On Tue, Mar 10, 2020 at 10:55:35PM -0700, Han Zhou wrote: > Hi Ben, sorry for the late reply. I know it is merged, but I still want to > share a few comments below. Maybe we can discuss and work on a follow-up > patch if needed.
Yes, let's continue to improve the documentation. Thanks for the comments. > On Thu, Mar 5, 2020 at 11:37 AM Ben Pfaff <[email protected]> wrote: > > + <p> > > + A <code>localnet</code> logical switch port bridges a logical switch > to a > > + physical VLAN. A logical switch with a <code>localnet</code> LSP > should > > + have only one other LSP. Some kinds of gateways (see > <code>Gateways</code> > > The "only one other" part is not true. It is normal for a logical switch > with a localnet LSP to have more than 2 LSPs. Thanks for the correction. > The common case is that a logical switch connecting multiple gateway > routers or distributed gateway ports to an external physical > network. In this scenario there can be N router type LSPs. Another > case, maybe less common, is the case mentioned below that a logical > network abstracting a physical network for features such as port > security and ACLs. In that case there can N VIF LSPs as well. Thanks. I'll send a patch to fix this. > > + <p> > > + LSP types <code>vtep</code> and <code>l2gateway</code> are used for > > + gateways. See <code>Gateways</code>, below, for more information. > > + </p> > > There is one more type "external" added by Numan, which may need to be > mentioned here as well? I didn't do the research yet to understand "external" properly, so I didn't want to say anything about it yet. Help welcome! > > + <p> > > + DNAT and SNAT rules may be associated with a gateway router, which > > + provides a central location that can handle one-to-many SNAT (aka IP > > + masquerading). > > This description is correct, but it may seem to reader that gateway router > is the only way to enalbe DNAT and SNAT. In fact, distributed gateway ports > are capable of doing that as well. Thanks, I sent a patch for this as well. > > + </p> > > + > > + <h3>Distributed Gateway Ports</h3> > > + > > + <p> > > + A <dfn>distributed gateway port</dfn> is a logical router port that > is > > + specially configured to designate one distinguished chassis for > centralized > > + processing. A distributed gateway port should connect to a logical > switch > > + with a <code>localnet</code> port. Packets to and from the > distributed > > In both gateway router section and here it mentioned "localnet" port, but > they don't have to be connected to a logical switch with localnet port. > They can connect to regular logical switches, too. In the OVN > interconnection deployment, distributed gateway ports connect to a transit > logical switch that connects to remote OVN AZ. The transit logical switch > is a regular logical switch, which tunnels packets between gateway nodes > across AZs. Thanks. I sent a patch for this as well. > > + <p> > > + <code>ovn-northd</code> creates two southbound > <code>Port_Binding</code> > > + records to represent a distributed gateway port, instead of the > usual one. > > + One of these is a <code>patch</code> port binding named for the LRP, > which > > + is used for as much traffic as it can. The other one is a port > binding > > + with type <code>chassisredirect</code>, named > > + <code>cr-<var>port</var></code>. The <code>chassisredirect</code> > port > > + binding has one specialized job: when a packet is output to it, the > flow > > + table causes it to be tunneled to the distinguished chassis, at > which point > > + it is automatically output to the <code>patch</code> port binding. > Thus, > > It doesn't have to be a patch port, for the reason I mentioned above. ovn_port_update_sbrec() suggests that LRPs can only create three types of port bindings: "chassisredirect" for derived ports, "l3gateway" for l3gateway ports, and "patch" for everything else. What other kind is possible here? > > + <p> > > + If any of these are set, this logical router port represents a > > + distributed gateway port that connects this router to a > > + logical switch with a localnet port. There may be at most one > > + such logical router port on each logical router. > > This is correct. But I am not sure why should we have this limitation. Do > you know any reason? If no specific reason, I am think of removing this > limit in the future. I barely understand these features. I don't think I'm qualified to give advice yet. I think I replied to all of your comments but, please, if I missed anything, let me know. I want the documentation to be helpful and correct. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
