[ovs-dev] [PATCH v2 ovn] tests: check localport->localnet->external flows cleared

Ihar Hrachyshka ihrachys at redhat.com
Thu Jul 15 21:00:11 UTC 2021 

In addition to external port deleted scenario already covered in the
test scenario, also validate that HA group change or unset also
behaves properly (rules allowing external port traffic to leak into
localnet gone).

Related: 1148580290d0a ("Don't suppress localport traffic directed to
external port")

Signed-off-by: Ihar Hrachyshka <ihrachys at redhat.com>

v1: initial version
v2: fix ddlog test failure by waiting on hv to sync
---
 tests/ovn.at | 43 ++++++++++++++++++++++++++++++++-----------
 1 file changed, 32 insertions(+), 11 deletions(-)

diff --git a/tests/ovn.at b/tests/ovn.at
index 93e1a0267..32efc054f 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -12198,24 +12198,28 @@ send_garp() {
     ovs-appctl netdev-dummy/receive $inport $request
 }
 
-spa=$(ip_to_hex 10 0 0 1)
-tpa=$(ip_to_hex 10 0 0 2)
-send_garp lp 000000000001 000000000002 $spa $tpa
-
-spa=$(ip_to_hex 10 0 0 1)
-tpa=$(ip_to_hex 10 0 0 10)
-send_garp lp 000000000001 000000000010 $spa $tpa
+send_frames() {
+    spa=$(ip_to_hex 10 0 0 1)
+    tpa=$(ip_to_hex 10 0 0 2)
+    send_garp lp 000000000001 000000000002 $spa $tpa
+
+    spa=$(ip_to_hex 10 0 0 1)
+    tpa=$(ip_to_hex 10 0 0 10)
+    send_garp lp 000000000001 000000000010 $spa $tpa
+
+    spa=$(ip_to_hex 10 0 0 1)
+    tpa=$(ip_to_hex 10 0 0 3)
+    send_garp lp 000000000001 000000000003 $spa $tpa
+}
 
-spa=$(ip_to_hex 10 0 0 1)
-tpa=$(ip_to_hex 10 0 0 3)
-send_garp lp 000000000001 000000000003 $spa $tpa
+send_frames
 
 dnl external traffic from localport should be sent to localnet
 AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a000002 | wc -l],[0],[dnl
 1
 ],[ignore])
 
-#dnl ...regardless of localnet / external ports creation order
+dnl ...regardless of localnet / external ports creation order
 AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a00000a | wc -l],[0],[dnl
 1
 ],[ignore])
@@ -12225,6 +12229,23 @@ AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a000003 | wc -l],[0]
 0
 ],[ignore])
 
+# now disown both external ports, one by moving to another (non-existing)
+# chassis, another by removing the port from any ha groups
+check ovn-nbctl --wait=sb ha-chassis-group-add fake_hagrp
+fake_hagrp_uuid=`ovn-nbctl --bare --columns _uuid find ha_chassis_group name=fake_hagrp`
+check ovn-nbctl set logical_switch_port lext ha_chassis_group=$fake_hagrp_uuid
+check ovn-nbctl clear logical_switch_port lext2 ha_chassis_group
+check ovn-nbctl --wait=hv sync
+
+# check that traffic no longer leaks into localnet
+send_frames
+
+for suffix in 2 a; do
+    AT_CHECK([tcpdump -r main/br-phys_n1-tx.pcap arp[[24:4]]=0x0a00000${suffix} | wc -l],[0],[dnl
+1
+],[ignore])
+done
+
 AT_CLEANUP
 ])
 
-- 
2.31.1

More information about the dev mailing list