This patch series adds vtap mode support for Network Functions in OVN. Unlike the existing inline mode where traffic is redirected through the network function, vtap mode mirrors (clones) the traffic matching the ACL to the network function while allowing the original packet to continue to its destination unmodified.
Key Differences from Inline Mode: --------------------------------- - Traffic is mirrored, not redirected - Only inport is required (no outport needed) - Original traffic flow is unaffected - NF health is determined by port binding status (no health check probes) - Fallback behaviour is always fail-open for VATP NFs Naveen Yerramneni (4): ovn-nb: Network Function vtap mode schema and doc changes ovn-nbctl: Network Function vtap mode commands controller: Network Function vtap mode physical flow changes northd, tests: Network Function vtap mode logical flow changes NEWS | 4 + controller/physical.c | 35 +++- northd/northd.c | 402 +++++++++++++++++++++++++++++++++++++----- ovn-nb.ovsschema | 9 +- ovn-nb.xml | 50 ++++-- tests/ovn-nbctl.at | 16 ++ tests/ovn-northd.at | 181 ++++++++++++++++++- tests/ovn.at | 372 +++++++++++++++++++++++++++++++++++++- tests/system-ovn.at | 265 +++++++++++++++++++++++++++- utilities/ovn-nbctl.c | 20 ++- 10 files changed, 1264 insertions(+), 90 deletions(-) -- 2.43.5 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
