Whether a port is a "protected port" appears to be just an extra boolean true/false setting for each individual port, so I'd probably start by adding a new boolean column to the Port table (or perhaps a new other-config key-value, since this seems to be a fairly rarely used feature).
On Thu, Oct 27, 2016 at 04:25:04PM +0300, Ben Kelly wrote: > Thanks Ben, > > I'm considering going down the patch route - though I must admit I > haven't had a lot of experience with OVS. To steer in the right > direction, where would a feature like this be configured/manipulated? > in ovs-vsctl? ovs-ofctl has a mod-port command, but I'm not really > aware of port specific configuration in ovs-vsctl? Should I be asking > this on the dev mailing list instead? > > Cheers, > Ben > > On Thu, Oct 27, 2016 at 1:09 AM, Ben Pfaff <b...@ovn.org> wrote: > > On Wed, Oct 26, 2016 at 12:45:48PM +0300, Ben Kelly wrote: > >> Hi, > >> > >> I've been searching for ways to implement something like "protected > >> mode" for ovs without much luck so far. Hoping someone on the discuss > >> mailing list might have some suggestions. > >> > >> Protected mode is available on some broadcom switch ASIC, and cisco > >> switches also have this as a configurable option > >> (http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_011101.html). > >> > >> Basically, I would like to nominate a set of ports in my ovs bridge to > >> have layer 2 forwarding between them disabled. A "protected" port will > >> not forward frames to another protected port, however forwarding > >> occurs as normal between protected <-> non-protected ports and > >> vice-versa. > >> > >> My underlying requirement is that I need to use OpenvSwitch for 802.1q > >> and associate layer 3 addressing with internal ovs ports, however I'd > >> like to disable layer 2 forwarding between physical ports. > >> > >> I've looked at things such as "ovs-ofctl mod-port [phys port] noflood" > >> etc. but this seems to be an all-or-nothing approach with regards to > >> forwarding between ports. > >> > >> I'd appreciate any suggestions! > > > > You could implement this with an OpenFlow controller. > > > > You could submit patches to add such a feature to base OVS. _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
