[ovs-git] [ovn-org/ovn] a73b1f: pinctrl: Directly update MAC_Bindings created by s...

Dumitru Ceara noreply at github.com
Wed Nov 4 12:13:38 UTC 2020


  Branch: refs/heads/branch-20.09
  Home:   https://github.com/ovn-org/ovn
  Commit: a73b1ffa85a8d6ef9f4a15f7b90c8b73bb61e359
      https://github.com/ovn-org/ovn/commit/a73b1ffa85a8d6ef9f4a15f7b90c8b73bb61e359
  Author: Dumitru Ceara <dceara at redhat.com>
  Date:   2020-11-04 (Wed, 04 Nov 2020)

  Changed paths:
    M controller/pinctrl.c

  Log Message:
  -----------
  pinctrl: Directly update MAC_Bindings created by self originated GARPs.

OVN uses GARPs to announce changes to locally owned NAT addresses.  This is
OK when updating upstream router caches but is unnecessary for updating OVN
logical router MAC_Bindings.

ovn-controller already has the information required for directly
updating/inserting the MAC_Bindings that would be created by neighbor
routers.

This also has the advantage that GARPs don't necessarily need to be flooded
in the complete L2 domain of the switch and that router patch ports can be
skipped.  An upcoming commit will take advantage of this.

Suggested-by: Lorenzo Bianconi <lorenzo.bianconi at redhat.com>
Fixes: 81e928526b8a ("ovn-controller: Inject GARPs to logical switch pipeline to update neighbors")
Acked-by: Mark Michelson <mmichels at redhat.com>
Signed-off-by: Dumitru Ceara <dceara at redhat.com>
Signed-off-by: Numan Siddique <numans at ovn.org>

(cherry-picked from master commit a2b88dc5136507e727e4bcdc4bf6fde559f519a9)


  Commit: 181e896e95fee244ec761a15f83bb9e47695f617
      https://github.com/ovn-org/ovn/commit/181e896e95fee244ec761a15f83bb9e47695f617
  Author: Dumitru Ceara <dceara at redhat.com>
  Date:   2020-11-04 (Wed, 04 Nov 2020)

  Changed paths:
    M lib/mcast-group-index.h
    M northd/ovn-northd.8.xml
    M northd/ovn-northd.c
    M tests/ovn.at

  Log Message:
  -----------
  ovn-northd: Limit self originated ARP/ND broadcast domain.

Considering the following large scale deployment:
external-network -- public-logical-switch -- router-1 -- sw1 -- VIF-1
                                          -- router-2 -- sw2 -- VIF-2
                                          ...
                                          -- router-n -- swn -- VIF-n

To avoid hitting the max number of OVS resubmits (4K currently) OVN already
restricted the broadcast domain for ARP/ND requests received from the
external network and targeting an OVN-owned IP (e.g., owned by router-x).
Such packets are not flooded in the broadcast domain of the public logical
switch and instead are forwarded only to the port connecting router-x.

However, the max number of OVS resubmits can also be hit in the following
scenarios:
- router-x tries to resolve an IP owned by router-y (e.g., VIF-x trying to
  reach VIF-y via floating IP).
- router-x tries to resolve an IP owned by the external network.

Because ARP/ND requests in the above cases are originated by OVN router ports
they were being flooded in the complete broadcast domain of the public
logical switch.

Instead, we now create a new Multicast_Group for each logical switch and add
all non-router ports to it.  ARP/ND requests are now forwarded to the router
port that owns the IP (if any) and then flooded in this restricted MC_FLOOD_L2
broadcast domain.

Fixes: 32f5ebb06226 ("ovn-northd: Limit ARP/ND broadcast domain whenever possible.")
Acked-by: Mark Michelson <mmichels at redhat.com>
Signed-off-by: Dumitru Ceara <dceara at redhat.com>

(cherry-picked from master commit 8c6a5bc21847dab8ccbe18ab1e4b563ddca13379)

Signed-off-by: Numan Siddique <numans at ovn.org>


Compare: https://github.com/ovn-org/ovn/compare/ae940469a9c3...181e896e95fe


More information about the git mailing list