Bug fix

Signed-off-by: Hongliang Liu <[email protected]>
antrea-io · Aug 17, 2021 · 6b7c7d3 · 6b7c7d3
1 parent 49d7e53
commit 6b7c7d3
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 158 deletions.
diff --git a/pkg/agent/openflow/client.go b/pkg/agent/openflow/client.go
@@ -614,7 +614,7 @@ func (c *client) InstallServiceFlows(groupID binding.GroupIDType, svcIP net.IP,
 	c.replayMutex.RLock()
 	defer c.replayMutex.RUnlock()
 	var flows []binding.Flow
-	flows = append(flows, c.serviceLBFlows(groupID, svcIP, svcPort, protocol, affinityTimeout != 0)...)
+	flows = append(flows, c.serviceLBFlow(groupID, svcIP, svcPort, protocol, affinityTimeout != 0))
 	if affinityTimeout != 0 {
 		flows = append(flows, c.serviceLearnFlow(groupID, svcIP, svcPort, protocol, affinityTimeout))
 	}

diff --git a/pkg/agent/openflow/pipeline.go b/pkg/agent/openflow/pipeline.go
@@ -251,8 +251,7 @@ const (
 	serviceSNATReg          = endpointPortReg // Use reg4[20] to store the status of whether Service traffic from gateway requires SNAT.
 	EgressReg       regType = 5
 	IngressReg      regType = 6
-
-	TraceflowReg regType = 9 // Use reg9[28..31] to store traceflow dataplaneTag.
+	TraceflowReg    regType = 9 // Use reg9[28..31] to store traceflow dataplaneTag.
 	// CNPDenyConjIDReg reuses reg3 which will also be used for storing endpoint IP to store the rule ID. Since
 	// the service selection will finish when a packet hitting NetworkPolicy related rules, there is no conflict.
 	CNPDenyConjIDReg  regType = 3
@@ -373,7 +372,7 @@ var (
 	// When the Endpoint is not on host network, Antrea gateway IP is used to perform SNAT.
 	serviceSNATMarkRange = binding.Range{20, 20}
 	// isNodePortRegRange takes a 1-bit range of register isNodePortReg to mark whether the
-	// Service is NodePort.
+	// Service type is NodePort.
 	isNodePortRegRange = binding.Range{19, 19}
 	// metricIngressRuleIDRange takes 0..31 range of ct_label to store the ingress rule ID.
 	metricIngressRuleIDRange = binding.Range{0, 31}
@@ -433,7 +432,7 @@ type client struct {
 	pipeline           map[binding.TableIDType]binding.Table
 	// Flow caches for corresponding deletions.
 	nodeFlowCache, podFlowCache, serviceFlowCache, snatFlowCache, tfFlowCache *flowCategoryCache
-	// "fixed" flows installInstallNodePortIPFlowsed by the agent after initialization and which do not change during
+	// "fixed" flows installed by the agent after initialization and which do not change during
 	// the lifetime of the client.
 	gatewayFlows, defaultServiceFlows, defaultTunnelFlows, hostNetworkingFlows []binding.Flow
 	// ofEntryOperations is a wrapper interface for OpenFlow entry Add / Modify / Delete operations. It
@@ -2284,18 +2283,17 @@ func (c *client) serviceLearnFlow(groupID binding.GroupIDType, svcIP net.IP, svc
 
 // serviceLBFlows generates the flow which uses the specific group to do Endpoint
 // selection.
-func (c *client) serviceLBFlows(groupID binding.GroupIDType, svcIP net.IP, svcPort uint16, protocol binding.Protocol, withSessionAffinity bool) []binding.Flow {
+func (c *client) serviceLBFlow(groupID binding.GroupIDType, svcIP net.IP, svcPort uint16, protocol binding.Protocol, withSessionAffinity bool) binding.Flow {
 	var lbResultMark uint32
 	if withSessionAffinity {
 		lbResultMark = marksRegServiceNeedLearn
 	} else {
 		lbResultMark = marksRegServiceSelected
 	}
 
-	var flows []binding.Flow
 	// This flow is used to match the first packet of non-NodePort.
 	if !svcIP.Equal(config.DummyNodePortSvcIP) {
-		flows = append(flows, c.pipeline[serviceLBTable].BuildFlow(priorityNormal).
+		return c.pipeline[serviceLBTable].BuildFlow(priorityNormal).
 			MatchProtocol(protocol).
 			MatchDstPort(svcPort, nil).
 			MatchDstIP(svcIP).
@@ -2304,23 +2302,19 @@ func (c *client) serviceLBFlows(groupID binding.GroupIDType, svcIP net.IP, svcPo
 			Action().LoadRegRange(int(marksReg), macRewriteMark, macRewriteMarkRange).
 			Action().Group(groupID).
 			Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
-			Done(),
-		)
+			Done()
 	} else {
 		unionVal := (marksServiceIsNodePort << serviceLearnRegRange.Length()) + marksRegServiceNeedLB
-		flows = append(flows,
-			c.pipeline[serviceLBTable].BuildFlow(priorityNormal).
-				MatchProtocol(protocol).
-				MatchDstPort(svcPort, nil).
-				MatchRegRange(int(serviceLearnReg), unionVal, binding.Range{16, 19}).
-				Action().LoadRegRange(int(serviceLearnReg), lbResultMark, serviceLearnRegRange).
-				Action().LoadRegRange(int(marksReg), macRewriteMark, macRewriteMarkRange).
-				Action().Group(groupID).
-				Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
-				Done(),
-		)
+		return c.pipeline[serviceLBTable].BuildFlow(priorityNormal).
+			MatchProtocol(protocol).
+			MatchDstPort(svcPort, nil).
+			MatchRegRange(int(serviceLearnReg), unionVal, binding.Range{16, 19}).
+			Action().LoadRegRange(int(serviceLearnReg), lbResultMark, serviceLearnRegRange).
+			Action().LoadRegRange(int(marksReg), macRewriteMark, macRewriteMarkRange).
+			Action().Group(groupID).
+			Cookie(c.cookieAllocator.Request(cookie.Service).Raw()).
+			Done()
 	}
-	return flows
 }
 
 // endpointDNATFlow generates the flow which transforms the Service Cluster IP

diff --git a/pkg/ovs/openflow/interfaces.go b/pkg/ovs/openflow/interfaces.go
@@ -279,34 +279,21 @@ type LearnAction interface {
 	DeleteLearned() LearnAction
 	MatchEthernetProtocolIP(isIPv6 bool) LearnAction
 	MatchTransportDst(protocol Protocol) LearnAction
-	MatchTransportDstAsSrc(protocol Protocol) LearnAction
-	MatchNetworkSrcAsDst(isIPv6 bool) LearnAction
 	MatchLearnedTCPDstPort() LearnAction
 	MatchLearnedUDPDstPort() LearnAction
 	MatchLearnedSCTPDstPort() LearnAction
 	MatchLearnedTCPv6DstPort() LearnAction
 	MatchLearnedUDPv6DstPort() LearnAction
 	MatchLearnedSCTPv6DstPort() LearnAction
-	MatchLearnedTCPDstPortAsSrcPort() LearnAction
-	MatchLearnedUDPDstPortAsSrcPort() LearnAction
-	MatchLearnedSCTPDstPortAsSrcPort() LearnAction
-	MatchLearnedTCPv6DstPortAsSrcPort() LearnAction
-	MatchLearnedUDPv6DstPortAsSrcPort() LearnAction
-	MatchLearnedSCTPv6DstPortAsSrcPort() LearnAction
 	MatchLearnedSrcIP() LearnAction
 	MatchLearnedDstIP() LearnAction
 	MatchLearnedSrcIPv6() LearnAction
 	MatchLearnedDstIPv6() LearnAction
-	MatchLearnedSrcIPAsDstIP() LearnAction
-	MatchLearnedDstIPAsSrcIP() LearnAction
-	MatchLearnedSrcIPv6AsDstIPv6() LearnAction
-	MatchLearnedDstIPv6AsSrcIPv6() LearnAction
 	MatchReg(regID int, data uint32, rng Range) LearnAction
 	LoadReg(regID int, data uint32, rng Range) LearnAction
 	LoadRegToReg(fromRegID, toRegID int, fromRng, toRng Range) LearnAction
 	LoadXXRegToXXReg(fromRegID, toRegID int, fromRng, toRng Range) LearnAction
 	SetDstMAC(mac net.HardwareAddr) LearnAction
-	SetLearnedSrcMACAsDstMAC() LearnAction
 	Done() FlowBuilder
 }
 

diff --git a/pkg/ovs/openflow/ofctrl_action.go b/pkg/ovs/openflow/ofctrl_action.go
@@ -409,47 +409,6 @@ func (a *ofLearnAction) MatchTransportDst(protocol Protocol) LearnAction {
 	return a
 }
 
-// MatchTransportDstAsSrc specifies that the transport layer destination field
-// {tcp|udp|sctp}_src in the learned flow must match the {tcp|udp|sctp}_dst field
-// of the packet currently being processed. It only accepts ProtocolTCP, ProtocolUDP, or
-// ProtocolSCTP, otherwise this does nothing.
-func (a *ofLearnAction) MatchTransportDstAsSrc(protocol Protocol) LearnAction {
-	var ipProtoValue int
-	isIPv6 := false
-	switch protocol {
-	case ProtocolTCP:
-		ipProtoValue = ofctrl.IP_PROTO_TCP
-	case ProtocolUDP:
-		ipProtoValue = ofctrl.IP_PROTO_UDP
-	case ProtocolSCTP:
-		ipProtoValue = ofctrl.IP_PROTO_SCTP
-	case ProtocolTCPv6:
-		ipProtoValue = ofctrl.IP_PROTO_TCP
-		isIPv6 = true
-	case ProtocolUDPv6:
-		ipProtoValue = ofctrl.IP_PROTO_UDP
-		isIPv6 = true
-	case ProtocolSCTPv6:
-		ipProtoValue = ofctrl.IP_PROTO_SCTP
-		isIPv6 = true
-	default:
-		// Return directly if the protocol is not acceptable.
-		return a
-	}
-
-	a.MatchEthernetProtocolIP(isIPv6)
-	ipTypeVal := make([]byte, 2)
-	ipTypeVal[1] = byte(ipProtoValue)
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_OF_IP_PROTO"}, 1*8, nil, ipTypeVal)
-	// OXM_OF fields support TCP, UDP and SCTP, but NXM_OF fields only support TCP and UDP. So here using "OXM_OF_" to
-	// generate the field name.
-	trimProtocol := strings.ReplaceAll(string(protocol), "v6", "")
-	learnFieldName := fmt.Sprintf("OXM_OF_%s_SRC", strings.ToUpper(trimProtocol))
-	fromFieldName := fmt.Sprintf("OXM_OF_%s_DST", strings.ToUpper(trimProtocol))
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: learnFieldName}, 2*8, &ofctrl.LearnField{Name: fromFieldName}, nil)
-	return a
-}
-
 // MatchLearnedTCPDstPort specifies that the tcp_dst field in the learned flow
 // must match the tcp_dst of the packet currently being processed.
 func (a *ofLearnAction) MatchLearnedTCPDstPort() LearnAction {
@@ -486,42 +445,6 @@ func (a *ofLearnAction) MatchLearnedSCTPv6DstPort() LearnAction {
 	return a.MatchTransportDst(ProtocolSCTPv6)
 }
 
-// MatchLearnedTCPDstPortAsSrcPort specifies that the tcp_src field in the learned flow
-// must match the tcp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedTCPDstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolTCP)
-}
-
-// MatchLearnedTCPv6DstPortAsSrcPort specifies that the tcp_src field in the learned flow
-// must match the tcp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedTCPv6DstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolTCPv6)
-}
-
-// MatchLearnedUDPDstPortAsSrcPort specifies that the udp_src field in the learned flow
-// must match the udp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedUDPDstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolUDP)
-}
-
-// MatchLearnedUDPv6DstPortAsSrcPort specifies that the udp_src field in the learned flow
-// must match the udp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedUDPv6DstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolUDPv6)
-}
-
-// MatchLearnedSCTPDstPortAsSrcPort specifies that the sctp_src field in the learned flow
-// must match the sctp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedSCTPDstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolSCTP)
-}
-
-// MatchLearnedSCTPv6DstPortAsSrcPort specifies that the sctp_src field in the learned flow
-// must match the sctp_dst of the packet currently being processed.
-func (a *ofLearnAction) MatchLearnedSCTPv6DstPortAsSrcPort() LearnAction {
-	return a.MatchTransportDstAsSrc(ProtocolSCTPv6)
-}
-
 // MatchLearnedSrcIP makes the learned flow to match the nw_src of current IP packet.
 func (a *ofLearnAction) MatchLearnedSrcIP() LearnAction {
 	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_OF_IP_SRC"}, 4*8, &ofctrl.LearnField{Name: "NXM_OF_IP_SRC"}, nil)
@@ -546,45 +469,6 @@ func (a *ofLearnAction) MatchLearnedDstIPv6() LearnAction {
 	return a
 }
 
-// MatchLearnedSrcIPAsDstIP makes the learned flow to match the nw_dst of current IP packet's nw_src.
-func (a *ofLearnAction) MatchLearnedSrcIPAsDstIP() LearnAction {
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_OF_IP_DST"}, 4*8, &ofctrl.LearnField{Name: "NXM_OF_IP_SRC"}, nil)
-	return a
-}
-
-// MatchLearnedDstIPAsSrcIP makes the learned flow to match the nw_src of current IP packet's nw_dst.
-func (a *ofLearnAction) MatchLearnedDstIPAsSrcIP() LearnAction {
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_OF_IP_SRC"}, 4*8, &ofctrl.LearnField{Name: "NXM_OF_IP_DST"}, nil)
-	return a
-}
-
-// MatchLearnedSrcIPv6AsDstIPv6 makes the learned flow to match the ipv6_dst of current IPv6 packet's ipv6_src.
-func (a *ofLearnAction) MatchLearnedSrcIPv6AsDstIPv6() LearnAction {
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_NX_IPV6_DST"}, 16*8, &ofctrl.LearnField{Name: "NXM_NX_IPV6_SRC"}, nil)
-	return a
-}
-
-// MatchLearnedDstIPv6AsSrcIPv6 makes the learned flow to match the ipv6_src of current IPv6 packet's ipv6_dst.
-func (a *ofLearnAction) MatchLearnedDstIPv6AsSrcIPv6() LearnAction {
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: "NXM_NX_IPV6_SRC"}, 16*8, &ofctrl.LearnField{Name: "NXM_NX_IPV6_DST"}, nil)
-	return a
-}
-
-// MatchNetworkSrcAsDst makes the learned flow to match the network nw_src/ipv6_src of current packet's nw_dst/ipv6_dst.
-func (a *ofLearnAction) MatchNetworkSrcAsDst(isIPv6 bool) LearnAction {
-	learnBits := uint16(32)
-	from := "NXM_OF_IP_SRC"
-	to := "NXM_OF_IP_DST"
-	if isIPv6 {
-		learnBits = 128
-		from = "NXM_NX_IPV6_SRC"
-		to = "NXM_NX_IPV6_DST"
-	}
-	a.MatchEthernetProtocolIP(isIPv6)
-	a.nxLearn.AddMatch(&ofctrl.LearnField{Name: to}, learnBits, &ofctrl.LearnField{Name: from}, nil)
-	return a
-}
-
 // MatchReg makes the learned flow to match the data in the reg of specific range.
 func (a *ofLearnAction) MatchReg(regID int, data uint32, rng Range) LearnAction {
 	toField := &ofctrl.LearnField{Name: fmt.Sprintf("NXM_NX_REG%d", regID), Start: uint16(rng[0])}
@@ -647,13 +531,6 @@ func (a *ofLearnAction) SetDstMAC(mac net.HardwareAddr) LearnAction {
 	return a
 }
 
-func (a *ofLearnAction) SetLearnedSrcMACAsDstMAC() LearnAction {
-	toField := &ofctrl.LearnField{Name: "NXM_OF_ETH_DST"}
-	fromField := &ofctrl.LearnField{Name: "NXM_OF_ETH_SRC"}
-	a.nxLearn.AddLoadAction(toField, 48, fromField, nil)
-	return a
-}
-
 func (a *ofLearnAction) Done() FlowBuilder {
 	a.flowBuilder.ApplyAction(a.nxLearn)
 	return a.flowBuilder