[ovs-dev] [PATCH ovn] Deliver multicast traffic to localport ports

Ihar Hrachyshka ihrachys at redhat.com
Thu Oct 14 22:55:06 UTC 2021


Without the patch, OVN doesn't flood multicast traffic to localport
ports.

Among other things, this breaks IP connectivity between VIFs and
localport ports when the switch is vlan-passthru=true since we disable
local ARP responder for such switches, which breaks ARP discovery that
relies on broadcast. This breaks metadata service for OpenStack VLAN
transparent networks.

Even with ARP responder enabled, other types of broadcast traffic were
not delivered to localport ports, so strictly speaking the bug was
always present, it just didn't affect a very particular ARP flow because
of the responder.

Fixes: ea57f666 ("Disable ARP/NA responders for vlan-passthru switches")
Signed-off-by: Ihar Hrachyshka <ihrachys at redhat.com>
---
 controller/physical.c |  2 +-
 tests/ovn.at          | 60 +++++++++++++++++++++++++++++++++++++++++++
 2 files changed, 61 insertions(+), 1 deletion(-)

diff --git a/controller/physical.c b/controller/physical.c
index 0e7a3712f..4b7ae3ca8 100644
--- a/controller/physical.c
+++ b/controller/physical.c
@@ -1466,7 +1466,7 @@ consider_mc_group(struct ovsdb_idl_index *sbrec_port_binding_by_name,
         const char *lport_name = (port->parent_port && *port->parent_port) ?
                                   port->parent_port : port->logical_port;
 
-        if (!strcmp(port->type, "patch")) {
+        if (!strcmp(port->type, "patch") || !strcmp(port->type, "localport")) {
             put_load(port->tunnel_key, MFF_LOG_OUTPORT, 0, 32,
                      &remote_ofpacts);
             put_resubmit(OFTABLE_CHECK_LOOPBACK, &remote_ofpacts);
diff --git a/tests/ovn.at b/tests/ovn.at
index 2ec91b29d..005585b74 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -12422,6 +12422,66 @@ done
 AT_CLEANUP
 ])
 
+OVN_FOR_EACH_NORTHD([
+AT_SETUP([localport takes part in broadcast ARP delivery])
+AT_SKIP_IF([test $HAVE_TCPDUMP = no])
+
+ovn_start
+net_add n1
+
+check ovs-vsctl add-br br-phys
+ovn_attach n1 br-phys 192.168.0.1
+
+# enable vlan transparency to disable local arp responder and allow ovn deliver
+# the request to the other side
+ovn-nbctl ls-add ls -- add Logical_Switch ls other_config vlan-passthru=true
+
+check ovn-nbctl lsp-add ls lp
+check ovn-nbctl lsp-set-addresses lp "00:00:00:00:00:01 10.0.0.1"
+check ovn-nbctl lsp-set-type lp localport
+check ovs-vsctl add-port br-int lp \
+    -- set Interface lp external-ids:iface-id=lp \
+        options:tx_pcap=lp-tx.pcap \
+        options:rxq_pcap=lp-rx.pcap
+
+check ovn-nbctl lsp-add ls lsp
+check ovn-nbctl lsp-set-addresses lsp "00:00:00:00:00:02 10.0.0.2"
+check ovs-vsctl add-port br-int lsp \
+    -- set Interface lsp external-ids:iface-id=lsp \
+        options:tx_pcap=lsp-tx.pcap \
+        options:rxq_pcap=lsp-rx.pcap
+
+wait_for_ports_up
+check ovn-nbctl --wait=hv sync
+
+for port in lp lsp; do
+    : > $port.expected
+done
+
+send_arp_request() {
+    local inport=$1 outport=$2 eth_src=$3 spa=$4 tpa=$5
+    local eth_dst=ffffffffffff
+    local eth_type=0806
+    local eth=${eth_dst}${eth_src}${eth_type}
+
+    local arp=0001080006040001${eth_src}${spa}${eth_dst}${tpa}
+
+    local request=${eth}${arp}
+    check ovs-appctl netdev-dummy/receive $inport $request
+    echo $request >> $outport.expected
+}
+
+src_mac=000000000001
+src_ip=$(ip_to_hex 10 0 0 1)
+dst_ip=$(ip_to_hex 10 0 0 2)
+send_arp_request lsp lp ${src_mac} ${src_ip} ${dst_ip}
+
+OVN_CHECK_PACKETS([lsp-tx.pcap], [lsp.expected])
+OVN_CHECK_PACKETS([lp-tx.pcap], [lp.expected])
+
+AT_CLEANUP
+])
+
 OVN_FOR_EACH_NORTHD([
 AT_SETUP([1 LR with HA distributed router gateway port])
 ovn_start
-- 
2.31.1



More information about the dev mailing list