tunnel: Add support to configure ptk_mark

Today packet mark action is broken for Tunnel ports with
tunnel monitoring. User can write a flow to set pkt-mark for
any tunnel traffic, but there is no way to set the packet
mark for corresponding BFD traffic.

Following patch introduces new option in OVSDB tunnel
configuration so that user can set skb-mark for given
tunnel endpoint. OVS would set the mark according to the
skb-mark option for all tunnel traffic including packets
generated by vSwitchd like tunnel monitoring BFD packet.

Signed-off-by: Pravin B Shelar <pshelar@ovn.org>
Acked-by: Jarno Rajahalme <jarno@ovn.org>

diff --git a/NEWS b/NEWS
index 0a9551cbf0e59d65b4d507f9e5cb28d9706e38ab..68386490f029cea102f8efcc2cd578f216129a12 100644 (file)
--- a/NEWS
+++ b/NEWS
@@ -51,6 +51,8 @@ Post-v2.6.0
        a per-OpenFlow bridge basis rather than globally. (The interface
        has not changed.)
      * Removed support for IPsec tunnels.
+     * Added support to set packet mark for tunnel endpoint using
+       `egress_pkt_mark` OVSDB option.
    - DPDK:
      * New option 'n_rxq_desc' and 'n_txq_desc' fields for DPDK interfaces
        which set the number of rx and tx descriptors to use for the given port.

diff --git a/lib/netdev-vport.c b/lib/netdev-vport.c
index 4c2ced50afb173089d5676db6f977a4c3c9883c3..88b0bcfb7e772baa5356b2c1a68a6e95e4892875 100644 (file)
--- a/lib/netdev-vport.c
+++ b/lib/netdev-vport.c
@@ -509,6 +509,9 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args, char **errp)
             }
 
             free(str);
+        } else if (!strcmp(node->key, "egress_pkt_mark")) {
+            tnl_cfg.egress_pkt_mark = strtoul(node->value, NULL, 10);
+            tnl_cfg.set_egress_pkt_mark = true;
         } else {
             ds_put_format(&errors, "%s: unknown %s argument '%s'\n",
                           name, type, node->key);
@@ -649,6 +652,10 @@ get_tunnel_config(const struct netdev *dev, struct smap *args)
         smap_add(args, "df_default", "false");
     }
 
+    if (tnl_cfg.set_egress_pkt_mark) {
+        smap_add_format(args, "egress_pkt_mark",
+                        "%"PRIu32, tnl_cfg.egress_pkt_mark);
+    }
     return 0;
 }
 \f

diff --git a/lib/netdev.h b/lib/netdev.h
index bef9cddb5d999e4488214077a179a569ed842c8b..d6c07c1890f6d8ef31724b598d3cac6896b8ff79 100644 (file)
--- a/lib/netdev.h
+++ b/lib/netdev.h
@@ -89,6 +89,8 @@ struct netdev_tunnel_config {
     struct in6_addr ipv6_dst;
 
     uint32_t exts;
+    bool set_egress_pkt_mark;
+    uint32_t egress_pkt_mark;
 
     uint8_t ttl;
     bool ttl_inherit;

diff --git a/ofproto/tunnel.c b/ofproto/tunnel.c
index ce727f41fc4e726123b0ec42d0f8d941f966b279..e285d5464b84197e85b8253bb7591966d478f04a 100644 (file)
--- a/ofproto/tunnel.c
+++ b/ofproto/tunnel.c
@@ -461,6 +461,11 @@ tnl_port_send(const struct ofport_dpif *ofport, struct flow *flow,
         | (cfg->csum ? FLOW_TNL_F_CSUM : 0)
         | (cfg->out_key_present ? FLOW_TNL_F_KEY : 0);
 
+    if (cfg->set_egress_pkt_mark) {
+        flow->pkt_mark = cfg->egress_pkt_mark;
+        wc->masks.pkt_mark = UINT32_MAX;
+    }
+
     if (pre_flow_str) {
         char *post_flow_str = flow_to_string(flow);
         char *tnl_str = tnl_port_fmt(tnl_port);

diff --git a/tests/tunnel-push-pop.at b/tests/tunnel-push-pop.at
index 700ef55088a19ced65174713906450e1530b1b1b..4aaa6697f547db90736a76f626eb95d2ce3c9bf8 100644 (file)
--- a/tests/tunnel-push-pop.at
+++ b/tests/tunnel-push-pop.at
@@ -12,6 +12,8 @@ AT_CHECK([ovs-vsctl add-port int-br t2 -- set Interface t2 type=vxlan \
                        options:remote_ip=1.1.2.93 options:out_key=flow options:csum=true ofport_request=4\
                     -- add-port int-br t4 -- set Interface t4 type=geneve \
                        options:remote_ip=flow options:key=123 ofport_request=5\
+                    -- add-port int-br t5 -- set Interface t5 type=geneve \
+                       options:remote_ip=1.1.2.93 options:out_key=flow options:egress_pkt_mark=1234 ofport_request=6\
                        ], [0])
 
 AT_CHECK([ovs-appctl dpif/show], [0], [dnl
@@ -25,6 +27,7 @@ dummy@ovs-dummy: hit:0 missed:0
                t2 2/4789: (vxlan: key=123, remote_ip=1.1.2.92)
                t3 4/4789: (vxlan: csum=true, out_key=flow, remote_ip=1.1.2.93)
                t4 5/6081: (geneve: key=123, remote_ip=flow)
+               t5 6/6081: (geneve: egress_pkt_mark=1234, out_key=flow, remote_ip=1.1.2.93)
 ])
 
 dnl First setup dummy interface IP address, then add the route
@@ -91,6 +94,12 @@ AT_CHECK([tail -1 stdout], [0],
   [Datapath actions: tnl_pop(6081)
 ])
 
+dnl Check Geneve tunnel (t6) pop
+AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(1),eth(src=f8:bc:12:44:34:b6,dst=aa:55:aa:55:00:00),eth_type(0x0800),ipv4(src=1.1.2.96,dst=1.1.2.88,proto=17,tos=0,ttl=64,frag=no),udp(src=51283,dst=6081)'], [0], [stdout])
+AT_CHECK([tail -1 stdout], [0],
+  [Datapath actions: tnl_pop(6081)
+])
+
 dnl Check VXLAN tunnel push
 AT_CHECK([ovs-ofctl add-flow int-br action=2])
 AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
@@ -119,6 +128,13 @@ AT_CHECK([tail -1 stdout], [0],
   [Datapath actions: tnl_push(tnl_port(6081),header(size=50,type=5,eth(dst=f8:bc:12:44:34:b6,src=aa:55:aa:55:00:00,dl_type=0x0800),ipv4(src=1.1.2.88,dst=1.1.2.92,proto=17,tos=0,ttl=64,frag=0x4000),udp(src=0,dst=6081,csum=0x0),geneve(vni=0x7b)),out_port(100))
 ])
 
+dnl Check Geneve tunnel push with pkt-mark
+AT_CHECK([ovs-ofctl add-flow int-br "actions=set_tunnel:234,6"])
+AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(2),eth_type(0x0800),ipv4(src=1.1.3.88,dst=1.1.3.112,proto=47,tos=0,ttl=64,frag=no)'], [0], [stdout])
+AT_CHECK([tail -1 stdout], [0],
+  [Datapath actions: set(skb_mark(0x4d2)),tnl_push(tnl_port(6081),header(size=50,type=5,eth(dst=f8:bc:12:44:34:b7,src=aa:55:aa:55:00:00,dl_type=0x0800),ipv4(src=1.1.2.88,dst=1.1.2.93,proto=17,tos=0,ttl=64,frag=0x4000),udp(src=0,dst=6081,csum=0x0),geneve(vni=0xea)),out_port(100))
+])
+
 dnl Check Geneve tunnel push with options
 AT_CHECK([ovs-ofctl add-tlv-map int-br "{class=0xffff,type=0x80,len=4}->tun_metadata0"])
 AT_CHECK([ovs-ofctl add-flow int-br "actions=set_field:1.1.2.92->tun_dst,set_field:0xa->tun_metadata0,5"])

diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index c71ee296c68bf686bcd966dd5361a826f65407a2..146a81635f03b59127229de0fd9bacc7cada5390 100644 (file)
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -2226,6 +2226,12 @@
         to <code>false</code> to disable.
       </column>
 
+      <column name="options" key="egress_pkt_mark">
+        Optional.  The pkt_mark to be set on the encapsulating packet.  This
+        option sets packet mark for the tunnel endpoint for all tunnel packets
+        including tunnel monitoring.
+      </column>
+
       <group title="Tunnel Options: vxlan only">
 
         <column name="options" key="exts">