From: Eli Britstein <[email protected]> Upon tunnel output failure, due to routing failure for example, add an explicit drop action, so it will appear in the dp-flows for better visibility for that case.
Signed-off-by: Eli Britstein <[email protected]> Reviewed-by: Roi Dayan <[email protected]> --- ofproto/ofproto-dpif-xlate.c | 27 +++++++++++++++++++++++---- 1 file changed, 23 insertions(+), 4 deletions(-) diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index eeb1853efd29..40ddd426e6f6 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -461,6 +461,10 @@ const char *xlate_strerror(enum xlate_error error) return "Unknown error"; } +static void put_drop_action(struct ofproto_dpif *ofproto, + struct ofpbuf *odp_actions, + enum xlate_error error, + bool is_last_action); static void xlate_action_set(struct xlate_ctx *ctx); static void xlate_commit_actions(struct xlate_ctx *ctx); @@ -3895,6 +3899,8 @@ native_tunnel_output(struct xlate_ctx *ctx, const struct xport *xport, err = tnl_route_lookup_flow(ctx, flow, &d_ip6, &s_ip6, &out_dev); if (err) { + put_drop_action(ctx->xbridge->ofproto, ctx->odp_actions, + XLATE_INVALID_TUNNEL_METADATA, is_last_action); xlate_report(ctx, OFT_WARN, "native tunnel routing failed"); return err; } @@ -3906,6 +3912,8 @@ native_tunnel_output(struct xlate_ctx *ctx, const struct xport *xport, /* Use mac addr of bridge port of the peer. */ err = netdev_get_etheraddr(out_dev->netdev, &smac); if (err) { + put_drop_action(ctx->xbridge->ofproto, ctx->odp_actions, + XLATE_INVALID_TUNNEL_METADATA, is_last_action); xlate_report(ctx, OFT_WARN, "tunnel output device lacks Ethernet address"); return err; @@ -3920,6 +3928,8 @@ native_tunnel_output(struct xlate_ctx *ctx, const struct xport *xport, if (err) { struct in6_addr nh_s_ip6 = in6addr_any; + put_drop_action(ctx->xbridge->ofproto, ctx->odp_actions, + XLATE_INVALID_TUNNEL_METADATA, is_last_action); xlate_report(ctx, OFT_DETAIL, "neighbor cache miss for %s on bridge %s, " "sending %s request", @@ -6501,13 +6511,21 @@ put_ct_label(const struct flow *flow, struct ofpbuf *odp_actions, static void put_drop_action(struct ofproto_dpif *ofproto, struct ofpbuf *odp_actions, - enum xlate_error error) + enum xlate_error error, bool is_last_action) { + size_t offset; + if (!ovs_explicit_drop_action_supported(ofproto)) { return; } + if (!is_last_action) { + offset = nl_msg_start_nested(odp_actions, OVS_ACTION_ATTR_CLONE); + } nl_msg_put_u32(odp_actions, OVS_ACTION_ATTR_DROP, error); + if (!is_last_action) { + nl_msg_end_nested(odp_actions, offset); + } } static void @@ -8134,7 +8152,7 @@ xlate_tweak_odp_actions(struct xlate_ctx *ctx) } if (!last_action) { - put_drop_action(ctx->xbridge->ofproto, actions, XLATE_OK); + put_drop_action(ctx->xbridge->ofproto, actions, XLATE_OK, true); return; } @@ -8167,7 +8185,7 @@ xlate_tweak_odp_actions(struct xlate_ctx *ctx) last_observe_offset != UINT32_MAX && (unsigned char *) last_action == (unsigned char *) actions->data + last_observe_offset) { - put_drop_action(ctx->xbridge->ofproto, actions, XLATE_OK); + put_drop_action(ctx->xbridge->ofproto, actions, XLATE_OK, true); } } @@ -8615,7 +8633,8 @@ exit: if (xin->odp_actions) { ofpbuf_clear(xin->odp_actions); /* Make the drop explicit if the datapath supports it. */ - put_drop_action(ctx.xbridge->ofproto, xin->odp_actions, ctx.error); + put_drop_action(ctx.xbridge->ofproto, xin->odp_actions, ctx.error, + true); } } else { /* In the non-error case, see if we can further optimize or tweak -- 2.21.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
