[ovs-dev] [PATCH] fix match issue for decap when the remote_ip=flow in userspace implementation

Mengke mengke.liu at intel.com
Fri Aug 14 01:19:35 UTC 2015


From: mengke <mengke.liu at intel.com>

In the test the bridge is configured with type "netdev" and the VXLAN port is configured with "options: remote_ip=flow options: key=flow", the VXLAN packets can't be matched for the rule (ovs-ofctl add-flow br-int "priority=200,in_port=2,tun_src=200.2.0.101, ip, actions= drop").

After looking into the code, I found the reason is that when tunnel port is added, the match.wc.masks.nw_src argument is set "OVS_BE32_MAX" in "tnl_port_map_insert" function whether the "options: remote_ip" is set "flow" or constant IP_ADDR. This indicates the remote_ip is compared anyway, but the correct way is that the remote_ip should not be matched in "tnl_port_map_lookup" function when the "options: remote_ip" is set "flow".

The patch with unit test is as following:

---
 lib/tnl-ports.c         |  3 ++-
 tests/ofproto-macros.at | 21 +++++++++++++++++++++
 tests/tunnel.at         | 50 +++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 73 insertions(+), 1 deletion(-)

diff --git a/lib/tnl-ports.c b/lib/tnl-ports.c
index a0a73c8..dc1ab01 100644
--- a/lib/tnl-ports.c
+++ b/lib/tnl-ports.c
@@ -97,7 +97,8 @@ tnl_port_map_insert(odp_port_t port, ovs_be32 ip_dst, ovs_be16 udp_port,
         match.wc.masks.nw_proto = 0xff;
         match.wc.masks.nw_frag = 0xff;      /* XXX: No fragments support. */
         match.wc.masks.tp_dst = OVS_BE16_MAX;
-        match.wc.masks.nw_src = OVS_BE32_MAX;
+        if(ip_dst)
+            match.wc.masks.nw_src = OVS_BE32_MAX;
 
         cls_rule_init(&p->cr, &match, 0, CLS_MIN_VERSION); /* Priority == 0. */
         ovs_refcount_init(&p->ref_cnt);
diff --git a/tests/ofproto-macros.at b/tests/ofproto-macros.at
index 74b02b7..b08cd26 100644
--- a/tests/ofproto-macros.at
+++ b/tests/ofproto-macros.at
@@ -115,6 +115,27 @@ m4_define([OVS_VSWITCHD_START],
    AT_CHECK([ovs-vsctl -- add-br br0 -- set bridge br0 datapath-type=dummy other-config:datapath-id=fedcba9876543210 other-config:hwaddr=aa:55:aa:55:00:00 protocols=[[OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14,OpenFlow15]] fail-mode=secure -- $1 m4_if([$2], [], [], [| ${PERL} $srcdir/uuidfilt.pl])], [0], [$2])
 ])
 
+# OVS_VSWITCHD_START_NETDEV([vsctl-args], [vsctl-output], [=override])
+#
+# Creates a database and starts ovsdb-server, starts ovs-vswitchd
+# connected to that database, calls ovs-vsctl to create a bridge named
+# br0 with predictable settings, passing 'vsctl-args' as additional
+# commands to ovs-vsctl.  If 'vsctl-args' causes ovs-vsctl to provide
+# output (e.g. because it includes "create" commands) then 'vsctl-output'
+# specifies the expected output after filtering through uuidfilt.pl.
+#
+# If a test needs to use "system" devices (as dummies), then specify
+# =override (literally) as the third argument.  Otherwise, system devices
+# won't work at all (which makes sense because tests should not access a
+# system's real Ethernet devices).
+m4_define([OVS_VSWITCHD_START_NETDEV],
+  [_OVS_VSWITCHD_START([--disable-system])
+
+   dnl Add bridges, ports, etc.
+   AT_CHECK([ovs-vsctl -- add-br br0 -- set bridge br0 datapath-type=netdev protocols=[[OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14,OpenFlow15]] fail-mode=secure -- $1 m4_if([$2], [], [], [| ${PERL} $srcdir/uuidfilt.pl])], [0], [$2])
+])
+
+
 m4_divert_push([PREPARE_TESTS])
 check_logs () {
     sed -n "$1
diff --git a/tests/tunnel.at b/tests/tunnel.at
index 7ff1ba4..3bab497 100644
--- a/tests/tunnel.at
+++ b/tests/tunnel.at
@@ -411,3 +411,53 @@ AT_CHECK([tail -1 stdout], [0],
 ])
 OVS_VSWITCHD_STOP
 AT_CLEANUP
+
+AT_SETUP([userspace - tunnel-test for remote_ip=flow])
+OVS_VSWITCHD_START_NETDEV([dnl
+    add-port br0 p1 -- set Interface p1 type=vxlan options:key=flow \
+        options:remote_ip=flow ofport_request=1])
+
+AT_DATA([flows.txt], [dnl
+    in_port=91 actions=local
+])
+AT_CHECK([ovs-ofctl add-flows br0 flows.txt])
+AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=91,dl_src=50:54:00:00:00:05,dl_dst=50:54:00:00:00:07,dl_type=0x0800,nw_src=5.5.5.5,nw_dst=200.2.0.100,nw_proto=17,nw_tos=0,nw_ttl=128,udp_src=50031,udp_dst=4789'], [0], [stdout])
+
+AT_CHECK([tail -1 stdout], [0],
+  [Datapath actions: tnl_pop(1) 
+])
+AT_CHECK([ovs-vsctl del-br br0])
+OVS_VSWITCHD_STOP(["/The Open vSwitch kernel module is probably not loaded/d"])
+AT_CLEANUP
+
+AT_SETUP([userspace ofproto-dpif - set_field - tun_src/tun_dst/tun_id])
+OVS_VSWITCHD_START_NETDEV([dnl
+    add-port br0 p1 -- set Interface p1 type=vxlan options:key=flow \
+        options:remote_ip=1.1.1.1 ofport_request=1 \
+    -- add-port br0 p2 -- set Interface p2 type=vxlan options:key=flow \
+        options:remote_ip=flow ofport_request=2 \
+    -- add-port br0 p3 -- set Interface p3 type=vxlan options:key=flow \
+        options:remote_ip=flow options:local_ip=flow ofport_request=3 \
+    -- add-port br0 p4 -- set Interface p4 type=vxlan options:key=3 \
+        options:remote_ip=flow ofport_request=4 \
+    -- add-port br0 p5 -- set Interface p5 type=vxlan options:key=flow \
+        options:remote_ip=5.5.5.5 ofport_request=5])
+
+OVS_VSWITCHD_DISABLE_TUNNEL_PUSH_POP
+AT_DATA([flows.txt], [dnl
+in_port=90 actions=resubmit:1,resubmit:2,resubmit:3,resubmit:4,resubmit:5
+in_port=1 actions=set_field:42->tun_id,output:1
+in_port=2 actions=set_field:3.3.3.3->tun_dst,output:2
+in_port=3 actions=set_field:1.1.1.1->tun_src,set_field:4.4.4.4->tun_dst,output:3
+in_port=4 actions=set_field:2.2.2.2->tun_dst,output:4
+in_port=5 actions=set_field:5->tun_id
+])
+AT_CHECK([ovs-ofctl add-flows br0 flows.txt])
+AT_CHECK([ovs-appctl ofproto/trace br0 'in_port=90,dl_src=50:54:00:00:00:05,dl_dst=50:54:00:00:00:07,dl_type=0x0800,nw_src=192.168.0.1,nw_dst=192.168.0.2,nw_proto=1,nw_tos=0,nw_ttl=128,'], [0], [stdout])
+AT_CHECK([tail -1 stdout], [0],
+  [Datapath actions: set(tunnel(tun_id=0x2a,dst=1.1.1.1,ttl=64,flags(df,key))),1,set(tunnel(tun_id=0x2a,dst=3.3.3.3,ttl=64,flags(df,key))),1,set(tunnel(tun_id=0x2a,src=1.1.1.1,dst=4.4.4.4,ttl=64,flags(df,key))),1,set(tunnel(tun_id=0x3,dst=2.2.2.2,ttl=64,flags(df,key))),1
+])
+AT_CHECK([ovs-vsctl del-br br0])
+OVS_VSWITCHD_STOP(["/The Open vSwitch kernel module is probably not loaded/d"])
+AT_CLEANUP
+
-- 
1.9.3




More information about the dev mailing list