Skip to content

Commit

Permalink
northd: Don't generate IPv6 prefix delegation flows if not configured.
Browse files Browse the repository at this point in the history
If the feature is not enabled, there is no need to create extra
logical flows per network for each router port.  These flows match on
exact IPv6 addresses and UDP ports contributing to increased number of
datapath flows generated in OVS on the nodes.  This turns into exact
matches in most cases potentially causing datapath flow explosion for
the traffic entering OVN network from multiple sources.

Flows removed from unrelated tests as a result.

Fixes: 5c1d2d2 ("northd: Add logical flows for dhcpv6 pfd parsing")
Reported-at: https://issues.redhat.com/browse/FDP-992
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
Acked-by: Ales Musil <amusil@redhat.com>
Signed-off-by: Dumitru Ceara <dceara@redhat.com>
(cherry picked from commit 3e177f7)
  • Loading branch information
igsilya authored and dceara committed Nov 27, 2024
1 parent 2014f47 commit 136c7fb
Showing 1 changed file with 8 additions and 3 deletions.
11 changes: 8 additions & 3 deletions northd/northd.c
Original file line number Diff line number Diff line change
Expand Up @@ -1441,6 +1441,7 @@ struct ovn_port {
const struct nbrec_logical_router_port *nbrp; /* May be NULL. */

struct lport_addresses lrp_networks;
bool prefix_delegation; /* True if IPv6 prefix delegation enabled. */

struct ovn_port_routable_addresses routables;

Expand Down Expand Up @@ -2613,6 +2614,10 @@ join_logical_ports(const struct sbrec_port_binding_table *sbrec_pb_table,

op->lrp_networks = lrp_networks;
op->od = od;

op->prefix_delegation = smap_get_bool(&op->nbrp->options,
"prefix_delegation", false);

hmap_insert(&od->ports, &op->dp_node,
hmap_node_hash(&op->key_node));

Expand Down Expand Up @@ -7747,8 +7752,8 @@ ovn_update_ipv6_options(struct hmap *lr_ports)
smap_clone(&options, &op->sb->options);

/* enable IPv6 prefix delegation */
bool prefix_delegation = smap_get_bool(&op->nbrp->options,
"prefix_delegation", false);
bool prefix_delegation = op->prefix_delegation;

if (!lrport_is_enabled(op->nbrp)) {
prefix_delegation = false;
}
Expand Down Expand Up @@ -14463,7 +14468,7 @@ build_dhcpv6_reply_flows_for_lrouter_port(
struct ds *match)
{
ovs_assert(op->nbrp);
if (op->l3dgw_port) {
if (!op->prefix_delegation || op->l3dgw_port) {
return;
}
for (size_t i = 0; i < op->lrp_networks.n_ipv6_addrs; i++) {
Expand Down

0 comments on commit 136c7fb

Please sign in to comment.