Merge "[ovn]: Remove unwanted IP addresses from OVN ports" into stable/wallaby
This commit is contained in:
commit
5858f6c502
|
@ -219,6 +219,8 @@ class OVNClient(object):
|
||||||
|
|
||||||
port_type = ''
|
port_type = ''
|
||||||
cidrs = ''
|
cidrs = ''
|
||||||
|
dhcpv4_options = self._get_port_dhcp_options(port, const.IP_VERSION_4)
|
||||||
|
dhcpv6_options = self._get_port_dhcp_options(port, const.IP_VERSION_6)
|
||||||
if vtep_physical_switch:
|
if vtep_physical_switch:
|
||||||
vtep_logical_switch = binding_prof.get('vtep-logical-switch')
|
vtep_logical_switch = binding_prof.get('vtep-logical-switch')
|
||||||
port_type = 'vtep'
|
port_type = 'vtep'
|
||||||
|
@ -253,11 +255,6 @@ class OVNClient(object):
|
||||||
options[ovn_const.LSP_OPTIONS_VIRTUAL_PARENTS_KEY] = (
|
options[ovn_const.LSP_OPTIONS_VIRTUAL_PARENTS_KEY] = (
|
||||||
','.join(parents))
|
','.join(parents))
|
||||||
|
|
||||||
port_security, new_macs = (
|
|
||||||
self._get_allowed_addresses_from_port(port))
|
|
||||||
addresses = [address]
|
|
||||||
addresses.extend(new_macs)
|
|
||||||
|
|
||||||
# Only adjust the OVN type if the port is not owned by Neutron
|
# Only adjust the OVN type if the port is not owned by Neutron
|
||||||
# DHCP agents.
|
# DHCP agents.
|
||||||
# TODO(mjozefcz): Remove const.DEVICE_OWNER_DHCP
|
# TODO(mjozefcz): Remove const.DEVICE_OWNER_DHCP
|
||||||
|
@ -279,9 +276,21 @@ class OVNClient(object):
|
||||||
LOG.warning('The version of OVN used does not support '
|
LOG.warning('The version of OVN used does not support '
|
||||||
'the "external ports" feature used for '
|
'the "external ports" feature used for '
|
||||||
'SR-IOV ports with OVN native DHCP')
|
'SR-IOV ports with OVN native DHCP')
|
||||||
|
addresses = []
|
||||||
|
port_security, new_macs = (
|
||||||
|
self._get_allowed_addresses_from_port(port))
|
||||||
|
# TODO(egarciar): OVN supports MAC learning from v21.03. This
|
||||||
|
# if-else block is stated so as to keep compability with older OVN
|
||||||
|
# versions and should be removed in the future.
|
||||||
|
if self._sb_idl.is_table_present('FDB'):
|
||||||
|
if (port_security or port_type or dhcpv4_options or
|
||||||
|
dhcpv6_options):
|
||||||
|
addresses.append(address)
|
||||||
|
addresses.extend(new_macs)
|
||||||
|
else:
|
||||||
|
addresses = [address]
|
||||||
|
addresses.extend(new_macs)
|
||||||
|
|
||||||
# The "unknown" address should only be set for the normal LSP
|
|
||||||
# ports (the ones which type is empty)
|
|
||||||
if not port_security and not port_type:
|
if not port_security and not port_type:
|
||||||
# Port security is disabled for this port.
|
# Port security is disabled for this port.
|
||||||
# So this port can send traffic with any mac address.
|
# So this port can send traffic with any mac address.
|
||||||
|
@ -290,9 +299,6 @@ class OVNClient(object):
|
||||||
# So add it.
|
# So add it.
|
||||||
addresses.append(ovn_const.UNKNOWN_ADDR)
|
addresses.append(ovn_const.UNKNOWN_ADDR)
|
||||||
|
|
||||||
dhcpv4_options = self._get_port_dhcp_options(port, const.IP_VERSION_4)
|
|
||||||
dhcpv6_options = self._get_port_dhcp_options(port, const.IP_VERSION_6)
|
|
||||||
|
|
||||||
# HA Chassis Group will bind the port to the highest
|
# HA Chassis Group will bind the port to the highest
|
||||||
# priority Chassis
|
# priority Chassis
|
||||||
if port_type != ovn_const.LSP_TYPE_EXTERNAL:
|
if port_type != ovn_const.LSP_TYPE_EXTERNAL:
|
||||||
|
|
|
@ -564,8 +564,8 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
|
||||||
self.assertEqual([],
|
self.assertEqual([],
|
||||||
called_args_dict.get('port_security'))
|
called_args_dict.get('port_security'))
|
||||||
|
|
||||||
self.assertEqual(ovn_const.UNKNOWN_ADDR,
|
self.assertIn(ovn_const.UNKNOWN_ADDR,
|
||||||
called_args_dict.get('addresses')[1])
|
called_args_dict.get('addresses'))
|
||||||
data = {'port': {'mac_address': '00:00:00:00:00:01'}}
|
data = {'port': {'mac_address': '00:00:00:00:00:01'}}
|
||||||
req = self.new_update_request(
|
req = self.new_update_request(
|
||||||
'ports',
|
'ports',
|
||||||
|
@ -577,9 +577,8 @@ class TestOVNMechanismDriver(test_plugin.Ml2PluginV2TestCase):
|
||||||
).call_args_list[0][1])
|
).call_args_list[0][1])
|
||||||
self.assertEqual([],
|
self.assertEqual([],
|
||||||
called_args_dict.get('port_security'))
|
called_args_dict.get('port_security'))
|
||||||
self.assertEqual(2, len(called_args_dict.get('addresses')))
|
self.assertIn(ovn_const.UNKNOWN_ADDR,
|
||||||
self.assertEqual(ovn_const.UNKNOWN_ADDR,
|
called_args_dict.get('addresses'))
|
||||||
called_args_dict.get('addresses')[1])
|
|
||||||
|
|
||||||
# Enable port security
|
# Enable port security
|
||||||
data = {'port': {'port_security_enabled': 'True'}}
|
data = {'port': {'port_security_enabled': 'True'}}
|
||||||
|
|
Loading…
Reference in New Issue