[ovs-dev] [PATCH] datapath: backport: vxlan: correctly handle ipv6.disable module parameter
From: Jiri Benc upstream commit: commit d074bf9600443403aa24fbc12c1f18eadc90f5aa Author: Jiri Benc Date: Thu Apr 27 21:24:35 2017 +0200 vxlan: correctly handle ipv6.disable module parameter When IPv6 is compiled but disabled at runtime, __vxlan_sock_add returns -EAFNOSUPPORT. For metadata based tunnels, this causes failure of the whole operation of bringing up the tunnel. Ignore failure of IPv6 socket creation for metadata based tunnels caused by IPv6 not being available. Fixes: b1be00a6c39f ("vxlan: support both IPv4 and IPv6 sockets in a single vxlan device") Signed-off-by: Jiri Benc Signed-off-by: David S. Miller Signed-off-by: Pravin B Shelar --- datapath/linux/compat/vxlan.c | 10 +++--- 1 file changed, 7 insertions(+), 3 deletions(-) diff --git a/datapath/linux/compat/vxlan.c b/datapath/linux/compat/vxlan.c index 186554e..50126ec 100644 --- a/datapath/linux/compat/vxlan.c +++ b/datapath/linux/compat/vxlan.c @@ -1808,17 +1808,21 @@ static int __vxlan_sock_add(struct vxlan_dev *vxlan, bool ipv6) static int vxlan_sock_add(struct vxlan_dev *vxlan) { - bool ipv6 = vxlan->flags & VXLAN_F_IPV6; bool metadata = vxlan->flags & VXLAN_F_COLLECT_METADATA; + bool ipv6 = vxlan->flags & VXLAN_F_IPV6 || metadata; + bool ipv4 = !ipv6 || metadata; int ret = 0; RCU_INIT_POINTER(vxlan->vn4_sock, NULL); #if IS_ENABLED(CONFIG_IPV6) RCU_INIT_POINTER(vxlan->vn6_sock, NULL); - if (ipv6 || metadata) + if (ipv6) { ret = __vxlan_sock_add(vxlan, true); + if (ret < 0 && ret != -EAFNOSUPPORT) + ipv4 = false; + } #endif - if (!ret && (!ipv6 || metadata)) + if (ipv4) ret = __vxlan_sock_add(vxlan, false); if (ret < 0) vxlan_sock_release(vxlan); -- 2.7.4 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] datapath: backport: vxlan: do not output confusing error message
From: Jiri Benc Upstream commit: commit baf4d7860771287f30fbe9b6b2dc18b04361439d Author: Jiri Benc Date: Thu Apr 27 21:24:36 2017 +0200 vxlan: do not output confusing error message The message "Cannot bind port X, err=Y" creates only confusion. In metadata based mode, failure of IPv6 socket creation is okay if IPv6 is disabled and no error message should be printed. But when IPv6 tunnel was requested, such failure is fatal. The vxlan_socket_create does not know when the error is harmless and when it's not. Instead of passing such information down to vxlan_socket_create, remove the message completely. It's not useful. We propagate the error code up to the user space and the port number comes from the user space. There's nothing in the message that the process creating vxlan interface does not know. Signed-off-by: Jiri Benc Signed-off-by: David S. Miller Signed-off-by: Pravin B Shelar --- datapath/linux/compat/vxlan.c | 2 -- 1 file changed, 2 deletions(-) diff --git a/datapath/linux/compat/vxlan.c b/datapath/linux/compat/vxlan.c index 50126ec..d27a5e2 100644 --- a/datapath/linux/compat/vxlan.c +++ b/datapath/linux/compat/vxlan.c @@ -1740,8 +1740,6 @@ static struct vxlan_sock *vxlan_socket_create(struct net *net, bool ipv6, sock = vxlan_create_sock(net, ipv6, port, flags); if (IS_ERR(sock)) { - pr_info("Cannot bind port %d, err=%ld\n", ntohs(port), - PTR_ERR(sock)); kfree(vs); return ERR_CAST(sock); } -- 2.7.4 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH 0/3] Tunnel: add support for packet marking
Following patch series adds support for setting packet mark for tunnel traffic. This allows better integration with linux networking stack. Pravin B Shelar (3): tunnel: Add support to configure ptk_mark routing-table: parse skb-mark from RTNETLINK msg ovs-router: introduce pkt-mark. lib/netdev-vport.c | 12 ++- lib/netdev.h | 1 + lib/ovs-router.c | 192 ++- lib/ovs-router.h | 6 +- lib/route-table.c| 8 +- ofproto/ofproto-dpif-sflow.c | 2 +- ofproto/ofproto-dpif-xlate.c | 2 +- ofproto/tunnel.c | 5 ++ tests/ovs-router.at | 22 + tests/tunnel-push-pop.at | 19 + vswitchd/vswitch.xml | 4 + 11 files changed, 228 insertions(+), 45 deletions(-) -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH 1/3] tunnel: Add support to configure ptk_mark
Today packet mark action is broaken for Tunnel ports with tunnel monitoring. User can write a flow to set pkt-mark for any tunnel packet generated by vswitchd itself, like BFD packets. Following patch introduces new option in OVSDB tunnel configuration so that user can set skb-mark for given tunnel endpoint. OVS would set the mark according to the skb-mark option for all tunnel traffic including packets generated by vSwitchd like tunnel monitoring BFD packet. Signed-off-by: Pravin B Shelar --- lib/netdev-vport.c | 8 lib/netdev.h | 1 + ofproto/tunnel.c | 5 + tests/tunnel-push-pop.at | 16 vswitchd/vswitch.xml | 4 5 files changed, 34 insertions(+) diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 02a246a..25dd0e8 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -505,6 +505,10 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args) } free(str); +} else if (!strcmp(node->key, "egress_pkt_mark")) { +char *ptr = NULL; + +tnl_cfg.egress_pkt_mark = strtoul(node->value, &ptr, 10); } else { VLOG_WARN("%s: unknown %s argument '%s'", name, type, node->key); } @@ -623,6 +627,10 @@ get_tunnel_config(const struct netdev *dev, struct smap *args) smap_add(args, "df_default", "false"); } +if (tnl_cfg.egress_pkt_mark) { +smap_add_format(args, "egress_pkt_mark", +"%"PRIu32, tnl_cfg.egress_pkt_mark); +} return 0; } diff --git a/lib/netdev.h b/lib/netdev.h index a667fe3..5ec1274 100644 --- a/lib/netdev.h +++ b/lib/netdev.h @@ -89,6 +89,7 @@ struct netdev_tunnel_config { struct in6_addr ipv6_dst; uint32_t exts; +uint32_t egress_pkt_mark; uint8_t ttl; bool ttl_inherit; diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c index ce727f4..6205948 100644 --- a/ofproto/tunnel.c +++ b/ofproto/tunnel.c @@ -461,6 +461,11 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow, | (cfg->csum ? FLOW_TNL_F_CSUM : 0) | (cfg->out_key_present ? FLOW_TNL_F_KEY : 0); +if (cfg->egress_pkt_mark) { +flow->pkt_mark = cfg->egress_pkt_mark; +wc->masks.pkt_mark = UINT32_MAX; +} + if (pre_flow_str) { char *post_flow_str = flow_to_string(flow); char *tnl_str = tnl_port_fmt(tnl_port); diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at index 700ef55..4aaa669 100644 --- a/tests/tunnel-push-pop.at +++ b/tests/tunnel-push-pop.at @@ -12,6 +12,8 @@ AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=vxlan \ options:remote_ip=1.1.2.93 options:out_key=flow options:csum=true ofport_request=4\ -- add-port int-br t4 -- set Interface t4 type=geneve \ options:remote_ip=flow options:key=123 ofport_request=5\ +-- add-port int-br t5 -- set Interface t5 type=geneve \ + options:remote_ip=1.1.2.93 options:out_key=flow options:egress_pkt_mark=1234 ofport_request=6\ ], [0]) AT_CHECK([ovs-appctl dpif/show], [0], [dnl @@ -25,6 +27,7 @@ dummy@ovs-dummy: hit:0 missed:0 t2 2/4789: (vxlan: key=123, remote_ip=1.1.2.92) t3 4/4789: (vxlan: csum=true, out_key=flow, remote_ip=1.1.2.93) t4 5/6081: (geneve: key=123, remote_ip=flow) + t5 6/6081: (geneve: egress_pkt_mark=1234, out_key=flow, remote_ip=1.1.2.93) ]) dnl First setup dummy interface IP address, then add the route @@ -91,6 +94,12 @@ AT_CHECK([tail -1 stdout], [0], [Datapath actions: tnl_pop(6081) ]) +dnl Check Geneve tunnel (t6) pop +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x0800),ipv4(src=1.1.2.96,dst=1.1.2.88,proto=17,tos=0,ttl=64,frag=no),udp(src=51283,dst=6081)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: tnl_pop(6081) +]) + dnl Check VXLAN tunnel push AT_CHECK([ovs-ofctl add-flow int-br action=2]) AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout]) @@ -119,6 +128,13 @@ AT_CHECK([tail -1 stdout], [0], [Datapath actions: tnl_push(tnl_port(6081),header(size=50,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x0800),ipv4(src=1.1.2.88,dst=1.1.2.92,proto=17,tos=0,ttl=64,frag=0x4000),udp(src=0,dst=6081,csum=0x0),geneve(vni=0x7b)),out_port(100)) ]) +dnl Check Geneve tunnel push with pkt-mark +AT_CHECK([ovs-ofctl add-flow int-br "actions=set_tunnel:234,6"]) +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112
[ovs-dev] [PATCH 2/3] routing-table: parse skb-mark from RTNETLINK msg
Keep track of skb-mark of given RTNL routing notification. This will be used by next commit. Signed-off-by: Pravin B Shelar --- lib/route-table.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/lib/route-table.c b/lib/route-table.c index 00f95e3..61c8cd8 100644 --- a/lib/route-table.c +++ b/lib/route-table.c @@ -45,6 +45,7 @@ struct route_data { struct in6_addr rta_dst; /* 0 if missing. */ struct in6_addr rta_gw; char ifname[IFNAMSIZ]; /* Interface name. */ +uint32_t mark; }; /* A digested version of a route message sent down by the kernel to indicate @@ -190,11 +191,13 @@ route_table_parse(struct ofpbuf *buf, struct route_table_msg *change) [RTA_DST] = { .type = NL_A_U32, .optional = true }, [RTA_OIF] = { .type = NL_A_U32, .optional = true }, [RTA_GATEWAY] = { .type = NL_A_U32, .optional = true }, +[RTA_MARK] = { .type = NL_A_U32, .optional = true }, }; static const struct nl_policy policy6[] = { [RTA_DST] = { .type = NL_A_IPV6, .optional = true }, [RTA_OIF] = { .type = NL_A_U32, .optional = true }, +[RTA_MARK] = { .type = NL_A_U32, .optional = true }, [RTA_GATEWAY] = { .type = NL_A_IPV6, .optional = true }, }; @@ -270,6 +273,9 @@ route_table_parse(struct ofpbuf *buf, struct route_table_msg *change) change->rd.rta_gw = nl_attr_get_in6_addr(attrs[RTA_GATEWAY]); } } +if (attrs[RTA_MARK]) { +change->rd.mark = nl_attr_get_u32(attrs[RTA_MARK]); +} } else { VLOG_DBG_RL(&rl, "received unparseable rtnetlink route message"); return 0; -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH 3/3] ovs-router: introduce pkt-mark.
OVS router is basically partial copy of linux kernel FIB. kernel routing table use skb-mark along with usual routing parameters. Following patch brings in support for skb-mark to ovs-router so that we can lookup route according to flow skb-mark. Signed-off-by: Pravin B Shelar --- lib/netdev-vport.c | 4 +- lib/ovs-router.c | 192 ++- lib/ovs-router.h | 6 +- lib/route-table.c| 2 +- ofproto/ofproto-dpif-sflow.c | 2 +- ofproto/ofproto-dpif-xlate.c | 2 +- tests/ovs-router.at | 22 + tests/tunnel-push-pop.at | 3 + 8 files changed, 188 insertions(+), 45 deletions(-) diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 25dd0e8..54db559 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -259,10 +259,12 @@ tunnel_check_status_change__(struct netdev_vport *netdev) bool status = false; struct in6_addr *route; struct in6_addr gw; +uint32_t mark; iface[0] = '\0'; route = &netdev->tnl_cfg.ipv6_dst; -if (ovs_router_lookup(route, iface, NULL, &gw)) { +mark = netdev->tnl_cfg.egress_pkt_mark; +if (ovs_router_lookup(mark, route, iface, NULL, &gw)) { struct netdev *egress_netdev; if (!netdev_open(iface, NULL, &egress_netdev)) { diff --git a/lib/ovs-router.c b/lib/ovs-router.c index 935b60a..7300b36 100644 --- a/lib/ovs-router.c +++ b/lib/ovs-router.c @@ -45,6 +45,11 @@ #include "unaligned.h" #include "unixctl.h" #include "util.h" +#include "openvswitch/vlog.h" + +VLOG_DEFINE_THIS_MODULE(ovs_route); + +static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER; static struct classifier cls; @@ -57,6 +62,7 @@ struct ovs_router_entry { struct in6_addr src_addr; uint8_t plen; uint8_t priority; +uint32_t mark; }; static struct ovs_router_entry * @@ -88,11 +94,12 @@ ovs_router_lookup_fallback(const struct in6_addr *ip6_dst, char output_bridge[], } bool -ovs_router_lookup(const struct in6_addr *ip6_dst, char output_bridge[], +ovs_router_lookup(uint32_t mark, const struct in6_addr *ip6_dst, + char output_bridge[], struct in6_addr *src, struct in6_addr *gw) { const struct cls_rule *cr; -struct flow flow = {.ipv6_dst = *ip6_dst}; +struct flow flow = {.ipv6_dst = *ip6_dst, .pkt_mark = mark}; cr = classifier_lookup(&cls, OVS_VERSION_MAX, &flow, NULL); if (cr) { @@ -115,7 +122,8 @@ rt_entry_free(struct ovs_router_entry *p) free(p); } -static void rt_init_match(struct match *match, const struct in6_addr *ip6_dst, +static void rt_init_match(struct match *match, uint32_t mark, + const struct in6_addr *ip6_dst, uint8_t plen) { struct in6_addr dst; @@ -127,6 +135,8 @@ static void rt_init_match(struct match *match, const struct in6_addr *ip6_dst, memset(match, 0, sizeof *match); match->flow.ipv6_dst = dst; match->wc.masks.ipv6_dst = mask; +match->wc.masks.pkt_mark = UINT32_MAX; +match->flow.pkt_mark = mark; } static int @@ -178,7 +188,8 @@ out: } static int -ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, +ovs_router_insert__(uint32_t mark, uint8_t priority, +const struct in6_addr *ip6_dst, uint8_t plen, const char output_bridge[], const struct in6_addr *gw) { @@ -187,13 +198,14 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, struct match match; int err; -rt_init_match(&match, ip6_dst, plen); +rt_init_match(&match, mark, ip6_dst, plen); p = xzalloc(sizeof *p); ovs_strlcpy(p->output_bridge, output_bridge, sizeof p->output_bridge); if (ipv6_addr_is_set(gw)) { p->gw = *gw; } +p->mark = mark; p->nw_addr = match.flow.ipv6_dst; p->plen = plen; p->priority = priority; @@ -202,7 +214,12 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, err = get_src_addr(gw, output_bridge, &p->src_addr); } if (err) { +struct ds ds = DS_EMPTY_INITIALIZER; + +ipv6_format_mapped(ip6_dst, &ds); +VLOG_DBG_RL(&rl, "src addr not available for route %s", ds_cstr(&ds)); free(p); +ds_destroy(&ds); return err; } /* Longest prefix matches first. */ @@ -222,13 +239,12 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, } void -ovs_router_insert(const struct in6_addr *ip_dst, uint8_t plen, +ovs_router_insert(uint32_t mark, const struct in6_addr *ip_dst, uint8_t plen, const char output_bridge[], const struct in6_addr *gw) { -ovs_router_insert__(plen, ip
[ovs-dev] [PATCH v2 0/3] Tunnel: add support for packet marking
Following patch series adds support for setting packet mark for tunnel traffic. This allows better integration with linux networking stack. v1-v2: Fixed patch 1 an 3 according to comments from Jarno. Pravin B Shelar (3): tunnel: Add support to configure ptk_mark routing-table: parse skb-mark from RTNETLINK msg ovs-router: introduce pkt-mark. NEWS | 2 + lib/netdev-vport.c | 11 +++- lib/netdev.h | 2 + lib/ovs-router.c | 125 ++- lib/ovs-router.h | 6 ++- lib/route-table.c| 8 ++- ofproto/ofproto-dpif-sflow.c | 5 +- ofproto/ofproto-dpif-xlate.c | 2 +- ofproto/tunnel.c | 5 ++ tests/ovs-router.at | 42 +++ tests/tunnel-push-pop.at | 19 +++ vswitchd/vswitch.xml | 6 +++ 12 files changed, 191 insertions(+), 42 deletions(-) -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH v2 1/3] tunnel: Add support to configure ptk_mark
Today packet mark action is broken for Tunnel ports with tunnel monitoring. User can write a flow to set pkt-mark for any tunnel traffic, but there is no way to set the packet mark for corresponding BFD trffic. Following patch introduces new option in OVSDB tunnel configuration so that user can set skb-mark for given tunnel endpoint. OVS would set the mark according to the skb-mark option for all tunnel traffic including packets generated by vSwitchd like tunnel monitoring BFD packet. Signed-off-by: Pravin B Shelar --- v1-v2: Handle zero egress_pkt_mark Added more documentation. --- NEWS | 2 ++ lib/netdev-vport.c | 7 +++ lib/netdev.h | 2 ++ ofproto/tunnel.c | 5 + tests/tunnel-push-pop.at | 16 vswitchd/vswitch.xml | 6 ++ 6 files changed, 38 insertions(+) diff --git a/NEWS b/NEWS index 0a9551c..6838649 100644 --- a/NEWS +++ b/NEWS @@ -51,6 +51,8 @@ Post-v2.6.0 a per-OpenFlow bridge basis rather than globally. (The interface has not changed.) * Removed support for IPsec tunnels. + * Added support to set packet mark for tunnel endpoint using + `egress_pkt_mark` OVSDB option. - DPDK: * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces which set the number of rx and tx descriptors to use for the given port. diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 4c2ced5..88b0bcf 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -509,6 +509,9 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args, char **errp) } free(str); +} else if (!strcmp(node->key, "egress_pkt_mark")) { +tnl_cfg.egress_pkt_mark = strtoul(node->value, NULL, 10); +tnl_cfg.set_egress_pkt_mark = true; } else { ds_put_format(&errors, "%s: unknown %s argument '%s'\n", name, type, node->key); @@ -649,6 +652,10 @@ get_tunnel_config(const struct netdev *dev, struct smap *args) smap_add(args, "df_default", "false"); } +if (tnl_cfg.set_egress_pkt_mark) { +smap_add_format(args, "egress_pkt_mark", +"%"PRIu32, tnl_cfg.egress_pkt_mark); +} return 0; } diff --git a/lib/netdev.h b/lib/netdev.h index bef9cdd..d6c07c1 100644 --- a/lib/netdev.h +++ b/lib/netdev.h @@ -89,6 +89,8 @@ struct netdev_tunnel_config { struct in6_addr ipv6_dst; uint32_t exts; +bool set_egress_pkt_mark; +uint32_t egress_pkt_mark; uint8_t ttl; bool ttl_inherit; diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c index ce727f4..e285d54 100644 --- a/ofproto/tunnel.c +++ b/ofproto/tunnel.c @@ -461,6 +461,11 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow, | (cfg->csum ? FLOW_TNL_F_CSUM : 0) | (cfg->out_key_present ? FLOW_TNL_F_KEY : 0); +if (cfg->set_egress_pkt_mark) { +flow->pkt_mark = cfg->egress_pkt_mark; +wc->masks.pkt_mark = UINT32_MAX; +} + if (pre_flow_str) { char *post_flow_str = flow_to_string(flow); char *tnl_str = tnl_port_fmt(tnl_port); diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at index 700ef55..4aaa669 100644 --- a/tests/tunnel-push-pop.at +++ b/tests/tunnel-push-pop.at @@ -12,6 +12,8 @@ AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=vxlan \ options:remote_ip=1.1.2.93 options:out_key=flow options:csum=true ofport_request=4\ -- add-port int-br t4 -- set Interface t4 type=geneve \ options:remote_ip=flow options:key=123 ofport_request=5\ +-- add-port int-br t5 -- set Interface t5 type=geneve \ + options:remote_ip=1.1.2.93 options:out_key=flow options:egress_pkt_mark=1234 ofport_request=6\ ], [0]) AT_CHECK([ovs-appctl dpif/show], [0], [dnl @@ -25,6 +27,7 @@ dummy@ovs-dummy: hit:0 missed:0 t2 2/4789: (vxlan: key=123, remote_ip=1.1.2.92) t3 4/4789: (vxlan: csum=true, out_key=flow, remote_ip=1.1.2.93) t4 5/6081: (geneve: key=123, remote_ip=flow) + t5 6/6081: (geneve: egress_pkt_mark=1234, out_key=flow, remote_ip=1.1.2.93) ]) dnl First setup dummy interface IP address, then add the route @@ -91,6 +94,12 @@ AT_CHECK([tail -1 stdout], [0], [Datapath actions: tnl_pop(6081) ]) +dnl Check Geneve tunnel (t6) pop +AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x0800),ipv4(src=1.1.2.96,dst=1.1.2.88,proto=17,tos=0,ttl=64,frag=no),udp(src=51283,dst=6081)'], [0], [stdout]) +AT_CHECK([tail -1 stdout], [0], + [Datapath actions: tnl_pop(6081) +]) + dnl Check VXLAN tunnel push
[ovs-dev] [PATCH v2 3/3] ovs-router: introduce pkt-mark.
OVS router is basically partial copy of linux kernel FIB. kernel routing table uses skb-mark along with usual routing parameters. Following patch brings in support for skb-mark to ovs-router so that we can lookup route for given skb-mark. Signed-off-by: Pravin B Shelar --- v1-v2: Removed ovs/route2/add command reverted change to plen variable type. --- lib/netdev-vport.c | 4 +- lib/ovs-router.c | 125 ++- lib/ovs-router.h | 6 ++- lib/route-table.c| 2 +- ofproto/ofproto-dpif-sflow.c | 5 +- ofproto/ofproto-dpif-xlate.c | 2 +- tests/ovs-router.at | 42 +++ tests/tunnel-push-pop.at | 3 ++ 8 files changed, 147 insertions(+), 42 deletions(-) diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c index 88b0bcf..2d0aa43 100644 --- a/lib/netdev-vport.c +++ b/lib/netdev-vport.c @@ -260,10 +260,12 @@ tunnel_check_status_change__(struct netdev_vport *netdev) bool status = false; struct in6_addr *route; struct in6_addr gw; +uint32_t mark; iface[0] = '\0'; route = &netdev->tnl_cfg.ipv6_dst; -if (ovs_router_lookup(route, iface, NULL, &gw)) { +mark = netdev->tnl_cfg.egress_pkt_mark; +if (ovs_router_lookup(mark, route, iface, NULL, &gw)) { struct netdev *egress_netdev; if (!netdev_open(iface, NULL, &egress_netdev)) { diff --git a/lib/ovs-router.c b/lib/ovs-router.c index 935b60a..d30eb3c 100644 --- a/lib/ovs-router.c +++ b/lib/ovs-router.c @@ -45,6 +45,11 @@ #include "unaligned.h" #include "unixctl.h" #include "util.h" +#include "openvswitch/vlog.h" + +VLOG_DEFINE_THIS_MODULE(ovs_router); + +static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); static struct ovs_mutex mutex = OVS_MUTEX_INITIALIZER; static struct classifier cls; @@ -57,6 +62,7 @@ struct ovs_router_entry { struct in6_addr src_addr; uint8_t plen; uint8_t priority; +uint32_t mark; }; static struct ovs_router_entry * @@ -88,11 +94,12 @@ ovs_router_lookup_fallback(const struct in6_addr *ip6_dst, char output_bridge[], } bool -ovs_router_lookup(const struct in6_addr *ip6_dst, char output_bridge[], +ovs_router_lookup(uint32_t mark, const struct in6_addr *ip6_dst, + char output_bridge[], struct in6_addr *src, struct in6_addr *gw) { const struct cls_rule *cr; -struct flow flow = {.ipv6_dst = *ip6_dst}; +struct flow flow = {.ipv6_dst = *ip6_dst, .pkt_mark = mark}; cr = classifier_lookup(&cls, OVS_VERSION_MAX, &flow, NULL); if (cr) { @@ -115,7 +122,8 @@ rt_entry_free(struct ovs_router_entry *p) free(p); } -static void rt_init_match(struct match *match, const struct in6_addr *ip6_dst, +static void rt_init_match(struct match *match, uint32_t mark, + const struct in6_addr *ip6_dst, uint8_t plen) { struct in6_addr dst; @@ -127,6 +135,8 @@ static void rt_init_match(struct match *match, const struct in6_addr *ip6_dst, memset(match, 0, sizeof *match); match->flow.ipv6_dst = dst; match->wc.masks.ipv6_dst = mask; +match->wc.masks.pkt_mark = UINT32_MAX; +match->flow.pkt_mark = mark; } static int @@ -178,7 +188,8 @@ out: } static int -ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, +ovs_router_insert__(uint32_t mark, uint8_t priority, +const struct in6_addr *ip6_dst, uint8_t plen, const char output_bridge[], const struct in6_addr *gw) { @@ -187,13 +198,14 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, struct match match; int err; -rt_init_match(&match, ip6_dst, plen); +rt_init_match(&match, mark, ip6_dst, plen); p = xzalloc(sizeof *p); ovs_strlcpy(p->output_bridge, output_bridge, sizeof p->output_bridge); if (ipv6_addr_is_set(gw)) { p->gw = *gw; } +p->mark = mark; p->nw_addr = match.flow.ipv6_dst; p->plen = plen; p->priority = priority; @@ -202,7 +214,12 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, err = get_src_addr(gw, output_bridge, &p->src_addr); } if (err) { +struct ds ds = DS_EMPTY_INITIALIZER; + +ipv6_format_mapped(ip6_dst, &ds); +VLOG_DBG_RL(&rl, "src addr not available for route %s", ds_cstr(&ds)); free(p); +ds_destroy(&ds); return err; } /* Longest prefix matches first. */ @@ -222,13 +239,12 @@ ovs_router_insert__(uint8_t priority, const struct in6_addr *ip6_dst, } void -ovs_router_insert(const struct in6_addr *ip_dst, uint8_t plen, +ovs_router_insert(uint32_t mark, const struct in6_addr *ip_dst, uint8_t plen, cons
[ovs-dev] [PATCH v2 2/3] routing-table: parse skb-mark from RTNETLINK msg
Keep track of skb-mark of given RTNL routing notification. This will be used by next commit. Signed-off-by: Pravin B Shelar Acked-by: Jarno Rajahalme --- lib/route-table.c | 6 ++ 1 file changed, 6 insertions(+) diff --git a/lib/route-table.c b/lib/route-table.c index 00f95e3..61c8cd8 100644 --- a/lib/route-table.c +++ b/lib/route-table.c @@ -45,6 +45,7 @@ struct route_data { struct in6_addr rta_dst; /* 0 if missing. */ struct in6_addr rta_gw; char ifname[IFNAMSIZ]; /* Interface name. */ +uint32_t mark; }; /* A digested version of a route message sent down by the kernel to indicate @@ -190,11 +191,13 @@ route_table_parse(struct ofpbuf *buf, struct route_table_msg *change) [RTA_DST] = { .type = NL_A_U32, .optional = true }, [RTA_OIF] = { .type = NL_A_U32, .optional = true }, [RTA_GATEWAY] = { .type = NL_A_U32, .optional = true }, +[RTA_MARK] = { .type = NL_A_U32, .optional = true }, }; static const struct nl_policy policy6[] = { [RTA_DST] = { .type = NL_A_IPV6, .optional = true }, [RTA_OIF] = { .type = NL_A_U32, .optional = true }, +[RTA_MARK] = { .type = NL_A_U32, .optional = true }, [RTA_GATEWAY] = { .type = NL_A_IPV6, .optional = true }, }; @@ -270,6 +273,9 @@ route_table_parse(struct ofpbuf *buf, struct route_table_msg *change) change->rd.rta_gw = nl_attr_get_in6_addr(attrs[RTA_GATEWAY]); } } +if (attrs[RTA_MARK]) { +change->rd.mark = nl_attr_get_u32(attrs[RTA_MARK]); +} } else { VLOG_DBG_RL(&rl, "received unparseable rtnetlink route message"); return 0; -- 2.9.3 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] netdev: Fix sockaddr cast warning.
Following warning was reported by Travis:- lib/netdev.c:1916:19: error: cast from 'struct sockaddr *' to 'struct sockaddr_in *' increases required alignment from 2 to 4 [-Werror,-Wcast-align] sin = (struct sockaddr_in *) ifa->ifa_netmask; ^~~ lib/netdev.c:1924:20: error: cast from 'struct sockaddr *' to 'struct sockaddr_in6 *' increases required alignment from 2 to 4 [-Werror,-Wcast-align] sin6 = (struct sockaddr_in6 *) ifa->ifa_netmask; Fixes: 3f31aded6 ("netdev: fix netmask in netdev_get_addrs"). Signed-off-by: Pravin B Shelar --- lib/netdev.c | 4 ++-- 1 file changed, 2 insertions(+), 2 deletions(-) diff --git a/lib/netdev.c b/lib/netdev.c index ad90ef6..ee9b461 100644 --- a/lib/netdev.c +++ b/lib/netdev.c @@ -1913,7 +1913,7 @@ netdev_get_addrs(const char dev[], struct in6_addr **paddr, sin = ALIGNED_CAST(const struct sockaddr_in *, ifa->ifa_addr); in6_addr_set_mapped_ipv4(&addr_array[i], sin->sin_addr.s_addr); -sin = (struct sockaddr_in *) ifa->ifa_netmask; +sin = ALIGNED_CAST(const struct sockaddr_in *, ifa->ifa_netmask); in6_addr_set_mapped_ipv4(&mask_array[i], sin->sin_addr.s_addr); i++; } else if (family == AF_INET6) { @@ -1921,7 +1921,7 @@ netdev_get_addrs(const char dev[], struct in6_addr **paddr, sin6 = ALIGNED_CAST(const struct sockaddr_in6 *, ifa->ifa_addr); memcpy(&addr_array[i], &sin6->sin6_addr, sizeof *addr_array); -sin6 = (struct sockaddr_in6 *) ifa->ifa_netmask; +sin6 = ALIGNED_CAST(const struct sockaddr_in6 *, ifa->ifa_netmask); memcpy(&mask_array[i], &sin6->sin6_addr, sizeof *mask_array); i++; } -- 1.8.3.1 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
[ovs-dev] [PATCH] tunnel: set udp dst-port in tunnel metadata
VxLan device expect valid tp-dst in tunnel metadata. Following patch sets consistent tp-dst with respect to the egress tunnel port. Reported-by: Gerhard Stenzel Tested-by: Gerhard Stenzel Signed-off-by: Pravin B Shelar --- ofproto/tunnel.c | 1 + tests/ofproto-dpif.at | 2 +- tests/tunnel.at | 8 3 files changed, 6 insertions(+), 5 deletions(-) diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c index 97de59e..ce727f4 100644 --- a/ofproto/tunnel.c +++ b/ofproto/tunnel.c @@ -427,6 +427,7 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow, flow->tunnel.ipv6_dst = in6addr_any; } } +flow->tunnel.tp_dst = cfg->dst_port; if (!cfg->out_key_flow) { flow->tunnel.tun_id = cfg->out_key; } diff --git a/tests/ofproto-dpif.at b/tests/ofproto-dpif.at index ec7bd60..6c7ac36 100644 --- a/tests/ofproto-dpif.at +++ b/tests/ofproto-dpif.at @@ -6378,7 +6378,7 @@ AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(3),eth(src=50:54:00:00:00: dnl Make sure flow sample action in datapath is behind set tunnel dnl action at egress point of tunnel port. AT_CHECK([tail -1 stdout], [0], [dnl -Datapath actions: set(tunnel(tun_id=0x5,src=2.2.2.2,dst=1.1.1.1,tos=0x1,ttl=64,flags(df|key))),sample(sample=100.0%,actions(userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=1),tunnel_out_port=1))),1,set(tunnel(tun_id=0x6,src=2.2.2.3,dst=1.1.1.2,tos=0x1,ttl=64,flags(df|key))),sample(sample=100.0%,actions(userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=7471),tunnel_out_port=7471))),7471 +Datapath actions: set(tunnel(tun_id=0x5,src=2.2.2.2,dst=1.1.1.1,tos=0x1,ttl=64,flags(df|key))),sample(sample=100.0%,actions(userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=1),tunnel_out_port=1))),1,set(tunnel(tun_id=0x6,src=2.2.2.3,dst=1.1.1.2,tos=0x1,ttl=64,tp_dst=7471,flags(df|key))),sample(sample=100.0%,actions(userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=7471),tunnel_out_port=7471))),7471 ]) dnl Remove the flow which contains sample action. diff --git a/tests/tunnel.at b/tests/tunnel.at index 647a466..1ba209d 100644 --- a/tests/tunnel.at +++ b/tests/tunnel.at @@ -484,7 +484,7 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) dnl Option generation AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth(src=50:54:00:00:00:05,dst=50:54:00:00:00:07),eth_type(0x0800),ipv4(src=192.168.0.1,dst=192.168.0.2,proto=1,tos=0,ttl=128,frag=no),icmp(type=8,code=0)'], [0], [stdout]) AT_CHECK([tail -1 stdout], [0], - [Datapath actions: set(tunnel(dst=1.1.1.1,ttl=64,geneve({class=0x,type=0,len=4,0xa}{class=0x,type=0x1,len=8,0x1234567890abcdef}),flags(df))),6081 + [Datapath actions: set(tunnel(dst=1.1.1.1,ttl=64,tp_dst=6081,geneve({class=0x,type=0,len=4,0xa}{class=0x,type=0x1,len=8,0x1234567890abcdef}),flags(df))),6081 ]) dnl Option match @@ -573,7 +573,7 @@ Datapath actions: 2 AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'recirc_id(0),tunnel(tun_id=0x0,src=1.1.1.1,dst=1.1.1.2,ttl=64,geneve({class=0x,type=1,len=0}),flags(df|key)),in_port(6081),skb_mark(0),eth_type(0x0800),ipv4(frag=no)'], [0], [stdout]) AT_CHECK([tail -2 stdout], [0], [Megaflow: recirc_id=0,ip,tun_id=0,tun_src=1.1.1.1,tun_dst=1.1.1.2,tun_tos=0,tun_flags=+df-csum+key,tun_metadata1,tun_metadata2=NP,in_port=1,nw_ecn=0,nw_frag=no -Datapath actions: set(tunnel(tun_id=0x0,dst=1.1.1.1,ttl=64,geneve({class=0x,type=0x1,len=0}),flags(df|key))),6081 +Datapath actions: set(tunnel(tun_id=0x0,dst=1.1.1.1,ttl=64,tp_dst=6081,geneve({class=0x,type=0x1,len=0}),flags(df|key))),6081 ]) OVS_VSWITCHD_STOP @@ -594,12 +594,12 @@ AT_CHECK([ovs-ofctl add-flows br0 flows.txt]) AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'tunnel(tun_id=0,src=1.1.1.1,dst=1.1.1.2,ttl=64),in_port(4789)'], [0], [stdout]) AT_CHECK([tail -1 stdout], [0], - [Datapath actions: set(tunnel(tun_id=0x0,ipv6_dst=2001:cafe::1,ttl=64,flags(df|key))),4789 + [Datapath actions: set(tunnel(tun_id=0x0,ipv6_dst=2001:cafe::1,ttl=64,tp_dst=4789,flags(df|key))),4789 ]) AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'tunnel(tun_id=0x0,ipv6_src=2001:cafe::1,ipv6_dst=2001:cafe::2,ttl=64),in_port(4789)'], [0], [stdout]) AT_CHECK([tail -1 stdout], [0], - [Datapath actions: set(tunnel(tun_id=0x0,dst=1.1.1.1,ttl=64,flags(df|key))),4789 + [Datapath actions: set(tunnel(tun_id=0x0,dst=1.1.1.1,ttl=64,tp_dst=4789,flags(df|key))),4789 ]) -- 1.8.3.1 ___ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev