[ovs-dev] [RFC PATCH ovn] ovn-northd: Support optionally avoid static neighbor flows in routers.

Han Zhou hzhou at ovn.org
Sat May 16 06:47:18 UTC 2020


Support option:dynamic_neigh_only for logical routers, so that in
particular use cases static neighbor flows are not prepopulated,
to avoid flow exploding problem reported for ovn-kubernetes large
scale setup.

Reported-by: Girish Moodalbail <gmoodalbail at gmail.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2020-May/049995.html
Signed-off-by: Han Zhou <hzhou at ovn.org>
---
 northd/ovn-northd.8.xml |  4 +++-
 northd/ovn-northd.c     | 18 ++++++++++++++++++
 ovn-nb.xml              | 12 ++++++++++++
 3 files changed, 33 insertions(+), 1 deletion(-)

diff --git a/northd/ovn-northd.8.xml b/northd/ovn-northd.8.xml
index 8f224b0..e5ed14e 100644
--- a/northd/ovn-northd.8.xml
+++ b/northd/ovn-northd.8.xml
@@ -2692,7 +2692,9 @@ outport = <var>P</var>;
           <code>Logical_Switch_Port</code> table.  For router ports
           connected to other logical routers, MAC bindings can be known
           statically from the <code>mac</code> and <code>networks</code>
-          column in the <code>Logical_Router_Port</code> table.
+          column in the <code>Logical_Router_Port</code> table.  (Note: these
+          flows are NOT installed for routers that have
+          <code>options:dynamic_neigh_only</code> set to <code>true</code>)
         </p>
 
         <p>
diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index 87625c3..436faec 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -9821,6 +9821,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                             continue;
                         }
 
+                        if (peer->od->nbr &&
+                            smap_get_bool(&peer->od->nbr->options,
+                                          "dynamic_neigh_only", false)) {
+                            continue;
+                        }
+
                         if (!find_lrp_member_ip(peer, ip_s)) {
                             continue;
                         }
@@ -9857,6 +9863,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                             continue;
                         }
 
+                        if (peer->od->nbr &&
+                            smap_get_bool(&peer->od->nbr->options,
+                                          "dynamic_neigh_only", false)) {
+                            continue;
+                        }
+
                         if (!find_lrp_member_ip(peer, ip_s)) {
                             continue;
                         }
@@ -9954,6 +9966,12 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                             continue;
                         }
 
+                        if (peer->od->nbr &&
+                            smap_get_bool(&peer->od->nbr->options,
+                                          "dynamic_neigh_only", false)) {
+                            continue;
+                        }
+
                         if (!find_lrp_member_ip(peer, vip)) {
                             continue;
                         }
diff --git a/ovn-nb.xml b/ovn-nb.xml
index 95ee4c9..df916fa 100644
--- a/ovn-nb.xml
+++ b/ovn-nb.xml
@@ -1840,6 +1840,18 @@
           connected to the logical router. Default: False.
         </p>
       </column>
+      <column name="options" key="dynamic_neigh_only" type='{"type": "boolean"}'>
+        <p>
+          If set to <code>true</code>, the router will resolve neighbours' MAC
+          addresses only by dynamic ARP/ND, instead of prepopulating static
+          mappings for all neighbours in the ARP/ND Resolution stage.  This
+          reduces number of flows, but requires ARP/ND messages to resolve
+          the IP-MAC bindings when needed.  It is <code>false</code> by
+          default.  It is recommended to set to <code>true</code> when a large
+          number of logical routers are connected to the same logical switch
+          but most of them never need to send traffic between each other.
+        </p>
+      </column>
     </group>
 
     <group title="Common Columns">
-- 
2.1.0



More information about the dev mailing list