Hi, I've been searching for ways to implement something like "protected mode" for ovs without much luck so far. Hoping someone on the discuss mailing list might have some suggestions.
Protected mode is available on some broadcom switch ASIC, and cisco switches also have this as a configurable option (http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_011101.html). Basically, I would like to nominate a set of ports in my ovs bridge to have layer 2 forwarding between them disabled. A "protected" port will not forward frames to another protected port, however forwarding occurs as normal between protected <-> non-protected ports and vice-versa. My underlying requirement is that I need to use OpenvSwitch for 802.1q and associate layer 3 addressing with internal ovs ports, however I'd like to disable layer 2 forwarding between physical ports. I've looked at things such as "ovs-ofctl mod-port [phys port] noflood" etc. but this seems to be an all-or-nothing approach with regards to forwarding between ports. I'd appreciate any suggestions! Cheers, Ben _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
