On Fri, Mar 17, 2017 at 08:39:01AM -0700, Ben Pfaff wrote:
> On Wed, Mar 01, 2017 at 05:48:00PM -0500, Eric Garver wrote:
> > - Example:
> > ovs-vsctl set Port p1 vlan_mode=dot1q-tunnel tag=100
> > Pushes another VLAN 100 header on packets (tagged and untagged) on
> > ingress, and pops it on egress.
> > - Customer VLAN check:
> > ovs-vsctl set Port p1 vlan_mode=dot1q-tunnel tag=100 cvlans=10,20
> > Only customer VLAN of 10 and 20 are allowed.
> >
> > Co-authored-by: Xiao Liang <[email protected]>
> > Signed-off-by: Xiao Liang <[email protected]>
> > Signed-off-by: Eric Garver <[email protected]>
>
> Thanks Eric and Xiao.
>
> I applied this commit to master, folding in the following changes. The
> important changes were:
>
> * Clarified log message.
>
> * Moved qinq_ethtype from a column of its own to other_config, because I
> did not think that this was an important configuration setting.
>
> * Rewrote and expanded the documentation, because I had never heard of
> dot1-tunnel ports and thought that others deserved a detailed
> explanation of what they do.
>
> Eric, would you mind rebasing and resubmitting patches 3 through 7? I
> imagine that I've mostly broken them with my changes, although I hope
> that the fixes are simple.
Not a problem. I'll get to it ASAP.
> --8<--------------------------cut here-------------------------->8--
>
> diff --git a/NEWS b/NEWS
> index 2994b82b6a76..83a7c97c3cd9 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -3,7 +3,6 @@ Post-v2.7.0
> - Tunnels:
> * Added support to set packet mark for tunnel endpoint using
> `egress_pkt_mark` OVSDB option.
> - * New dot1q-tunnel (CVLAN) type via 802.1ad support.
> - EMC insertion probability is reduced to 1% and is configurable via
> the new 'other_config:emc-insert-inv-prob' option.
> - DPDK:
> @@ -12,7 +11,8 @@ Post-v2.7.0
> 'ovs-appctl vlog' commands for 'dpdk' module. Lower bound
> still can be configured via extra arguments for DPDK EAL.
> - The "learn" action now supports a "limit" option (see ovs-ofctl(8)).
> - - New support for multiple VLANs (802.1ad or "QinQ").
> + - New support for multiple VLANs (802.1ad or "QinQ"), including a new
> + "dot1q-tunnel" port VLAN mode.
>
> v2.7.0 - 21 Feb 2017
> ---------------------
> diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c
> index bc16e92847d7..1a82b8d569be 100644
> --- a/ofproto/ofproto-dpif-xlate.c
> +++ b/ofproto/ofproto-dpif-xlate.c
> @@ -1968,8 +1968,8 @@ input_vid_is_valid(const struct xlate_ctx *ctx,
> case PORT_VLAN_DOT1Q_TUNNEL:
> if (!xbundle_allows_cvlan(in_xbundle, vid)) {
> xlate_report_error(ctx, "dropping VLAN %"PRIu16" packet received
> "
> - "on port %s not configured for dot1q
> tunneling"
> - "VLAN %"PRIu16, vid, in_xbundle->name, vid);
> + "on dot1q-tunnel port %s that excludes this "
> + "VLAN", vid, in_xbundle->name);
> return false;
> }
> return true;
> diff --git a/ofproto/ofproto-dpif.c b/ofproto/ofproto-dpif.c
> index 8cc2fee234ff..6611c23a5903 100644
> --- a/ofproto/ofproto-dpif.c
> +++ b/ofproto/ofproto-dpif.c
> @@ -1,5 +1,5 @@
> /*
> - * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
> + * Copyright (c) 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017
> Nicira, Inc.
> *
> * Licensed under the Apache License, Version 2.0 (the "License");
> * you may not use this file except in compliance with the License.
> @@ -2968,7 +2968,7 @@ bundle_set(struct ofproto *ofproto_, void *aux,
> }
>
> if (s->qinq_ethtype != bundle->qinq_ethtype) {
> - bundle->qinq_ethtype= s->qinq_ethtype;
> + bundle->qinq_ethtype = s->qinq_ethtype;
> need_flush = true;
> }
>
> @@ -3032,7 +3032,7 @@ bundle_set(struct ofproto *ofproto_, void *aux,
>
> if (!vlan_bitmap_equal(cvlans, bundle->cvlans)) {
> free(bundle->cvlans);
> - if (cvlans== s->cvlans) {
> + if (cvlans == s->cvlans) {
> bundle->cvlans = vlan_bitmap_clone(cvlans);
> } else {
> bundle->cvlans = cvlans;
> diff --git a/ofproto/ofproto.h b/ofproto/ofproto.h
> index d44845ce3cf6..1e48e1952aa2 100644
> --- a/ofproto/ofproto.h
> +++ b/ofproto/ofproto.h
> @@ -390,7 +390,7 @@ enum port_vlan_mode {
> * Other VLANs in 'trunks' are trunked. */
> PORT_VLAN_NATIVE_UNTAGGED,
>
> - /* 802.1q tunnel port. Incomming packets are added an outer vlan tag
> + /* 802.1q tunnel port. Incoming packets are added an outer vlan tag
> * 'vlan'. If 'cvlans' is set, only allows VLANs in 'cvlans'. */
> PORT_VLAN_DOT1Q_TUNNEL
> };
> diff --git a/tests/ofproto-dpif.at b/tests/ofproto-dpif.at
> index 0a0d36800449..e3d79bd0788d 100644
> --- a/tests/ofproto-dpif.at
> +++ b/tests/ofproto-dpif.at
> @@ -3182,10 +3182,10 @@ OVS_VSWITCHD_START(
> add-port br0 p7 vlan_mode=native-untagged tag=12 -- \
> add-port br0 p8 vlan_mode=native-untagged tag=12 trunks=10,12 \
> other-config:priority-tags=true -- \
> - add-port br0 p9 vlan_mode=dot1q-tunnel tag=10
> qinq_ethtype=802.1q -- \
> - add-port br0 p10 vlan_mode=dot1q-tunnel tag=10 cvlans=10,12
> qinq_ethtype=802.1q -- \
> - add-port br0 p11 vlan_mode=dot1q-tunnel tag=12
> qinq_ethtype=802.1q -- \
> - add-port br0 p12 vlan_mode=dot1q-tunnel tag=12
> qinq_ethtype=802.1q \
> + add-port br0 p9 vlan_mode=dot1q-tunnel tag=10
> other-config:qinq-ethtype=802.1q -- \
> + add-port br0 p10 vlan_mode=dot1q-tunnel tag=10 cvlans=10,12
> other-config:qinq-ethtype=802.1q -- \
> + add-port br0 p11 vlan_mode=dot1q-tunnel tag=12
> other-config:qinq-ethtype=802.1q -- \
> + add-port br0 p12 vlan_mode=dot1q-tunnel tag=12
> other-config:qinq-ethtype=802.1q \
> other-config:priority-tags=true -- \
> set Interface p1 type=dummy -- \
> set Interface p2 type=dummy -- \
> diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
> index 77fe686a51f2..b182e0a5a37c 100644
> --- a/vswitchd/bridge.c
> +++ b/vswitchd/bridge.c
> @@ -1,4 +1,4 @@
> -/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016
> Nicira, Inc.
> +/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017
> Nicira, Inc.
> *
> * Licensed under the Apache License, Version 2.0 (the "License");
> * you may not use this file except in compliance with the License.
> @@ -1013,22 +1013,10 @@ port_configure(struct port *port)
> }
> }
>
> - if (cfg->qinq_ethtype) {
> - if (!strcmp(cfg->qinq_ethtype, "802.1q") ||
> - !strcmp(cfg->qinq_ethtype, "0x8100")) {
> - s.qinq_ethtype = ETH_TYPE_VLAN_8021Q;
> - } else if (!strcmp(cfg->qinq_ethtype, "802.1ad") ||
> - !strcmp(cfg->qinq_ethtype, "0x88a8")) {
> - s.qinq_ethtype = ETH_TYPE_VLAN_8021AD;
> - } else {
> - /* This "can't happen" because ovsdb-server should prevent it. */
> - VLOG_WARN("port %s: invalid QinQ ethertype %s, falling "
> - "back to 802.1ad", port->name, cfg->qinq_ethtype);
> - s.qinq_ethtype = ETH_TYPE_VLAN_8021AD;
> - }
> - } else {
> - s.qinq_ethtype = ETH_TYPE_VLAN_8021AD;
> - }
> + const char *qe = smap_get_def(&cfg->other_config, "qinq-ethtype", "");
> + s.qinq_ethtype = (!strcmp(qe, "802.1q")
> + ? ETH_TYPE_VLAN_8021Q
> + : ETH_TYPE_VLAN_8021AD);
>
> s.use_priority_tags = smap_get_bool(&cfg->other_config, "priority-tags",
> false);
> diff --git a/vswitchd/vswitch.ovsschema b/vswitchd/vswitch.ovsschema
> index 97fad0621fe3..19b49daf118c 100644
> --- a/vswitchd/vswitch.ovsschema
> +++ b/vswitchd/vswitch.ovsschema
> @@ -1,6 +1,6 @@
> {"name": "Open_vSwitch",
> "version": "7.15.0",
> - "cksum": "2427506207 23400",
> + "cksum": "544856471 23228",
> "tables": {
> "Open_vSwitch": {
> "columns": {
> @@ -160,10 +160,6 @@
> "enum": ["set", ["trunk", "access", "native-tagged",
> "native-untagged", "dot1q-tunnel"]]},
> "min": 0, "max": 1}},
> - "qinq_ethtype": {
> - "type": {"key": {"type": "string",
> - "enum": ["set", ["802.1q", "802.1ad", "0x88a8", "0x8100"]]},
> - "min": 0, "max": 1}},
> "qos": {
> "type": {"key": {"type": "uuid",
> "refTable": "QoS"},
> diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
> index 45cc6437f412..14297bf9ad98 100644
> --- a/vswitchd/vswitch.xml
> +++ b/vswitchd/vswitch.xml
> @@ -1281,7 +1281,39 @@
> </column>
>
> <group title="VLAN Configuration">
> - <p>Bridge ports support the following types of VLAN configuration:</p>
> + <p>
> + In short, a VLAN (short for ``virtual LAN'') is a way to partition a
> + single switch into multiple switches. VLANs can be confusing, so for
> + an introduction, please refer to the question ``What's a VLAN?'' in
> the
> + Open vSwitch FAQ.
> + </p>
> +
> + <p>
> + A VLAN is sometimes encoded into a packet using a 802.1Q or 802.1ad
> + VLAN header, but every packet is part of some VLAN whether or not it
> is
> + encoded in the packet. (A packet that appears to have no VLAN is
> part
> + of VLAN 0, by default.) As a result, it's useful to think of a VLAN
> as
> + a metadata property of a packet, separate from how the VLAN is
> encoded.
> + For a given port, this column determines how the encoding of a packet
> + that ingresses or egresses the port maps to the packet's VLAN. When
> a
> + packet enters the switch, its VLAN is determined based on its setting
> + in this column and its VLAN headers, if any, and then, conceptually,
> + the VLAN headers are then stripped off. Conversely, when a packet
> + exits the switch, its VLAN and the settings in this column determine
> + what VLAN headers, if any, are pushed onto the packet before it
> + egresses the port.
> + </p>
> +
> + <p>
> + The VLAN configuration in this column affects Open vSwitch only when
> it
> + is doing ``normal switching.'' It does not affect flows set up by an
> + OpenFlow controller, outside of the OpenFlow ``normal action.''
> + </p>
> +
> + <p>
> + Bridge ports support the following types of VLAN configuration:
> + </p>
> +
> <dl>
> <dt>trunk</dt>
> <dd>
> @@ -1333,16 +1365,23 @@
> <dt>dot1q-tunnel</dt>
> <dd>
> <p>
> - A dot1q-tunnel port tunnels packets with VLAN specified in
> - <ref column="tag"/> column. That is it adds 802.1Q header, with
> - ethertype and VLAN ID specified in <ref column="qinq-ethtype"/>
> - and <ref column="tag"/>, to both tagged and untagged packets on
> - ingress, and pops dot1q header of this VLAN on egress.
> + A dot1q-tunnel port is somewhat like an access port. Like an
> + access port, it carries packets on the single VLAN specified in
> the
> + <ref column="tag"/> column and this VLAN, called the service
> VLAN,
> + does not appear in an 802.1Q header for packets that ingress or
> + egress on the port. The main difference lies in the behavior
> when
> + packets that include a 802.1Q header ingress on the port.
> Whereas
> + an access port drops such packets, a dot1q-tunnel port treats
> these
> + as double-tagged with the outer service VLAN <ref column="tag"/>
> + and the inner customer VLAN taken from the 802.1Q header.
> + Correspondingly, to egress on the port, a packet outer VLAN (or
> + only VLAN) must be <ref column="tag"/>, which is removed before
> + egress, which exposes the inner (customer) VLAN if one is
> present.
> </p>
> -
> +
> <p>
> - If <ref column="cvlans"/> is set, only allows packets of these
> - VLANs.
> + If <ref column="cvlans"/> is set, only allows packets in the
> + specified customer VLANs.
> </p>
> </dd>
> </dl>
> @@ -1368,13 +1407,6 @@
> </ul>
> </column>
>
> - <column name="qinq_ethtype">
> - <p>
> - Ethertype of dot1q-tunnel port, could be either "802.1q"(0x8100) or
> - "802.1ad"(0x88a8). Defaults to "802.1ad".
> - </p>
> - </column>
> -
> <column name="tag">
> <p>
> For an access port, the port's implicitly tagged VLAN. For a
> @@ -1398,9 +1430,32 @@
>
> <column name="cvlans">
> <p>
> - For a trunk-qinq port if specific cvlans are specified only those
> - cvlans are 1ad tunneled, others are dropped. If no cvlans specified
> - explicitly then all cvlans are 1ad tunneled.
> + For a dot1q-tunnel port, the customer VLANs that this port
> includes.
> + If this is empty, the port includes all customer VLANs.
> + </p>
> + <p>
> + For other kinds of ports, this setting is ignored.
> + </p>
> + </column>
> +
> + <column name="other_config" key="qinq-ethtype"
> + type='{"type": "string", "enum": ["set", ["802.1ad",
> "802.1q"]]}'>
> + <p>
> + For a dot1q-tunnel port, this is the TPID for the service tag, that
> + is, for the 802.1Q header that contains the service VLAN ID.
> Because
> + packets that actually ingress and egress a dot1q-tunnel port do not
> + include an 802.1Q header for the service VLAN, this does not affect
> + packets on the dot1q-tunnel port itself. Rather, it determines the
> + service VLAN for a packet that ingresses on a dot1q-tunnel port and
> + egresses on a trunk port.
> + </p>
> + <p>
> + The value <code>802.1ad</code> specifies TPID 0x88a8, which is also
> + the default if the setting is omitted. The value
> <code>802.1q</code>
> + specifies TPID 0x8100.
> + </p>
> + <p>
> + For other kinds of ports, this setting is ignored.
> </p>
> </column>
>
This incremental looks good. Thanks for beefing up the documentation.
Eric.
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
