[ovs-dev] [PATCH ovn v3] ovn-northd: Add IGMP Relay support
Dumitru Ceara
dceara at redhat.com
Fri Aug 16 12:15:44 UTC 2019
On Fri, Aug 16, 2019 at 2:09 PM Numan Siddique <nusiddiq at redhat.com> wrote:
>
>
>
> On Fri, Aug 16, 2019 at 5:26 PM Dumitru Ceara <dceara at redhat.com> wrote:
>>
>> On Fri, Aug 16, 2019 at 12:23 PM Numan Siddique <nusiddiq at redhat.com> wrote:
>> >
>> >
>> >
>> > On Mon, Aug 12, 2019 at 5:32 PM Dumitru Ceara <dceara at redhat.com> wrote:
>> >>
>> >> Add a new configuration option 'mcast_relay' to the Logical_Router:options
>> >> in the OVN Northbound database.
>> >>
>> >> If a router is configured with 'mcast_relay' enabled then ovn-northd
>> >> will install Logical_Flows to allow IP multicast traffic to be routed
>> >> between Logical_Switches. The logical router will aggregate all IGMP
>> >> groups from attached logical switches and modify the routing pipeline in
>> >> the following way:
>> >> - Table S_ROUTER_IN_IP_INPUT: add flow allowing IP multicast traffic
>> >> if mcast_relay is enabled on the datapath.
>> >> - Table S_ROUTER_IN_IP_ROUTING: add flow matching the group address,
>> >> update TTL and set outport="<Multicast_Group> associated with the
>> >> IGMP group". Continue to next table.
>> >> - Table S_ROUTER_IN_ARP_RESOLVE: bypass ARP resolve for IP multicast
>> >> traffic and continue to next table.
>> >> - Table S_ROUTER_OUT_DELIVERY: add flow matching IP multicast traffic
>> >> and set ETH.SRC to the MAC address of the logical port on which
>> >> traffic is forwarded.
>> >>
>> >> Signed-off-by: Dumitru Ceara <dceara at redhat.com>
>> >> Acked-by: Mark Michelson <mmichels at redhat.com>
>> >
>> >
>> > Hi Dumitru,
>> >
>> > Just a minor comment. Please see below. Can you please update the patch ?
>> > LGTM otherwise.
>>
>> Hi Numan,
>>
>> Thanks for the review, I'll send a v4 but I have a follow up to your
>> comment below.
>>
>> Thanks,
>> Dumitru
>>
>> >
>> > Thanks
>> > Numan
>> >
>> >>
>> >>
>> >> ---
>> >> v3:
>> >> - Address Mark's comment and move setting of the outport in the IP
>> >> Routing stage.
>> >> - Update commit message.
>> >> - Fix some typos.
>> >> v2:
>> >> - Optimize flooding to multicast router ports.
>> >> - Fix check for source IP multicast in router pipeline.
>> >> - Use an enum for OVN_MCAST_*_KEY definitions to avoid hard to debug
>> >> errors due to typos when adding new OVN_MCAST_*_KEY values.
>> >> - Fix ovn-northd man page for IGMP.
>> >> ---
>> >> NEWS | 1 +
>> >> lib/mcast-group-index.h | 13 +-
>> >> northd/ovn-northd.8.xml | 79 +++++++-
>> >> northd/ovn-northd.c | 504 ++++++++++++++++++++++++++++++++++++------------
>> >> ovn-nb.xml | 6 +
>> >> tests/ovn.at | 199 +++++++++++++++++--
>> >> 6 files changed, 651 insertions(+), 151 deletions(-)
>> >>
>> >> diff --git a/NEWS b/NEWS
>> >> index f476984..73045d6 100644
>> >> --- a/NEWS
>> >> +++ b/NEWS
>> >> @@ -39,6 +39,7 @@ Post-v2.11.0
>> >> logical groups which results in tunnels only been formed between
>> >> members of the same transport zone(s).
>> >> * Support for new logical switch port type - 'virtual'.
>> >> + * Support for IGMP Snooping/Querier and Relay.
>> >> - New QoS type "linux-netem" on Linux.
>> >> - Added support for TLS Server Name Indication (SNI).
>> >>
>> >> diff --git a/lib/mcast-group-index.h b/lib/mcast-group-index.h
>> >> index 15a1592..cb49ad7 100644
>> >> --- a/lib/mcast-group-index.h
>> >> +++ b/lib/mcast-group-index.h
>> >> @@ -20,8 +20,17 @@ struct ovsdb_idl;
>> >>
>> >> struct sbrec_datapath_binding;
>> >>
>> >> -#define OVN_MCAST_FLOOD_TUNNEL_KEY 65535
>> >> -#define OVN_MCAST_UNKNOWN_TUNNEL_KEY (OVN_MCAST_FLOOD_TUNNEL_KEY - 1)
>> >> +#define OVN_MIN_MULTICAST 32768
>> >> +#define OVN_MAX_MULTICAST 65535
>> >> +
>> >> +enum ovn_mcast_tunnel_keys {
>> >> +
>> >> + OVN_MCAST_FLOOD_TUNNEL_KEY = OVN_MIN_MULTICAST,
>> >> + OVN_MCAST_UNKNOWN_TUNNEL_KEY,
>> >> + OVN_MCAST_MROUTER_FLOOD_TUNNEL_KEY,
>> >> + OVN_MIN_IP_MULTICAST,
>> >> + OVN_MAX_IP_MULTICAST = OVN_MAX_MULTICAST,
>> >> +};
>> >>
>> >> struct ovsdb_idl_index *mcast_group_index_create(struct ovsdb_idl *);
>> >> const struct sbrec_multicast_group *
>> >> diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
>> >> index 6d2fbe3..d45bb15 100644
>> >> --- a/northd/ovn-northd.8.xml
>> >> +++ b/northd/ovn-northd.8.xml
>> >> @@ -947,10 +947,40 @@ output;
>> >>
>> >> <ul>
>> >> <li>
>> >> - A priority-100 flow that outputs all packets with an Ethernet broadcast
>> >> + A priority-100 flow that punts all IGMP packets to
>> >> + <code>ovn-controller</code> if IGMP snooping is enabled on the
>> >> + logical switch.
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + Priority-90 flows that forward registered IP multicast traffic to
>> >> + their corresponding multicast group, which <code>ovn-northd</code>
>> >> + creates based on learnt <ref table="IGMP_Group" db="OVN_Southbound"/>
>> >> + entries. The flows also forward packets to the
>> >> + <code>MC_MROUTER_FLOOD</code> multicast group, which
>> >> + <code>ovn-nortdh</code> populates with all the logical ports that
>> >> + are connected to logical routers with
>> >> + <ref column="options" table="Logical_Router"/>:mcast_relay='true'.
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + A priority-85 flow that forwards all IP multicast traffic destined to
>> >> + 224.0.0.X to the <code>MC_FLOOD</code> multicast group, which
>> >> + <code>ovn-northd</code> populates with all enabled logical ports.
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + A priority-80 flow that forwards all unregistered IP multicast traffic
>> >> + to the <code>MC_MROUTER_FLOOD</code> multicast group, if any.
>> >> + Otherwise the flow drops all unregistered IP multicast packets. This
>> >> + flow is added only if <ref column="other_config"
>> >> + table="Logical_Switch"/>:mcast_flood_unregistered='false'.
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + A priority-70 flow that outputs all packets with an Ethernet broadcast
>> >> or multicast <code>eth.dst</code> to the <code>MC_FLOOD</code>
>> >> - multicast group, which <code>ovn-northd</code> populates with all
>> >> - enabled logical ports.
>> >> + multicast group.
>> >> </li>
>> >>
>> >> <li>
>> >> @@ -1228,6 +1258,14 @@ output;
>> >>
>> >> <li>
>> >> <p>
>> >> + A priority-95 flow allows IP multicast traffic if
>> >> + <ref column="options" table="Logical_Router"/>:mcast_relay='true',
>> >> + otherwise drops it.
>> >> + </p>
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + <p>
>> >> ICMP echo reply. These flows reply to ICMP echo requests received
>> >> for the router's IP address. Let <var>A</var> be an IP address
>> >> owned by a router port. Then, for each <var>A</var> that is
>> >> @@ -1941,6 +1979,16 @@ output;
>> >> <ul>
>> >> <li>
>> >> <p>
>> >> + Priority-500 flows that match IP multicast traffic destined to
>> >> + groups registered on any of the attached switches and sets
>> >> + <code>outport</code> to the associated multicast group that will
>> >> + eventually flood the traffic to all interested attached logical
>> >> + switches. The flows also decrement TTL.
>> >> + </p>
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + <p>
>> >> For distributed logical routers where one of the logical router
>> >> ports specifies a <code>redirect-chassis</code>, a priority-400
>> >> logical flow for each ip source/destination couple that matches the
>> >> @@ -2074,6 +2122,15 @@ next;
>> >> <ul>
>> >> <li>
>> >> <p>
>> >> + A priority-500 flow that matches IP multicast traffic that was
>> >> + allowed in the routing pipeline. For this kind of traffic the
>> >> + <code>outport</code> was already set so the flow just advances to
>> >> + the next table.
>> >> + </p>
>> >> + </li>
>> >> +
>> >> + <li>
>> >> + <p>
>> >> For distributed logical routers where one of the logical router
>> >> ports specifies a <code>redirect-chassis</code>, a priority-400
>> >> logical flow with match <code>REGBIT_DISTRIBUTED_NAT == 1</code>
>> >> @@ -2641,9 +2698,19 @@ clone {
>> >> <h3>Egress Table 3: Delivery</h3>
>> >>
>> >> <p>
>> >> - Packets that reach this table are ready for delivery. It contains
>> >> - priority-100 logical flows that match packets on each enabled logical
>> >> - router port, with action <code>output;</code>.
>> >> + Packets that reach this table are ready for delivery. It contains:
>> >> + <ul>
>> >> + <li>
>> >> + Priority-110 logical flows that match IP multicast packets on each
>> >> + enabled logical router port and modify the Ethernet source address
>> >> + of the packets to the Ethernet address of the port and then execute
>> >> + action <code>output;</code>.
>> >> + </li>
>> >> + <li>
>> >> + Priority-100 logical flows that match packets on each enabled
>> >> + logical router port, with action <code>output;</code>.
>> >> + </li>
>> >> + </ul>
>> >> </p>
>> >>
>> >> </manpage>
>> >> diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
>> >> index e6953a4..9ee9230 100644
>> >> --- a/northd/ovn-northd.c
>> >> +++ b/northd/ovn-northd.c
>> >> @@ -433,32 +433,52 @@ struct ipam_info {
>> >> bool mac_only;
>> >> };
>> >>
>> >> -#define OVN_MIN_MULTICAST 32768
>> >> -#define OVN_MAX_MULTICAST OVN_MCAST_FLOOD_TUNNEL_KEY
>> >> -BUILD_ASSERT_DECL(OVN_MIN_MULTICAST < OVN_MAX_MULTICAST);
>> >> -
>> >> -#define OVN_MIN_IP_MULTICAST OVN_MIN_MULTICAST
>> >> -#define OVN_MAX_IP_MULTICAST (OVN_MCAST_UNKNOWN_TUNNEL_KEY - 1)
>> >> -BUILD_ASSERT_DECL(OVN_MAX_IP_MULTICAST >= OVN_MIN_MULTICAST);
>> >> -
>> >> /*
>> >> * Multicast snooping and querier per datapath configuration.
>> >> */
>> >> +struct mcast_switch_info {
>> >> +
>> >> + bool enabled; /* True if snooping enabled. */
>> >> + bool querier; /* True if querier enabled. */
>> >> + bool flood_unregistered; /* True if unregistered multicast should be
>> >> + * flooded.
>> >> + */
>> >> + bool flood_relay; /* True if the switch is connected to a
>> >> + * multicast router and unregistered multicast
>> >> + * should be flooded to the mrouter. Only
>> >> + * applicable if flood_unregistered == false.
>> >> + */
>> >> +
>> >> + int64_t table_size; /* Max number of IP multicast groups. */
>> >> + int64_t idle_timeout; /* Timeout after which an idle group is
>> >> + * flushed.
>> >> + */
>> >> + int64_t query_interval; /* Interval between multicast queries. */
>> >> + char *eth_src; /* ETH src address of the multicast queries. */
>> >> + char *ipv4_src; /* IP src address of the multicast queries. */
>> >> + int64_t query_max_response; /* Expected time after which reports should
>> >> + * be received for queries that were sent out.
>> >> + */
>> >> +
>> >> + uint32_t active_flows; /* Current number of active IP multicast
>> >> + * flows.
>> >> + */
>> >> +};
>> >> +
>> >> +struct mcast_router_info {
>> >> + bool relay; /* True if the router should relay IP multicast. */
>> >> +};
>> >> +
>> >> struct mcast_info {
>> >> - bool enabled;
>> >> - bool querier;
>> >> - bool flood_unregistered;
>> >> -
>> >> - int64_t table_size;
>> >> - int64_t idle_timeout;
>> >> - int64_t query_interval;
>> >> - char *eth_src;
>> >> - char *ipv4_src;
>> >> - int64_t query_max_response;
>> >> -
>> >> - struct hmap group_tnlids;
>> >> - uint32_t group_tnlid_hint;
>> >> - uint32_t active_flows;
>> >> +
>> >> + struct hmap group_tnlids; /* Group tunnel IDs in use on this DP. */
>> >> + uint32_t group_tnlid_hint; /* Hint for allocating next group tunnel ID. */
>> >> + struct ovs_list groups; /* List of groups learnt on this DP. */
>> >> +
>> >> + union {
>> >> + struct mcast_switch_info sw; /* Switch specific multicast info. */
>> >> + struct mcast_router_info rtr; /* Router specific multicast info. */
>> >> + };
>> >> };
>> >>
>> >> static uint32_t
>> >> @@ -559,6 +579,7 @@ ovn_datapath_create(struct hmap *datapaths, const struct uuid *key,
>> >> }
>> >>
>> >> static void ovn_ls_port_group_destroy(struct hmap *nb_pgs);
>> >> +static void destroy_mcast_info_for_datapath(struct ovn_datapath *od);
>> >>
>> >> static void
>> >> ovn_datapath_destroy(struct hmap *datapaths, struct ovn_datapath *od)
>> >> @@ -572,12 +593,7 @@ ovn_datapath_destroy(struct hmap *datapaths, struct ovn_datapath *od)
>> >> bitmap_free(od->ipam_info.allocated_ipv4s);
>> >> free(od->router_ports);
>> >> ovn_ls_port_group_destroy(&od->nb_pgs);
>> >> -
>> >> - if (od->nbs) {
>> >> - free(od->mcast_info.eth_src);
>> >> - free(od->mcast_info.ipv4_src);
>> >> - destroy_tnlids(&od->mcast_info.group_tnlids);
>> >> - }
>> >> + destroy_mcast_info_for_datapath(od);
>> >>
>> >> free(od);
>> >> }
>> >> @@ -714,23 +730,28 @@ init_ipam_info_for_datapath(struct ovn_datapath *od)
>> >> }
>> >>
>> >> static void
>> >> -init_mcast_info_for_datapath(struct ovn_datapath *od)
>> >> +init_mcast_info_for_router_datapath(struct ovn_datapath *od)
>> >> {
>> >> - if (!od->nbs) {
>> >> - return;
>> >> - }
>> >> + struct mcast_router_info *mcast_rtr_info = &od->mcast_info.rtr;
>> >>
>> >> - struct mcast_info *mcast_info = &od->mcast_info;
>> >> + mcast_rtr_info->relay = smap_get_bool(&od->nbr->options, "mcast_relay",
>> >> + false);
>> >> +}
>> >>
>> >> - mcast_info->enabled =
>> >> +static void
>> >> +init_mcast_info_for_switch_datapath(struct ovn_datapath *od)
>> >> +{
>> >> + struct mcast_switch_info *mcast_sw_info = &od->mcast_info.sw;
>> >> +
>> >> + mcast_sw_info->enabled =
>> >> smap_get_bool(&od->nbs->other_config, "mcast_snoop", false);
>> >> - mcast_info->querier =
>> >> + mcast_sw_info->querier =
>> >> smap_get_bool(&od->nbs->other_config, "mcast_querier", true);
>> >> - mcast_info->flood_unregistered =
>> >> + mcast_sw_info->flood_unregistered =
>> >> smap_get_bool(&od->nbs->other_config, "mcast_flood_unregistered",
>> >> false);
>> >>
>> >> - mcast_info->table_size =
>> >> + mcast_sw_info->table_size =
>> >> smap_get_ullong(&od->nbs->other_config, "mcast_table_size",
>> >> OVN_MCAST_DEFAULT_MAX_ENTRIES);
>> >>
>> >> @@ -742,54 +763,94 @@ init_mcast_info_for_datapath(struct ovn_datapath *od)
>> >> } else if (idle_timeout > OVN_MCAST_MAX_IDLE_TIMEOUT_S) {
>> >> idle_timeout = OVN_MCAST_MAX_IDLE_TIMEOUT_S;
>> >> }
>> >> - mcast_info->idle_timeout = idle_timeout;
>> >> + mcast_sw_info->idle_timeout = idle_timeout;
>> >>
>> >> uint32_t query_interval =
>> >> smap_get_ullong(&od->nbs->other_config, "mcast_query_interval",
>> >> - mcast_info->idle_timeout / 2);
>> >> + mcast_sw_info->idle_timeout / 2);
>> >> if (query_interval < OVN_MCAST_MIN_QUERY_INTERVAL_S) {
>> >> query_interval = OVN_MCAST_MIN_QUERY_INTERVAL_S;
>> >> } else if (query_interval > OVN_MCAST_MAX_QUERY_INTERVAL_S) {
>> >> query_interval = OVN_MCAST_MAX_QUERY_INTERVAL_S;
>> >> }
>> >> - mcast_info->query_interval = query_interval;
>> >> + mcast_sw_info->query_interval = query_interval;
>> >>
>> >> - mcast_info->eth_src =
>> >> + mcast_sw_info->eth_src =
>> >> nullable_xstrdup(smap_get(&od->nbs->other_config, "mcast_eth_src"));
>> >> - mcast_info->ipv4_src =
>> >> + mcast_sw_info->ipv4_src =
>> >> nullable_xstrdup(smap_get(&od->nbs->other_config, "mcast_ip4_src"));
>> >>
>> >> - mcast_info->query_max_response =
>> >> + mcast_sw_info->query_max_response =
>> >> smap_get_ullong(&od->nbs->other_config, "mcast_query_max_response",
>> >> OVN_MCAST_DEFAULT_QUERY_MAX_RESPONSE_S);
>> >>
>> >> - hmap_init(&mcast_info->group_tnlids);
>> >> - mcast_info->group_tnlid_hint = OVN_MIN_IP_MULTICAST;
>> >> - mcast_info->active_flows = 0;
>> >> + mcast_sw_info->active_flows = 0;
>> >> +}
>> >> +
>> >> +static void
>> >> +init_mcast_info_for_datapath(struct ovn_datapath *od)
>> >> +{
>> >> + if (!od->nbr && !od->nbs) {
>> >> + return;
>> >> + }
>> >> +
>> >> + hmap_init(&od->mcast_info.group_tnlids);
>> >> + od->mcast_info.group_tnlid_hint = OVN_MIN_IP_MULTICAST;
>> >> + ovs_list_init(&od->mcast_info.groups);
>> >> +
>> >> + if (od->nbs) {
>> >> + init_mcast_info_for_switch_datapath(od);
>> >> + } else {
>> >> + init_mcast_info_for_router_datapath(od);
>> >> + }
>> >> +}
>> >> +
>> >> +static void
>> >> +destroy_mcast_info_for_switch_datapath(struct ovn_datapath *od)
>> >> +{
>> >> + struct mcast_switch_info *mcast_sw_info = &od->mcast_info.sw;
>> >> +
>> >> + free(mcast_sw_info->eth_src);
>> >> + free(mcast_sw_info->ipv4_src);
>> >> +}
>> >> +
>> >> +static void
>> >> +destroy_mcast_info_for_datapath(struct ovn_datapath *od)
>> >> +{
>> >> + if (!od->nbr && !od->nbs) {
>> >> + return;
>> >> + }
>> >> +
>> >> + if (od->nbs) {
>> >> + destroy_mcast_info_for_switch_datapath(od);
>> >> + }
>> >> +
>> >> + destroy_tnlids(&od->mcast_info.group_tnlids);
>> >> }
>> >>
>> >> static void
>> >> -store_mcast_info_for_datapath(const struct sbrec_ip_multicast *sb,
>> >> - struct ovn_datapath *od)
>> >> +store_mcast_info_for_switch_datapath(const struct sbrec_ip_multicast *sb,
>> >> + struct ovn_datapath *od)
>> >> {
>> >> - struct mcast_info *mcast_info = &od->mcast_info;
>> >> + struct mcast_switch_info *mcast_sw_info = &od->mcast_info.sw;
>> >>
>> >> sbrec_ip_multicast_set_datapath(sb, od->sb);
>> >> - sbrec_ip_multicast_set_enabled(sb, &mcast_info->enabled, 1);
>> >> - sbrec_ip_multicast_set_querier(sb, &mcast_info->querier, 1);
>> >> - sbrec_ip_multicast_set_table_size(sb, &mcast_info->table_size, 1);
>> >> - sbrec_ip_multicast_set_idle_timeout(sb, &mcast_info->idle_timeout, 1);
>> >> + sbrec_ip_multicast_set_enabled(sb, &mcast_sw_info->enabled, 1);
>> >> + sbrec_ip_multicast_set_querier(sb, &mcast_sw_info->querier, 1);
>> >> + sbrec_ip_multicast_set_table_size(sb, &mcast_sw_info->table_size, 1);
>> >> + sbrec_ip_multicast_set_idle_timeout(sb, &mcast_sw_info->idle_timeout, 1);
>> >> sbrec_ip_multicast_set_query_interval(sb,
>> >> - &mcast_info->query_interval, 1);
>> >> + &mcast_sw_info->query_interval, 1);
>> >> sbrec_ip_multicast_set_query_max_resp(sb,
>> >> - &mcast_info->query_max_response, 1);
>> >> + &mcast_sw_info->query_max_response,
>> >> + 1);
>> >>
>> >> - if (mcast_info->eth_src) {
>> >> - sbrec_ip_multicast_set_eth_src(sb, mcast_info->eth_src);
>> >> + if (mcast_sw_info->eth_src) {
>> >> + sbrec_ip_multicast_set_eth_src(sb, mcast_sw_info->eth_src);
>> >> }
>> >>
>> >> - if (mcast_info->ipv4_src) {
>> >> - sbrec_ip_multicast_set_ip4_src(sb, mcast_info->ipv4_src);
>> >> + if (mcast_sw_info->ipv4_src) {
>> >> + sbrec_ip_multicast_set_ip4_src(sb, mcast_sw_info->ipv4_src);
>> >> }
>> >> }
>> >>
>> >> @@ -906,6 +967,7 @@ join_datapaths(struct northd_context *ctx, struct hmap *datapaths,
>> >> NULL, nbr, NULL);
>> >> ovs_list_push_back(nb_only, &od->list);
>> >> }
>> >> + init_mcast_info_for_datapath(od);
>> >> ovs_list_push_back(lr_list, &od->lr_list);
>> >> }
>> >> }
>> >> @@ -1999,6 +2061,13 @@ join_logical_ports(struct northd_context *ctx,
>> >> break;
>> >> }
>> >> }
>> >> +
>> >> + /* If the router is multicast enabled then set relay on the switch
>> >> + * datapath.
>> >> + */
>> >> + if (peer->od && peer->od->mcast_info.rtr.relay) {
>> >> + op->od->mcast_info.sw.flood_relay = true;
>> >> + }
>> >> } else if (op->nbrp && op->nbrp->peer && !op->derived) {
>> >> struct ovn_port *peer = ovn_port_find(ports, op->nbrp->peer);
>> >> if (peer) {
>> >> @@ -2846,6 +2915,10 @@ struct multicast_group {
>> >> static const struct multicast_group mc_flood =
>> >> { MC_FLOOD, OVN_MCAST_FLOOD_TUNNEL_KEY };
>> >>
>> >> +#define MC_MROUTER_FLOOD "_MC_mrouter_flood"
>> >> +static const struct multicast_group mc_mrouter_flood =
>> >> + { MC_MROUTER_FLOOD, OVN_MCAST_MROUTER_FLOOD_TUNNEL_KEY };
>> >> +
>> >> #define MC_UNKNOWN "_MC_unknown"
>> >> static const struct multicast_group mc_unknown =
>> >> { MC_UNKNOWN, OVN_MCAST_UNKNOWN_TUNNEL_KEY };
>> >> @@ -2955,7 +3028,8 @@ ovn_multicast_update_sbrec(const struct ovn_multicast *mc,
>> >> */
>> >> struct ovn_igmp_group_entry {
>> >> struct ovs_list list_node; /* Linkage in the list of entries. */
>> >> - const struct sbrec_igmp_group *sb;
>> >> + size_t n_ports;
>> >> + struct ovn_port **ports;
>> >> };
>> >>
>> >> /*
>> >> @@ -2964,12 +3038,13 @@ struct ovn_igmp_group_entry {
>> >> */
>> >> struct ovn_igmp_group {
>> >> struct hmap_node hmap_node; /* Index on 'datapath' and 'address'. */
>> >> + struct ovs_list list_node; /* Linkage in the per-dp igmp group list. */
>> >>
>> >> struct ovn_datapath *datapath;
>> >> struct in6_addr address; /* Multicast IPv6-mapped-IPv4 or IPv4 address. */
>> >> struct multicast_group mcgroup;
>> >>
>> >> - struct ovs_list sb_entries; /* List of SB entries for this group. */
>> >> + struct ovs_list entries; /* List of SB entries for this group. */
>> >> };
>> >>
>> >> static uint32_t
>> >> @@ -2997,77 +3072,120 @@ ovn_igmp_group_find(struct hmap *igmp_groups,
>> >> return NULL;
>> >> }
>> >>
>> >> -static void
>> >> +static struct ovn_igmp_group *
>> >> ovn_igmp_group_add(struct northd_context *ctx, struct hmap *igmp_groups,
>> >> struct ovn_datapath *datapath,
>> >> - const struct sbrec_igmp_group *sb_igmp_group)
>> >> + const struct in6_addr *address,
>> >> + const char *address_s)
>> >> {
>> >> - struct in6_addr group_address;
>> >> - ovs_be32 ipv4;
>> >> -
>> >> - if (ip_parse(sb_igmp_group->address, &ipv4)) {
>> >> - group_address = in6_addr_mapped_ipv4(ipv4);
>> >> - } else if (!ipv6_parse(sb_igmp_group->address, &group_address)) {
>> >> - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1);
>> >> - VLOG_WARN_RL(&rl, "invalid IGMP group address: %s",
>> >> - sb_igmp_group->address);
>> >> - return;
>> >> - }
>> >> -
>> >> struct ovn_igmp_group *igmp_group =
>> >> - ovn_igmp_group_find(igmp_groups, datapath, &group_address);
>> >> + ovn_igmp_group_find(igmp_groups, datapath, address);
>> >>
>> >> if (!igmp_group) {
>> >> igmp_group = xmalloc(sizeof *igmp_group);
>> >>
>> >> const struct sbrec_multicast_group *mcgroup =
>> >> - mcast_group_lookup(ctx->sbrec_mcast_group_by_name_dp,
>> >> - sb_igmp_group->address, datapath->sb);
>> >> + mcast_group_lookup(ctx->sbrec_mcast_group_by_name_dp, address_s,
>> >> + datapath->sb);
>> >>
>> >> igmp_group->datapath = datapath;
>> >> - igmp_group->address = group_address;
>> >> + igmp_group->address = *address;
>> >> if (mcgroup) {
>> >> igmp_group->mcgroup.key = mcgroup->tunnel_key;
>> >> add_tnlid(&datapath->mcast_info.group_tnlids, mcgroup->tunnel_key);
>> >> } else {
>> >> igmp_group->mcgroup.key = 0;
>> >> }
>> >> - igmp_group->mcgroup.name = sb_igmp_group->address;
>> >> - ovs_list_init(&igmp_group->sb_entries);
>> >> + igmp_group->mcgroup.name = address_s;
>> >> + ovs_list_init(&igmp_group->entries);
>> >>
>> >> hmap_insert(igmp_groups, &igmp_group->hmap_node,
>> >> - ovn_igmp_group_hash(datapath, &group_address));
>> >> + ovn_igmp_group_hash(datapath, address));
>> >> + ovs_list_push_back(&datapath->mcast_info.groups,
>> >> + &igmp_group->list_node);
>> >> + }
>> >> +
>> >> + return igmp_group;
>> >> +}
>> >> +
>> >> +static bool
>> >> +ovn_igmp_group_get_address(const struct sbrec_igmp_group *sb_igmp_group,
>> >> + struct in6_addr *address)
>> >> +{
>> >> + ovs_be32 ipv4;
>> >> +
>> >> + if (ip_parse(sb_igmp_group->address, &ipv4)) {
>> >> + *address = in6_addr_mapped_ipv4(ipv4);
>> >> + return true;
>> >> + }
>> >> + if (!ipv6_parse(sb_igmp_group->address, address)) {
>> >> + return false;
>> >> }
>> >> + return true;
>> >> +}
>> >>
>> >> +static struct ovn_port **
>> >> +ovn_igmp_group_get_ports(const struct sbrec_igmp_group *sb_igmp_group,
>> >> + size_t *n_ports, struct hmap *ovn_ports)
>> >> +{
>> >> + struct ovn_port **ports = xmalloc(sb_igmp_group->n_ports * sizeof *ports);
>> >> +
>> >> + *n_ports = 0;
>> >> + for (size_t i = 0; i < sb_igmp_group->n_ports; i++) {
>> >> + ports[(*n_ports)] =
>> >> + ovn_port_find(ovn_ports, sb_igmp_group->ports[i]->logical_port);
>> >> + if (ports[(*n_ports)]) {
>> >> + (*n_ports)++;
>> >> + }
>> >> + }
>> >> +
>> >> + return ports;
>> >> +}
>> >> +
>> >> +static void
>> >> +ovn_igmp_group_add_entry(struct ovn_igmp_group *igmp_group,
>> >> + struct ovn_port **ports, size_t n_ports)
>> >> +{
>> >> struct ovn_igmp_group_entry *entry = xmalloc(sizeof *entry);
>> >>
>> >> - entry->sb = sb_igmp_group;
>> >> - ovs_list_push_back(&igmp_group->sb_entries , &entry->list_node);
>> >> + entry->ports = ports;
>> >> + entry->n_ports = n_ports;
>> >> + ovs_list_push_back(&igmp_group->entries, &entry->list_node);
>> >> +}
>> >> +
>> >> +static void
>> >> +ovn_igmp_group_destroy_entry(struct ovn_igmp_group_entry *entry)
>> >> +{
>> >> + free(entry->ports);
>> >> +}
>> >> +
>> >> +static bool
>> >> +ovn_igmp_group_allocate_id(struct ovn_igmp_group *igmp_group)
>> >> +{
>> >> + if (igmp_group->mcgroup.key == 0) {
>> >> + struct mcast_info *mcast_info = &igmp_group->datapath->mcast_info;
>> >> + igmp_group->mcgroup.key = ovn_mcast_group_allocate_key(mcast_info);
>> >> + }
>> >> +
>> >> + if (igmp_group->mcgroup.key == 0) {
>> >> + return false;
>> >> + }
>> >> +
>> >> + return true;
>> >> }
>> >>
>> >> static void
>> >> ovn_igmp_group_aggregate_ports(struct ovn_igmp_group *igmp_group,
>> >> - struct hmap *ovn_ports,
>> >> struct hmap *mcast_groups)
>> >> {
>> >> struct ovn_igmp_group_entry *entry;
>> >>
>> >> - LIST_FOR_EACH_POP (entry, list_node, &igmp_group->sb_entries) {
>> >> - size_t n_oports = 0;
>> >> - struct ovn_port **oports =
>> >> - xmalloc(entry->sb->n_ports * sizeof *oports);
>> >> -
>> >> - for (size_t i = 0; i < entry->sb->n_ports; i++) {
>> >> - oports[n_oports] =
>> >> - ovn_port_find(ovn_ports, entry->sb->ports[i]->logical_port);
>> >> - if (oports[n_oports]) {
>> >> - n_oports++;
>> >> - }
>> >> - }
>> >> -
>> >> + LIST_FOR_EACH_POP (entry, list_node, &igmp_group->entries) {
>> >> ovn_multicast_add_ports(mcast_groups, igmp_group->datapath,
>> >> - &igmp_group->mcgroup, oports, n_oports);
>> >> - free(oports);
>> >> + &igmp_group->mcgroup, entry->ports,
>> >> + entry->n_ports);
>> >> +
>> >> + ovn_igmp_group_destroy_entry(entry);
>> >> free(entry);
>> >> }
>> >> }
>> >> @@ -3079,10 +3197,12 @@ ovn_igmp_group_destroy(struct hmap *igmp_groups,
>> >> if (igmp_group) {
>> >> struct ovn_igmp_group_entry *entry;
>> >>
>> >> - LIST_FOR_EACH_POP (entry, list_node, &igmp_group->sb_entries) {
>> >> + LIST_FOR_EACH_POP (entry, list_node, &igmp_group->entries) {
>> >> + ovn_igmp_group_destroy_entry(entry);
>> >> free(entry);
>> >> }
>> >> hmap_remove(igmp_groups, &igmp_group->hmap_node);
>> >> + ovs_list_remove(&igmp_group->list_node);
>> >> free(igmp_group);
>> >> }
>> >> }
>> >> @@ -5282,7 +5402,9 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports,
>> >> continue;
>> >> }
>> >>
>> >> - if (od->mcast_info.enabled) {
>> >> + struct mcast_switch_info *mcast_sw_info = &od->mcast_info.sw;
>> >> +
>> >> + if (mcast_sw_info->enabled) {
>> >> /* Punt IGMP traffic to controller. */
>> >> ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 100,
>> >> "ip4 && ip.proto == 2", "igmp;");
>> >> @@ -5295,9 +5417,16 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports,
>> >> "outport = \""MC_FLOOD"\"; output;");
>> >>
>> >> /* Drop unregistered IP multicast if not allowed. */
>> >> - if (!od->mcast_info.flood_unregistered) {
>> >> - ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 80,
>> >> - "ip4 && ip4.mcast", "drop;");
>> >> + if (!mcast_sw_info->flood_unregistered) {
>> >> + /* Forward unregistered IP multicast to mrouter (if any). */
>> >> + if (mcast_sw_info->flood_relay) {
>> >> + ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 80,
>> >> + "ip4 && ip4.mcast",
>> >> + "outport = \""MC_MROUTER_FLOOD"\"; output;");
>> >> + } else {
>> >> + ovn_lflow_add(lflows, od, S_SWITCH_IN_L2_LKUP, 80,
>> >> + "ip4 && ip4.mcast", "drop;");
>> >> + }
>> >> }
>> >> }
>> >>
>> >> @@ -5314,18 +5443,26 @@ build_lswitch_flows(struct hmap *datapaths, struct hmap *ports,
>> >> continue;
>> >> }
>> >>
>> >> - struct mcast_info *mcast_info = &igmp_group->datapath->mcast_info;
>> >> + struct mcast_switch_info *mcast_sw_info =
>> >> + &igmp_group->datapath->mcast_info.sw;
>> >>
>> >> - if (mcast_info->active_flows >= mcast_info->table_size) {
>> >> + if (mcast_sw_info->active_flows >= mcast_sw_info->table_size) {
>> >> continue;
>> >> }
>> >> - mcast_info->active_flows++;
>> >> + mcast_sw_info->active_flows++;
>> >>
>> >> ds_clear(&match);
>> >> ds_clear(&actions);
>> >>
>> >> ds_put_format(&match, "eth.mcast && ip4 && ip4.dst == %s ",
>> >> igmp_group->mcgroup.name);
>> >> + /* Also flood traffic to all multicast routers with relay enabled. */
>> >> + if (mcast_sw_info->flood_relay) {
>> >> + ds_put_cstr(&actions,
>> >> + "clone { "
>> >> + "outport = \""MC_MROUTER_FLOOD "\"; output; "
>> >> + "};");
>> >> + }
>> >> ds_put_format(&actions, "outport = \"%s\"; output; ",
>> >> igmp_group->mcgroup.name);
>> >>
>> >> @@ -6205,7 +6342,7 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >> * source or destination, and zero network source or destination
>> >> * (priority 100). */
>> >> ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 100,
>> >> - "ip4.mcast || "
>> >> + "ip4.src[28..31] == 0xe ||"
>> >
>> >
>> > Does it makes sense to add another predicate for source mcast addr ?
>> > I am fine either way.
>>
>> Yes, I'll add "ip4.src_mcast" and send v4. I'm thinking of also
>> renaming "ip4.mcast" to "ip4.dst_mcast" for uniformity. What do you
>> think?
>>
>
> For backward compatibility reasons, I would suggest to add a new one - ip4.dst_mcast
> instead of renaming.
>
> I am thinking about the impact when ovn-controller/ovn-northd are upgraded to a new version.
>
> If we upgrade ovn-controller first (which is the recommended one), then any logical flow with "ip4.mcast" will
> be rejected. This could cause datapath disruption until ovn-northd is upgraded.
>
Ah, true, thanks for pointing it out.
>
>>
>> Thanks,
>> Dumitru
>>
>> >
>> >
>> >>
>> >> "ip4.src == 255.255.255.255 || "
>> >> "ip4.src == 127.0.0.0/8 || "
>> >> "ip4.dst == 127.0.0.0/8 || "
>> >> @@ -6213,6 +6350,16 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >> "ip4.dst == 0.0.0.0/8",
>> >> "drop;");
>> >>
>> >> + /* Allow multicast if relay enabled (priority 95). */
>> >> + ds_clear(&actions);
>> >> + if (od->mcast_info.rtr.relay) {
>> >> + ds_put_cstr(&actions, "next;");
>> >> + } else {
>> >> + ds_put_cstr(&actions, "drop;");
>> >> + }
>> >> + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 95,
>> >> + "ip4.dst[28..31] == 0xe", ds_cstr(&actions));
>> >
>> >
>> > Since ip4.mcast is a predicate to "ip4.dst[28..31] == 0xe", can you please use ip4.mcast here ?
>> >
>> >
>> >>
>> >> +
>> >> /* ARP reply handling. Use ARP replies to populate the logical
>> >> * router's ARP table. */
>> >> ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_INPUT, 90, "arp.op == 2",
>> >> @@ -7483,6 +7630,27 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >> }
>> >> }
>> >>
>> >> + /* IP Multicast lookup. Here we set the output port, adjust TTL and
>> >> + * advance to next table (priority 500).
>> >> + */
>> >> + HMAP_FOR_EACH (od, key_node, datapaths) {
>> >> + if (!od->nbr || !od->mcast_info.rtr.relay) {
>> >> + continue;
>> >> + }
>> >> + struct ovn_igmp_group *igmp_group;
>> >> +
>> >> + LIST_FOR_EACH (igmp_group, list_node, &od->mcast_info.groups) {
>> >> + ds_clear(&match);
>> >> + ds_clear(&actions);
>> >> + ds_put_format(&match, "ip4 && ip4.dst == %s ",
>> >> + igmp_group->mcgroup.name);
>> >> + ds_put_format(&actions, "outport = \"%s\"; ip.ttl--; next;",
>> >> + igmp_group->mcgroup.name);
>> >> + ovn_lflow_add(lflows, od, S_ROUTER_IN_IP_ROUTING, 500,
>> >> + ds_cstr(&match), ds_cstr(&actions));
>> >> + }
>> >> + }
>> >> +
>> >> /* Logical router ingress table 8: Policy.
>> >> *
>> >> * A packet that arrives at this table is an IP packet that should be
>> >> @@ -7513,10 +7681,24 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >>
>> >> /* Local router ingress table 9: ARP Resolution.
>> >> *
>> >> - * Any packet that reaches this table is an IP packet whose next-hop IP
>> >> - * address is in reg0. (ip4.dst is the final destination.) This table
>> >> - * resolves the IP address in reg0 into an output port in outport and an
>> >> - * Ethernet address in eth.dst. */
>> >> + * Multicast packets already have the outport set so just advance to next
>> >> + * table (priority 500). */
>> >> + HMAP_FOR_EACH (od, key_node, datapaths) {
>> >> + if (!od->nbr) {
>> >> + continue;
>> >> + }
>> >> +
>> >> + ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_RESOLVE, 500,
>> >> + "ip4.mcast", "next;");
>> >> + }
>> >> +
>> >> + /* Local router ingress table 9: ARP Resolution.
>> >> + *
>> >> + * Any unicast packet that reaches this table is an IP packet whose
>> >> + * next-hop IP address is in reg0. (ip4.dst is the final destination.)
>> >> + * This table resolves the IP address in reg0 into an output port in
>> >> + * outport and an Ethernet address in eth.dst.
>> >> + */
>> >> HMAP_FOR_EACH (op, key_node, ports) {
>> >> if (op->nbsp && !lsp_is_enabled(op->nbsp)) {
>> >> continue;
>> >> @@ -7998,9 +8180,13 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >> ovn_lflow_add(lflows, od, S_ROUTER_IN_ARP_REQUEST, 0, "1", "output;");
>> >> }
>> >>
>> >> - /* Logical router egress table 1: Delivery (priority 100).
>> >> + /* Logical router egress table 1: Delivery (priority 100-110).
>> >> *
>> >> - * Priority 100 rules deliver packets to enabled logical ports. */
>> >> + * Priority 100 rules deliver packets to enabled logical ports.
>> >> + * Priority 110 rules match multicast packets and update the source
>> >> + * mac before delivering to enabled logical ports. IP multicast traffic
>> >> + * bypasses S_ROUTER_IN_IP_ROUTING route lookups.
>> >> + */
>> >> HMAP_FOR_EACH (op, key_node, ports) {
>> >> if (!op->nbrp) {
>> >> continue;
>> >> @@ -8020,6 +8206,19 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
>> >> continue;
>> >> }
>> >>
>> >> + /* If multicast relay is enabled then also adjust source mac for IP
>> >> + * multicast traffic.
>> >> + */
>> >> + if (op->od->mcast_info.rtr.relay) {
>> >> + ds_clear(&match);
>> >> + ds_clear(&actions);
>> >> + ds_put_format(&match, "ip4.mcast && outport == %s", op->json_key);
>> >> + ds_put_format(&actions, "eth.src = %s; output;",
>> >> + op->lrp_networks.ea_s);
>> >> + ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 110,
>> >> + ds_cstr(&match), ds_cstr(&actions));
>> >> + }
>> >> +
>> >> ds_clear(&match);
>> >> ds_put_format(&match, "outport == %s", op->json_key);
>> >> ovn_lflow_add(lflows, op->od, S_ROUTER_OUT_DELIVERY, 100,
>> >> @@ -8570,7 +8769,7 @@ build_ip_mcast(struct northd_context *ctx, struct hmap *datapaths)
>> >> if (!ip_mcast) {
>> >> ip_mcast = sbrec_ip_multicast_insert(ctx->ovnsb_txn);
>> >> }
>> >> - store_mcast_info_for_datapath(ip_mcast, od);
>> >> + store_mcast_info_for_switch_datapath(ip_mcast, od);
>> >> }
>> >>
>> >> /* Delete southbound records without northbound matches. */
>> >> @@ -8602,6 +8801,14 @@ build_mcast_groups(struct northd_context *ctx,
>> >>
>> >> if (lsp_is_enabled(op->nbsp)) {
>> >> ovn_multicast_add(mcast_groups, &mc_flood, op);
>> >> +
>> >> + /* If this port is connected to a multicast router then add it
>> >> + * to the MC_MROUTER_FLOOD group.
>> >> + */
>> >> + if (op->od->mcast_info.sw.flood_relay && op->peer &&
>> >> + op->peer->od && op->peer->od->mcast_info.rtr.relay) {
>> >> + ovn_multicast_add(mcast_groups, &mc_mrouter_flood, op);
>> >> + }
>> >> }
>> >> }
>> >>
>> >> @@ -8624,10 +8831,61 @@ build_mcast_groups(struct northd_context *ctx,
>> >> continue;
>> >> }
>> >>
>> >> + struct in6_addr group_address;
>> >> + if (!ovn_igmp_group_get_address(sb_igmp, &group_address)) {
>> >> + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 1);
>> >> + VLOG_WARN_RL(&rl, "invalid IGMP group address: %s",
>> >> + sb_igmp->address);
>> >> + continue;
>> >> + }
>> >> +
>> >> /* Add the IGMP group entry. Will also try to allocate an ID for it
>> >> * if the multicast group already exists.
>> >> */
>> >> - ovn_igmp_group_add(ctx, igmp_groups, od, sb_igmp);
>> >> + struct ovn_igmp_group *igmp_group =
>> >> + ovn_igmp_group_add(ctx, igmp_groups, od, &group_address,
>> >> + sb_igmp->address);
>> >> +
>> >> + /* Extract the IGMP group ports from the SB entry and store them
>> >> + * in the IGMP group.
>> >> + */
>> >> + size_t n_igmp_ports;
>> >> + struct ovn_port **igmp_ports =
>> >> + ovn_igmp_group_get_ports(sb_igmp, &n_igmp_ports, ports);
>> >> + ovn_igmp_group_add_entry(igmp_group, igmp_ports, n_igmp_ports);
>> >> + }
>> >> +
>> >> + /* Build IGMP groups for multicast routers with relay enabled. The router
>> >> + * IGMP groups are based on the groups learnt by their multicast enabled
>> >> + * peers.
>> >> + */
>> >> + struct ovn_datapath *od;
>> >> + HMAP_FOR_EACH (od, key_node, datapaths) {
>> >> +
>> >> + if (ovs_list_is_empty(&od->mcast_info.groups)) {
>> >> + continue;
>> >> + }
>> >> +
>> >> + for (size_t i = 0; i < od->n_router_ports; i++) {
>> >> + struct ovn_port *router_port = od->router_ports[i]->peer;
>> >> +
>> >> + if (!router_port || !router_port->od ||
>> >> + !router_port->od->mcast_info.rtr.relay) {
>> >> + continue;
>> >> + }
>> >> +
>> >> + struct ovn_igmp_group *igmp_group;
>> >> + LIST_FOR_EACH (igmp_group, list_node, &od->mcast_info.groups) {
>> >> + struct ovn_igmp_group *igmp_group_rtr =
>> >> + ovn_igmp_group_add(ctx, igmp_groups, router_port->od,
>> >> + &igmp_group->address,
>> >> + igmp_group->mcgroup.name);
>> >> + struct ovn_port **router_igmp_ports =
>> >> + xmalloc(sizeof *router_igmp_ports);
>> >> + router_igmp_ports[0] = router_port;
>> >> + ovn_igmp_group_add_entry(igmp_group_rtr, router_igmp_ports, 1);
>> >> + }
>> >> + }
>> >> }
>> >>
>> >> /* Walk the aggregated IGMP groups and allocate IDs for new entries.
>> >> @@ -8635,21 +8893,17 @@ build_mcast_groups(struct northd_context *ctx,
>> >> */
>> >> struct ovn_igmp_group *igmp_group, *igmp_group_next;
>> >> HMAP_FOR_EACH_SAFE (igmp_group, igmp_group_next, hmap_node, igmp_groups) {
>> >> - if (igmp_group->mcgroup.key == 0) {
>> >> - struct mcast_info *mcast_info = &igmp_group->datapath->mcast_info;
>> >> - igmp_group->mcgroup.key = ovn_mcast_group_allocate_key(mcast_info);
>> >> - }
>> >>
>> >> - /* If we ran out of keys just destroy the entry. */
>> >> - if (igmp_group->mcgroup.key == 0) {
>> >> + if (!ovn_igmp_group_allocate_id(igmp_group)) {
>> >> + /* If we ran out of keys just destroy the entry. */
>> >> ovn_igmp_group_destroy(igmp_groups, igmp_group);
>> >> continue;
>> >> }
>> >>
>> >> - /* Aggregate the ports from all SB entries corresponding to this
>> >> + /* Aggregate the ports from all entries corresponding to this
>> >> * group.
>> >> */
>> >> - ovn_igmp_group_aggregate_ports(igmp_group, ports, mcast_groups);
>> >> + ovn_igmp_group_aggregate_ports(igmp_group, mcast_groups);
>> >> }
>> >> }
>> >>
>> >> diff --git a/ovn-nb.xml b/ovn-nb.xml
>> >> index f5f10a5..db8cc20 100644
>> >> --- a/ovn-nb.xml
>> >> +++ b/ovn-nb.xml
>> >> @@ -1526,6 +1526,12 @@
>> >> address.
>> >> </p>
>> >> </column>
>> >> + <column name="options" key="mcast_relay" type'{"type": "boolean"}'>
>> >> + <p>
>> >> + Enables/disables IP multicast relay between logical switches
>> >> + connected to the logical router. Default: False.
>> >> + </p>
>> >> + </column>
>> >> </group>
>> >>
>> >> <group title="Common Columns">
>> >> diff --git a/tests/ovn.at b/tests/ovn.at
>> >> index 71eb390..52c044c 100644
>> >> --- a/tests/ovn.at
>> >> +++ b/tests/ovn.at
>> >> @@ -14721,12 +14721,12 @@ AT_CHECK([ovn-sbctl get controller_event $uuid seq_num], [0], [dnl
>> >> OVN_CLEANUP([hv1], [hv2])
>> >> AT_CLEANUP
>> >>
>> >> -AT_SETUP([ovn -- IGMP snoop/querier])
>> >> +AT_SETUP([ovn -- IGMP snoop/querier/relay])
>> >> AT_SKIP_IF([test $HAVE_PYTHON = no])
>> >> ovn_start
>> >>
>> >> # Logical network:
>> >> -# Two independent logical switches (sw1 and sw2).
>> >> +# Three logical switches (sw1-sw3) connected to a logical router (rtr).
>> >> # sw1:
>> >> # - subnet 10.0.0.0/8
>> >> # - 2 ports bound on hv1 (sw1-p11, sw1-p12)
>> >> @@ -14736,6 +14736,10 @@ ovn_start
>> >> # - 1 port bound on hv1 (sw2-p1)
>> >> # - 1 port bound on hv2 (sw2-p2)
>> >> # - IGMP Querier from 20.0.0.254
>> >> +# sw3:
>> >> +# - subnet 30.0.0.0/8
>> >> +# - 1 port bound on hv1 (sw3-p1)
>> >> +# - 1 port bound on hv2 (sw3-p2)
>> >>
>> >> reset_pcap_file() {
>> >> local iface=$1
>> >> @@ -14812,29 +14816,47 @@ store_igmp_v3_query() {
>> >> }
>> >>
>> >> #
>> >> -# send_ip_multicast_pkt INPORT HV ETH_SRC ETH_DST IP_SRC IP_DST IP_LEN
>> >> -# IP_PROTO DATA OUTFILE
>> >> +# send_ip_multicast_pkt INPORT HV ETH_SRC ETH_DST IP_SRC IP_DST IP_LEN TTL
>> >> +# IP_CHKSUM IP_PROTO DATA
>> >> #
>> >> # This shell function causes an IP multicast packet to be received on INPORT
>> >> # of HV.
>> >> # The hexdump of the packet is stored in OUTFILE.
>> >> #
>> >> send_ip_multicast_pkt() {
>> >> - local inport=$1 hv=$2 eth_src=$3 eth_dst=$4 ip_src=$5 ip_dst=$6
>> >> - local ip_len=$7 ip_chksum=$8 proto=$9 data=${10} outfile=${11}
>> >> -
>> >> - local ip_ttl=20
>> >> + local inport=$1 hv=$2 eth_src=$3 eth_dst=$4
>> >> + local ip_src=$5 ip_dst=$6 ip_len=$7 ip_ttl=$8 ip_chksum=$9 proto=${10}
>> >> + local data=${11}
>> >>
>> >> local eth=${eth_dst}${eth_src}0800
>> >> local ip=450000${ip_len}95f14000${ip_ttl}${proto}${ip_chksum}${ip_src}${ip_dst}
>> >> local packet=${eth}${ip}${data}
>> >>
>> >> as $hv ovs-appctl netdev-dummy/receive ${inport} ${packet}
>> >> +}
>> >> +
>> >> +#
>> >> +# store_ip_multicast_pkt ETH_SRC ETH_DST IP_SRC IP_DST IP_LEN TTL
>> >> +# IP_CHKSUM IP_PROTO DATA OUTFILE
>> >> +#
>> >> +# This shell function builds an IP multicast packet and stores the hexdump of
>> >> +# the packet in OUTFILE.
>> >> +#
>> >> +store_ip_multicast_pkt() {
>> >> + local eth_src=$1 eth_dst=$2
>> >> + local ip_src=$3 ip_dst=$4 ip_len=$5 ip_ttl=$6 ip_chksum=$7 proto=$8
>> >> + local data=$9 outfile=${10}
>> >> +
>> >> + local eth=${eth_dst}${eth_src}0800
>> >> + local ip=450000${ip_len}95f14000${ip_ttl}${proto}${ip_chksum}${ip_src}${ip_dst}
>> >> + local packet=${eth}${ip}${data}
>> >> +
>> >> echo ${packet} >> ${outfile}
>> >> }
>> >>
>> >> ovn-nbctl ls-add sw1
>> >> ovn-nbctl ls-add sw2
>> >> +ovn-nbctl ls-add sw3
>> >>
>> >> ovn-nbctl lsp-add sw1 sw1-p11
>> >> ovn-nbctl lsp-add sw1 sw1-p12
>> >> @@ -14842,6 +14864,26 @@ ovn-nbctl lsp-add sw1 sw1-p21
>> >> ovn-nbctl lsp-add sw1 sw1-p22
>> >> ovn-nbctl lsp-add sw2 sw2-p1
>> >> ovn-nbctl lsp-add sw2 sw2-p2
>> >> +ovn-nbctl lsp-add sw3 sw3-p1
>> >> +ovn-nbctl lsp-add sw3 sw3-p2
>> >> +
>> >> +ovn-nbctl lr-add rtr
>> >> +ovn-nbctl lrp-add rtr rtr-sw1 00:00:00:00:01:00 10.0.0.254/24
>> >> +ovn-nbctl lrp-add rtr rtr-sw2 00:00:00:00:02:00 20.0.0.254/24
>> >> +ovn-nbctl lrp-add rtr rtr-sw3 00:00:00:00:03:00 30.0.0.254/24
>> >> +
>> >> +ovn-nbctl lsp-add sw1 sw1-rtr \
>> >> + -- lsp-set-type sw1-rtr router \
>> >> + -- lsp-set-addresses sw1-rtr 00:00:00:00:01:00 \
>> >> + -- lsp-set-options sw1-rtr router-port=rtr-sw1
>> >> +ovn-nbctl lsp-add sw2 sw2-rtr \
>> >> + -- lsp-set-type sw2-rtr router \
>> >> + -- lsp-set-addresses sw2-rtr 00:00:00:00:02:00 \
>> >> + -- lsp-set-options sw2-rtr router-port=rtr-sw2
>> >> +ovn-nbctl lsp-add sw3 sw3-rtr \
>> >> + -- lsp-set-type sw3-rtr router \
>> >> + -- lsp-set-addresses sw3-rtr 00:00:00:00:03:00 \
>> >> + -- lsp-set-options sw3-rtr router-port=rtr-sw3
>> >>
>> >> net_add n1
>> >> sim_add hv1
>> >> @@ -14863,6 +14905,11 @@ ovs-vsctl -- add-port br-int hv1-vif3 -- \
>> >> options:tx_pcap=hv1/vif3-tx.pcap \
>> >> options:rxq_pcap=hv1/vif3-rx.pcap \
>> >> ofport-request=1
>> >> +ovs-vsctl -- add-port br-int hv1-vif4 -- \
>> >> + set interface hv1-vif4 external-ids:iface-id=sw3-p1 \
>> >> + options:tx_pcap=hv1/vif4-tx.pcap \
>> >> + options:rxq_pcap=hv1/vif4-rx.pcap \
>> >> + ofport-request=1
>> >>
>> >> sim_add hv2
>> >> as hv2
>> >> @@ -14883,12 +14930,18 @@ ovs-vsctl -- add-port br-int hv2-vif3 -- \
>> >> options:tx_pcap=hv2/vif3-tx.pcap \
>> >> options:rxq_pcap=hv2/vif3-rx.pcap \
>> >> ofport-request=1
>> >> +ovs-vsctl -- add-port br-int hv2-vif4 -- \
>> >> + set interface hv2-vif4 external-ids:iface-id=sw3-p2 \
>> >> + options:tx_pcap=hv2/vif4-tx.pcap \
>> >> + options:rxq_pcap=hv2/vif4-rx.pcap \
>> >> + ofport-request=1
>> >>
>> >> OVN_POPULATE_ARP
>> >>
>> >> # Enable IGMP snooping on sw1.
>> >> -ovn-nbctl set Logical_Switch sw1 other_config:mcast_querier="false"
>> >> -ovn-nbctl set Logical_Switch sw1 other_config:mcast_snoop="true"
>> >> +ovn-nbctl set Logical_Switch sw1 \
>> >> + other_config:mcast_querier="false" \
>> >> + other_config:mcast_snoop="true"
>> >>
>> >> # No IGMP query should be generated by sw1 (mcast_querier="false").
>> >> truncate -s 0 expected
>> >> @@ -14921,9 +14974,12 @@ truncate -s 0 expected
>> >> truncate -s 0 expected_empty
>> >> send_ip_multicast_pkt hv1-vif2 hv1 \
>> >> 000000000001 01005e000144 \
>> >> - $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e ca70 11 \
>> >> - e518e518000a3b3a0000 \
>> >> - expected
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000
>> >> +store_ip_multicast_pkt \
>> >> + 000000000001 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000 expected
>> >>
>> >> OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [expected])
>> >> OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
>> >> @@ -14944,17 +15000,19 @@ OVS_WAIT_UNTIL([
>> >> test "${total_entries}" = "1"
>> >> ])
>> >>
>> >> -# Send traffic traffic and make sure it gets forwarded only on the port that
>> >> -# joined.
>> >> +# Send traffic and make sure it gets forwarded only on the port that joined.
>> >> as hv1 reset_pcap_file hv1-vif1 hv1/vif1
>> >> as hv2 reset_pcap_file hv2-vif1 hv2/vif1
>> >> truncate -s 0 expected
>> >> truncate -s 0 expected_empty
>> >> send_ip_multicast_pkt hv1-vif2 hv1 \
>> >> 000000000001 01005e000144 \
>> >> - $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e ca70 11 \
>> >> - e518e518000a3b3a0000 \
>> >> - expected
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000
>> >> +store_ip_multicast_pkt \
>> >> + 000000000001 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000 expected
>> >>
>> >> OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [expected_empty])
>> >> OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected])
>> >> @@ -14988,6 +15046,111 @@ sleep 1
>> >> OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [expected])
>> >> OVN_CHECK_PACKETS([hv2/vif3-tx.pcap], [expected])
>> >>
>> >> +# Dissable IGMP querier on sw2.
>> >> +ovn-nbctl set Logical_Switch sw2 \
>> >> + other_config:mcast_querier="false"
>> >> +
>> >> +# Enable IGMP snooping on sw3.
>> >> +ovn-nbctl set Logical_Switch sw3 \
>> >> + other_config:mcast_querier="false" \
>> >> + other_config:mcast_snoop="true"
>> >> +
>> >> +# Send traffic from sw3 and make sure rtr doesn't relay it.
>> >> +truncate -s 0 expected_empty
>> >> +
>> >> +as hv1 reset_pcap_file hv1-vif1 hv1/vif1
>> >> +as hv1 reset_pcap_file hv1-vif2 hv1/vif2
>> >> +as hv1 reset_pcap_file hv1-vif3 hv1/vif3
>> >> +as hv1 reset_pcap_file hv1-vif4 hv1/vif4
>> >> +as hv2 reset_pcap_file hv2-vif1 hv2/vif1
>> >> +as hv2 reset_pcap_file hv2-vif2 hv2/vif2
>> >> +as hv2 reset_pcap_file hv2-vif3 hv2/vif3
>> >> +as hv2 reset_pcap_file hv2-vif4 hv2/vif4
>> >> +
>> >> +send_ip_multicast_pkt hv2-vif4 hv2 \
>> >> + 000000000001 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000
>> >> +
>> >> +# Sleep a bit to make sure no traffic is received and then check.
>> >> +sleep 1
>> >> +OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif3-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv1/vif4-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif2-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif4-tx.pcap], [expected_empty])
>> >> +
>> >> +# Enable IGMP relay on rtr
>> >> +ovn-nbctl set logical_router rtr \
>> >> + options:mcast_relay="true"
>> >> +
>> >> +# Inject IGMP Join for 239.0.1.68 on sw1-p11.
>> >> +send_igmp_v3_report hv1-vif1 hv1 \
>> >> + 000000000001 $(ip_to_hex 10 0 0 1) f9f8 \
>> >> + $(ip_to_hex 239 0 1 68) 04 e9b9 \
>> >> + /dev/null
>> >> +# Inject IGMP Join for 239.0.1.68 on sw2-p2.
>> >> +send_igmp_v3_report hv2-vif3 hv2 \
>> >> + 000000000001 $(ip_to_hex 10 0 0 1) f9f8 \
>> >> + $(ip_to_hex 239 0 1 68) 04 e9b9 \
>> >> + /dev/null
>> >> +# Inject IGMP Join for 239.0.1.68 on sw3-p1.
>> >> +send_igmp_v3_report hv1-vif4 hv1 \
>> >> + 000000000001 $(ip_to_hex 10 0 0 1) f9f8 \
>> >> + $(ip_to_hex 239 0 1 68) 04 e9b9 \
>> >> + /dev/null
>> >> +
>> >> +# Check that the IGMP Group is learned by all switches.
>> >> +OVS_WAIT_UNTIL([
>> >> + total_entries=`ovn-sbctl find IGMP_Group | grep "239.0.1.68" | wc -l`
>> >> + test "${total_entries}" = "3"
>> >> +])
>> >> +
>> >> +# Send traffic from sw3 and make sure it is relayed by rtr.
>> >> +# and ports that joined.
>> >> +truncate -s 0 expected_routed_sw1
>> >> +truncate -s 0 expected_routed_sw2
>> >> +truncate -s 0 expected_switched
>> >> +truncate -s 0 expected_empty
>> >> +
>> >> +as hv1 reset_pcap_file hv1-vif1 hv1/vif1
>> >> +as hv1 reset_pcap_file hv1-vif2 hv1/vif2
>> >> +as hv1 reset_pcap_file hv1-vif3 hv1/vif3
>> >> +as hv1 reset_pcap_file hv1-vif4 hv1/vif4
>> >> +as hv2 reset_pcap_file hv2-vif1 hv2/vif1
>> >> +as hv2 reset_pcap_file hv2-vif2 hv2/vif2
>> >> +as hv2 reset_pcap_file hv2-vif3 hv2/vif3
>> >> +as hv2 reset_pcap_file hv2-vif4 hv2/vif4
>> >> +
>> >> +send_ip_multicast_pkt hv2-vif4 hv2 \
>> >> + 000000000001 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000
>> >> +store_ip_multicast_pkt \
>> >> + 000000000100 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 1f cb70 11 \
>> >> + e518e518000a3b3a0000 expected_routed_sw1
>> >> +store_ip_multicast_pkt \
>> >> + 000000000200 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 1f cb70 11 \
>> >> + e518e518000a3b3a0000 expected_routed_sw2
>> >> +store_ip_multicast_pkt \
>> >> + 000000000001 01005e000144 \
>> >> + $(ip_to_hex 10 0 0 42) $(ip_to_hex 239 0 1 68) 1e 20 ca70 11 \
>> >> + e518e518000a3b3a0000 expected_switched
>> >> +
>> >> +OVN_CHECK_PACKETS([hv1/vif1-tx.pcap], [expected_routed_sw1])
>> >> +OVN_CHECK_PACKETS([hv2/vif3-tx.pcap], [expected_routed_sw2])
>> >> +OVN_CHECK_PACKETS([hv1/vif4-tx.pcap], [expected_switched])
>> >> +OVN_CHECK_PACKETS([hv1/vif2-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv1/vif3-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif1-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif2-tx.pcap], [expected_empty])
>> >> +OVN_CHECK_PACKETS([hv2/vif4-tx.pcap], [expected_empty])
>> >> +
>> >> OVN_CLEANUP([hv1], [hv2])
>> >> AT_CLEANUP
>> >>
>> >> --
>> >> 1.8.3.1
>> >>
>> >> _______________________________________________
>> >> dev mailing list
>> >> dev at openvswitch.org
>> >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
More information about the dev
mailing list