[ovs-git] Open vSwitch: ofproto-dpif: Flush MACs for deleted ports from every bridge. (branch-1.4)

dev at openvswitch.org dev at openvswitch.org
Thu Dec 22 18:23:18 UTC 2011


This is an automated email from the git hooks/post-receive script. It was
generated because a ref change was pushed to the repository containing
the project "Open vSwitch".

The branch, branch-1.4 has been updated
       via  4fa126216803df65814fa5f69b12a66b2541f808 (commit)
       via  260ab6946aef1a3138e0ac3665f29a065cb402d2 (commit)
      from  690e2e715acd393116185dd0e027536ad88e894c (commit)

Those revisions listed above that are new to this repository have
not appeared on any other notification email; so we list those
revisions in full, below.

- Log -----------------------------------------------------------------
commit 4fa126216803df65814fa5f69b12a66b2541f808
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=4fa126216803df65814fa5f69b12a66b2541f808
Author: Ben Pfaff <blp at nicira.com>
		
ofproto-dpif: Flush MACs for deleted ports from every bridge.
		
Consider this scenario: two hypervisors HV-1 and HV-2, connected to a
common physical network over SLB bonds.  Two virtual machines VM-1 and VM-2
are both running on HV-1.  Patch ports are in use, so that each VM is not
connected to a bridge with a physical Ethernet port but is actually one
virtual "hop" away across a patch port to a second OVS bridge.  VM-2 is
running a "ping" process directed at VM-1.

Now migrate VM-1 to HV-2.  Suppose that VM-1 fails to send out a gratuitous
ARP following migration, or that the gratuitous ARPs are lost, e.g. because
they are sent before the OpenFlow controller manages to populate the flow
table with rules to allow the VM's traffic

Now we are in a situation where HV-1 has learned that VM-1 is local and
HV-2 has learned that VM-1 is on its bond; both are wrong.  One would
expect the problem to resolve itself as soon the VM-1 sends out its first
packet.  However, SLB bonds (for important reasons documented in
vswitchd/INTERNALS) are very reluctant to learn that a currently local MAC
is actually on the bond: the only ways to learn that the MAC is on the bond
are to receive a gratuitous ARP (which we won't, since they were dropped)
or for the MAC learning entry to expire after 60 seconds. This means that
VM-1 can send out as much ordinary traffic as it wants (even ARP requests
and other broadcasts) but HV-1 will drop all of it at the physical Ethernet
since it believes that VM-1 is local.

(In an ordinary setup with a single bridge, HV-1 would have unlearned the
address for VM-1 when VM-1's port was deleted, but that didn't happen
because HV-1 only learned that VM-1 was on the patch port that leads to the
integration bridge.  The patch port didn't get deleted.)

HV-2 does quickly learn that VM-1 is now local.  SLB bonds are only
reluctant to learn that something they think is local is actually on the
bond, not the reverse.

This commit attempts to work around the problem by flushing the MAC
associated with a port from *every* bridge when a port is deleted.

This commit demonstrates yet another good reason not to use SLB bonds.

Build and unit tested only.
Bug #7978.
Bug #7687.

Signed-off-by: Ben Pfaff <blp at nicira.com>


commit 260ab6946aef1a3138e0ac3665f29a065cb402d2
Diffs: http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=commitdiff;h=260ab6946aef1a3138e0ac3665f29a065cb402d2
Author: Ben Pfaff <blp at nicira.com>
		
dpif-netdev: Correctly report types of dummy netdevs.
		
When dpif-netdev is in use as a "dummy" datapath, the devices that are
added to it have type "dummy", but the dpif methods that report the types
of ports reported that they had type "system".  This meant that every time
the bridge code reconfigured, it would see that the ports had the wrong
types and delete and re-add them, which had other undesirable effects such
as flushing the entire MAC learning table whenever ovs-vsctl changed the
configuration.

Signed-off-by: Ben Pfaff <blp at nicira.com>


-----------------------------------------------------------------------

Summary of changes:
 lib/dpif-netdev.c      |    6 ++-
 ofproto/ofproto-dpif.c |   55 ++++++++++++++++++----
 tests/ofproto-dpif.at  |  124 ++++++++++++++++++++++++++++++++++++++++++++++++
 3 files changed, 174 insertions(+), 11 deletions(-)


hooks/post-receive
-- 
Open vSwitch



More information about the git mailing list