IETF draft at:
https://tools.ietf.org/html/draft-ietf-sfc-nsh-01
defines a new protocol named Network Service Header (NSH). Its format
looks like:
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
|Ver|O|C|R|R|R|R|R|R| Length | MD Type | Next Proto |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| Service Path ID | Service Index |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
| |
~ Mandatory/Optional Context Header ~
| |
+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+-+
In this patch set, we implement the NSH metadata type 1 support for
the openvswtich.
Since the overlay could be VxLAN-GPE which is upstreamed by Jiri
at Linux kernel tree
commit <e1e5314de08ba6003b358125eafc9ad9e75a950c>
So we also add VxLAN-GPE support for openvswitch.
Once add VxLAN-GPE support, the VxLAN port's ethernet type is set
to ARPHRD_NONE, so RAW protocol should be supported by the openvswitch.
This breaks the assumption that all packets should have a L2 header.
Simon upstreamed a patch set to add the raw protocol support at:
https://github.com/horms/openvswitch.git
This patch set depends on Simon's patch.
Basic NSH steering test case:
172.168.60.101/24 172.168.60.102/24
+--------------+ +--------------+
| bbr-int | | br-int |
+--------------+ +--------------+
| vxlan0(gpe) | | vxlan0(gpe) |
+--------------+ +--------------+
| |
| |
| |
192.168.50.101/24 192.168.50.102/24
+--------------+ +---------------+
| br-eth1 | | br-eth1 |
+--------------+ +---------------+
| eth1 |----------------------| eth1 |
+--------------+ +---------------+
Node 1 with OVS. Node 2 with OVS.
Configure Node 1:
Step 1: Create VxLAN-GPE ports
$ovs-vsctl add-port br-int vxlan0 -- set interface vxlan0 \
type=vxlan options:remote_ip=192.168.50.102 options:key=flow \
options:dst_port=4790 options:exts=gpe
Step 2: Add flows for Egress
$ovs-ofctl add-flow br-int "table=0, priority=260, in_port=LOCAL \
actions=push_nsh,load:0x1->NXM_NX_NSP[],load:0xFF->NXM_NX_NSI[],\
load:1->NXM_NX_NSH_MDTYPE[],load:0x3->NXM_NX_NSH_NP[],\
load:0x11223344->NXM_NX_NSH_C1[],load:0x55667788->NXM_NX_NSH_C2[],\
load:0x99aabbcc->NXM_NX_NSH_C3[],load:0xddeeff00->NXM_NX_NSH_C4[],\
output:1"
Step 3: Add flow for Ingress
$ovs-ofctl add-flow br-int "table=0, priority=260, in_port=1,\
nsh_mdtype=1, nsp=0x800001, nsi=0xFF, nshc1=0xddeeff00,\
nshc2=0x99aabbcc, nshc3=0x55667788, nshc4=0x11223344, \
actions=pop_nsh,output:LOCAL"
Configure Node 2:
Step 1: Create VxLAN-GPE ports
$ovs-vsctl add-port br-int vxlan0 -- set interface vxlan0 \
type=vxlan options:remote_ip=192.168.50.101 options:key=flow \
options:dst_port=4790 options:exts=gpe
Step 2: Add flows for Egress
$ovs-ofctl add-flow br-int "table=0, priority=260, in_port=LOCAL \
actions=push_nsh,load:0x800001->NXM_NX_NSP[],load:0xFF->NXM_NX_NSI[],\
load:1->NXM_NX_NSH_MDTYPE[],load:0x3->NXM_NX_NSH_NP[],\
load:0xddeeff00->NXM_NX_NSH_C1[],load:0x99aabbcc->NXM_NX_NSH_C2[],\
load:0x55667788->NXM_NX_NSH_C3[],load:0x11223344->NXM_NX_NSH_C4[],\
output:1"
Step 3: Add flow for Ingress
$ovs-ofctl add-flow br-int "table=0, priority=260, in_port=1,\
nsh_mdtype=1, nsp=0x1, nsi=0xFF, nshc1=0x11223344,\
nshc2=0x55667788, nshc3=0x99aabbcc, nshc4=0xddeeff00, \
actions=pop_nsh,output:LOCAL"
Now we could test the flows between 172.168.60.101 and 172.168.60.102.
Johnson Li (14):
Add VxLAN-GPE extension for the Openvswitch
Add NSH fields for Openvswitch flow key
Add NSH keys as match fields for user space flow table
Format NSH keys to readable strings
Add key attributes of Network Service Header
Parse and format NSH key attributes
Add APIs to set NSH keys for match fields
Add Meta flow key for NSH header
parse NSH key in key_extract of openvswitch
Parse NSH header in flow_extract
Kernel: Add push_nsh/pop_nsh flow actions for data path
Openflow message for push/pop NSH header
Add "pop_nsh/push_nsh" flow action for OVS control plane
commit control plane action to data plane
datapath/actions.c | 68 ++++
datapath/flow.c | 45 ++-
datapath/flow.h | 15 +
datapath/flow_netlink.c | 202 +++++++++++-
datapath/linux/Modules.mk | 1 +
datapath/linux/compat/include/linux/openvswitch.h | 32 ++
datapath/linux/compat/include/net/nsh.h | 117 +++++++
datapath/vport-netdev.c | 3 +-
datapath/vport-vxlan.c | 15 +
include/openvswitch/flow.h | 5 +-
include/openvswitch/match.h | 20 ++
include/openvswitch/meta-flow.h | 126 ++++++++
include/openvswitch/ofp-actions.h | 4 +
include/openvswitch/packets.h | 19 ++
lib/dpif-netdev.c | 2 +
lib/dpif.c | 2 +
lib/flow.c | 67 ++++
lib/match.c | 142 +++++++++
lib/meta-flow.c | 152 +++++++++
lib/netdev-vport.c | 2 +
lib/nx-match.c | 16 +
lib/odp-execute.c | 8 +
lib/odp-util.c | 369 +++++++++++++++++++++-
lib/ofp-actions.c | 80 +++++
lib/packets.h | 44 +++
ofproto/ofproto-dpif-sflow.c | 3 +
ofproto/ofproto-dpif-xlate.c | 16 +
27 files changed, 1569 insertions(+), 6 deletions(-)
create mode 100644 datapath/linux/compat/include/net/nsh.h
--
1.8.4.2
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
