Re: [openstack-dev] [neutron] [VXLAN] patch to use per-VNI multicast group addresses

John Nielsen Wed, 22 Jul 2015 11:53:44 -0700

Thanks for the guidance. I put the patch on gerrit:
https://review.openstack.org/#/c/204725/


JN

> On Jul 21, 2015, at 4:59 PM, Ian Wells <ijw.ubu...@cack.org.uk> wrote:
> 
> It is useful, yes; and posting diffs on the mailing list is not the way to 
> get them reviewed and approved.  If you can get this on gerrit it will get a 
> proper review, and I would certainly like to see something like this 
> incorporated.
> 
> On 21 July 2015 at 15:41, John Nielsen <li...@jnielsen.net> wrote:
>> I may be in a small minority since I a) use VXLAN, b) don’t hate multicast 
>> and c) use linuxbridge instead of OVS. However I thought I’d share this 
>> patch in case I’m not alone.
>> 
>> If you assume the use of multicast, VXLAN works quite nicely to isolate L2 
>> domains AND to prevent delivery of unwanted broadcast/unknown/multicast 
>> packets to VTEPs that don’t need them. However, the latter only holds up if 
>> each VXLAN VNI uses its own unique multicast group address. Currently, you 
>> have to either disable multicast (and use l2_population or similar) or use 
>> only a single group address for ALL VNIs (and force every single VTEP to 
>> receive every BUM packet from every network). For my usage, this patch seems 
>> simpler.
>> 
>> Feedback is very welcome. In particular I’d like to know if anyone else 
>> finds this useful and if so, what (if any) changes might be required to get 
>> it committed. Thanks!
>> 
>> JN
>> 
>> 
>> commit 17c32a9ad07911f3b4148e96cbcae88720eef322
>> Author: John Nielsen <j...@jnielsen.net>
>> Date:   Tue Jul 21 16:13:42 2015 -0600
>> 
>>     Add a boolean option, vxlan_group_auto, which if enabled will compute
>>     a unique multicast group address group for each VXLAN VNI. Since VNIs
>>     are 24 bits, they map nicely to the 239.0.0.0/8 "site-local" multicast
>>     range. Eight bits of the VNI are used for the second, third and fourth
>>     octets (with 239 always as the first octet).
>> 
>>     Using this option allows VTEPs to receive BUM datagrams via multicast,
>>     but only for those VNIs in which they participate. In other words, it is
>>     an alternative to the l2_population extension and driver for environments
>>     where both multicast and linuxbridge are used.
>> 
>>     If the option is True then multicast groups are computed as described
>>     above. If the option is False then the previous behavior is used
>>     (either a single multicast group is defined by vxlan_group or multicast
>>     is disabled).
>> 
>> diff --git a/etc/neutron/plugins/ml2/linuxbridge_agent.ini 
>> b/etc/neutron/plugins/ml2/linuxbridge_agent.ini
>> index d1a01ba..03578ad 100644
>> --- a/etc/neutron/plugins/ml2/linuxbridge_agent.ini
>> +++ b/etc/neutron/plugins/ml2/linuxbridge_agent.ini
>> @@ -25,6 +25,10 @@
>>  # This group must be the same on all the agents.
>>  # vxlan_group = 224.0.0.1
>>  #
>> +# (BoolOpt) Derive a unique 239.x.x.x multicast group for each vxlan VNI.
>> +# If this option is true, the setting of vxlan_group is ignored.
>> +# vxlan_group_auto = False
>> +#
>>  # (StrOpt) Local IP address to use for VXLAN endpoints (required)
>>  # local_ip =
>>  #
>> diff --git a/neutron/plugins/ml2/drivers/linuxbridge/agent/common/config.py 
>> b/neutron/plugins/ml2/drivers/linuxbridge/agent/common/config.py
>> index 6f15236..b4805d5 100644
>> --- a/neutron/plugins/ml2/drivers/linuxbridge/agent/common/config.py
>> +++ b/neutron/plugins/ml2/drivers/linuxbridge/agent/common/config.py
>> @@ -31,6 +31,9 @@ vxlan_opts = [
>>                 help=_("TOS for vxlan interface protocol packets.")),
>>      cfg.StrOpt('vxlan_group', default=DEFAULT_VXLAN_GROUP,
>>                 help=_("Multicast group for vxlan interface.")),
>> +    cfg.BoolOpt('vxlan_group_auto', default=False,
>> +                help=_("Derive a unique 239.x.x.x multicast group for each "
>> +                       "vxlan VNI")),
>>      cfg.IPOpt('local_ip', version=4,
>>                help=_("Local IP address of the VXLAN endpoints.")),
>>      cfg.BoolOpt('l2_population', default=False,
>> diff --git 
>> a/neutron/plugins/ml2/drivers/linuxbridge/agent/linuxbridge_neutron_agent.py 
>> b/neutron/plugins/ml2/drivers/linuxbridge/agent/linuxbridge_neutron_agent.py
>> index 61627eb..a0efde1 100644
>> --- 
>> a/neutron/plugins/ml2/drivers/linuxbridge/agent/linuxbridge_neutron_agent.py
>> +++ 
>> b/neutron/plugins/ml2/drivers/linuxbridge/agent/linuxbridge_neutron_agent.py
>> @@ -127,6 +127,14 @@ class LinuxBridgeManager(object):
>>              LOG.warning(_LW("Invalid Segmentation ID: %s, will lead to "
>>                              "incorrect vxlan device name"), segmentation_id)
>> 
>> +    def get_vxlan_group(self, segmentation_id):
>> +        if cfg.CONF.VXLAN.vxlan_group_auto:
>> +            return ("239." +
>> +                    str(segmentation_id >> 16) + "." +
>> +                    str(segmentation_id >> 8 % 256) + "." +
>> +                    str(segmentation_id % 256))
>> +        return cfg.CONF.VXLAN.vxlan_group
>> +
>>      def get_all_neutron_bridges(self):
>>          neutron_bridge_list = []
>>          bridge_list = os.listdir(BRIDGE_FS)
>> @@ -240,7 +248,7 @@ class LinuxBridgeManager(object):
>>                         'segmentation_id': segmentation_id})
>>              args = {'dev': self.local_int}
>>              if self.vxlan_mode == lconst.VXLAN_MCAST:
>> -                args['group'] = cfg.CONF.VXLAN.vxlan_group
>> +                args['group'] = self.get_vxlan_group(segmentation_id)
>>              if cfg.CONF.VXLAN.ttl:
>>                  args['ttl'] = cfg.CONF.VXLAN.ttl
>>              if cfg.CONF.VXLAN.tos:
>> @@ -553,9 +561,10 @@ class LinuxBridgeManager(object):
>>              self.delete_vxlan(test_iface)
>> 
>>      def vxlan_mcast_supported(self):
>> -        if not cfg.CONF.VXLAN.vxlan_group:
>> +        if not (cfg.CONF.VXLAN.vxlan_group or 
>> cfg.CONF.VXLAN.vxlan_group_auto):
>>              LOG.warning(_LW('VXLAN muticast group must be provided in '
>> -                            'vxlan_group option to enable VXLAN MCAST 
>> mode'))
>> +                            'vxlan_group option or vxlan_group_auto must '
>> +                            'be True to enable VXLAN MCAST mode'))
>>              return False
>>          if not ip_lib.iproute_arg_supported(
>>                  ['ip', 'link', 'add', 'type', 'vxlan'],
>> 
>> 
>> __________________________________________________________________________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>> 
>> __________________________________________________________________________
>> OpenStack Development Mailing List (not for usage questions)
>> Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
>> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev


__________________________________________________________________________
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: openstack-dev-requ...@lists.openstack.org?subject:unsubscribe
http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev

Re: [openstack-dev] [neutron] [VXLAN] patch to use per-VNI multicast group addresses

Reply via email to