[ovs-dev] [PATCH ovn RFC v4 04/24] Move NAT and Load Balancing to a separate function

anton.ivanov at cambridgegreys.com anton.ivanov at cambridgegreys.com
Wed Sep 2 14:59:30 UTC 2020


From: Anton Ivanov <anton.ivanov at cambridgegreys.com>

Signed-off-by: Anton Ivanov <anton.ivanov at cambridgegreys.com>
---
 northd/ovn-northd.c | 148 ++++++++++++++++++++++++++------------------
 1 file changed, 89 insertions(+), 59 deletions(-)

diff --git a/northd/ovn-northd.c b/northd/ovn-northd.c
index 10ddf6d0a..7af7ae525 100644
--- a/northd/ovn-northd.c
+++ b/northd/ovn-northd.c
@@ -9058,6 +9058,8 @@ build_lrouter_flows_table_3_ip_input_op(struct ovn_port *op, struct hmap *lflows
          * ETH address.
          */
         if (op != op->od->l3dgw_port) {
+            ds_destroy(&match);
+            ds_destroy(&actions);
             return;
         }
 
@@ -9176,7 +9178,7 @@ build_lrouter_ip_input_chassis_redirect_op(
      * No ingress packets are accepted on a chassisredirect
      * port, so no need to program flows for that port. */
 
-    if (op->nbrp && (!op->derived)) {
+    if (op->nbrp && !op->derived) {
         if (op->lrp_networks.n_ipv6_addrs) {
             /* ICMPv6 echo reply.  These flows reply to echo requests
              * received for the router's IP address. */
@@ -9304,57 +9306,15 @@ build_lrouter_ip_input_chassis_redirect_op(
 }
 
 static void
-build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
-                    struct hmap *lflows, struct shash *meter_groups,
-                    struct hmap *lbs)
+build_lrouter_flows_NAT_defrag_lb_od(
+        struct ovn_datapath *od, struct hmap *lflows,
+        struct hmap *lbs, struct shash *meter_groups)
 {
-    /* This flow table structure is documented in ovn-northd(8), so please
-     * update ovn-northd.8.xml if you change anything. */
-
     struct ds match = DS_EMPTY_INITIALIZER;
     struct ds actions = DS_EMPTY_INITIALIZER;
 
-
-    struct ovn_datapath *od;
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        build_lrouter_flows_ingress_table_0_od(od, lflows);
-    }
-
-    struct ovn_port *op;
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_flows_ingress_table_0_op(op, lflows);
-    }
-
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        build_lrouter_flows_arp_nd_mac_learn_od(od, lflows);
-    }
-
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_flows_arp_nd_mac_learn_op(op, lflows);
-    }
-
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_flows_table_3_ip_input_op(op, lflows);
-    }
-
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        build_lrouter_flows_table_3_ip_input_od(od, lflows);
-    }
-
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_dhcp_reply_op(op, lflows);
-    }
-
-    HMAP_FOR_EACH (op, key_node, ports) {
-        build_lrouter_ip_input_chassis_redirect_op(op, lflows);
-    }
-
     /* NAT, Defrag and load balancing. */
-    HMAP_FOR_EACH (od, key_node, datapaths) {
-        if (!od->nbr) {
-            continue;
-        }
-
+    if (od->nbr) {
         /* Packets are allowed by default. */
         ovn_lflow_add(lflows, od, S_ROUTER_IN_DEFRAG, 0, "1", "next;");
         ovn_lflow_add(lflows, od, S_ROUTER_IN_UNSNAT, 0, "1", "next;");
@@ -9373,7 +9333,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
          * l3dgw_port (router has a port with "redirect-chassis"
          * specified). */
         if (!smap_get(&od->nbr->options, "chassis") && !od->l3dgw_port) {
-            continue;
+            ds_destroy(&match);
+            ds_destroy(&actions);
+            return;
         }
 
         struct sset nat_entries = SSET_INITIALIZER(&nat_entries);
@@ -9895,7 +9857,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
          * Gateway routers or router with gateway port. */
         if (!smap_get(&od->nbr->options, "chassis") && !od->l3dgw_port) {
             sset_destroy(&nat_entries);
-            continue;
+            ds_destroy(&match);
+            ds_destroy(&actions);
+            return;
         }
 
         /* A set to hold all ips that need defragmentation and tracking. */
@@ -9974,18 +9938,23 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
         sset_destroy(&all_ips);
         sset_destroy(&nat_entries);
     }
+    ds_destroy(&match);
+    ds_destroy(&actions);
+}
+
+static void
+build_lrouter_flows_NAT_defrag_lb_op(struct ovn_port *op, struct hmap *lflows)
+{
 
     /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: IPv6 Router
      * Adv (RA) options and response. */
-    HMAP_FOR_EACH (op, key_node, ports) {
-        if (!op->nbrp || op->nbrp->peer || !op->peer) {
-            continue;
-        }
-
-        if (!op->lrp_networks.n_ipv6_addrs) {
-            continue;
-        }
+    if (!op->nbrp || op->nbrp->peer || !op->peer) {
+        return;
+    }
+    if (op->lrp_networks.n_ipv6_addrs) {
 
+        struct ds match = DS_EMPTY_INITIALIZER;
+        struct ds actions = DS_EMPTY_INITIALIZER;
         struct smap options;
         smap_clone(&options, &op->sb->options);
 
@@ -10014,7 +9983,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
             &op->nbrp->ipv6_ra_configs, "address_mode");
 
         if (!address_mode) {
-            continue;
+            ds_destroy(&match);
+            ds_destroy(&actions);
+            return;
         }
         if (strcmp(address_mode, "slaac") &&
             strcmp(address_mode, "dhcpv6_stateful") &&
@@ -10022,7 +9993,9 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
             static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
             VLOG_WARN_RL(&rl, "Invalid address mode [%s] defined",
                          address_mode);
-            continue;
+            ds_destroy(&match);
+            ds_destroy(&actions);
+            return;
         }
 
         if (smap_get_bool(&op->nbrp->ipv6_ra_configs, "send_periodic",
@@ -10093,6 +10066,63 @@ build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
                                     ds_cstr(&match), ds_cstr(&actions),
                                     &op->nbrp->header_);
         }
+        ds_destroy(&match);
+        ds_destroy(&actions);
+    }
+}
+
+static void
+build_lrouter_flows(struct hmap *datapaths, struct hmap *ports,
+                    struct hmap *lflows, struct shash *meter_groups,
+                    struct hmap *lbs)
+{
+    /* This flow table structure is documented in ovn-northd(8), so please
+     * update ovn-northd.8.xml if you change anything. */
+
+    struct ds match = DS_EMPTY_INITIALIZER;
+    struct ds actions = DS_EMPTY_INITIALIZER;
+
+    struct ovn_datapath *od;
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_ingress_table_0_od(od, lflows);
+    }
+
+    struct ovn_port *op;
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_ingress_table_0_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_arp_nd_mac_learn_od(od, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_arp_nd_mac_learn_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_table_3_ip_input_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_table_3_ip_input_od(od, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_dhcp_reply_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_ip_input_chassis_redirect_op(op, lflows);
+    }
+
+    HMAP_FOR_EACH (od, key_node, datapaths) {
+        build_lrouter_flows_NAT_defrag_lb_od(
+                od, lflows, lbs, meter_groups);
+    }
+
+    HMAP_FOR_EACH (op, key_node, ports) {
+        build_lrouter_flows_NAT_defrag_lb_op(op, lflows);
     }
 
     /* Logical router ingress table ND_RA_OPTIONS & ND_RA_RESPONSE: RS
-- 
2.20.1



More information about the dev mailing list