Natasha Gude wrote: > Comments inline: > > On Jul 15, 2008, at 8:00 PM, David Erickson wrote: > >> One feature that is critical to the demo we are working on is the >> capability to 'shortcut' past an in-network gateway and send packets >> straight to the destination. For example, two hosts that are >> connected to the same physical OF switch, but on different subnets. >> The goal would be such that the two can communicate without having to >> go through an intermediate gateway. This requires intercepting their >> packets destined for the gateway, modifying the route to be directly >> between the two, and rewriting the destination MAC addresses. >> >> I had a look through authenticator/routing and determined two >> modifications that could enable this: >> >> 1) In authenticator.cc for a packet_in event a lookup is performed >> based on the destination MAC address to determine the destination >> ConnPtr that will be passed along in the flow_in event. I believe >> this could be modified such that it first checks to see if there is a >> known ip:mac binding for the destination ip, and if the dest mac >> differs from this binding, it instead uses the ConnPtr from the >> ip:mac binding as the destination in the flow_in event. >> >> 2) To support the rewrite that will be required, the Link structure >> could be extended to contain a list of action structures that >> correspond to OpenFlow actions. Then authenticator would need to >> signal through the flow_in that a MAC rewrite is necessary, and >> routing would see this and add the MAC rewrite to the last entry in >> the route as it gets pushed down into the switches. >> >> This leads me to a couple of questions. >> >> -Is there an index in to the database of known hosts based on IP >> address? The only one I saw in a brief skim was the hosts variable, >> which appeared to be an index from dl->nw dest->datapathid/port. From >> this I would gather that one would need to iterate through all MACs >> looking for the IP? Is there an easier way to do this or some sample >> code? >> > > The bindings_storage component described in Dan's response to > 'Exposing authenticator information to python apps' thread is the > interface for searching on IP. authenticator is really only suppose > to serve as a quick lookup for received packets and thus doesn't need > a separate ip only lookup. Hmm, I'm not sure that bindings_storage will work here since this is a time sensitive lookup, holding back packets from a flow waiting for a callback could be very detrimental, what do you think?
-David _______________________________________________ nox-dev mailing list [email protected] http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
