Merge ~fnordahl/ubuntu/+source/ovn:bug/1857026-hirsute into ~ubuntu-server-dev/ubuntu/+source/ovn:ubuntu/hirsute
- Git
- lp:~fnordahl/ubuntu/+source/ovn
- bug/1857026-hirsute
- Merge into ubuntu/hirsute
Proposed by
Frode Nordahl
Status: | Merged |
---|---|
Merged at revision: | 33d2dee39ed672aa04061714cb3b665bbf0d19da |
Proposed branch: | ~fnordahl/ubuntu/+source/ovn:bug/1857026-hirsute |
Merge into: | ~ubuntu-server-dev/ubuntu/+source/ovn:ubuntu/hirsute |
Diff against target: |
512 lines (+490/-0) 3 files modified
debian/changelog (+7/-0) debian/patches/lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch (+482/-0) debian/patches/series (+1/-0) |
Related bugs: |
Reviewer | Review Type | Date Requested | Status |
---|---|---|---|
James Page | Pending | ||
Review via email: mp+413736@code.launchpad.net |
Commit message
Description of the change
To post a comment you must log in.
Revision history for this message
Frode Nordahl (fnordahl) wrote : | # |
Preview Diff
[H/L] Next/Prev Comment, [J/K] Next/Prev File, [N/P] Next/Prev Hunk
1 | diff --git a/debian/changelog b/debian/changelog | |||
2 | index 18f4a10..085a9c6 100644 | |||
3 | --- a/debian/changelog | |||
4 | +++ b/debian/changelog | |||
5 | @@ -1,3 +1,10 @@ | |||
6 | 1 | ovn (20.12.0-0ubuntu3~cloud1) focal-wallaby; urgency=medium | ||
7 | 2 | |||
8 | 3 | * Add support for PTR DNS requests (LP: #1857026) | ||
9 | 4 | - d/p/lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch | ||
10 | 5 | |||
11 | 6 | -- Frode Nordahl <frode.nordahl@canonical.com> Fri, 25 Feb 2022 10:03:00 +0100 | ||
12 | 7 | |||
13 | 1 | ovn (20.12.0-0ubuntu3) hirsute; urgency=medium | 8 | ovn (20.12.0-0ubuntu3) hirsute; urgency=medium |
14 | 2 | 9 | ||
15 | 3 | * Add RBAC rules for IGMP_Group table (LP: #1914988): | 10 | * Add RBAC rules for IGMP_Group table (LP: #1914988): |
16 | diff --git a/debian/patches/lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch b/debian/patches/lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch | |||
17 | 4 | new file mode 100644 | 11 | new file mode 100644 |
18 | index 0000000..244e836 | |||
19 | --- /dev/null | |||
20 | +++ b/debian/patches/lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch | |||
21 | @@ -0,0 +1,482 @@ | |||
22 | 1 | Origin: backport, https://github.com/ovn-org/ovn/commit/82a4e44e308171cb545211eb2534475ef16a4c0e | ||
23 | 2 | Bug-Ubuntu: https://bugs.launchpad.net/ubuntu/+source/ovn/+bug/1857026 | ||
24 | 3 | Last-Update: 2022-01-06 | ||
25 | 4 | |||
26 | 5 | From 3adbef871f64523b18e75c19dab0aabc435b30e9 Mon Sep 17 00:00:00 2001 | ||
27 | 6 | From: Vladislav Odintsov <odivlad@gmail.com> | ||
28 | 7 | Date: Fri, 19 Feb 2021 11:57:59 +0300 | ||
29 | 8 | Subject: [PATCH] controller: Add support for PTR DNS requests. | ||
30 | 9 | |||
31 | 10 | The native OVN DNS support doesn't yet support for PTR DNS requests. | ||
32 | 11 | This patch adds the support for it. If suppose there is a dns record | ||
33 | 12 | as - "vm1.ovn.org"="10.0.0.4", then a normal DNS request will query for | ||
34 | 13 | "vm1.ovn.org" and the reply will be the IP address - 10.0.0.4. | ||
35 | 14 | PTR DNS request helps in getting the domain name of the IP address. | ||
36 | 15 | For the above example, the PTR DNS request will have a query name as | ||
37 | 16 | - "4.0.0.10.in-addr.arpa". And the response will have "vm1.ovn.org". | ||
38 | 17 | In order to support this feature, this patch expects the CMS to define | ||
39 | 18 | an another entry in the DNS record as - "4.0.0.10.in-addr.arpa"="vm1.ovn.org". | ||
40 | 19 | |||
41 | 20 | This makes the job of ovn-controller easier to support this feature. | ||
42 | 21 | |||
43 | 22 | Submitted-at: https://github.com/ovn-org/ovn/pull/74 | ||
44 | 23 | Signed-off-by: Vladislav Odintsov <odivlad@gmail.com> | ||
45 | 24 | Signed-off-by: Numan Siddique <numans@ovn.org> | ||
46 | 25 | (cherry picked from commit 82a4e44e308171cb545211eb2534475ef16a4c0e) | ||
47 | 26 | |||
48 | 27 | Index: ovn-20.12.0/controller/pinctrl.c | ||
49 | 28 | =================================================================== | ||
50 | 29 | --- ovn-20.12.0.orig/controller/pinctrl.c | ||
51 | 30 | +++ ovn-20.12.0/controller/pinctrl.c | ||
52 | 31 | @@ -2545,6 +2545,106 @@ destroy_dns_cache(void) | ||
53 | 32 | } | ||
54 | 33 | } | ||
55 | 34 | |||
56 | 35 | +/* Populates dns_answer struct with base data. | ||
57 | 36 | + * Copy the answer section | ||
58 | 37 | + * Format of the answer section is | ||
59 | 38 | + * - NAME -> The domain name | ||
60 | 39 | + * - TYPE -> 2 octets containing one of the RR type codes | ||
61 | 40 | + * - CLASS -> 2 octets which specify the class of the data | ||
62 | 41 | + * in the RDATA field. | ||
63 | 42 | + * - TTL -> 32 bit unsigned int specifying the time | ||
64 | 43 | + * interval (in secs) that the resource record | ||
65 | 44 | + * may be cached before it should be discarded. | ||
66 | 45 | + * - RDLENGTH -> 16 bit integer specifying the length of the | ||
67 | 46 | + * RDATA field. | ||
68 | 47 | + * - RDATA -> a variable length string of octets that | ||
69 | 48 | + * describes the resource. | ||
70 | 49 | + */ | ||
71 | 50 | +static void | ||
72 | 51 | +dns_build_base_answer( | ||
73 | 52 | + struct ofpbuf *dns_answer, const uint8_t *in_queryname, | ||
74 | 53 | + uint16_t query_length, int query_type) | ||
75 | 54 | +{ | ||
76 | 55 | + ofpbuf_put(dns_answer, in_queryname, query_length); | ||
77 | 56 | + put_be16(dns_answer, htons(query_type)); | ||
78 | 57 | + put_be16(dns_answer, htons(DNS_CLASS_IN)); | ||
79 | 58 | + put_be32(dns_answer, htonl(DNS_DEFAULT_RR_TTL)); | ||
80 | 59 | +} | ||
81 | 60 | + | ||
82 | 61 | +/* Populates dns_answer struct with a TYPE A answer. */ | ||
83 | 62 | +static void | ||
84 | 63 | +dns_build_a_answer( | ||
85 | 64 | + struct ofpbuf *dns_answer, const uint8_t *in_queryname, | ||
86 | 65 | + uint16_t query_length, const ovs_be32 addr) | ||
87 | 66 | +{ | ||
88 | 67 | + dns_build_base_answer(dns_answer, in_queryname, query_length, | ||
89 | 68 | + DNS_QUERY_TYPE_A); | ||
90 | 69 | + put_be16(dns_answer, htons(sizeof(ovs_be32))); | ||
91 | 70 | + put_be32(dns_answer, addr); | ||
92 | 71 | +} | ||
93 | 72 | + | ||
94 | 73 | +/* Populates dns_answer struct with a TYPE AAAA answer. */ | ||
95 | 74 | +static void | ||
96 | 75 | +dns_build_aaaa_answer( | ||
97 | 76 | + struct ofpbuf *dns_answer, const uint8_t *in_queryname, | ||
98 | 77 | + uint16_t query_length, const struct in6_addr *addr) | ||
99 | 78 | +{ | ||
100 | 79 | + dns_build_base_answer(dns_answer, in_queryname, query_length, | ||
101 | 80 | + DNS_QUERY_TYPE_AAAA); | ||
102 | 81 | + put_be16(dns_answer, htons(sizeof(*addr))); | ||
103 | 82 | + ofpbuf_put(dns_answer, addr, sizeof(*addr)); | ||
104 | 83 | +} | ||
105 | 84 | + | ||
106 | 85 | +/* Populates dns_answer struct with a TYPE PTR answer. */ | ||
107 | 86 | +static void | ||
108 | 87 | +dns_build_ptr_answer( | ||
109 | 88 | + struct ofpbuf *dns_answer, const uint8_t *in_queryname, | ||
110 | 89 | + uint16_t query_length, const char *answer_data) | ||
111 | 90 | +{ | ||
112 | 91 | + char *encoded_answer; | ||
113 | 92 | + uint16_t encoded_answer_length; | ||
114 | 93 | + | ||
115 | 94 | + dns_build_base_answer(dns_answer, in_queryname, query_length, | ||
116 | 95 | + DNS_QUERY_TYPE_PTR); | ||
117 | 96 | + | ||
118 | 97 | + /* Initialize string 2 chars longer than real answer: | ||
119 | 98 | + * first label length and terminating zero-length label. | ||
120 | 99 | + * If the answer_data is - vm1tst.ovn.org, it will be encoded as | ||
121 | 100 | + * - 0010 (Total length which is 16) | ||
122 | 101 | + * - 06766d31747374 (vm1tst) | ||
123 | 102 | + * - 036f766e (ovn) | ||
124 | 103 | + * - 036f7267 (org | ||
125 | 104 | + * - 00 (zero length field) */ | ||
126 | 105 | + encoded_answer_length = strlen(answer_data) + 2; | ||
127 | 106 | + encoded_answer = (char *)xzalloc(encoded_answer_length); | ||
128 | 107 | + | ||
129 | 108 | + put_be16(dns_answer, htons(encoded_answer_length)); | ||
130 | 109 | + uint8_t label_len_index = 0; | ||
131 | 110 | + uint16_t label_len = 0; | ||
132 | 111 | + char *encoded_answer_ptr = (char *)encoded_answer + 1; | ||
133 | 112 | + while (*answer_data) { | ||
134 | 113 | + if (*answer_data == '.') { | ||
135 | 114 | + /* Label has ended. Update the length of the label. */ | ||
136 | 115 | + encoded_answer[label_len_index] = label_len; | ||
137 | 116 | + label_len_index += (label_len + 1); | ||
138 | 117 | + label_len = 0; /* Init to 0 for the next label. */ | ||
139 | 118 | + } else { | ||
140 | 119 | + *encoded_answer_ptr = *answer_data; | ||
141 | 120 | + label_len++; | ||
142 | 121 | + } | ||
143 | 122 | + encoded_answer_ptr++; | ||
144 | 123 | + answer_data++; | ||
145 | 124 | + } | ||
146 | 125 | + | ||
147 | 126 | + /* This is required for the last label if it doesn't end with '.' */ | ||
148 | 127 | + if (label_len) { | ||
149 | 128 | + encoded_answer[label_len_index] = label_len; | ||
150 | 129 | + } | ||
151 | 130 | + | ||
152 | 131 | + ofpbuf_put(dns_answer, encoded_answer, encoded_answer_length); | ||
153 | 132 | + free(encoded_answer); | ||
154 | 133 | +} | ||
155 | 134 | + | ||
156 | 135 | /* Called with in the pinctrl_handler thread context. */ | ||
157 | 136 | static void | ||
158 | 137 | pinctrl_handle_dns_lookup( | ||
159 | 138 | @@ -2640,15 +2740,16 @@ pinctrl_handle_dns_lookup( | ||
160 | 139 | } | ||
161 | 140 | |||
162 | 141 | uint16_t query_type = ntohs(*ALIGNED_CAST(const ovs_be16 *, in_dns_data)); | ||
163 | 142 | - /* Supported query types - A, AAAA and ANY */ | ||
164 | 143 | + /* Supported query types - A, AAAA, ANY and PTR */ | ||
165 | 144 | if (!(query_type == DNS_QUERY_TYPE_A || query_type == DNS_QUERY_TYPE_AAAA | ||
166 | 145 | - || query_type == DNS_QUERY_TYPE_ANY)) { | ||
167 | 146 | + || query_type == DNS_QUERY_TYPE_ANY | ||
168 | 147 | + || query_type == DNS_QUERY_TYPE_PTR)) { | ||
169 | 148 | ds_destroy(&query_name); | ||
170 | 149 | goto exit; | ||
171 | 150 | } | ||
172 | 151 | |||
173 | 152 | uint64_t dp_key = ntohll(pin->flow_metadata.flow.metadata); | ||
174 | 153 | - const char *answer_ips = NULL; | ||
175 | 154 | + const char *answer_data = NULL; | ||
176 | 155 | struct shash_node *iter; | ||
177 | 156 | SHASH_FOR_EACH (iter, &dns_cache) { | ||
178 | 157 | struct dns_data *d = iter->data; | ||
179 | 158 | @@ -2658,76 +2759,58 @@ pinctrl_handle_dns_lookup( | ||
180 | 159 | * lowercase to perform case insensitive lookup | ||
181 | 160 | */ | ||
182 | 161 | char *query_name_lower = str_tolower(ds_cstr(&query_name)); | ||
183 | 162 | - answer_ips = smap_get(&d->records, query_name_lower); | ||
184 | 163 | + answer_data = smap_get(&d->records, query_name_lower); | ||
185 | 164 | free(query_name_lower); | ||
186 | 165 | - if (answer_ips) { | ||
187 | 166 | + if (answer_data) { | ||
188 | 167 | break; | ||
189 | 168 | } | ||
190 | 169 | } | ||
191 | 170 | } | ||
192 | 171 | |||
193 | 172 | - if (answer_ips) { | ||
194 | 173 | + if (answer_data) { | ||
195 | 174 | break; | ||
196 | 175 | } | ||
197 | 176 | } | ||
198 | 177 | |||
199 | 178 | ds_destroy(&query_name); | ||
200 | 179 | - if (!answer_ips) { | ||
201 | 180 | + if (!answer_data) { | ||
202 | 181 | goto exit; | ||
203 | 182 | } | ||
204 | 183 | |||
205 | 184 | - struct lport_addresses ip_addrs; | ||
206 | 185 | - if (!extract_ip_addresses(answer_ips, &ip_addrs)) { | ||
207 | 186 | - goto exit; | ||
208 | 187 | - } | ||
209 | 188 | |||
210 | 189 | uint16_t ancount = 0; | ||
211 | 190 | uint64_t dns_ans_stub[128 / 8]; | ||
212 | 191 | struct ofpbuf dns_answer = OFPBUF_STUB_INITIALIZER(dns_ans_stub); | ||
213 | 192 | |||
214 | 193 | - if (query_type == DNS_QUERY_TYPE_A || query_type == DNS_QUERY_TYPE_ANY) { | ||
215 | 194 | - for (size_t i = 0; i < ip_addrs.n_ipv4_addrs; i++) { | ||
216 | 195 | - /* Copy the answer section */ | ||
217 | 196 | - /* Format of the answer section is | ||
218 | 197 | - * - NAME -> The domain name | ||
219 | 198 | - * - TYPE -> 2 octets containing one of the RR type codes | ||
220 | 199 | - * - CLASS -> 2 octets which specify the class of the data | ||
221 | 200 | - * in the RDATA field. | ||
222 | 201 | - * - TTL -> 32 bit unsigned int specifying the time | ||
223 | 202 | - * interval (in secs) that the resource record | ||
224 | 203 | - * may be cached before it should be discarded. | ||
225 | 204 | - * - RDLENGTH -> 16 bit integer specifying the length of the | ||
226 | 205 | - * RDATA field. | ||
227 | 206 | - * - RDATA -> a variable length string of octets that | ||
228 | 207 | - * describes the resource. In our case it will | ||
229 | 208 | - * be IP address of the domain name. | ||
230 | 209 | - */ | ||
231 | 210 | - ofpbuf_put(&dns_answer, in_queryname, idx); | ||
232 | 211 | - put_be16(&dns_answer, htons(DNS_QUERY_TYPE_A)); | ||
233 | 212 | - put_be16(&dns_answer, htons(DNS_CLASS_IN)); | ||
234 | 213 | - put_be32(&dns_answer, htonl(DNS_DEFAULT_RR_TTL)); | ||
235 | 214 | - put_be16(&dns_answer, htons(sizeof(ovs_be32))); | ||
236 | 215 | - put_be32(&dns_answer, ip_addrs.ipv4_addrs[i].addr); | ||
237 | 216 | - ancount++; | ||
238 | 217 | + if (query_type == DNS_QUERY_TYPE_PTR) { | ||
239 | 218 | + dns_build_ptr_answer(&dns_answer, in_queryname, idx, answer_data); | ||
240 | 219 | + ancount++; | ||
241 | 220 | + } else { | ||
242 | 221 | + struct lport_addresses ip_addrs; | ||
243 | 222 | + if (!extract_ip_addresses(answer_data, &ip_addrs)) { | ||
244 | 223 | + goto exit; | ||
245 | 224 | + } | ||
246 | 225 | + | ||
247 | 226 | + if (query_type == DNS_QUERY_TYPE_A || | ||
248 | 227 | + query_type == DNS_QUERY_TYPE_ANY) { | ||
249 | 228 | + for (size_t i = 0; i < ip_addrs.n_ipv4_addrs; i++) { | ||
250 | 229 | + dns_build_a_answer(&dns_answer, in_queryname, idx, | ||
251 | 230 | + ip_addrs.ipv4_addrs[i].addr); | ||
252 | 231 | + ancount++; | ||
253 | 232 | + } | ||
254 | 233 | } | ||
255 | 234 | - } | ||
256 | 235 | |||
257 | 236 | - if (query_type == DNS_QUERY_TYPE_AAAA || | ||
258 | 237 | - query_type == DNS_QUERY_TYPE_ANY) { | ||
259 | 238 | - for (size_t i = 0; i < ip_addrs.n_ipv6_addrs; i++) { | ||
260 | 239 | - ofpbuf_put(&dns_answer, in_queryname, idx); | ||
261 | 240 | - put_be16(&dns_answer, htons(DNS_QUERY_TYPE_AAAA)); | ||
262 | 241 | - put_be16(&dns_answer, htons(DNS_CLASS_IN)); | ||
263 | 242 | - put_be32(&dns_answer, htonl(DNS_DEFAULT_RR_TTL)); | ||
264 | 243 | - const struct in6_addr *ip6 = &ip_addrs.ipv6_addrs[i].addr; | ||
265 | 244 | - put_be16(&dns_answer, htons(sizeof *ip6)); | ||
266 | 245 | - ofpbuf_put(&dns_answer, ip6, sizeof *ip6); | ||
267 | 246 | - ancount++; | ||
268 | 247 | + if (query_type == DNS_QUERY_TYPE_AAAA || | ||
269 | 248 | + query_type == DNS_QUERY_TYPE_ANY) { | ||
270 | 249 | + for (size_t i = 0; i < ip_addrs.n_ipv6_addrs; i++) { | ||
271 | 250 | + dns_build_aaaa_answer(&dns_answer, in_queryname, idx, | ||
272 | 251 | + &ip_addrs.ipv6_addrs[i].addr); | ||
273 | 252 | + ancount++; | ||
274 | 253 | + } | ||
275 | 254 | } | ||
276 | 255 | + destroy_lport_addresses(&ip_addrs); | ||
277 | 256 | } | ||
278 | 257 | |||
279 | 258 | - destroy_lport_addresses(&ip_addrs); | ||
280 | 259 | - | ||
281 | 260 | if (!ancount) { | ||
282 | 261 | ofpbuf_uninit(&dns_answer); | ||
283 | 262 | goto exit; | ||
284 | 263 | Index: ovn-20.12.0/lib/ovn-l7.h | ||
285 | 264 | =================================================================== | ||
286 | 265 | --- ovn-20.12.0.orig/lib/ovn-l7.h | ||
287 | 266 | +++ ovn-20.12.0/lib/ovn-l7.h | ||
288 | 267 | @@ -26,6 +26,14 @@ | ||
289 | 268 | #include "hash.h" | ||
290 | 269 | #include "ovn/logical-fields.h" | ||
291 | 270 | |||
292 | 271 | +#define DNS_QUERY_TYPE_A 0x01 | ||
293 | 272 | +#define DNS_QUERY_TYPE_AAAA 0x1c | ||
294 | 273 | +#define DNS_QUERY_TYPE_ANY 0xff | ||
295 | 274 | +#define DNS_QUERY_TYPE_PTR 0x0c | ||
296 | 275 | + | ||
297 | 276 | +#define DNS_CLASS_IN 0x01 | ||
298 | 277 | +#define DNS_DEFAULT_RR_TTL 3600 | ||
299 | 278 | + | ||
300 | 279 | /* Generic options map which is used to store dhcpv4 opts and dhcpv6 opts. */ | ||
301 | 280 | struct gen_opts_map { | ||
302 | 281 | struct hmap_node hmap_node; | ||
303 | 282 | Index: ovn-20.12.0/ovn-nb.xml | ||
304 | 283 | =================================================================== | ||
305 | 284 | --- ovn-20.12.0.orig/ovn-nb.xml | ||
306 | 285 | +++ ovn-20.12.0/ovn-nb.xml | ||
307 | 286 | @@ -3549,7 +3549,13 @@ | ||
308 | 287 | Key-value pair of DNS records with <code>DNS query name</code> as the key | ||
309 | 288 | and value as a string of IP address(es) separated by comma or space. | ||
310 | 289 | |||
311 | 290 | + For PTR requests, the key-value pair can be | ||
312 | 291 | + <code>Reverse IPv4 address.in-addr.arpa</code> and the value | ||
313 | 292 | + <code>DNS domain name</code>. For IPv6 addresses, the key | ||
314 | 293 | + has to be <code>Reverse IPv6 address.ip6.arpa</code>. | ||
315 | 294 | + | ||
316 | 295 | <p><b>Example: </b> "vm1.ovn.org" = "10.0.0.4 aef0::4"</p> | ||
317 | 296 | + <p><b>Example: </b> "4.0.0.10.in-addr.arpa" = "vm1.ovn.org"</p> | ||
318 | 297 | </column> | ||
319 | 298 | |||
320 | 299 | <column name="external_ids"> | ||
321 | 300 | Index: ovn-20.12.0/tests/ovn.at | ||
322 | 301 | =================================================================== | ||
323 | 302 | --- ovn-20.12.0.orig/tests/ovn.at | ||
324 | 303 | +++ ovn-20.12.0/tests/ovn.at | ||
325 | 304 | @@ -9349,10 +9349,13 @@ ovn-nbctl lsp-set-port-security ls1-lp2 | ||
326 | 305 | |||
327 | 306 | DNS1=`ovn-nbctl create DNS records={}` | ||
328 | 307 | DNS2=`ovn-nbctl create DNS records={}` | ||
329 | 308 | +DNS3=`ovn-nbctl create DNS records={}` | ||
330 | 309 | |||
331 | 310 | ovn-nbctl set DNS $DNS1 records:vm1.ovn.org="10.0.0.4 aef0::4" | ||
332 | 311 | ovn-nbctl set DNS $DNS1 records:vm2.ovn.org="10.0.0.6 20.0.0.4" | ||
333 | 312 | ovn-nbctl set DNS $DNS2 records:vm3.ovn.org="40.0.0.4" | ||
334 | 313 | +ovn-nbctl set DNS $DNS3 records:4.0.0.10.in-addr.arpa="vm1.ovn.org" | ||
335 | 314 | +ovn-nbctl set DNS $DNS3 records:4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.e.a.ip6.arpa="vm1.ovn.org" | ||
336 | 315 | |||
337 | 316 | ovn-nbctl set Logical_switch ls1 dns_records="$DNS1" | ||
338 | 317 | |||
339 | 318 | @@ -9454,6 +9457,21 @@ set_dns_params() { | ||
340 | 319 | vm1_incomplete) | ||
341 | 320 | # set type to none | ||
342 | 321 | type='' | ||
343 | 322 | + ;; | ||
344 | 323 | + vm1_ipv4_ptr) | ||
345 | 324 | + # 4.0.0.10.in-addr.arpa | ||
346 | 325 | + query_name=01340130013002313007696e2d61646472046172706100 | ||
347 | 326 | + type=000c | ||
348 | 327 | + # vm1.ovn.org | ||
349 | 328 | + expected_dns_answer=${query_name}${type}0001${ttl}000d03766d31036f766e036f726700 | ||
350 | 329 | + ;; | ||
351 | 330 | + vm1_ipv6_ptr) | ||
352 | 331 | + # 4.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.0.f.e.a.ip6.arpa | ||
353 | 332 | + query_name=0134013001300130013001300130013001300130013001300130013001300130013001300130013001300130013001300130013001300130013001660165016103697036046172706100 | ||
354 | 333 | + type=000c | ||
355 | 334 | + # vm1.ovn.org | ||
356 | 335 | + expected_dns_answer=${query_name}${type}0001${ttl}000d03766d31036f766e036f726700 | ||
357 | 336 | + ;; | ||
358 | 337 | esac | ||
359 | 338 | # TTL - 3600 | ||
360 | 339 | local dns_req_header=010201200001000000000000 | ||
361 | 340 | @@ -9553,6 +9571,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
362 | 341 | rm -f 1.expected | ||
363 | 342 | rm -f 2.expected | ||
364 | 343 | |||
365 | 344 | + | ||
366 | 345 | set_dns_params vm1 | ||
367 | 346 | src_ip=`ip_to_hex 10 0 0 6` | ||
368 | 347 | dst_ip=`ip_to_hex 10 0 0 1` | ||
369 | 348 | @@ -9574,8 +9593,8 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
370 | 349 | rm -f 1.expected | ||
371 | 350 | rm -f 2.expected | ||
372 | 351 | |||
373 | 352 | -# Try vm1 again but an all-caps query name | ||
374 | 353 | |||
375 | 354 | +# Try vm1 again but an all-caps query name | ||
376 | 355 | set_dns_params VM1 | ||
377 | 356 | src_ip=`ip_to_hex 10 0 0 6` | ||
378 | 357 | dst_ip=`ip_to_hex 10 0 0 1` | ||
379 | 358 | @@ -9597,6 +9616,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
380 | 359 | rm -f 1.expected | ||
381 | 360 | rm -f 2.expected | ||
382 | 361 | |||
383 | 362 | + | ||
384 | 363 | # Clear the query name options for ls1-lp2 | ||
385 | 364 | ovn-nbctl --wait=hv remove DNS $DNS1 records vm2.ovn.org | ||
386 | 365 | |||
387 | 366 | @@ -9617,6 +9637,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
388 | 367 | rm -f 1.expected | ||
389 | 368 | rm -f 2.expected | ||
390 | 369 | |||
391 | 370 | + | ||
392 | 371 | # Clear the query name for ls1-lp1 | ||
393 | 372 | # Since ls1 has no query names configued, | ||
394 | 373 | # ovn-northd should not add the DNS flows. | ||
395 | 374 | @@ -9639,6 +9660,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
396 | 375 | rm -f 1.expected | ||
397 | 376 | rm -f 2.expected | ||
398 | 377 | |||
399 | 378 | + | ||
400 | 379 | # Test IPv6 (AAAA records) using IPv4 packet. | ||
401 | 380 | # Add back the DNS options for ls1-lp1. | ||
402 | 381 | ovn-nbctl --wait=hv set DNS $DNS1 records:vm1.ovn.org="10.0.0.4 aef0::4" | ||
403 | 382 | @@ -9664,6 +9686,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
404 | 383 | rm -f 1.expected | ||
405 | 384 | rm -f 2.expected | ||
406 | 385 | |||
407 | 386 | + | ||
408 | 387 | # Test both IPv4 (A) and IPv6 (AAAA records) using IPv4 packet. | ||
409 | 388 | set_dns_params vm1_ipv4_v6 | ||
410 | 389 | src_ip=`ip_to_hex 10 0 0 6` | ||
411 | 390 | @@ -9686,6 +9709,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
412 | 391 | rm -f 1.expected | ||
413 | 392 | rm -f 2.expected | ||
414 | 393 | |||
415 | 394 | + | ||
416 | 395 | # Invalid type. | ||
417 | 396 | set_dns_params vm1_invalid_type | ||
418 | 397 | src_ip=`ip_to_hex 10 0 0 6` | ||
419 | 398 | @@ -9704,6 +9728,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
420 | 399 | rm -f 1.expected | ||
421 | 400 | rm -f 2.expected | ||
422 | 401 | |||
423 | 402 | + | ||
424 | 403 | # Incomplete DNS packet. | ||
425 | 404 | set_dns_params vm1_incomplete | ||
426 | 405 | src_ip=`ip_to_hex 10 0 0 6` | ||
427 | 406 | @@ -9722,6 +9747,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
428 | 407 | rm -f 1.expected | ||
429 | 408 | rm -f 2.expected | ||
430 | 409 | |||
431 | 410 | + | ||
432 | 411 | # Add one more DNS record to the ls1. | ||
433 | 412 | ovn-nbctl --wait=hv set Logical_switch ls1 dns_records="$DNS1 $DNS2" | ||
434 | 413 | |||
435 | 414 | @@ -9746,6 +9772,7 @@ reset_pcap_file hv1-vif2 hv1/vif2 | ||
436 | 415 | rm -f 1.expected | ||
437 | 416 | rm -f 2.expected | ||
438 | 417 | |||
439 | 418 | + | ||
440 | 419 | # Try DNS query over IPv6 | ||
441 | 420 | set_dns_params vm1 | ||
442 | 421 | src_ip=aef00000000000000000000000000004 | ||
443 | 422 | @@ -9763,6 +9790,60 @@ AT_CHECK([cat 1.packets | cut -c 1-120,1 | ||
444 | 423 | |||
445 | 424 | reset_pcap_file hv1-vif1 hv1/vif1 | ||
446 | 425 | reset_pcap_file hv1-vif2 hv1/vif2 | ||
447 | 426 | +rm -f 1.expected | ||
448 | 427 | +rm -f 2.expected | ||
449 | 428 | + | ||
450 | 429 | + | ||
451 | 430 | +# Add one more DNS record to the ls1. | ||
452 | 431 | +ovn-nbctl --wait=hv set Logical_switch ls1 dns_records="$DNS1 $DNS2 $DNS3" | ||
453 | 432 | +echo "*************************" | ||
454 | 433 | +ovn-sbctl list DNS | ||
455 | 434 | +echo "*************************" | ||
456 | 435 | +ovn-nbctl list DNS | ||
457 | 436 | +echo "*************************" | ||
458 | 437 | + | ||
459 | 438 | +# Test PTR record for IPv4 address using IPv4 packet. | ||
460 | 439 | +set_dns_params vm1_ipv4_ptr | ||
461 | 440 | +src_ip=`ip_to_hex 10 0 0 4` | ||
462 | 441 | +dst_ip=`ip_to_hex 10 0 0 1` | ||
463 | 442 | +dns_reply=1 | ||
464 | 443 | +test_dns 1 f00000000001 f000000000f0 $src_ip $dst_ip $dns_reply $dns_req_data $dns_resp_data | ||
465 | 444 | + | ||
466 | 445 | +# NXT_RESUMEs should be 11. | ||
467 | 446 | +OVS_WAIT_UNTIL([test 11 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`]) | ||
468 | 447 | + | ||
469 | 448 | +$PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap > 1.packets | ||
470 | 449 | +cat 1.expected | cut -c -48 > expout | ||
471 | 450 | +AT_CHECK([cat 1.packets | cut -c -48], [0], [expout]) | ||
472 | 451 | +# Skipping the IPv4 checksum. | ||
473 | 452 | +cat 1.expected | cut -c 53- > expout | ||
474 | 453 | +AT_CHECK([cat 1.packets | cut -c 53-], [0], [expout]) | ||
475 | 454 | + | ||
476 | 455 | +reset_pcap_file hv1-vif1 hv1/vif1 | ||
477 | 456 | +reset_pcap_file hv1-vif2 hv1/vif2 | ||
478 | 457 | +rm -f 1.expected | ||
479 | 458 | +rm -f 2.expected | ||
480 | 459 | + | ||
481 | 460 | + | ||
482 | 461 | +# Test PTR record for IPv6 address using IPv4 packet. | ||
483 | 462 | +set_dns_params vm1_ipv6_ptr | ||
484 | 463 | +src_ip=`ip_to_hex 10 0 0 4` | ||
485 | 464 | +dst_ip=`ip_to_hex 10 0 0 1` | ||
486 | 465 | +dns_reply=1 | ||
487 | 466 | +test_dns 1 f00000000001 f000000000f0 $src_ip $dst_ip $dns_reply $dns_req_data $dns_resp_data | ||
488 | 467 | + | ||
489 | 468 | +# NXT_RESUMEs should be 12. | ||
490 | 469 | +OVS_WAIT_UNTIL([test 12 = `cat ofctl_monitor*.log | grep -c NXT_RESUME`]) | ||
491 | 470 | + | ||
492 | 471 | +$PYTHON "$ovs_srcdir/utilities/ovs-pcap.in" hv1/vif1-tx.pcap > 1.packets | ||
493 | 472 | +cat 1.expected | cut -c -48 > expout | ||
494 | 473 | +AT_CHECK([cat 1.packets | cut -c -48], [0], [expout]) | ||
495 | 474 | +# Skipping the IPv4 checksum. | ||
496 | 475 | +cat 1.expected | cut -c 53- > expout | ||
497 | 476 | +AT_CHECK([cat 1.packets | cut -c 53-], [0], [expout]) | ||
498 | 477 | + | ||
499 | 478 | +reset_pcap_file hv1-vif1 hv1/vif1 | ||
500 | 479 | +reset_pcap_file hv1-vif2 hv1/vif2 | ||
501 | 480 | rm -f 1.expected | ||
502 | 481 | rm -f 2.expected | ||
503 | 482 | |||
504 | diff --git a/debian/patches/series b/debian/patches/series | |||
505 | index 495c2d2..e6ab792 100644 | |||
506 | --- a/debian/patches/series | |||
507 | +++ b/debian/patches/series | |||
508 | @@ -10,3 +10,4 @@ lp-1914988-tests-Make-certificate-generation-extendable.patch | |||
509 | 10 | lp-1914988-tests-Test-with-SSL-and-RBAC-for-controller-by-defau.patch | 10 | lp-1914988-tests-Test-with-SSL-and-RBAC-for-controller-by-defau.patch |
510 | 11 | lp-1943266-pinctrl-Don-t-send-gARPs-for-localports.patch | 11 | lp-1943266-pinctrl-Don-t-send-gARPs-for-localports.patch |
511 | 12 | lp-1943266-physical-do-not-forward-traffic-from-localport-to-a-.patch | 12 | lp-1943266-physical-do-not-forward-traffic-from-localport-to-a-.patch |
512 | 13 | lp-1857026-controller-Add-support-for-PTR-DNS-requests.patch |
Package building in https:/ /launchpad. net/~fnordahl/ +archive/ ubuntu/ lp1857026