> HI Lorenzo, Hi Jacob,
> > This looks good but could you add a check for the new flows in the tests/ > northd.at "Routing protocol control plane redirect". if you add an entry to > the BFD table you should be able to check if the flow with the new action > is generated sure, I will do in v2. Regards, Lorenzo > > Jacob > > On Mon, Sep 29, 2025 at 8:45 AM Lorenzo Bianconi via dev < > [email protected]> wrote: > > > If OVN creates static routes with bfd option, we should keep forwarding > > BFD packets to router ingress pipeline. > > > > Fixes: 370527673c2b ("northd: Routing protocol port redirection.") > > Signed-off-by: Lorenzo Bianconi <[email protected]> > > --- > > northd/northd.c | 32 +++++++++++++++++++++++--------- > > tests/system-ovn.at | 5 +++++ > > 2 files changed, 28 insertions(+), 9 deletions(-) > > > > diff --git a/northd/northd.c b/northd/northd.c > > index b49c6d693..8cfc6f34e 100644 > > --- a/northd/northd.c > > +++ b/northd/northd.c > > @@ -14545,11 +14545,19 @@ build_routing_protocols_redirect_rule__( > > const char *s_addr, const char *redirect_port_name, int > > protocol_port, > > const char *proto, bool is_ipv6, struct ovn_port *ls_peer, > > struct lflow_table *lflows, struct ds *match, struct ds *actions, > > - struct lflow_ref *lflow_ref) > > + struct lflow_ref *lflow_ref, bool clone) > > { > > int ip_ver = is_ipv6 ? 6 : 4; > > ds_clear(actions); > > - ds_put_format(actions, "outport = \"%s\"; output;", > > redirect_port_name); > > + if (clone) { > > + ds_put_format(actions, > > + "clone { outport = \"%s\"; output; }; " > > + "outport = %s; output;", > > + redirect_port_name, ls_peer->json_key); > > + } else { > > + ds_put_format(actions, "outport = \"%s\"; output;", > > + redirect_port_name); > > + } > > > > /* Redirect packets in the input pipeline destined for LR's IP > > * and the routing protocol's port to the LSP specified in > > @@ -14577,20 +14585,21 @@ static void > > apply_routing_protocols_redirect__( > > const char *s_addr, const char *redirect_port_name, int > > protocol_flags, > > bool is_ipv6, struct ovn_port *ls_peer, struct lflow_table > > *lflows, > > - struct ds *match, struct ds *actions, struct lflow_ref *lflow_ref) > > + struct ds *match, struct ds *actions, struct lflow_ref *lflow_ref, > > + bool clone_bfd_traffic) > > { > > if (protocol_flags & REDIRECT_BGP) { > > build_routing_protocols_redirect_rule__(s_addr, > > redirect_port_name, > > 179, "tcp", is_ipv6, > > ls_peer, > > lflows, match, actions, > > - lflow_ref); > > + lflow_ref, false); > > } > > > > if (protocol_flags & REDIRECT_BFD) { > > build_routing_protocols_redirect_rule__(s_addr, > > redirect_port_name, > > 3784, "udp", is_ipv6, > > ls_peer, > > lflows, match, actions, > > - lflow_ref); > > + lflow_ref, > > clone_bfd_traffic); > > } > > > > /* Because the redirected port shares IP and MAC addresses with the > > LRP, > > @@ -14658,7 +14667,7 @@ static void > > build_lrouter_routing_protocol_redirect( > > struct ovn_port *op, struct lflow_table *lflows, struct ds *match, > > struct ds *actions, struct lflow_ref *lflow_ref, > > - const struct hmap *ls_ports) > > + const struct hmap *ls_ports, const struct sset *bfd_ports) > > { > > /* LRP has to have a peer.*/ > > if (!op->peer) { > > @@ -14714,6 +14723,11 @@ build_lrouter_routing_protocol_redirect( > > return; > > } > > > > + /* If BFD support is enabled in OVN we need to forward it to router > > + * pipeline. > > + */ > > + bool clone_bfd_traffic = (redirected_protocols & REDIRECT_BFD) && > > + bfd_is_port_running(bfd_ports, op->key); > > /* Redirect traffic destined for LRP's IPs and the specified routing > > * protocol ports to the port defined in 'routing-protocol-redirect' > > * option.*/ > > @@ -14722,14 +14736,14 @@ build_lrouter_routing_protocol_redirect( > > apply_routing_protocols_redirect__(ip_s, redirect_port_name, > > redirected_protocols, false, > > op->peer, lflows, match, > > actions, > > - lflow_ref); > > + lflow_ref, clone_bfd_traffic); > > } > > for (size_t i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) { > > const char *ip_s = op->lrp_networks.ipv6_addrs[i].addr_s; > > apply_routing_protocols_redirect__(ip_s, redirect_port_name, > > redirected_protocols, true, > > op->peer, lflows, match, > > actions, > > - lflow_ref); > > + lflow_ref, clone_bfd_traffic); > > } > > > > /* Drop ARP replies and IPv6 RA/NA packets originating from > > @@ -17956,7 +17970,7 @@ build_lswitch_and_lrouter_iterate_by_lrp(struct > > ovn_port *op, > > &lsi->actions, > > op->lflow_ref); > > build_lrouter_routing_protocol_redirect(op, lsi->lflows, &lsi->match, > > &lsi->actions, op->lflow_ref, > > - lsi->ls_ports); > > + lsi->ls_ports, > > lsi->bfd_ports); > > } > > > > static void * > > diff --git a/tests/system-ovn.at b/tests/system-ovn.at > > index 14fb86553..2e4d88738 100644 > > --- a/tests/system-ovn.at > > +++ b/tests/system-ovn.at > > @@ -7360,6 +7360,11 @@ check ovn-nbctl set logical_router R1 > > options:chassis=hv1 > > check ovn-nbctl set logical_router R1 options:dynamic-routing=true > > check ovn-nbctl set Logical_Router_Port rp-public > > options:dynamic-routing-redistribute="connected,static" > > check ovn-nbctl set logical_router_static_route $route_uuid bfd=$uuid > > +# set option that redirects BGP and BFD traffic to a LSP "bgp-daemon". > > +# OVN should continue to keep BFD static route state. > > +check ovn-nbctl lsp-add public bgp-daemon -- lsp-set-addresses bgp-daemon > > unknown > > +check ovn-nbctl --wait=sb set logical_router_port rp-public > > options:routing-protocol-redirect=bgp-daemon > > +check ovn-nbctl --wait=sb set logical_router_port rp-public > > options:routing-protocols=BGP,BFD > > > > # restart bfdd > > NETNS_DAEMONIZE([server], [bfdd-beacon --nofork --tee > > --listen=172.16.1.50 >beacon.stdout 2>&1], [beacon.pid]) > > -- > > 2.51.0 > > > > _______________________________________________ > > dev mailing list > > [email protected] > > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > > >
_______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
