subject:"\[ovs\-dev\] \[PATCH v7 ovn 2\/2\] ovn\-northd\: Limit ARP\/ND broadcast domain whenever possible."

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-14 Thread Dumitru Ceara

On Wed, Nov 13, 2019 at 8:52 PM Han Zhou  wrote:
>
>
>
> On Wed, Nov 13, 2019 at 8:14 AM Dumitru Ceara  wrote:
> >
> > On Wed, Nov 13, 2019 at 4:30 PM Han Zhou  wrote:
> > >
> > >
> > >
> > > On Wed, Nov 13, 2019 at 2:42 AM Dumitru Ceara  wrote:
> > >>
> > >> On Tue, Nov 12, 2019 at 8:50 PM Han Zhou  wrote:
> > >> >
> > >> >
> > >> >
> > >> >
> > >> > On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara  
> > >> > wrote:
> > >> > >
> > >> > > On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
> > >> > > >
> > >> > > >
> > >> > > >
> > >> > > > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  
> > >> > > > wrote:
> > >> > > > >
> > >> > > > > ARP request and ND NS packets for router owned IPs were being
> > >> > > > > flooded in the complete L2 domain (using the MC_FLOOD multicast 
> > >> > > > > group).
> > >> > > > > However this creates a scaling issue in scenarios where 
> > >> > > > > aggregation
> > >> > > > > logical switches are connected to more logical routers (~350). 
> > >> > > > > The
> > >> > > > > logical pipelines of all routers would have to be executed 
> > >> > > > > before the
> > >> > > > > packet is finally replied to by a single router, the owner of 
> > >> > > > > the IP
> > >> > > > > address.
> > >> > > > >
> > >> > > > > This commit limits the broadcast domain by bypassing the L2 
> > >> > > > > Lookup stage
> > >> > > > > for ARP requests that will be replied by a single router. The 
> > >> > > > > packets
> > >> > > > > are forwarded only to the router port that owns the target IP 
> > >> > > > > address.
> > >> > > > >
> > >> > > > > IPs that are owned by the routers and for which this fix applies 
> > >> > > > > are:
> > >> > > > > - IP addresses configured on the router ports.
> > >> > > > > - VIPs.
> > >> > > > > - NAT IPs.
> > >> > > > >
> > >> > > > > Reported-at: https://bugzilla.redhat.com/1756945
> > >> > > > > Reported-by: Anil Venkata 
> > >> > > > > Signed-off-by: Dumitru Ceara 
> > >> > > > >
> > >> > > > > ---
> > >> > > > > v7:
> > >> > > > > - Address Han's comments:
> > >> > > > > - Remove flooding for all ARPs received on VLAN networks. To 
> > >> > > > > avoid
> > >> > > > >   that we now identify self originated (G)ARPs by matching 
> > >> > > > > on source
> > >> > > > >   MAC address too.
> > >> > > > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> > >> > > > > - Fix ovn-sb manpage.
> > >> > > > > - Split patch in a series of 2:
> > >> > > > > - patch1: fixes the get_router_load_balancer_ips() function.
> > >> > > > > - patch2: limits the ARP/ND broadcast domain.
> > >> > > > > v6:
> > >> > > > > - Address Han's comments:
> > >> > > > > - remove flooding of ARPs targeting OVN owned IP addresses.
> > >> > > > > - update ovn-architecture documentation.
> > >> > > > > - rename ARP handling functions.
> > >> > > > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to 
> > >> > > > > take into
> > >> > > > > account the new way of forwarding ARPs.
> > >> > > > > - Also, properly deal with ARP packets on VLAN-backed networks.
> > >> > > > > v5: Address Numan's comments: update comments & make autotest 
> > >> > > > > more
> > >> > > > > robust.
> > >> > > > > v4: Rebase.
> > >> > > > > v3: Properly deal with VXLAN traffic. Address review comments 
> > >> > > > > from
> > >> > > > > Numan (add autotests). Fix function 
> > >> > > > > get_router_load_balancer_ips.
> > >> > > > > Rebase -> deal with IPv6 NAT too.
> > >> > > > > v2: Move ARP broadcast domain limiting to table 
> > >> > > > > S_SWITCH_IN_L2_LKUP to
> > >> > > > > address localnet ports too.
> > >> > > > > ---
> > >> > > > >  northd/ovn-northd.8.xml |   14 ++
> > >> > > > >  northd/ovn-northd.c |  230 
> > >> > > > > +++
> > >> > > > >  ovn-architecture.7.xml  |   19 +++
> > >> > > > >  tests/ovn.at|  307 
> > >> > > > > +--
> > >> > > > >  4 files changed, 530 insertions(+), 40 deletions(-)
> > >> > > > >
> > >> > > > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> > >> > > > > index 0a33dcd..344cc0d 100644
> > >> > > > > --- a/northd/ovn-northd.8.xml
> > >> > > > > +++ b/northd/ovn-northd.8.xml
> > >> > > > > @@ -1005,6 +1005,20 @@ output;
> > >> > > > >
> > >> > > > >
> > >> > > > >
> > >> > > > > +Priority-80 flows for each port connected to a logical 
> > >> > > > > router
> > >> > > > > +matching self originated GARP/ARP request/ND packets. 
> > >> > > > > These packets
> > >> > > > > +are flooded to the MC_FLOOD which contains 
> > >> > > > > all logical
> > >> > > > > +ports.
> > >> > > > > +  
> > >> > > > > +
> > >> > > > > +  
> > >> > > > > +Priority-75 flows for each IP address/VIP/NAT address 
> > >> > > > > owned by a
> > >> > > > > +router port connected to the switch. These flows match 
> > >> > > > > ARP requests
> > >> > > > > +and ND

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-13 Thread Han Zhou

On Wed, Nov 13, 2019 at 8:14 AM Dumitru Ceara  wrote:
>
> On Wed, Nov 13, 2019 at 4:30 PM Han Zhou  wrote:
> >
> >
> >
> > On Wed, Nov 13, 2019 at 2:42 AM Dumitru Ceara  wrote:
> >>
> >> On Tue, Nov 12, 2019 at 8:50 PM Han Zhou  wrote:
> >> >
> >> >
> >> >
> >> >
> >> > On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara 
wrote:
> >> > >
> >> > > On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
> >> > > >
> >> > > >
> >> > > >
> >> > > > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara 
wrote:
> >> > > > >
> >> > > > > ARP request and ND NS packets for router owned IPs were being
> >> > > > > flooded in the complete L2 domain (using the MC_FLOOD
multicast group).
> >> > > > > However this creates a scaling issue in scenarios where
aggregation
> >> > > > > logical switches are connected to more logical routers (~350).
The
> >> > > > > logical pipelines of all routers would have to be executed
before the
> >> > > > > packet is finally replied to by a single router, the owner of
the IP
> >> > > > > address.
> >> > > > >
> >> > > > > This commit limits the broadcast domain by bypassing the L2
Lookup stage
> >> > > > > for ARP requests that will be replied by a single router. The
packets
> >> > > > > are forwarded only to the router port that owns the target IP
address.
> >> > > > >
> >> > > > > IPs that are owned by the routers and for which this fix
applies are:
> >> > > > > - IP addresses configured on the router ports.
> >> > > > > - VIPs.
> >> > > > > - NAT IPs.
> >> > > > >
> >> > > > > Reported-at: https://bugzilla.redhat.com/1756945
> >> > > > > Reported-by: Anil Venkata 
> >> > > > > Signed-off-by: Dumitru Ceara 
> >> > > > >
> >> > > > > ---
> >> > > > > v7:
> >> > > > > - Address Han's comments:
> >> > > > > - Remove flooding for all ARPs received on VLAN networks.
To avoid
> >> > > > >   that we now identify self originated (G)ARPs by matching
on source
> >> > > > >   MAC address too.
> >> > > > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> >> > > > > - Fix ovn-sb manpage.
> >> > > > > - Split patch in a series of 2:
> >> > > > > - patch1: fixes the get_router_load_balancer_ips()
function.
> >> > > > > - patch2: limits the ARP/ND broadcast domain.
> >> > > > > v6:
> >> > > > > - Address Han's comments:
> >> > > > > - remove flooding of ARPs targeting OVN owned IP addresses.
> >> > > > > - update ovn-architecture documentation.
> >> > > > > - rename ARP handling functions.
> >> > > > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest
to take into
> >> > > > > account the new way of forwarding ARPs.
> >> > > > > - Also, properly deal with ARP packets on VLAN-backed networks.
> >> > > > > v5: Address Numan's comments: update comments & make autotest
more
> >> > > > > robust.
> >> > > > > v4: Rebase.
> >> > > > > v3: Properly deal with VXLAN traffic. Address review comments
from
> >> > > > > Numan (add autotests). Fix function
get_router_load_balancer_ips.
> >> > > > > Rebase -> deal with IPv6 NAT too.
> >> > > > > v2: Move ARP broadcast domain limiting to table
S_SWITCH_IN_L2_LKUP to
> >> > > > > address localnet ports too.
> >> > > > > ---
> >> > > > >  northd/ovn-northd.8.xml |   14 ++
> >> > > > >  northd/ovn-northd.c |  230
+++
> >> > > > >  ovn-architecture.7.xml  |   19 +++
> >> > > > >  tests/ovn.at|  307
+--
> >> > > > >  4 files changed, 530 insertions(+), 40 deletions(-)
> >> > > > >
> >> > > > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> >> > > > > index 0a33dcd..344cc0d 100644
> >> > > > > --- a/northd/ovn-northd.8.xml
> >> > > > > +++ b/northd/ovn-northd.8.xml
> >> > > > > @@ -1005,6 +1005,20 @@ output;
> >> > > > >
> >> > > > >
> >> > > > >
> >> > > > > +Priority-80 flows for each port connected to a
logical router
> >> > > > > +matching self originated GARP/ARP request/ND packets.
These packets
> >> > > > > +are flooded to the MC_FLOOD which
contains all logical
> >> > > > > +ports.
> >> > > > > +  
> >> > > > > +
> >> > > > > +  
> >> > > > > +Priority-75 flows for each IP address/VIP/NAT address
owned by a
> >> > > > > +router port connected to the switch. These flows
match ARP requests
> >> > > > > +and ND packets for the specific IP addresses.
Matched packets are
> >> > > > > +forwarded only to the router that owns the IP address.
> >> > > > > +  
> >> > > > > +
> >> > > > > +  
> >> > > > >  A priority-70 flow that outputs all packets with an
Ethernet broadcast
> >> > > > >  or multicast eth.dst to the
MC_FLOOD
> >> > > > >  multicast group.
> >> > > > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> >> > > > > index 32f3200..d6beb97 100644
> >> > > > > --- a/northd/ovn-northd.c
> >> > > > > +++ b/northd/ovn-northd.c
> >> > > > > @@ -210,6 +210,8 @@ enum ovn_stage {
> >> > > > >

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-13 Thread Dumitru Ceara

On Wed, Nov 13, 2019 at 4:30 PM Han Zhou  wrote:
>
>
>
> On Wed, Nov 13, 2019 at 2:42 AM Dumitru Ceara  wrote:
>>
>> On Tue, Nov 12, 2019 at 8:50 PM Han Zhou  wrote:
>> >
>> >
>> >
>> >
>> > On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara  wrote:
>> > >
>> > > On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
>> > > >
>> > > >
>> > > >
>> > > > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  
>> > > > wrote:
>> > > > >
>> > > > > ARP request and ND NS packets for router owned IPs were being
>> > > > > flooded in the complete L2 domain (using the MC_FLOOD multicast 
>> > > > > group).
>> > > > > However this creates a scaling issue in scenarios where aggregation
>> > > > > logical switches are connected to more logical routers (~350). The
>> > > > > logical pipelines of all routers would have to be executed before the
>> > > > > packet is finally replied to by a single router, the owner of the IP
>> > > > > address.
>> > > > >
>> > > > > This commit limits the broadcast domain by bypassing the L2 Lookup 
>> > > > > stage
>> > > > > for ARP requests that will be replied by a single router. The packets
>> > > > > are forwarded only to the router port that owns the target IP 
>> > > > > address.
>> > > > >
>> > > > > IPs that are owned by the routers and for which this fix applies are:
>> > > > > - IP addresses configured on the router ports.
>> > > > > - VIPs.
>> > > > > - NAT IPs.
>> > > > >
>> > > > > Reported-at: https://bugzilla.redhat.com/1756945
>> > > > > Reported-by: Anil Venkata 
>> > > > > Signed-off-by: Dumitru Ceara 
>> > > > >
>> > > > > ---
>> > > > > v7:
>> > > > > - Address Han's comments:
>> > > > > - Remove flooding for all ARPs received on VLAN networks. To 
>> > > > > avoid
>> > > > >   that we now identify self originated (G)ARPs by matching on 
>> > > > > source
>> > > > >   MAC address too.
>> > > > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
>> > > > > - Fix ovn-sb manpage.
>> > > > > - Split patch in a series of 2:
>> > > > > - patch1: fixes the get_router_load_balancer_ips() function.
>> > > > > - patch2: limits the ARP/ND broadcast domain.
>> > > > > v6:
>> > > > > - Address Han's comments:
>> > > > > - remove flooding of ARPs targeting OVN owned IP addresses.
>> > > > > - update ovn-architecture documentation.
>> > > > > - rename ARP handling functions.
>> > > > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take 
>> > > > > into
>> > > > > account the new way of forwarding ARPs.
>> > > > > - Also, properly deal with ARP packets on VLAN-backed networks.
>> > > > > v5: Address Numan's comments: update comments & make autotest more
>> > > > > robust.
>> > > > > v4: Rebase.
>> > > > > v3: Properly deal with VXLAN traffic. Address review comments from
>> > > > > Numan (add autotests). Fix function get_router_load_balancer_ips.
>> > > > > Rebase -> deal with IPv6 NAT too.
>> > > > > v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP 
>> > > > > to
>> > > > > address localnet ports too.
>> > > > > ---
>> > > > >  northd/ovn-northd.8.xml |   14 ++
>> > > > >  northd/ovn-northd.c |  230 +++
>> > > > >  ovn-architecture.7.xml  |   19 +++
>> > > > >  tests/ovn.at|  307 
>> > > > > +--
>> > > > >  4 files changed, 530 insertions(+), 40 deletions(-)
>> > > > >
>> > > > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
>> > > > > index 0a33dcd..344cc0d 100644
>> > > > > --- a/northd/ovn-northd.8.xml
>> > > > > +++ b/northd/ovn-northd.8.xml
>> > > > > @@ -1005,6 +1005,20 @@ output;
>> > > > >
>> > > > >
>> > > > >
>> > > > > +Priority-80 flows for each port connected to a logical 
>> > > > > router
>> > > > > +matching self originated GARP/ARP request/ND packets. These 
>> > > > > packets
>> > > > > +are flooded to the MC_FLOOD which contains all 
>> > > > > logical
>> > > > > +ports.
>> > > > > +  
>> > > > > +
>> > > > > +  
>> > > > > +Priority-75 flows for each IP address/VIP/NAT address owned 
>> > > > > by a
>> > > > > +router port connected to the switch. These flows match ARP 
>> > > > > requests
>> > > > > +and ND packets for the specific IP addresses.  Matched 
>> > > > > packets are
>> > > > > +forwarded only to the router that owns the IP address.
>> > > > > +  
>> > > > > +
>> > > > > +  
>> > > > >  A priority-70 flow that outputs all packets with an 
>> > > > > Ethernet broadcast
>> > > > >  or multicast eth.dst to the 
>> > > > > MC_FLOOD
>> > > > >  multicast group.
>> > > > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
>> > > > > index 32f3200..d6beb97 100644
>> > > > > --- a/northd/ovn-northd.c
>> > > > > +++ b/northd/ovn-northd.c
>> > > > > @@ -210,6 +210,8 @@ enum ovn_stage {
>> > > > >  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
>> > > > >

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-13 Thread Han Zhou

On Wed, Nov 13, 2019 at 2:42 AM Dumitru Ceara  wrote:

> On Tue, Nov 12, 2019 at 8:50 PM Han Zhou  wrote:
> >
> >
> >
> >
> > On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara 
> wrote:
> > >
> > > On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
> > > >
> > > >
> > > >
> > > > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara 
> wrote:
> > > > >
> > > > > ARP request and ND NS packets for router owned IPs were being
> > > > > flooded in the complete L2 domain (using the MC_FLOOD multicast
> group).
> > > > > However this creates a scaling issue in scenarios where aggregation
> > > > > logical switches are connected to more logical routers (~350). The
> > > > > logical pipelines of all routers would have to be executed before
> the
> > > > > packet is finally replied to by a single router, the owner of the
> IP
> > > > > address.
> > > > >
> > > > > This commit limits the broadcast domain by bypassing the L2 Lookup
> stage
> > > > > for ARP requests that will be replied by a single router. The
> packets
> > > > > are forwarded only to the router port that owns the target IP
> address.
> > > > >
> > > > > IPs that are owned by the routers and for which this fix applies
> are:
> > > > > - IP addresses configured on the router ports.
> > > > > - VIPs.
> > > > > - NAT IPs.
> > > > >
> > > > > Reported-at: https://bugzilla.redhat.com/1756945
> > > > > Reported-by: Anil Venkata 
> > > > > Signed-off-by: Dumitru Ceara 
> > > > >
> > > > > ---
> > > > > v7:
> > > > > - Address Han's comments:
> > > > > - Remove flooding for all ARPs received on VLAN networks. To
> avoid
> > > > >   that we now identify self originated (G)ARPs by matching on
> source
> > > > >   MAC address too.
> > > > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> > > > > - Fix ovn-sb manpage.
> > > > > - Split patch in a series of 2:
> > > > > - patch1: fixes the get_router_load_balancer_ips() function.
> > > > > - patch2: limits the ARP/ND broadcast domain.
> > > > > v6:
> > > > > - Address Han's comments:
> > > > > - remove flooding of ARPs targeting OVN owned IP addresses.
> > > > > - update ovn-architecture documentation.
> > > > > - rename ARP handling functions.
> > > > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to
> take into
> > > > > account the new way of forwarding ARPs.
> > > > > - Also, properly deal with ARP packets on VLAN-backed networks.
> > > > > v5: Address Numan's comments: update comments & make autotest more
> > > > > robust.
> > > > > v4: Rebase.
> > > > > v3: Properly deal with VXLAN traffic. Address review comments from
> > > > > Numan (add autotests). Fix function
> get_router_load_balancer_ips.
> > > > > Rebase -> deal with IPv6 NAT too.
> > > > > v2: Move ARP broadcast domain limiting to table
> S_SWITCH_IN_L2_LKUP to
> > > > > address localnet ports too.
> > > > > ---
> > > > >  northd/ovn-northd.8.xml |   14 ++
> > > > >  northd/ovn-northd.c |  230 +++
> > > > >  ovn-architecture.7.xml  |   19 +++
> > > > >  tests/ovn.at|  307
> +--
> > > > >  4 files changed, 530 insertions(+), 40 deletions(-)
> > > > >
> > > > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> > > > > index 0a33dcd..344cc0d 100644
> > > > > --- a/northd/ovn-northd.8.xml
> > > > > +++ b/northd/ovn-northd.8.xml
> > > > > @@ -1005,6 +1005,20 @@ output;
> > > > >
> > > > >
> > > > >
> > > > > +Priority-80 flows for each port connected to a logical
> router
> > > > > +matching self originated GARP/ARP request/ND packets.
> These packets
> > > > > +are flooded to the MC_FLOOD which contains
> all logical
> > > > > +ports.
> > > > > +  
> > > > > +
> > > > > +  
> > > > > +Priority-75 flows for each IP address/VIP/NAT address
> owned by a
> > > > > +router port connected to the switch. These flows match
> ARP requests
> > > > > +and ND packets for the specific IP addresses.  Matched
> packets are
> > > > > +forwarded only to the router that owns the IP address.
> > > > > +  
> > > > > +
> > > > > +  
> > > > >  A priority-70 flow that outputs all packets with an
> Ethernet broadcast
> > > > >  or multicast eth.dst to the
> MC_FLOOD
> > > > >  multicast group.
> > > > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> > > > > index 32f3200..d6beb97 100644
> > > > > --- a/northd/ovn-northd.c
> > > > > +++ b/northd/ovn-northd.c
> > > > > @@ -210,6 +210,8 @@ enum ovn_stage {
> > > > >  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
> > > > >  #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
> > > > >
> > > > > +#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
> > > > > +
> > > > >  /* Returns an "enum ovn_stage" built from the arguments. */
> > > > >  static enum ovn_stage
> > > > >  ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline
> pipeline,
> > >

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-13 Thread Dumitru Ceara

On Tue, Nov 12, 2019 at 8:50 PM Han Zhou  wrote:
>
>
>
>
> On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara  wrote:
> >
> > On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
> > >
> > >
> > >
> > > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  wrote:
> > > >
> > > > ARP request and ND NS packets for router owned IPs were being
> > > > flooded in the complete L2 domain (using the MC_FLOOD multicast group).
> > > > However this creates a scaling issue in scenarios where aggregation
> > > > logical switches are connected to more logical routers (~350). The
> > > > logical pipelines of all routers would have to be executed before the
> > > > packet is finally replied to by a single router, the owner of the IP
> > > > address.
> > > >
> > > > This commit limits the broadcast domain by bypassing the L2 Lookup stage
> > > > for ARP requests that will be replied by a single router. The packets
> > > > are forwarded only to the router port that owns the target IP address.
> > > >
> > > > IPs that are owned by the routers and for which this fix applies are:
> > > > - IP addresses configured on the router ports.
> > > > - VIPs.
> > > > - NAT IPs.
> > > >
> > > > Reported-at: https://bugzilla.redhat.com/1756945
> > > > Reported-by: Anil Venkata 
> > > > Signed-off-by: Dumitru Ceara 
> > > >
> > > > ---
> > > > v7:
> > > > - Address Han's comments:
> > > > - Remove flooding for all ARPs received on VLAN networks. To avoid
> > > >   that we now identify self originated (G)ARPs by matching on source
> > > >   MAC address too.
> > > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> > > > - Fix ovn-sb manpage.
> > > > - Split patch in a series of 2:
> > > > - patch1: fixes the get_router_load_balancer_ips() function.
> > > > - patch2: limits the ARP/ND broadcast domain.
> > > > v6:
> > > > - Address Han's comments:
> > > > - remove flooding of ARPs targeting OVN owned IP addresses.
> > > > - update ovn-architecture documentation.
> > > > - rename ARP handling functions.
> > > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take 
> > > > into
> > > > account the new way of forwarding ARPs.
> > > > - Also, properly deal with ARP packets on VLAN-backed networks.
> > > > v5: Address Numan's comments: update comments & make autotest more
> > > > robust.
> > > > v4: Rebase.
> > > > v3: Properly deal with VXLAN traffic. Address review comments from
> > > > Numan (add autotests). Fix function get_router_load_balancer_ips.
> > > > Rebase -> deal with IPv6 NAT too.
> > > > v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP to
> > > > address localnet ports too.
> > > > ---
> > > >  northd/ovn-northd.8.xml |   14 ++
> > > >  northd/ovn-northd.c |  230 +++
> > > >  ovn-architecture.7.xml  |   19 +++
> > > >  tests/ovn.at|  307 
> > > > +--
> > > >  4 files changed, 530 insertions(+), 40 deletions(-)
> > > >
> > > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> > > > index 0a33dcd..344cc0d 100644
> > > > --- a/northd/ovn-northd.8.xml
> > > > +++ b/northd/ovn-northd.8.xml
> > > > @@ -1005,6 +1005,20 @@ output;
> > > >
> > > >
> > > >
> > > > +Priority-80 flows for each port connected to a logical router
> > > > +matching self originated GARP/ARP request/ND packets. These 
> > > > packets
> > > > +are flooded to the MC_FLOOD which contains all 
> > > > logical
> > > > +ports.
> > > > +  
> > > > +
> > > > +  
> > > > +Priority-75 flows for each IP address/VIP/NAT address owned by 
> > > > a
> > > > +router port connected to the switch. These flows match ARP 
> > > > requests
> > > > +and ND packets for the specific IP addresses.  Matched packets 
> > > > are
> > > > +forwarded only to the router that owns the IP address.
> > > > +  
> > > > +
> > > > +  
> > > >  A priority-70 flow that outputs all packets with an Ethernet 
> > > > broadcast
> > > >  or multicast eth.dst to the MC_FLOOD
> > > >  multicast group.
> > > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> > > > index 32f3200..d6beb97 100644
> > > > --- a/northd/ovn-northd.c
> > > > +++ b/northd/ovn-northd.c
> > > > @@ -210,6 +210,8 @@ enum ovn_stage {
> > > >  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
> > > >  #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
> > > >
> > > > +#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
> > > > +
> > > >  /* Returns an "enum ovn_stage" built from the arguments. */
> > > >  static enum ovn_stage
> > > >  ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline 
> > > > pipeline,
> > > > @@ -1202,6 +1204,34 @@ ovn_port_allocate_key(struct ovn_datapath *od)
> > > >1, (1u << 15) - 1, >port_key_hint);
> > > >  }
> > > >
> > > > +/* Returns true if the logical switch port 'enabled' column is

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-12 Thread Han Zhou

On Tue, Nov 12, 2019 at 10:10 AM Dumitru Ceara  wrote:
>
> On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
> >
> >
> >
> > On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  wrote:
> > >
> > > ARP request and ND NS packets for router owned IPs were being
> > > flooded in the complete L2 domain (using the MC_FLOOD multicast
group).
> > > However this creates a scaling issue in scenarios where aggregation
> > > logical switches are connected to more logical routers (~350). The
> > > logical pipelines of all routers would have to be executed before the
> > > packet is finally replied to by a single router, the owner of the IP
> > > address.
> > >
> > > This commit limits the broadcast domain by bypassing the L2 Lookup
stage
> > > for ARP requests that will be replied by a single router. The packets
> > > are forwarded only to the router port that owns the target IP address.
> > >
> > > IPs that are owned by the routers and for which this fix applies are:
> > > - IP addresses configured on the router ports.
> > > - VIPs.
> > > - NAT IPs.
> > >
> > > Reported-at: https://bugzilla.redhat.com/1756945
> > > Reported-by: Anil Venkata 
> > > Signed-off-by: Dumitru Ceara 
> > >
> > > ---
> > > v7:
> > > - Address Han's comments:
> > > - Remove flooding for all ARPs received on VLAN networks. To avoid
> > >   that we now identify self originated (G)ARPs by matching on
source
> > >   MAC address too.
> > > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> > > - Fix ovn-sb manpage.
> > > - Split patch in a series of 2:
> > > - patch1: fixes the get_router_load_balancer_ips() function.
> > > - patch2: limits the ARP/ND broadcast domain.
> > > v6:
> > > - Address Han's comments:
> > > - remove flooding of ARPs targeting OVN owned IP addresses.
> > > - update ovn-architecture documentation.
> > > - rename ARP handling functions.
> > > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take
into
> > > account the new way of forwarding ARPs.
> > > - Also, properly deal with ARP packets on VLAN-backed networks.
> > > v5: Address Numan's comments: update comments & make autotest more
> > > robust.
> > > v4: Rebase.
> > > v3: Properly deal with VXLAN traffic. Address review comments from
> > > Numan (add autotests). Fix function get_router_load_balancer_ips.
> > > Rebase -> deal with IPv6 NAT too.
> > > v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP to
> > > address localnet ports too.
> > > ---
> > >  northd/ovn-northd.8.xml |   14 ++
> > >  northd/ovn-northd.c |  230 +++
> > >  ovn-architecture.7.xml  |   19 +++
> > >  tests/ovn.at|  307
+--
> > >  4 files changed, 530 insertions(+), 40 deletions(-)
> > >
> > > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> > > index 0a33dcd..344cc0d 100644
> > > --- a/northd/ovn-northd.8.xml
> > > +++ b/northd/ovn-northd.8.xml
> > > @@ -1005,6 +1005,20 @@ output;
> > >
> > >
> > >
> > > +Priority-80 flows for each port connected to a logical router
> > > +matching self originated GARP/ARP request/ND packets. These
packets
> > > +are flooded to the MC_FLOOD which contains all
logical
> > > +ports.
> > > +  
> > > +
> > > +  
> > > +Priority-75 flows for each IP address/VIP/NAT address owned
by a
> > > +router port connected to the switch. These flows match ARP
requests
> > > +and ND packets for the specific IP addresses.  Matched
packets are
> > > +forwarded only to the router that owns the IP address.
> > > +  
> > > +
> > > +  
> > >  A priority-70 flow that outputs all packets with an Ethernet
broadcast
> > >  or multicast eth.dst to the
MC_FLOOD
> > >  multicast group.
> > > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> > > index 32f3200..d6beb97 100644
> > > --- a/northd/ovn-northd.c
> > > +++ b/northd/ovn-northd.c
> > > @@ -210,6 +210,8 @@ enum ovn_stage {
> > >  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
> > >  #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
> > >
> > > +#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
> > > +
> > >  /* Returns an "enum ovn_stage" built from the arguments. */
> > >  static enum ovn_stage
> > >  ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline
pipeline,
> > > @@ -1202,6 +1204,34 @@ ovn_port_allocate_key(struct ovn_datapath *od)
> > >1, (1u << 15) - 1, >port_key_hint);
> > >  }
> > >
> > > +/* Returns true if the logical switch port 'enabled' column is empty
or
> > > + * set to true.  Otherwise, returns false. */
> > > +static bool
> > > +lsp_is_enabled(const struct nbrec_logical_switch_port *lsp)
> > > +{
> > > +return !lsp->n_enabled || *lsp->enabled;
> > > +}
> > > +
> > > +/* Returns true only if the logical switch port 'up' column is set
to true.
> > > + * Otherwise, if the column is

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-12 Thread Dumitru Ceara

On Tue, Nov 12, 2019 at 6:17 PM Han Zhou  wrote:
>
>
>
> On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  wrote:
> >
> > ARP request and ND NS packets for router owned IPs were being
> > flooded in the complete L2 domain (using the MC_FLOOD multicast group).
> > However this creates a scaling issue in scenarios where aggregation
> > logical switches are connected to more logical routers (~350). The
> > logical pipelines of all routers would have to be executed before the
> > packet is finally replied to by a single router, the owner of the IP
> > address.
> >
> > This commit limits the broadcast domain by bypassing the L2 Lookup stage
> > for ARP requests that will be replied by a single router. The packets
> > are forwarded only to the router port that owns the target IP address.
> >
> > IPs that are owned by the routers and for which this fix applies are:
> > - IP addresses configured on the router ports.
> > - VIPs.
> > - NAT IPs.
> >
> > Reported-at: https://bugzilla.redhat.com/1756945
> > Reported-by: Anil Venkata 
> > Signed-off-by: Dumitru Ceara 
> >
> > ---
> > v7:
> > - Address Han's comments:
> > - Remove flooding for all ARPs received on VLAN networks. To avoid
> >   that we now identify self originated (G)ARPs by matching on source
> >   MAC address too.
> > - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> > - Fix ovn-sb manpage.
> > - Split patch in a series of 2:
> > - patch1: fixes the get_router_load_balancer_ips() function.
> > - patch2: limits the ARP/ND broadcast domain.
> > v6:
> > - Address Han's comments:
> > - remove flooding of ARPs targeting OVN owned IP addresses.
> > - update ovn-architecture documentation.
> > - rename ARP handling functions.
> > - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take into
> > account the new way of forwarding ARPs.
> > - Also, properly deal with ARP packets on VLAN-backed networks.
> > v5: Address Numan's comments: update comments & make autotest more
> > robust.
> > v4: Rebase.
> > v3: Properly deal with VXLAN traffic. Address review comments from
> > Numan (add autotests). Fix function get_router_load_balancer_ips.
> > Rebase -> deal with IPv6 NAT too.
> > v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP to
> > address localnet ports too.
> > ---
> >  northd/ovn-northd.8.xml |   14 ++
> >  northd/ovn-northd.c |  230 +++
> >  ovn-architecture.7.xml  |   19 +++
> >  tests/ovn.at|  307 
> > +--
> >  4 files changed, 530 insertions(+), 40 deletions(-)
> >
> > diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> > index 0a33dcd..344cc0d 100644
> > --- a/northd/ovn-northd.8.xml
> > +++ b/northd/ovn-northd.8.xml
> > @@ -1005,6 +1005,20 @@ output;
> >
> >
> >
> > +Priority-80 flows for each port connected to a logical router
> > +matching self originated GARP/ARP request/ND packets. These packets
> > +are flooded to the MC_FLOOD which contains all logical
> > +ports.
> > +  
> > +
> > +  
> > +Priority-75 flows for each IP address/VIP/NAT address owned by a
> > +router port connected to the switch. These flows match ARP requests
> > +and ND packets for the specific IP addresses.  Matched packets are
> > +forwarded only to the router that owns the IP address.
> > +  
> > +
> > +  
> >  A priority-70 flow that outputs all packets with an Ethernet 
> > broadcast
> >  or multicast eth.dst to the MC_FLOOD
> >  multicast group.
> > diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> > index 32f3200..d6beb97 100644
> > --- a/northd/ovn-northd.c
> > +++ b/northd/ovn-northd.c
> > @@ -210,6 +210,8 @@ enum ovn_stage {
> >  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
> >  #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
> >
> > +#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
> > +
> >  /* Returns an "enum ovn_stage" built from the arguments. */
> >  static enum ovn_stage
> >  ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline pipeline,
> > @@ -1202,6 +1204,34 @@ ovn_port_allocate_key(struct ovn_datapath *od)
> >1, (1u << 15) - 1, >port_key_hint);
> >  }
> >
> > +/* Returns true if the logical switch port 'enabled' column is empty or
> > + * set to true.  Otherwise, returns false. */
> > +static bool
> > +lsp_is_enabled(const struct nbrec_logical_switch_port *lsp)
> > +{
> > +return !lsp->n_enabled || *lsp->enabled;
> > +}
> > +
> > +/* Returns true only if the logical switch port 'up' column is set to true.
> > + * Otherwise, if the column is not set or set to false, returns false. */
> > +static bool
> > +lsp_is_up(const struct nbrec_logical_switch_port *lsp)
> > +{
> > +return lsp->n_up && *lsp->up;
> > +}
> > +
> > +static bool
> > +lsp_is_external(const struct nbrec_logical_switch_port *nbsp)
> > +{
> > +

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-12 Thread Han Zhou

On Tue, Nov 12, 2019 at 2:29 AM Dumitru Ceara  wrote:
>
> ARP request and ND NS packets for router owned IPs were being
> flooded in the complete L2 domain (using the MC_FLOOD multicast group).
> However this creates a scaling issue in scenarios where aggregation
> logical switches are connected to more logical routers (~350). The
> logical pipelines of all routers would have to be executed before the
> packet is finally replied to by a single router, the owner of the IP
> address.
>
> This commit limits the broadcast domain by bypassing the L2 Lookup stage
> for ARP requests that will be replied by a single router. The packets
> are forwarded only to the router port that owns the target IP address.
>
> IPs that are owned by the routers and for which this fix applies are:
> - IP addresses configured on the router ports.
> - VIPs.
> - NAT IPs.
>
> Reported-at: https://bugzilla.redhat.com/1756945
> Reported-by: Anil Venkata 
> Signed-off-by: Dumitru Ceara 
>
> ---
> v7:
> - Address Han's comments:
> - Remove flooding for all ARPs received on VLAN networks. To avoid
>   that we now identify self originated (G)ARPs by matching on source
>   MAC address too.
> - Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
> - Fix ovn-sb manpage.
> - Split patch in a series of 2:
> - patch1: fixes the get_router_load_balancer_ips() function.
> - patch2: limits the ARP/ND broadcast domain.
> v6:
> - Address Han's comments:
> - remove flooding of ARPs targeting OVN owned IP addresses.
> - update ovn-architecture documentation.
> - rename ARP handling functions.
> - Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take into
> account the new way of forwarding ARPs.
> - Also, properly deal with ARP packets on VLAN-backed networks.
> v5: Address Numan's comments: update comments & make autotest more
> robust.
> v4: Rebase.
> v3: Properly deal with VXLAN traffic. Address review comments from
> Numan (add autotests). Fix function get_router_load_balancer_ips.
> Rebase -> deal with IPv6 NAT too.
> v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP to
> address localnet ports too.
> ---
>  northd/ovn-northd.8.xml |   14 ++
>  northd/ovn-northd.c |  230 +++
>  ovn-architecture.7.xml  |   19 +++
>  tests/ovn.at|  307
+--
>  4 files changed, 530 insertions(+), 40 deletions(-)
>
> diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
> index 0a33dcd..344cc0d 100644
> --- a/northd/ovn-northd.8.xml
> +++ b/northd/ovn-northd.8.xml
> @@ -1005,6 +1005,20 @@ output;
>
>
>
> +Priority-80 flows for each port connected to a logical router
> +matching self originated GARP/ARP request/ND packets. These
packets
> +are flooded to the MC_FLOOD which contains all
logical
> +ports.
> +  
> +
> +  
> +Priority-75 flows for each IP address/VIP/NAT address owned by a
> +router port connected to the switch. These flows match ARP
requests
> +and ND packets for the specific IP addresses.  Matched packets
are
> +forwarded only to the router that owns the IP address.
> +  
> +
> +  
>  A priority-70 flow that outputs all packets with an Ethernet
broadcast
>  or multicast eth.dst to the MC_FLOOD
>  multicast group.
> diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
> index 32f3200..d6beb97 100644
> --- a/northd/ovn-northd.c
> +++ b/northd/ovn-northd.c
> @@ -210,6 +210,8 @@ enum ovn_stage {
>  #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
>  #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
>
> +#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
> +
>  /* Returns an "enum ovn_stage" built from the arguments. */
>  static enum ovn_stage
>  ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline
pipeline,
> @@ -1202,6 +1204,34 @@ ovn_port_allocate_key(struct ovn_datapath *od)
>1, (1u << 15) - 1, >port_key_hint);
>  }
>
> +/* Returns true if the logical switch port 'enabled' column is empty or
> + * set to true.  Otherwise, returns false. */
> +static bool
> +lsp_is_enabled(const struct nbrec_logical_switch_port *lsp)
> +{
> +return !lsp->n_enabled || *lsp->enabled;
> +}
> +
> +/* Returns true only if the logical switch port 'up' column is set to
true.
> + * Otherwise, if the column is not set or set to false, returns false. */
> +static bool
> +lsp_is_up(const struct nbrec_logical_switch_port *lsp)
> +{
> +return lsp->n_up && *lsp->up;
> +}
> +
> +static bool
> +lsp_is_external(const struct nbrec_logical_switch_port *nbsp)
> +{
> +return !strcmp(nbsp->type, "external");
> +}
> +
> +static bool
> +lrport_is_enabled(const struct nbrec_logical_router_port *lrport)
> +{
> +return !lrport->enabled || *lrport->enabled;
> +}
> +
>  static char *
>  chassis_redirect_name(const char *port_name)
>  {
> @@ -3750,28 +3780,6 @@

[ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

2019-11-12 Thread Dumitru Ceara

ARP request and ND NS packets for router owned IPs were being
flooded in the complete L2 domain (using the MC_FLOOD multicast group).
However this creates a scaling issue in scenarios where aggregation
logical switches are connected to more logical routers (~350). The
logical pipelines of all routers would have to be executed before the
packet is finally replied to by a single router, the owner of the IP
address.

This commit limits the broadcast domain by bypassing the L2 Lookup stage
for ARP requests that will be replied by a single router. The packets
are forwarded only to the router port that owns the target IP address.

IPs that are owned by the routers and for which this fix applies are:
- IP addresses configured on the router ports.
- VIPs.
- NAT IPs.

Reported-at: https://bugzilla.redhat.com/1756945
Reported-by: Anil Venkata 
Signed-off-by: Dumitru Ceara 

---
v7:
- Address Han's comments:
- Remove flooding for all ARPs received on VLAN networks. To avoid
  that we now identify self originated (G)ARPs by matching on source
  MAC address too.
- Rename REGBIT_NOT_VXLAN to FLAGBIT_NOT_VXLAN.
- Fix ovn-sb manpage.
- Split patch in a series of 2:
- patch1: fixes the get_router_load_balancer_ips() function.
- patch2: limits the ARP/ND broadcast domain.
v6:
- Address Han's comments:
- remove flooding of ARPs targeting OVN owned IP addresses.
- update ovn-architecture documentation.
- rename ARP handling functions.
- Adapt "ovn -- 3 HVs, 3 LS, 3 lports/LS, 1 LR" autotest to take into
account the new way of forwarding ARPs.
- Also, properly deal with ARP packets on VLAN-backed networks.
v5: Address Numan's comments: update comments & make autotest more
robust.
v4: Rebase.
v3: Properly deal with VXLAN traffic. Address review comments from
Numan (add autotests). Fix function get_router_load_balancer_ips.
Rebase -> deal with IPv6 NAT too.
v2: Move ARP broadcast domain limiting to table S_SWITCH_IN_L2_LKUP to
address localnet ports too.
---
 northd/ovn-northd.8.xml |   14 ++
 northd/ovn-northd.c |  230 +++
 ovn-architecture.7.xml  |   19 +++
 tests/ovn.at|  307 +--
 4 files changed, 530 insertions(+), 40 deletions(-)

diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
index 0a33dcd..344cc0d 100644
--- a/northd/ovn-northd.8.xml
+++ b/northd/ovn-northd.8.xml
@@ -1005,6 +1005,20 @@ output;
   
 
   
+Priority-80 flows for each port connected to a logical router
+matching self originated GARP/ARP request/ND packets. These packets
+are flooded to the MC_FLOOD which contains all logical
+ports.
+  
+
+  
+Priority-75 flows for each IP address/VIP/NAT address owned by a
+router port connected to the switch. These flows match ARP requests
+and ND packets for the specific IP addresses.  Matched packets are
+forwarded only to the router that owns the IP address.
+  
+
+  
 A priority-70 flow that outputs all packets with an Ethernet broadcast
 or multicast eth.dst to the MC_FLOOD
 multicast group.
diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index 32f3200..d6beb97 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -210,6 +210,8 @@ enum ovn_stage {
 #define REGBIT_LOOKUP_NEIGHBOR_RESULT "reg9[4]"
 #define REGBIT_SKIP_LOOKUP_NEIGHBOR "reg9[5]"
 
+#define FLAGBIT_NOT_VXLAN "flags[1] == 0"
+
 /* Returns an "enum ovn_stage" built from the arguments. */
 static enum ovn_stage
 ovn_stage_build(enum ovn_datapath_type dp_type, enum ovn_pipeline pipeline,
@@ -1202,6 +1204,34 @@ ovn_port_allocate_key(struct ovn_datapath *od)
   1, (1u << 15) - 1, >port_key_hint);
 }
 
+/* Returns true if the logical switch port 'enabled' column is empty or
+ * set to true.  Otherwise, returns false. */
+static bool
+lsp_is_enabled(const struct nbrec_logical_switch_port *lsp)
+{
+return !lsp->n_enabled || *lsp->enabled;
+}
+
+/* Returns true only if the logical switch port 'up' column is set to true.
+ * Otherwise, if the column is not set or set to false, returns false. */
+static bool
+lsp_is_up(const struct nbrec_logical_switch_port *lsp)
+{
+return lsp->n_up && *lsp->up;
+}
+
+static bool
+lsp_is_external(const struct nbrec_logical_switch_port *nbsp)
+{
+return !strcmp(nbsp->type, "external");
+}
+
+static bool
+lrport_is_enabled(const struct nbrec_logical_router_port *lrport)
+{
+return !lrport->enabled || *lrport->enabled;
+}
+
 static char *
 chassis_redirect_name(const char *port_name)
 {
@@ -3750,28 +3780,6 @@ build_port_security_ip(enum ovn_pipeline pipeline, 
struct ovn_port *op,
 
 }
 
-/* Returns true if the logical switch port 'enabled' column is empty or
- * set to true.  Otherwise, returns false. */
-static bool
-lsp_is_enabled(const struct nbrec_logical_switch_port *lsp)
-{
-return !lsp->n_enabled ||

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

Re: [ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

[ovs-dev] [PATCH v7 ovn 2/2] ovn-northd: Limit ARP/ND broadcast domain whenever possible.

9 matches

Site Navigation

Mail list logo

Footer information