It takes some time for vswitchd to remove the blocking flows, so we need
to wait for the flow_mod message handled before reinjecting the received
RARP packet into the pipeline.
Use a barrier to indicate the message processed by vswitchd.
Signed-off-by: Ihar Hrachyshka
---
controller/pinctrl.c
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 180
A next patch may need to clone packets to another chassis as part of
"port migration" procedure, but only if they haven't originated at
another chassis. This LOCAL_ONLY tag will enforce the requirement.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 1 +
1 file changed, 1
In a future patch, there will be a scenario where the same port has
attachments at multiple (specifically, 2) chassis, so make sure that
'up' property is updated by the main chassis only.
Signed-off-by: Ihar Hrachyshka
---
controller/binding.c| 10 +++---
controller/binding.h
Right now consider_port_binding first extracts *a* tunnel for a
chassis, then later in put_remote_port_redirect_overlay it fetches
*the* proper tunnel before configuring encapsulation.
Instead of doing it in two steps, just extract the proper tunnel info
earlier.
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 50 ---
1 file changed, 19 insertions(+), 31 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index e0afd83ab..dea7dc1c2 100644
--- a/controller/physical.c
+++ b/controller
This helper prepares a 'match' struct to match against a datapath and
a port key. All existing spots in the file that use such a 'match'
struct were updated. It will also be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 65
The ovn_port_update_sbrec function became too long, and the next
patches will touch the code to update chassis mapping for ports. This
patch prepares for the next step.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 62 -
1 file changed, 36
Next patches will need the same functionality while passing a
different chassis / encap configuration that is not the primary for a
port binding.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/controller
This function will be reused later.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/northd/northd.c b/northd/northd.c
index fc7a64f99..0f694cb2d 100644
--- a/northd/northd.c
+++ b/northd/northd.c
This tiny helper will be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index 6bfa2304d..3a7fbfb21 100644
--- a/controller/physical.c
+++ b
) while waiting on the desired packets to arrive.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 5d587dde2..bbba41af4 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -52,6 +52,17
as the diff between them in this situation.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 957eb7850..5d587dde2 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -10,7 +10,19
This version of the series is complete. It contains the previously
missing ddlog implementation; also RARP that is used for additional
chassis activation is now reinjected into the pipeline after blocking
flows are deleted by vswitchd.
Ihar Hrachyshka (16):
tests: log more info
he port.
Signed-off-by: Ihar Hrachyshka
---
v2: support ddlog
---
controller/physical.c | 74 +++
controller/pinctrl.c | 161 +-
controller/pinctrl.h | 2 +
include/ovn/actions.h | 9 +++
lib/actions.c | 40 ++-
northd/
at the moment of the final port binding location change.
The patch mimics behavior of requested-chassis. Corresponding database
fields (pb->additional_chassis, pb->requested_additional_chassis,
pb->additional_encap) are introduced as part of the patch.
Signed-off-by: Ihar Hrachyshka
---
v2: support
It takes some time for vswitchd to remove the blocking flows, so we need
to wait for the flow_mod message handled before reinjecting the received
RARP packet into the pipeline.
Use a barrier to indicate the message processed by vswitchd.
Signed-off-by: Ihar Hrachyshka
---
controller/pinctrl.c
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 180
of the port.
Ihar Hrachyshka (5):
Introduce LSP:options:requested-additional-chassis
Clone packets to both port chassis
Enforce tunneling when additional-chassis is set
Implement RARP activation strategy for ports
Reinject RARP packet when activation-strategy=rarp
controller/binding.c
chassis. When the sending port is bound
on either the main or additional chassis, then handle the packet
locally plus send it to the other chassis.
This is achieved with additional flows in tables 37 and 38.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 180
he port.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 74 +++
controller/pinctrl.c | 161 +-
controller/pinctrl.h | 2 +
include/ovn/actions.h | 9 +++
lib/actions.c | 40 ++-
northd/northd.c
at the moment of the final port binding location change.
The patch mimics behavior of requested-chassis. Corresponding database
fields (pb->additional_chassis, pb->requested_additional_chassis,
pb->additional_encap) are introduced as part of the patch.
Signed-off-by: Ihar Hrachyshka
---
c
In a future patch, there will be a scenario where the same port has
attachments at multiple (specifically, 2) chassis, so make sure that
'up' property is updated by the main chassis only.
Signed-off-by: Ihar Hrachyshka
---
controller/binding.c| 10 +++---
controller/binding.h
When additional-chassis is set, we cannot guarantee the upstream
switch to deliver a unicast packet sent through a localnet port to
both port chassis locations (pb->chassis and pb->additional_chassis).
To deliver packets to both locations, switch to tunneling.
Signed-off-by: Ihar Hrac
Next patches will need the same functionality while passing a
different chassis / encap configuration that is not the primary for a
port binding.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 13 ++---
1 file changed, 6 insertions(+), 7 deletions(-)
diff --git a/controller
A next patch may need to clone packets to another chassis as part of
"port migration" procedure, but only if they haven't originated at
another chassis. This LOCAL_ONLY tag will enforce the requirement.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 1 +
1 file changed, 1
This helper prepares a 'match' struct to match against a datapath and
a port key. All existing spots in the file that use such a 'match'
struct were updated. It will also be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 65
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 28 +---
1 file changed, 17 insertions(+), 11 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index e0afd83ab..c47b15f3e 100644
--- a/controller/physical.c
+++ b/controller/physical.c
Right now consider_port_binding first extracts *a* tunnel for a
chassis, then later in put_remote_port_redirect_overlay it fetches
*the* proper tunnel before configuring encapsulation.
Instead of doing it in two steps, just extract the proper tunnel info
earlier.
Signed-off-by: Ihar Hrachyshka
The ovn_port_update_sbrec function became too long, and the next
patches will touch the code to update chassis mapping for ports. This
patch prepares for the next step.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 62 -
1 file changed, 36
This function will be reused later.
Signed-off-by: Ihar Hrachyshka
---
northd/northd.c | 21 +++--
1 file changed, 15 insertions(+), 6 deletions(-)
diff --git a/northd/northd.c b/northd/northd.c
index fc7a64f99..0f694cb2d 100644
--- a/northd/northd.c
+++ b/northd/northd.c
) while waiting on the desired packets to arrive.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 14 --
1 file changed, 12 insertions(+), 2 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 5d587dde2..bbba41af4 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -52,6 +52,17
This tiny helper will be reused later.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 9 +++--
1 file changed, 7 insertions(+), 2 deletions(-)
diff --git a/controller/physical.c b/controller/physical.c
index 6bfa2304d..3a7fbfb21 100644
--- a/controller/physical.c
+++ b
as the diff between them in this situation.
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 24 +++-
1 file changed, 19 insertions(+), 5 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 957eb7850..5d587dde2 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -10,7 +10,19
in added test scenarios.
The only missing part in the series is ddlog support. All but four last
patches in the series don't need any ddlog modifications and can be
merged if ready.
Ihar Hrachyshka (15):
tests: log more info on OVN_CHECK_PACKETS* failure
tests: don't bail from
g
/ activation) If we'd like to have it, the db design (and probably flow
generation code) may require significant adjustment. To simplify
matters, we could model db to allow for >2 chassis but enforce it being
one of 1,2 for the time being until we are ready to support more.
Thoughts on this
-inject
the packet with a continuation pin inside the unblock_migration handler
because there's a lag between delete flow messages queued and applied by
the switch.
TODO: implement ddlog.
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit.
---
controller/binding.c| 39
It was not the intent to change the range of tunnel keys for vtep
setups. If that happens, we should fix it. Perhaps the range is not
touched but the range validation is activated in vtep case. If so, the
validation should be disabled.
Ihar
On 11/8/21 4:57 PM, Vladislav Odintsov wrote:
Hi,
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: fix test case (wrong mac/ip address used)
v3: don't require tcpdump (it's unused in the scenario)
---
controller/physical.c | 2 +-
te
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: fix test case (wrong mac/ip address used)
---
controller/physical.c | 2 +-
tests/ovn.at | 55 ++
of the responder.
Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 2 +-
tests/ovn.at | 60 +++
2 files changed, 61 insertions(+), 1 deletion(-)
diff --git a/
This is correct, thank you for fixing it.
One comment and one question:
1) While the referred patch that suppressed LOCAL_ONLY traffic exposed
the issue, it was always a bug, though affecting a tiny minority of
scenarios.
For example for PD, one can probably imagine a scenario where PD
. (The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added but unused macros
v3:
that are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: fix build (added missing OVN_VXL
. (The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added but unused macros
. (The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: updated docs
v2: removed newly added but unu
that are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
--
v1: initial commit
v2: fix build (added missing OVN_VXL
that are equal or higher than
2 << 11. This was not enforced before, and this patch adds the missing
enforcement rules.
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
---
northd/ov
. (The missing enforcement is an oversight of the
original patch that added support for VXLAN tunnels.)
Fixes: b07f1bc3d068 ("Add VXLAN support for non-VTEP datapath bindings")
Signed-off-by: Ihar Hrachyshka
---
controller-vtep/gateway.c | 2 +
controller/physical.c
, it also covers BFD periodic messages and IPv6
prefix delegation.
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: adjusted new flow priority (153 -> 150)
v2: updated ovn-architecture.5
---
controller/physical.c | 11 +++
ovn-architecture.7.xml | 3 +-
tests/ovn.at |
On Tue, Aug 17, 2021 at 2:20 PM Numan Siddique wrote:
>
> On Fri, Aug 13, 2021 at 10:33 AM Frode Nordahl
> wrote:
> >
> > On Sat, Aug 7, 2021 at 12:20 AM Ihar Hrachyshka wrote:
> > >
> > > When a router port is attached to a localnet switch, sending p
, it also covers BFD periodic messages and IPv6
prefix delegation.
Signed-off-by: Ihar Hrachyshka
---
controller/physical.c | 11 +++
tests/ovn.at | 160 ++
2 files changed, 171 insertions(+)
diff --git a/controller/physical.c b/controller/physical.c
Ihar Hrachyshka wrote:
>
> When a router port is attached to a localnet switch, sending periodic
> RAs through localnet port will confuse upstream router by leaking
> conflicting router advertisements into datacenter network.
>
> Signed-off-by: Ihar Hrachyshka
> ---
> n
When a router port is attached to a localnet switch, sending periodic
RAs through localnet port will confuse upstream router by leaking
conflicting router advertisements into datacenter network.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 5 +-
tests/ovn.at| 156
. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(cherry
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
---
controller/physical.c
. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(cherry
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
---
v1: initial backport.
v2
. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Conflicts:
northd/ovn_northd.dl
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
Acked-by: Mark Michelson
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
(cherry
fabric layer, for both tagged and untagged (tag=0)
localnet ports.
Conflicts:
NEWS
northd/ovn_northd.dl
tests/ovn.at
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 962740bdb3541eb04618ba1d1c912e2985a87b0c)
Change-Id
penstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: set vlan-limit=0 only if it's not no-op
---
controller/ovn-controller.c | 13 ++
tests/ovn.at| 91 +
2 files changed, 104 insertions(+
penstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
v1: initial version
v2: set vlan-limit=0 only if it's not no-op
---
controller/ovn-controller.c | 13 ++
tests/ovn.at| 91 +
2 files changed, 104 insertions(+
ernal port")
Signed-off-by: Ihar Hrachyshka
v1: initial version
v2: fix ddlog test failure by waiting on hv to sync
---
tests/ovn.at | 43 ---
1 file changed, 32 insertions(+), 11 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 93e1a0267.
ernal port")
Signed-off-by: Ihar Hrachyshka
---
tests/ovn.at | 42 +++---
1 file changed, 31 insertions(+), 11 deletions(-)
diff --git a/tests/ovn.at b/tests/ovn.at
index 93e1a0267..9cdf130e9 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -12198,24
59e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddiq
59e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddiq
For the record, there are some integration issues with the backport
that I am working now, please don't merge this version as-is.
Thanks,
Ihar
On Wed, Jul 14, 2021 at 10:07 PM Ihar Hrachyshka wrote:
>
> Recently, we stopped leaking localport traffic through localnet ports
> into fabric
On Wed, Jul 14, 2021 at 8:07 PM Numan Siddique wrote:
>
> On Wed, Jul 14, 2021 at 4:59 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
m localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Reported-at: https://bugzilla.redhat.com/show_bug.cgi?id=1974062
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit 1148580290d0ace803f20aeaa0241dd51c100
On Wed, Jul 14, 2021 at 8:07 PM Numan Siddique wrote:
>
> On Wed, Jul 14, 2021 at 4:59 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
On Wed, Jul 14, 2021 at 11:21 AM Numan Siddique wrote:
>
> On Tue, Jul 13, 2021 at 8:40 PM Ihar Hrachyshka wrote:
> >
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hostin
ow per external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial versi
On Wed, Jul 7, 2021 at 4:16 AM Dumitru Ceara wrote:
>
> On 7/7/21 5:20 AM, Ihar Hrachyshka wrote:
> > Recently, we stopped leaking localport traffic through localnet ports
> > into fabric to avoid unnecessary flipping between chassis hosting the
> > same localport.
>
ow per external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial versi
On Tue, Jul 13, 2021 at 1:50 PM Numan Siddique wrote:
>
> On Fri, Jul 2, 2021 at 4:39 PM Ben Pfaff wrote:
> >
> > On Wed, Jun 23, 2021 at 08:35:19PM -0400, Ihar Hrachyshka wrote:
> > > This allows L3+ ACLs to match against double tagged vlan traffic on
&
ow per external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport
to a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
--
v1: initial vers
ow per external port on the
same datapath that avoids dropping localport traffic.
Fixes: 96959e56d634 ("physical: do not forward traffic from localport to
a localnet one")
[1] https://docs.openstack.org/neutron/latest/admin/ovn/sriov.html
Signed-off-by: Ihar Hrachyshka
-
On Tue, Jun 29, 2021 at 1:18 PM Ben Pfaff wrote:
>
> On Tue, Jun 29, 2021 at 12:50:54PM -0400, Ihar Hrachyshka wrote:
> > On Tue, Jun 29, 2021 at 12:46 PM Ben Pfaff wrote:
> > >
> > > On Tue, Jun 29, 2021 at 12:24:11PM -0400, Ihar Hrachyshka wrote:
> > >
On Tue, Jun 29, 2021 at 12:46 PM Ben Pfaff wrote:
>
> On Tue, Jun 29, 2021 at 12:24:11PM -0400, Ihar Hrachyshka wrote:
> > One, HEAD~, not HEAD, should be used to generate any patches. Two, add
> > "ovn" to the generated mail topic. Third, update branch name to a
>
One, HEAD~, not HEAD, should be used to generate any patches. Two, add
"ovn" to the generated mail topic. Third, update branch name to a
fresh one.
Signed-off-by: Ihar Hrachyshka
---
Documentation/internals/contributing/backporting-patches.rst | 2 +-
1 file changed, 1 insertion(+),
. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Signed-off-by: Ihar Hrachyshka
Signed-off-by: Numan Siddique
(cherry picked from commit ea57f666f6eef1eb1d578f0e975baa14c5d23ec9)
---
northd/ovn-northd.8.xml | 6 ++-
northd/ovn-northd.c | 4
On Fri, Jun 25, 2021 at 5:43 AM Krzysztof Klimonda
wrote:
>
> Hi,
>
> Is this a limitation for a number of logical switches and logical ports that
> are part of networks that use vxlan (for example, by utilizing vtep
> interfaces) or for a total number of LSs and LSPs in a deployment?
It's
It is supported but with a number of limitations. Specifically, the
number of switches, and ports per switch, is limited to 2^11 when
VXLAN is used in a cluster. This is due to design limitations as
described in e.g.:
https://mail.openvswitch.org/pipermail/ovs-dev/2020-March/369201.html
Ihar
On
penstack/puppet-vswitch/commit/14011d69c18e628a3466fa71db25cefb7adff425
Signed-off-by: Ihar Hrachyshka
---
controller/ovn-controller.c | 9
tests/ovn.at| 91 +
2 files changed, 100 insertions(+)
diff --git a/controller/ovn-controller.c b/controller/ovn-controller.c
ind
. Instead, pass ARP and ND requests to the peer port owner and
allow it to reply, if needed.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 4 ++
northd/ovn_northd.dl | 6 ++-
tests/ovn.at | 96
3 files changed, 104 insertions(+), 2
.
This patch documents this behavior and covers it with explicit test
cases.
Signed-off-by: Ihar Hrachyshka
---
northd/ovn-northd.c | 1 +
northd/ovn_northd.dl | 1 +
ovn-nb.xml | 7 +
tests/ovn-northd.at | 66 +---
4 files changed, 71
On Wed, Jun 2, 2021 at 12:22 AM Han Zhou wrote:
>
>
>
> On Tue, Jun 1, 2021 at 12:28 PM Ihar Hrachyshka wrote:
> >
> > On Thu, May 20, 2021 at 9:55 PM Han Zhou wrote:
> > >
> > >
> > >
> > > On Thu, May 20, 2021 at 3:22 PM Han Zhou
orthd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: fixed ddlog rule matching
---
northd/lswitch.dl| 64 +--
northd/ovn-northd.c | 89 ++--
northd/ovn_nort
/stateful rules with overlapping matches.
Signed-off-by: Ihar Hrachyshka
---
ovn-nb.xml | 7 ++-
1 file changed, 6 insertions(+), 1 deletion(-)
diff --git a/ovn-nb.xml b/ovn-nb.xml
index 47f25eac1..63fd61c66 100644
--- a/ovn-nb.xml
+++ b/ovn-nb.xml
@@ -1812,7 +1812,12
allow, insert an early pipeline rule that
would set DEFRAG bit for the corresponding match and priority.
Fixes: 3187b9fef1 ("ovn-northd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: don't unnecessarily map .has_fair_meter
---
an early pipeline rule that would set DEFRAG bit
for the corresponding match and priority.
Fixes: 3187b9fef1 ("ovn-northd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
===
v1: initial commit
v2: document northd flow change
v2: combine two similar ddlog sta
On Thu, May 20, 2021 at 6:22 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > While we *should not* circumvent conntrack when a stateful ACL of higher
> > priority is present on the switch, we should do so only when
> >
On Thu, May 20, 2021 at 9:55 PM Han Zhou wrote:
>
>
>
> On Thu, May 20, 2021 at 3:22 PM Han Zhou wrote:
> >
> >
> >
> > On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> > >
> > > While we *should not* circumvent conntrack w
On Thu, May 20, 2021 at 5:58 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > For each allow-stateless ACL, a rule was added earlier in the pipeline
> > that circumvented setting REGBIT_CONNTRACK_DEFRAG regardless of
>
On Thu, May 20, 2021 at 5:07 PM Han Zhou wrote:
>
>
>
> On Mon, May 17, 2021 at 2:47 PM Ihar Hrachyshka wrote:
> >
> > For each allow-stateless ACL, a rule was added earlier in the pipeline
> > that circumvented setting REGBIT_CONNTRACK_DEFRAG regardless of
> &g
During the irc meeting today, a question of @openstack bot was raised.
We use the bot to manage and log our weekly meetings, and we would
like to continue using it after migration.
I talked to openstack infra folks (specifically, @fungi), and here is
what I am told:
- openstack still hasn't
Is it already time to request exceptions for freeze?
I would like the following bug fixes incorporated in 21.06, all
related to the new allow-stateless ACL:
https://patchwork.ozlabs.org/project/ovn/list/?series=244288
They are a bit involving but I tried to cover each with some test
scenarios
orthd: introduce new allow-stateless ACL verb")
Signed-off-by: Ihar Hrachyshka
---
northd/lswitch.dl| 88 ---
northd/ovn-northd.c | 89 ++--
northd/ovn_northd.dl | 32
tests/ovn-north
501 - 600 of 750 matches
Mail list logo