From 9f42e93b6a25bff87074156586505a6e8968f8cb Mon Sep 17 00:00:00 2001 Message-Id: <9f42e93b6a25bff87074156586505a6e8968f8cb.1610538323.git.lorenzo.bianconi@redhat.com> From: Lorenzo Bianconi Date: Tue, 12 Jan 2021 13:10:56 +0100 Subject: [PATCH] bfd: introduce IPv6 support Introduce IPv6 support to ovn controller BFD implementation Signed-off-by: Lorenzo Bianconi Acked-by: Mark Michelson Signed-off-by: Numan Siddique --- NEWS | 2 +- controller/pinctrl.c | 112 ++++++++++++++++++++++++++++--------------- tests/system-ovn.at | 16 ++++++- 3 files changed, 89 insertions(+), 41 deletions(-) --- a/NEWS +++ b/NEWS @@ -2,7 +2,7 @@ Post-v20.12.0 ------------------------- - Support ECMP multiple nexthops for reroute router policies. - BFD protocol support according to RFC880 [0]. Introduce next-hop BFD - availability check for OVN static routes. IPv6 is not suported yet. + availability check for OVN static routes. [0] https://tools.ietf.org/html/rfc5880) OVN v20.12.0 - 18 Dec 2020 --- a/controller/pinctrl.c +++ b/controller/pinctrl.c @@ -6393,10 +6393,10 @@ struct bfd_entry { /* L2 source address */ struct eth_addr src_mac; - /* IPv4 source address */ - ovs_be32 ip_src; - /* IPv4 destination address */ - ovs_be32 ip_dst; + /* IP source address */ + struct in6_addr ip_src; + /* IP destination address */ + struct in6_addr ip_dst; /* RFC 5881 section 4 * The source port MUST be in the range 49152 through 65535. * The same UDP source port number MUST be used for all BFD @@ -6458,20 +6458,17 @@ pinctrl_find_bfd_monitor_entry_by_port(c } static struct bfd_entry * -pinctrl_find_bfd_monitor_entry_by_disc(ovs_be32 ip, ovs_be32 disc) +pinctrl_find_bfd_monitor_entry_by_disc(char *ip, ovs_be32 disc) { - char *ip_src = xasprintf(IP_FMT, IP_ARGS(ip)); struct bfd_entry *ret = NULL, *entry; - HMAP_FOR_EACH_WITH_HASH (entry, node, hash_string(ip_src, 0), + HMAP_FOR_EACH_WITH_HASH (entry, node, hash_string(ip, 0), &bfd_monitor_map) { if (entry->local_disc == disc) { ret = entry; break; } } - - free(ip_src); return ret; } @@ -6501,33 +6498,28 @@ static void bfd_monitor_put_bfd_msg(struct bfd_entry *entry, struct dp_packet *packet, bool final) { - struct udp_header *udp; - struct bfd_msg *msg; + int payload_len = sizeof(struct udp_header) + sizeof(struct bfd_msg); /* Properly align after the ethernet header */ dp_packet_reserve(packet, 2); - struct eth_header *eth = dp_packet_put_uninit(packet, sizeof *eth); - eth->eth_dst = eth_addr_broadcast; - eth->eth_src = entry->src_mac; - eth->eth_type = htons(ETH_TYPE_IP); - - struct ip_header *ip = dp_packet_put_zeros(packet, sizeof *ip); - ip->ip_ihl_ver = IP_IHL_VER(5, 4); - ip->ip_tot_len = htons(sizeof *ip + sizeof *udp + sizeof *msg); - ip->ip_ttl = MAXTTL; - ip->ip_tos = IPTOS_PREC_INTERNETCONTROL; - ip->ip_proto = IPPROTO_UDP; - put_16aligned_be32(&ip->ip_src, entry->ip_src); - put_16aligned_be32(&ip->ip_dst, entry->ip_dst); - /* Checksum has already been zeroed by put_zeros call. */ - ip->ip_csum = csum(ip, sizeof *ip); + if (IN6_IS_ADDR_V4MAPPED(&entry->ip_src)) { + ovs_be32 ip_src = in6_addr_get_mapped_ipv4(&entry->ip_src); + ovs_be32 ip_dst = in6_addr_get_mapped_ipv4(&entry->ip_dst); + pinctrl_compose_ipv4(packet, entry->src_mac, eth_addr_broadcast, + ip_src, ip_dst, IPPROTO_UDP, MAXTTL, payload_len); + } else { + pinctrl_compose_ipv6(packet, entry->src_mac, eth_addr_broadcast, + &entry->ip_src, &entry->ip_dst, IPPROTO_UDP, + MAXTTL, payload_len); + } - udp = dp_packet_put_zeros(packet, sizeof *udp); + struct udp_header *udp = dp_packet_put_zeros(packet, sizeof *udp); + udp->udp_len = htons(payload_len); + udp->udp_csum = 0; udp->udp_src = htons(entry->udp_src); udp->udp_dst = htons(BFD_DEST_PORT); - udp->udp_len = htons(sizeof *udp + sizeof *msg); - msg = dp_packet_put_zeros(packet, sizeof *msg); + struct bfd_msg *msg = dp_packet_put_zeros(packet, sizeof *msg); msg->vers_diag = (BFD_VERSION << 5); msg->mult = entry->local_mult; msg->length = BFD_PACKET_LEN; @@ -6538,6 +6530,17 @@ bfd_monitor_put_bfd_msg(struct bfd_entry /* min_tx and min_rx are in us - RFC 5880 page 9 */ msg->min_tx = htonl(entry->local_min_tx * 1000); msg->min_rx = htonl(entry->local_min_rx * 1000); + + if (!IN6_IS_ADDR_V4MAPPED(&entry->ip_src)) { + /* IPv6 needs UDP checksum calculated */ + uint32_t csum = packet_csum_pseudoheader6(dp_packet_l3(packet)); + int len = (uint8_t *)udp - (uint8_t *)dp_packet_eth(packet); + csum = csum_continue(csum, udp, dp_packet_size(packet) - len); + udp->udp_csum = csum_finish(csum); + if (!udp->udp_csum) { + udp->udp_csum = htons(0xffff); + } + } } static void @@ -6736,9 +6739,18 @@ pinctrl_handle_bfd_msg(struct rconn *swc return; } + char *ip_src; + if (ip_flow->dl_type == htons(ETH_TYPE_IP)) { + ip_src = normalize_ipv4_prefix(ip_flow->nw_src, 32); + } else { + ip_src = normalize_ipv6_prefix(&ip_flow->ipv6_src, 128); + } + const struct bfd_msg *msg = dp_packet_get_udp_payload(pkt_in); - struct bfd_entry *entry = pinctrl_find_bfd_monitor_entry_by_disc( - ip_flow->nw_src, msg->your_disc); + struct bfd_entry *entry = + pinctrl_find_bfd_monitor_entry_by_disc(ip_src, msg->your_disc); + free(ip_src); + if (!entry) { return; } @@ -6821,10 +6833,21 @@ static void bfd_monitor_check_sb_conf(const struct sbrec_bfd *sb_bt, struct bfd_entry *entry) { - ovs_be32 ip_dst; + struct lport_addresses dst_addr; + + if (extract_ip_addresses(sb_bt->dst_ip, &dst_addr)) { + struct in6_addr addr; + + if (dst_addr.n_ipv6_addrs > 0) { + addr = dst_addr.ipv6_addrs[0].addr; + } else { + addr = in6_addr_mapped_ipv4(dst_addr.ipv4_addrs[0].addr); + } - if (ip_parse(sb_bt->dst_ip, &ip_dst) && ip_dst != entry->ip_dst) { - entry->ip_dst = ip_dst; + if (!ipv6_addr_equals(&addr, &entry->ip_dst)) { + entry->ip_dst = addr; + } + destroy_lport_addresses(&dst_addr); } if (sb_bt->min_tx != entry->local_min_tx) { @@ -6889,11 +6912,15 @@ bfd_monitor_run(struct ovsdb_idl_txn *ov entry = pinctrl_find_bfd_monitor_entry_by_port( bt->dst_ip, bt->src_port); if (!entry) { - ovs_be32 ip_dst, ip_src = htonl(BFD_DEFAULT_SRC_IP); struct eth_addr ea = eth_addr_zero; + struct lport_addresses dst_addr; + struct in6_addr ip_src, ip_dst; int i; - if (!ip_parse(bt->dst_ip, &ip_dst)) { + ip_dst = in6_addr_mapped_ipv4(htonl(BFD_DEFAULT_DST_IP)); + ip_src = in6_addr_mapped_ipv4(htonl(BFD_DEFAULT_SRC_IP)); + + if (!extract_ip_addresses(bt->dst_ip, &dst_addr)) { continue; } @@ -6905,13 +6932,20 @@ bfd_monitor_run(struct ovsdb_idl_txn *ov } ea = laddrs.ea; - if (laddrs.n_ipv4_addrs > 0) { - ip_src = laddrs.ipv4_addrs[0].addr; + if (dst_addr.n_ipv6_addrs > 0 && laddrs.n_ipv6_addrs > 0) { + ip_dst = dst_addr.ipv6_addrs[0].addr; + ip_src = laddrs.ipv6_addrs[0].addr; + destroy_lport_addresses(&laddrs); + break; + } else if (laddrs.n_ipv4_addrs > 0) { + ip_dst = in6_addr_mapped_ipv4(dst_addr.ipv4_addrs[0].addr); + ip_src = in6_addr_mapped_ipv4(laddrs.ipv4_addrs[0].addr); destroy_lport_addresses(&laddrs); break; } destroy_lport_addresses(&laddrs); } + destroy_lport_addresses(&dst_addr); if (eth_addr_is_zero(ea)) { continue; --- a/tests/system-ovn.at +++ b/tests/system-ovn.at @@ -5563,7 +5563,7 @@ check ovn-nbctl ls-add public check ovn-nbctl lrp-add R1 rp-sw0 00:00:01:01:02:03 192.168.1.1/24 check ovn-nbctl lrp-add R1 rp-sw1 00:00:03:01:02:03 192.168.2.1/24 -check ovn-nbctl lrp-add R1 rp-public 00:00:02:01:02:03 172.16.1.1/24 \ +check ovn-nbctl lrp-add R1 rp-public 00:00:02:01:02:03 172.16.1.1/24 1000::a/64 \ -- lrp-set-gateway-chassis rp-public hv1 check ovn-nbctl lsp-add sw0 sw0-rp -- set Logical_Switch_Port sw0-rp \ @@ -5593,6 +5593,7 @@ ADD_NAMESPACES(server) NS_CHECK_EXEC([server], [ip link set dev lo up]) ADD_VETH(s1, server, br-ext, "172.16.1.50/24", "f0:00:00:01:02:05", \ "172.16.1.1") +NS_CHECK_EXEC([server], [ip addr add 1000::b/64 dev s1]) AT_CHECK([ovs-vsctl set Open_vSwitch . external-ids:ovn-bridge-mappings=phynet:br-ext]) check ovn-nbctl lsp-add public public1 \ @@ -5652,6 +5653,19 @@ sleep 5 kill $(pidof tcpdump) AT_CHECK([grep -qi bfd bfd.pcap],[1]) +uuid_v6=$(ovn-nbctl create bfd logical_port=rp-public dst_ip=\"1000::b\") +check ovn-nbctl lr-route-add R1 2000::/64 1000::b +route_uuid_v6=$(fetch_column nb:logical_router_static_route _uuid ip_prefix=\"2000::/64\") +ovn-nbctl set logical_router_static_route $route_uuid_v6 bfd=$uuid_v6 +check ovn-nbctl --wait=hv sync +NS_CHECK_EXEC([server], [bfdd-beacon --listen=1000::b], [0]) +NS_CHECK_EXEC([server], [bfdd-control allow 1000::a], [0], [dnl +Allowing connections from 1000::a +]) + +wait_column "up" nb:bfd status logical_port=rp-public +ovn-nbctl destroy bfd $uuid_v6 + kill $(pidof ovn-controller) as ovn-sb