ddlog implementation
v2: re-inject RARP packet after vswitch updates flows
v3: re-sent as a single series
v4: redesign to reuse requested-chassis option
v4: support >2 chassis per port
v4: allow to disable tunneling enforcement when n_chassis >= 2
Ihar Hrachyshka (15):
Introduce chassis_is_v
rom the port.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 74 +++
controller/pinctrl.c | 161 +-
controller/pinctrl.h | 2 +
include/ovn/actions.h | 9 +++
lib/actions.c | 40 ++-
northd/northd.c
t the moment of the final port binding location change.
The patch mimics behavior of requested-chassis. Corresponding database
fields (pb->additional_chassis, pb->requested_additional_chassis,
pb->additional_encap) are introduced as part of the patch.
Signed-off-by: Ihar Hrachyshka
-
It takes some time for vswitchd to remove the blocking flows, so we need
to wait for the flow_mod message handled before reinjecting the received
RARP packet into the pipeline.
Use a barrier to indicate the message processed by vswitchd.
Signed-off-by: Ihar Hrachyshka
---
controller/pinctrl.c
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
ional chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c
A next patch may need to clone packets to another chassis as part of
"port migration" procedure, but only if they haven't originated at
another chassis. This LOCAL_ONLY tag will enforce the requirement.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 1 +
1 file chang
In a future patch, there will be a scenario where the same port has
attachments at multiple (specifically, 2) chassis, so make sure that
'up' property is updated by the main chassis only.
Signed-off-by: Ihar Hrachyshka
---
controller/binding.c| 10 +++---
controller
Right now consider_port_binding first extracts *a* tunnel for a
chassis, then later in put_remote_port_redirect_overlay it fetches
*the* proper tunnel before configuring encapsulation.
Instead of doing it in two steps, just extract the proper tunnel info
earlier.
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 50 ---
1 file changed, 19 insertions(+), 31 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index e0afd83ab..dea7dc1c2 100644
--- a/controller/physical.c
+++ b/controller
This helper prepares a 'match' struct to match against a datapath and
a port key. All existing spots in the file that use such a 'match'
struct were updated. It will also be reused later.
Signed-off-by: Ihar Hrachyshka
---
contro
The ovn_port_update_sbrec function became too long, and the next
patches will touch the code to update chassis mapping for ports. This
patch prepares for the next step.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 62 -
1 file changed, 36
Next patches will need the same functionality while passing a
different chassis / encap configuration that is not the primary for a
port binding.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/controller
This function will be reused later.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/northd/northd.c b/northd/northd.c
index fc7a64f99..0f694cb2d 100644
--- a/northd/northd.c
+++ b/northd/northd.c
This tiny helper will be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index 6bfa2304d..3a7fbfb21 100644
--- a/controller/physical.c
+++ b
) while waiting on the desired packets to arrive.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 5d587dde2..bbba41af4 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -52,6 +52,17
the diff between them in this situation.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 957eb7850..5d587dde2 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -10,7 +10,19
This version of the series is complete. It contains the previously
missing ddlog implementation; also RARP that is used for additional
chassis activation is now reinjected into the pipeline after blocking
flows are deleted by vswitchd.
Ihar Hrachyshka (16):
tests: log more info on
rom the port.
Signed-off-by: Ihar Hrachyshka
---
v2: support ddlog
---
controller/physical.c | 74 +++
controller/pinctrl.c | 161 +-
controller/pinctrl.h | 2 +
include/ovn/actions.h | 9 +++
lib/actions.c | 40 ++-
no
t the moment of the final port binding location change.
The patch mimics behavior of requested-chassis. Corresponding database
fields (pb->additional_chassis, pb->requested_additional_chassis,
pb->additional_encap) are introduced as part of the patch.
Signed-off-by: Ihar Hrachyshka
---
v2: su
It takes some time for vswitchd to remove the blocking flows, so we need
to wait for the flow_mod message handled before reinjecting the received
RARP packet into the pipeline.
Use a barrier to indicate the message processed by vswitchd.
Signed-off-by: Ihar Hrachyshka
---
controller/pinctrl.c
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
ional chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c
the port.
Ihar Hrachyshka (5):
Introduce LSP:options:requested-additional-chassis
Clone packets to both port chassis
Enforce tunneling when additional-chassis is set
Implement RARP activation strategy for ports
Reinject RARP packet when activation-strategy=rarp
controller/binding.c
ional chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c
rom the port.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 74 +++
controller/pinctrl.c | 161 +-
controller/pinctrl.h | 2 +
include/ovn/actions.h | 9 +++
lib/actions.c | 40 ++-
northd/northd.c
t the moment of the final port binding location change.
The patch mimics behavior of requested-chassis. Corresponding database
fields (pb->additional_chassis, pb->requested_additional_chassis,
pb->additional_encap) are introduced as part of the patch.
Signed-off-by: Ihar Hrachyshka
-
In a future patch, there will be a scenario where the same port has
attachments at multiple (specifically, 2) chassis, so make sure that
'up' property is updated by the main chassis only.
Signed-off-by: Ihar Hrachyshka
---
controller/binding.c| 10 +++---
controller
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
Next patches will need the same functionality while passing a
different chassis / encap configuration that is not the primary for a
port binding.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/controller
A next patch may need to clone packets to another chassis as part of
"port migration" procedure, but only if they haven't originated at
another chassis. This LOCAL_ONLY tag will enforce the requirement.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 1 +
1 file chang
This helper prepares a 'match' struct to match against a datapath and
a port key. All existing spots in the file that use such a 'match'
struct were updated. It will also be reused later.
Signed-off-by: Ihar Hrachyshka
---
contro
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 28 +---
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index e0afd83ab..c47b15f3e 100644
--- a/controller/physical.c
+++ b/controller/physical.c
Right now consider_port_binding first extracts *a* tunnel for a
chassis, then later in put_remote_port_redirect_overlay it fetches
*the* proper tunnel before configuring encapsulation.
Instead of doing it in two steps, just extract the proper tunnel info
earlier.
Signed-off-by: Ihar Hrachyshka
The ovn_port_update_sbrec function became too long, and the next
patches will touch the code to update chassis mapping for ports. This
patch prepares for the next step.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 62 -
1 file changed, 36
This function will be reused later.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/northd/northd.c b/northd/northd.c
index fc7a64f99..0f694cb2d 100644
--- a/northd/northd.c
+++ b/northd/northd.c
) while waiting on the desired packets to arrive.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 5d587dde2..bbba41af4 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -52,6 +52,17
This tiny helper will be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index 6bfa2304d..3a7fbfb21 100644
--- a/controller/physical.c
+++ b
the diff between them in this situation.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 957eb7850..5d587dde2 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -10,7 +10,19
in added test scenarios.
The only missing part in the series is ddlog support. All but four last
patches in the series don't need any ddlog modifications and can be
merged if ready.
Ihar Hrachyshka (15):
tests: log more info on OVN_CHECK_PACKETS* failure
tests: don't
send and receive traffic
directed to the port". (moving from migration scenario to port-mirroring
/ activation) If we'd like to have it, the db design (and probably flow
generation code) may require significant adjustment. To simplify
matters, we could model db to allow for >2 chas
't just re-inject
the packet with a continuation pin inside the unblock_migration handler
because there's a lag between delete flow messages queued and applied by
the switch.
TODO: implement ddlog.
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit.
---
controller/bi
It was not the intent to change the range of tunnel keys for vtep
setups. If that happens, we should fix it. Perhaps the range is not
touched but the range validation is activated in vtep case. If so, the
validation should be disabled.
Ihar
On 11/8/21 4:57 PM, Vladislav Odintsov wrote:
Hi,
use
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: fix test case (wrong mac/ip address used)
v3: don't require tcpdump (it's unused in the scenario)
---
controller/ph
use
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: fix test case (wrong mac/ip address used)
---
controller/physical.c | 2 +-
tests/ovn.at | 55
use
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 2 +-
tests/ovn.at | 60 +++
2 files changed, 61 insertions(+), 1 deletion(-)
dif
This is correct, thank you for fixing it.
One comment and one question:
1) While the referred patch that suppressed LOCAL_ONLY traffic exposed
the issue, it was always a bug, though affecting a tiny minority of
scenarios.
For example for PD, one can probably imagine a scenario where PD serve
(The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added but unused macro
are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: fix build (added missing OVN_VXL
(The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added but unused ma
(The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added bu
are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: fix build (added missing OVN_VXL
are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
---
northd/ov
(The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
---
controller-vtep/gateway.c | 2 +
controller/physi
also covers BFD periodic messages and IPv6
prefix delegation.
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: adjusted new flow priority (153 -> 150)
v2: updated ovn-architecture.5
---
controller/physical.c | 11 +++
ovn-architecture.7.xml | 3 +-
tests/ovn.at |
On Tue, Aug 17, 2021 at 2:20 PM Numan Siddique wrote:
>
> On Fri, Aug 13, 2021 at 10:33 AM Frode Nordahl
> wrote:
> >
> > On Sat, Aug 7, 2021 at 12:20 AM Ihar Hrachyshka wrote:
> > >
> > > When a router port is attached to a localnet switch, sending period
also covers BFD periodic messages and IPv6
prefix delegation.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 11 +++
tests/ovn.at | 160 ++
2 files changed, 171 insertions(+)
diff --git a/controller/physical.c b/controller/physical.c
at 6:20 PM Ihar Hrachyshka wrote:
>
> When a router port is attached to a localnet switch, sending periodic
> RAs through localnet port will confuse upstream router by leaking
> conflicting router advertisements into datacenter network.
>
> Signed-off-by: Ihar Hrachyshka
> -
When a router port is attached to a localnet switch, sending periodic
RAs through localnet port will confuse upstream router by leaking
conflicting router advertisements into datacenter network.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 5 +-
tests/ovn.at| 156
affic. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(c
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
---
controller/physical.c
affic. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(c
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
---
v1: initial backport.
v2
affic. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(c
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
Change-Id
org/openstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: set vlan-limit=0 only if it's not no-op
---
controller/ovn-controller.c | 13 ++
tests/ovn.at| 91 +
2 files changed, 104 in
org/openstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: set vlan-limit=0 only if it's not no-op
---
controller/ovn-controller.c | 13 ++
tests/ovn.at| 91 +
2 files changed, 104 in
o
external port")
Signed-off-by: Ihar Hrachyshka
v1: initial version
v2: fix ddlog test failure by waiting on hv to sync
---
tests/ovn.at | 43 ---
1 file changed, 32 insertions(+), 11 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 93e1a
o
external port")
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 42 +++---
1 file changed, 31 insertions(+), 11 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 93e1a0267..9cdf130e9 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -121
59e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddiq
59e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddiq
For the record, there are some integration issues with the backport
that I am working now, please don't merge this version as-is.
Thanks,
Ihar
On Wed, Jul 14, 2021 at 10:07 PM Ihar Hrachyshka wrote:
>
> Recently, we stopped leaking localport traffic through localnet ports
> into f
On Wed, Jul 14, 2021 at 8:07 PM Numan Siddique wrote:
>
> On Wed, Jul 14, 2021 at 4:59 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
m localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 1148580290d0ace803f20aeaa0241dd51c100
On Wed, Jul 14, 2021 at 8:07 PM Numan Siddique wrote:
>
> On Wed, Jul 14, 2021 at 4:59 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
On Wed, Jul 14, 2021 at 11:21 AM Numan Siddique wrote:
>
> On Tue, Jul 13, 2021 at 8:40 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial versi
On Wed, Jul 7, 2021 at 4:16 AM Dumitru Ceara wrote:
>
> On 7/7/21 5:20 AM, Ihar Hrachyshka wrote:
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hosting the
> > same localport.
>
external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial versi
On Tue, Jul 13, 2021 at 1:50 PM Numan Siddique wrote:
>
> On Fri, Jul 2, 2021 at 4:39 PM Ben Pfaff wrote:
> >
> > On Wed, Jun 23, 2021 at 08:35:19PM -0400, Ihar Hrachyshka wrote:
> > > This allows L3+ ACLs to match against double tagged vlan traffic on
&
external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial vers
external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport to
a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
-
On Tue, Jun 29, 2021 at 1:18 PM Ben Pfaff wrote:
>
> On Tue, Jun 29, 2021 at 12:50:54PM -0400, Ihar Hrachyshka wrote:
> > On Tue, Jun 29, 2021 at 12:46 PM Ben Pfaff wrote:
> > >
> > > On Tue, Jun 29, 2021 at 12:24:11PM -0400, Ihar Hrachyshka wrote:
> > > &g
On Tue, Jun 29, 2021 at 12:46 PM Ben Pfaff wrote:
>
> On Tue, Jun 29, 2021 at 12:24:11PM -0400, Ihar Hrachyshka wrote:
> > One, HEAD~, not HEAD, should be used to generate any patches. Two, add
> > "ovn" to the generated mail topic. Third, update branch name to a
>
One, HEAD~, not HEAD, should be used to generate any patches. Two, add
"ovn" to the generated mail topic. Third, update branch name to a
fresh one.
Signed-off-by: Ihar Hrachyshka
---
Documentation/internals/contributing/backporting-patches.rst | 2 +-
1 file changed, 1 insertion(+),
affic. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
---
northd/ovn-northd.8.xml | 6 ++-
northd/ovn-northd.c
On Fri, Jun 25, 2021 at 5:43 AM Krzysztof Klimonda
wrote:
>
> Hi,
>
> Is this a limitation for a number of logical switches and logical ports that
> are part of networks that use vxlan (for example, by utilizing vtep
> interfaces) or for a total number of LSs and LSPs in a deployment?
It's glob
It is supported but with a number of limitations. Specifically, the
number of switches, and ports per switch, is limited to 2^11 when
VXLAN is used in a cluster. This is due to design limitations as
described in e.g.:
https://mail.openvswitch.org/pipermail/ovs-dev/2020-March/369201.html
Ihar
On T
org/openstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
controller/ovn-controller.c | 9
tests/ovn.at| 91 +
2 files changed, 100 insertions(+)
diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c
inde
affic. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 4 ++
northd/ovn_northd.dl | 6 ++-
tests/ovn.at | 96
3 files changed, 104 insertions(
rity order.
This patch documents this behavior and covers it with explicit test
cases.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 1 +
northd/ovn_northd.dl | 1 +
ovn-nb.xml | 7 +
tests/ovn-northd.at | 66 +---
4 files c
On Wed, Jun 2, 2021 at 12:22 AM Han Zhou wrote:
>
>
>
> On Tue, Jun 1, 2021 at 12:28 PM Ihar Hrachyshka wrote:
> >
> > On Thu, May 20, 2021 at 9:55 PM Han Zhou wrote:
> > >
> > >
> > >
> > > On Thu, May 20, 2021 at 3:22 PM Han Zhou wr
orthd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: fixed ddlog rule matching
---
northd/lswitch.dl| 64 +--
northd/ovn-northd.c | 89 ++--
northd/ovn_nort
/stateful rules with overlapping matches.
Signed-off-by: Ihar Hrachyshka
---
ovn-nb.xml | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ovn-nb.xml b/ovn-nb.xml
index 47f25eac1..63fd61c66 100644
--- a/ovn-nb.xml
+++ b/ovn-nb.xml
@@ -1812,7 +1812,12 @@
for
allow, insert an early pipeline rule that
would set DEFRAG bit for the corresponding match and priority.
Fixes: 3187b9fef1 ("ovn-northd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: don't unnecessarily map .has_fair_meter
an early pipeline rule that would set DEFRAG bit
for the corresponding match and priority.
Fixes: 3187b9fef1 ("ovn-northd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: document northd flow change
v2: combine two similar ddlog sta
On Thu, May 20, 2021 at 6:22 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > While we *should not* circumvent conntrack when a stateful ACL of higher
> > priority is present on the switch, we should do so only when
> >
On Thu, May 20, 2021 at 9:55 PM Han Zhou wrote:
>
>
>
> On Thu, May 20, 2021 at 3:22 PM Han Zhou wrote:
> >
> >
> >
> > On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> > >
> > > While we *should not* circumvent conntrack when a s
On Thu, May 20, 2021 at 5:58 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > For each allow-stateless ACL, a rule was added earlier in the pipeline
> > that circumvented setting REGBIT_CONNTRACK_DEFRAG regardless of
>
On Thu, May 20, 2021 at 5:07 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > For each allow-stateless ACL, a rule was added earlier in the pipeline
> > that circumvented setting REGBIT_CONNTRACK_DEFRAG regardless of
> &g
501 - 600 of 753 matches
Mail list logo