 32 : 128;
> > > + parsed_route_add(od, NULL, &lb_vip->vip, plen,
> > > + false, lb_vip->vip_str, op,
> > > + 0, false,
> > > + false, NULL, ROUTE_SOURCE_LB,
> > > + &op->nbrp->header_, routes);
> > > + }
> > > + }
> > > + }
> > > + }
> > > +}
> > > +
> > > void
> > > build_parsed_routes(const struct ovn_datapath *od, const struct
> > > hmap *lr_ports,
> > > const struct hmap *bfd_connections, struct
> > > hmap *routes,
> > > @@ -11457,6 +11547,8 @@ build_parsed_routes(const struct
> > > ovn_datapath *od, const struct hmap *lr_ports,
> > > const struct ovn_port *op;
> > > HMAP_FOR_EACH (op, dp_node, &od->ports) {
> > > parsed_routes_add_connected(od, op, routes);
> > > + parsed_routes_add_nat(od, op, routes);
> > > + parsed_routes_add_lb(od, op, routes);
> >
> > If i get this correctly then this results in two things:
> > 1. We write the routes you added here to Advertised_Route
> > 2. We install these routes as logical flows in the LR datapath
> >
> > I am unsure if the second one is intended and i am not sure if it
> > would
> > result in any behaviour change. But at least i would expect
> > additional
> > lflows for a logical router affected by this.
> >
> > If you just wanted to have the first effect you could add a second
> > hmap
> > containing just the routes that should be advertised and not
> > installed.
> >
> > I would use a second hmap instead of filtering later on as that
> > should
> > make the change tracking in the future easer.
> >
> > Thanks a lot,
> > Felix
Hi Martin,
>
> You are right that I didn't intend to install lflows. Do I understand
> correctly that the flows are generated in
> "build_route_flows_for_lrouter"?
Yep
> I'm not sure I understand the suggestion about the second hmap, did you
> mean that a new hmap would be added to the "struct routes_data"?
Yes. Then we would have one hmap of routes that should be announced and
installed. And then a new other hmap of routes that should just be
announced.
However i was also thinking if you could also implement the whole thing
as part of advertised_route_table_sync in en-advertised-route-sync.c.
For each out_port we already have a ROUTE_SOURCE_CONNECTED route entry.
We use this entry already as a trigger to publish host routes if the
respective setting is set.
At the same location we could also publish NAT and LB adresses,
allthough i am not sure if we have all needed information there.
Then you would not need to pass the information around between engine
nodes.
>
> Alternatively, I was thinking, maybe we can just skip ROUTE_SOURCE_NAT
> || ROUTE_SOURCE_LB altogether in the "build_route_flows_for_lrouter"
> function. What do you think?
You could also do that, but for me it feels less clear to read.
But that i just a gut feeling.
Thanks a lot,
Felix
>
> Thanks for the review,
> Martin.
>
> >
> > > }
> > >
> > > HMAP_FOR_EACH_SAFE (pr, key_node, routes) {
> > > @@ -11638,6 +11730,8 @@ route_source_to_offset(enum route_source
> > > source)
> > > {
> > > switch (source) {
> > > case ROUTE_SOURCE_CONNECTED:
> > > + case ROUTE_SOURCE_NAT:
> > > + case ROUTE_SOURCE_LB:
> > > return ROUTE_PRIO_OFFSET_CONNECTED;
> > > case ROUTE_SOURCE_STATIC:
> > > return ROUTE_PRIO_OFFSET_STATIC;
> > > @@ -13915,7 +14009,9 @@ build_route_flows_for_lrouter(
> > > struct parsed_route *route;
> > > HMAP_FOR_EACH_WITH_HASH (route, key_node, uuid_hash(&od->key),
> > > parsed_routes) {
> > > - if (route->source == ROUTE_SOURCE_CONNECTED) {
> > > + if (route->source == ROUTE_SOURCE_CONNECTED ||
> > > + route->source == ROUTE_SOURCE_NAT ||
> > > + route->source == ROUTE_SOURCE_LB) {
> > > unique_routes_add(&unique_routes, route);
> > > continue;
> > > }
> > > diff --git a/northd/northd.h b/northd/northd.h
> > > index 3bc6f6f04..117b7421f 100644
> > > --- a/northd/northd.h
> > > +++ b/northd/northd.h
> > > @@ -702,6 +702,10 @@ enum route_source {
> > > ROUTE_SOURCE_CONNECTED,
> > > /* The route is derived from a northbound static route entry.
> > > */
> > > ROUTE_SOURCE_STATIC,
> > > + /* Host route generated from NAT's external IP. */
> > > + ROUTE_SOURCE_NAT,
> > > + /* Host route generated from LB's external IP. */
> > > + ROUTE_SOURCE_LB,
> > > /* the route is learned by an ovn-controller */
> > > ROUTE_SOURCE_LEARNED,
> > > };
> > > diff --git a/ovn-nb.xml b/ovn-nb.xml
> > > index c5f182f24..417088a3a 100644
> > > --- a/ovn-nb.xml
> > > +++ b/ovn-nb.xml
> > > @@ -2961,6 +2961,10 @@ or
> > > table="Logical_Router_Port"/>
> > > * <ref column="options" key="dynamic-routing-static"
> > > table="Logical_Router_Port"/>
> > > + * <ref column="options" key="redistribute-lb-vips"
> > > + table="Logical_Router_Port"/>
> > > + * <ref column="options" key="redistribute-nat"
> > > + table="Logical_Router_Port"/>
> > > </column>
> > >
> > > <column name="options" key="dynamic-routing-connected"
> > > @@ -3798,6 +3802,33 @@ or
> > > This allows a single chassis to learn different routes
> > > on separate
> > > LRPs bound to this chassis.
> > > </column>
> > > +
> > > + <column name="options" key="redistribute-lb-vips"
> > > + type='{"type": "boolean"}'>
> > > + <p>
> > > + Only relevant if <ref column="options" key="dynamic-
> > > routing"
> > > + table="Logical_Router"/> on the respective
> > > Logical_Router is set
> > > + to <code>true</code>.
> > > +
> > > + If this option is <code>true</code>, northd will create
> > > host route
> > > + entries in the southbound <ref table="Advertised_Route"
> > > + db="OVN_Southbound"/> table, associated with this LRP,
> > > for each LB
> > > + VIP.
> > > + </p>
> > > + </column>
> > > +
> > > + <column name="options" key="redistribute-nat" type='{"type":
> > > "boolean"}'>
> > > + <p>
> > > + Only relevant if <ref column="options" key="dynamic-
> > > routing"
> > > + table="Logical_Router"/> on the respective
> > > Logical_Router is set
> > > + to <code>true</code>.
> > > +
> > > + If this option is <code>true</code>, northd will create
> > > host route
> > > + entries in the southbound <ref table="Advertised_Route"
> > > + db="OVN_Southbound"/> table, for external IP addresses
> > > of NAT rules
> > > + associated with this LRP.
> > > + </p>
> > > + </column>
> > > </group>
> > >
> > > <group title="Attachment">
> > > diff --git a/tests/system-ovn.at b/tests/system-ovn.at
> > > index 9dddfc399..1bcab802f 100644
> > > --- a/tests/system-ovn.at
> > > +++ b/tests/system-ovn.at
> > > @@ -15283,3 +15283,382 @@ OVS_TRAFFIC_VSWITCHD_STOP(["/.*error
> > > receiving.*/d
> > > AT_CLEANUP
> > > ])
> > >
> > > +OVN_FOR_EACH_NORTHD([
> > > +AT_SETUP([route-exchange for LB VIPs with gateway router IPv4])
> > > +AT_KEYWORDS([route-exchange])
> > > +
> > > +CHECK_VRF()
> > > +CHECK_CONNTRACK()
> > > +CHECK_CONNTRACK_NAT()
> > > +ovn_start
> > > +OVS_TRAFFIC_VSWITCHD_START()
> > > +ADD_BR([br-int])
> > > +ADD_BR([br-ext], [set Bridge br-ext fail-mode=standalone])
> > > +
> > > +# Set external-ids in br-int needed for ovn-controller
> > > +ovs-vsctl \
> > > + -- set Open_vSwitch . external-ids:system-id=hv1 \
> > > + -- set Open_vSwitch . external-ids:ovn-
> > > remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1
> > > \
> > > + -- set bridge br-int fail-mode=secure other-
> > > config:disable-in-band=true
> > > +
> > > +# Start ovn-controller
> > > +start_daemon ovn-controller
> > > +
> > > +ovn-appctl vlog/set route_exchange
> > > +check ovn-nbctl -- lr-add R1 \
> > > + -- set Logical_Router R1 options:requested-tnl-
> > > key=1000 options:dynamic-routing=true
> > > +
> > > +check ovn-nbctl ls-add sw0
> > > +check ovn-nbctl ls-add public
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1000:.*UP], [1])
> > > +
> > > +check ovn-nbctl lrp-add R1 rp-sw0 00:00:01:01:02:03 192.168.1.1/24
> > > +check ovn-nbctl -- lrp-add R1 rp-public 00:00:02:01:02:03
> > > 172.16.1.1/24 \
> > > + -- lrp-set-options rp-public \
> > > + maintain-vrf=true \
> > > + redistribute-lb-vips=true
> > > +
> > > +check ovn-nbctl set logical_router R1 options:chassis=hv1
> > > +
> > > +check ovn-nbctl lsp-add sw0 sw0-rp -- set Logical_Switch_Port sw0-
> > > rp \
> > > + type=router options:router-port=rp-sw0 \
> > > + -- lsp-set-addresses sw0-rp router
> > > +
> > > +check ovn-nbctl lsp-add public public-rp -- set
> > > Logical_Switch_Port public-rp \
> > > + type=router options:router-port=rp-public \
> > > + -- lsp-set-addresses public-rp router
> > > +
> > > +check ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-
> > > mappings=phynet:br-ext
> > > +
> > > +check ovn-nbctl lsp-add public public1 \
> > > + -- lsp-set-addresses public1 unknown \
> > > + -- lsp-set-type public1 localnet \
> > > + -- lsp-set-options public1 network_name=phynet
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([test `ip route show table 1000 | wc -l` -eq 1], [1])
> > > +
> > > +
> > > +# Create a load balancer and associate to R1
> > > +check ovn-nbctl lb-add lb1 172.16.1.150:80 172.16.1.100:80
> > > +check ovn-nbctl lr-lb-add R1 lb1
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1000:.*UP])
> > > +AT_CHECK([test `ip route show table 1000 | wc -l` -eq 1])
> > > +AT_CHECK([ip route show table 1000 | grep -q 172.16.1.150])
> > > +
> > > +OVS_APP_EXIT_AND_WAIT([ovn-controller])
> > > +
> > > +# Ensure system resources are cleaned up
> > > +AT_CHECK([ip link | grep -q ovnvrf1000:.*UP], [1])
> > > +AT_CHECK([test `ip route show table 1000 | wc -l` -eq 1], [1])
> > > +
> > > +as ovn-sb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as ovn-nb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as northd
> > > +OVS_APP_EXIT_AND_WAIT([ovn-northd])
> > > +
> > > +as
> > > +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
> > > +/Failed to acquire.*/d
> > > +/connection dropped.*/d"])
> > > +AT_CLEANUP
> > > +])
> > > +
> > > +OVN_FOR_EACH_NORTHD([
> > > +AT_SETUP([route-exchange for LB VIPs with gateway router IPv6])
> > > +AT_KEYWORDS([route-exchange])
> > > +
> > > +CHECK_VRF()
> > > +CHECK_CONNTRACK()
> > > +CHECK_CONNTRACK_NAT()
> > > +ovn_start
> > > +OVS_TRAFFIC_VSWITCHD_START()
> > > +ADD_BR([br-int])
> > > +ADD_BR([br-ext], [set Bridge br-ext fail-mode=standalone])
> > > +
> > > +# Set external-ids in br-int needed for ovn-controller
> > > +ovs-vsctl \
> > > + -- set Open_vSwitch . external-ids:system-id=hv1 \
> > > + -- set Open_vSwitch . external-ids:ovn-
> > > remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1
> > > \
> > > + -- set bridge br-int fail-mode=secure other-
> > > config:disable-in-band=true
> > > +
> > > +# Start ovn-controller
> > > +start_daemon ovn-controller
> > > +
> > > +ovn-appctl vlog/set route_exchange
> > > +check ovn-nbctl -- lr-add R1 \
> > > + -- set Logical_Router R1 options:requested-tnl-
> > > key=1001 options:dynamic-routing=true
> > > +
> > > +check ovn-nbctl ls-add sw0
> > > +check ovn-nbctl ls-add public
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1001:.*UP], [1])
> > > +
> > > +check ovn-nbctl lrp-add R1 rp-sw0 00:00:01:01:02:03
> > > 2001:db8:100::1/64
> > > +check ovn-nbctl -- lrp-add R1 rp-public 00:00:02:01:02:03
> > > 2001:db8:1001::1/64 \
> > > + -- lrp-set-options rp-public \
> > > + maintain-vrf=true \
> > > + redistribute-lb-vips=true
> > > +
> > > +check ovn-nbctl set logical_router R1 options:chassis=hv1
> > > +
> > > +check ovn-nbctl lsp-add sw0 sw0-rp -- set Logical_Switch_Port sw0-
> > > rp \
> > > + type=router options:router-port=rp-sw0 \
> > > + -- lsp-set-addresses sw0-rp router
> > > +
> > > +check ovn-nbctl lsp-add public public-rp -- set
> > > Logical_Switch_Port public-rp \
> > > + type=router options:router-port=rp-public \
> > > + -- lsp-set-addresses public-rp router
> > > +
> > > +check ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-
> > > mappings=phynet:br-ext
> > > +
> > > +check ovn-nbctl lsp-add public public1 \
> > > + -- lsp-set-addresses public1 unknown \
> > > + -- lsp-set-type public1 localnet \
> > > + -- lsp-set-options public1 network_name=phynet
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([test `ip -6 route show table 1001 | wc -l` -eq 1], [1])
> > > +
> > > +# Create a load balancer and associate to R1
> > > +check ovn-nbctl lb-add lb1 [[2001:db8:1001::150]]:80
> > > [[2001:db8:1001::100]]:80
> > > +check ovn-nbctl lr-lb-add R1 lb1
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1001:.*UP])
> > > +AT_CHECK([test `ip -6 route show table 1001 | wc -l` -eq 1])
> > > +AT_CHECK([ip -6 route show table 1001 | grep -q
> > > 2001:db8:1001::150])
> > > +
> > > +
> > > +OVS_APP_EXIT_AND_WAIT([ovn-controller])
> > > +
> > > +# Ensure system resources are cleaned up
> > > +AT_CHECK([ip link | grep -q ovnvrf1001:.*UP], [1])
> > > +AT_CHECK([test `ip -6 route show table 1001 | wc -l` -eq 1], [1])
> > > +
> > > +as ovn-sb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as ovn-nb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as northd
> > > +OVS_APP_EXIT_AND_WAIT([ovn-northd])
> > > +
> > > +as
> > > +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
> > > +/Failed to acquire.*/d
> > > +/connection dropped.*/d"])
> > > +AT_CLEANUP
> > > +])
> > > +
> > > +OVN_FOR_EACH_NORTHD([
> > > +AT_SETUP([route-exchange for DNAT and DNAT_AND_SNAT with gateway
> > > router IPv4])
> > > +AT_KEYWORDS([route-exchange])
> > > +
> > > +CHECK_VRF()
> > > +CHECK_CONNTRACK()
> > > +CHECK_CONNTRACK_NAT()
> > > +ovn_start
> > > +OVS_TRAFFIC_VSWITCHD_START()
> > > +ADD_BR([br-int])
> > > +ADD_BR([br-ext], [set Bridge br-ext fail-mode=standalone])
> > > +
> > > +# Set external-ids in br-int needed for ovn-controller
> > > +ovs-vsctl \
> > > + -- set Open_vSwitch . external-ids:system-id=hv1 \
> > > + -- set Open_vSwitch . external-ids:ovn-
> > > remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1
> > > \
> > > + -- set bridge br-int fail-mode=secure other-
> > > config:disable-in-band=true
> > > +
> > > +# Start ovn-controller
> > > +start_daemon ovn-controller
> > > +
> > > +ovn-appctl vlog/set route_exchange
> > > +check ovn-nbctl -- lr-add R1 \
> > > + -- set Logical_Router R1 options:requested-tnl-
> > > key=1002 options:dynamic-routing=true
> > > +
> > > +check ovn-nbctl ls-add sw0
> > > +check ovn-nbctl ls-add public
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1002:.*UP], [1])
> > > +
> > > +check ovn-nbctl lrp-add R1 rp-sw0 00:00:01:01:02:03 192.168.1.1/24
> > > +check ovn-nbctl -- lrp-add R1 rp-public 00:00:02:01:02:03
> > > 172.16.1.1/24 \
> > > + -- lrp-set-options rp-public \
> > > + maintain-vrf=true \
> > > + redistribute-nat=true
> > > +
> > > +check ovn-nbctl set logical_router R1 options:chassis=hv1
> > > +
> > > +check ovn-nbctl lsp-add sw0 sw0-rp -- set Logical_Switch_Port sw0-
> > > rp \
> > > + type=router options:router-port=rp-sw0 \
> > > + -- lsp-set-addresses sw0-rp router
> > > +
> > > +check ovn-nbctl lsp-add public public-rp -- set
> > > Logical_Switch_Port public-rp \
> > > + type=router options:router-port=rp-public \
> > > + -- lsp-set-addresses public-rp router
> > > +
> > > +check ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-
> > > mappings=phynet:br-ext
> > > +
> > > +check ovn-nbctl lsp-add public public1 \
> > > + -- lsp-set-addresses public1 unknown \
> > > + -- lsp-set-type public1 localnet \
> > > + -- lsp-set-options public1 network_name=phynet
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([test `ip route show table 1002 | wc -l` -eq 2], [1])
> > > +
> > > +# Create dnat_and_snat, dnat rules in R1
> > > +check ovn-nbctl lr-nat-add R1 dnat_and_snat 172.16.1.10
> > > 192.168.1.10
> > > +check ovn-nbctl lr-nat-add R1 dnat 172.16.1.11 192.168.1.11
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1002:.*UP])
> > > +AT_CHECK([test `ip route show table 1002 | wc -l` -eq 2])
> > > +AT_CHECK([ip route show table 1002 | grep -q 172.16.1.10])
> > > +AT_CHECK([ip route show table 1002 | grep -q 172.16.1.11])
> > > +
> > > +
> > > +OVS_APP_EXIT_AND_WAIT([ovn-controller])
> > > +
> > > +# Ensure system resources are cleaned up
> > > +AT_CHECK([ip link | grep -q ovnvrf1000:.*UP], [1])
> > > +AT_CHECK([test `ip route show table 1002 | wc -l` -eq 1], [1])
> > > +
> > > +as ovn-sb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as ovn-nb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as northd
> > > +OVS_APP_EXIT_AND_WAIT([ovn-northd])
> > > +
> > > +as
> > > +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
> > > +/Failed to acquire.*/d
> > > +/connection dropped.*/d"])
> > > +AT_CLEANUP
> > > +])
> > > +
> > > +OVN_FOR_EACH_NORTHD([
> > > +AT_SETUP([route-exchange for DNAT and DNAT_AND_SNAT with gateway
> > > router IPv6])
> > > +AT_KEYWORDS([route-exchange])
> > > +
> > > +CHECK_VRF()
> > > +CHECK_CONNTRACK()
> > > +CHECK_CONNTRACK_NAT()
> > > +ovn_start
> > > +OVS_TRAFFIC_VSWITCHD_START()
> > > +ADD_BR([br-int])
> > > +ADD_BR([br-ext], [set Bridge br-ext fail-mode=standalone])
> > > +
> > > +# Set external-ids in br-int needed for ovn-controller
> > > +ovs-vsctl \
> > > + -- set Open_vSwitch . external-ids:system-id=hv1 \
> > > + -- set Open_vSwitch . external-ids:ovn-
> > > remote=unix:$ovs_base/ovn-sb/ovn-sb.sock \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-type=geneve \
> > > + -- set Open_vSwitch . external-ids:ovn-encap-ip=169.0.0.1
> > > \
> > > + -- set bridge br-int fail-mode=secure other-
> > > config:disable-in-band=true
> > > +
> > > +# Start ovn-controller
> > > +start_daemon ovn-controller
> > > +
> > > +ovn-appctl vlog/set route_exchange
> > > +check ovn-nbctl -- lr-add R1 \
> > > + -- set Logical_Router R1 options:requested-tnl-
> > > key=1003 options:dynamic-routing=true
> > > +
> > > +check ovn-nbctl ls-add sw0
> > > +check ovn-nbctl ls-add public
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1003:.*UP], [1])
> > > +
> > > +check ovn-nbctl lrp-add R1 rp-sw0 00:00:01:01:02:03
> > > 2001:db8:100::1/64
> > > +check ovn-nbctl -- lrp-add R1 rp-public 00:00:02:01:02:03
> > > 2001:db8:1003::1/64 \
> > > + -- lrp-set-options rp-public \
> > > + maintain-vrf=true \
> > > + redistribute-nat=true
> > > +
> > > +check ovn-nbctl set logical_router R1 options:chassis=hv1
> > > +
> > > +check ovn-nbctl lsp-add sw0 sw0-rp -- set Logical_Switch_Port sw0-
> > > rp \
> > > + type=router options:router-port=rp-sw0 \
> > > + -- lsp-set-addresses sw0-rp router
> > > +
> > > +check ovn-nbctl lsp-add public public-rp -- set
> > > Logical_Switch_Port public-rp \
> > > + type=router options:router-port=rp-public \
> > > + -- lsp-set-addresses public-rp router
> > > +
> > > +check ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-
> > > mappings=phynet:br-ext
> > > +
> > > +check ovn-nbctl lsp-add public public1 \
> > > + -- lsp-set-addresses public1 unknown \
> > > + -- lsp-set-type public1 localnet \
> > > + -- lsp-set-options public1 network_name=phynet
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([test `ip -6 route show table 1003 | wc -l` -eq 2], [1])
> > > +
> > > +# Create dnat_and_snat, dnat rules in R1
> > > +check ovn-nbctl lr-nat-add R1 \
> > > + dnat_and_snat 2001:db8:1003::150 2001:db8:100::100
> > > +check ovn-nbctl lr-nat-add R1 \
> > > + dnat 2001:db8:1003::151 2001:db8:100::100
> > > +
> > > +check ovn-nbctl --wait=hv sync
> > > +
> > > +AT_CHECK([ip link | grep -q ovnvrf1003:.*UP])
> > > +AT_CHECK([test `ip -6 route show table 1003 | wc -l` -eq 2])
> > > +AT_CHECK([ip -6 route show table 1003 | grep -q
> > > 2001:db8:1003::150])
> > > +AT_CHECK([ip -6 route show table 1003 | grep -q
> > > 2001:db8:1003::151])
> > > +
> > > +OVS_APP_EXIT_AND_WAIT([ovn-controller])
> > > +
> > > +# Ensure system resources are cleaned up
> > > +AT_CHECK([ip link | grep -q ovnvrf1003:.*UP], [1])
> > > +AT_CHECK([test `ip -6 route show table 1003 | wc -l` -eq 2], [1])
> > > +
> > > +as ovn-sb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as ovn-nb
> > > +OVS_APP_EXIT_AND_WAIT([ovsdb-server])
> > > +
> > > +as northd
> > > +OVS_APP_EXIT_AND_WAIT([ovn-northd])
> > > +
> > > +as
> > > +OVS_TRAFFIC_VSWITCHD_STOP(["/failed to query port patch-.*/d
> > > +/Failed to acquire.*/d
> > > +/connection dropped.*/d"])
> > > +AT_CLEANUP
> > > +])
> > > +
> > > --
> > > 2.43.0
> > >
> > > _______________________________________________
> > > dev mailing list
> > > [email protected]
> > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
> _______________________________________________
> dev mailing list
> [email protected]
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
