On Fri, Mar 13, 2020 at 3:32 PM Ben Pfaff <[email protected]> wrote: > > On Tue, Mar 10, 2020 at 10:55:35PM -0700, Han Zhou wrote: > > Hi Ben, sorry for the late reply. I know it is merged, but I still want to > > share a few comments below. Maybe we can discuss and work on a follow-up > > patch if needed. > > Yes, let's continue to improve the documentation. Thanks for the > comments. > > > On Thu, Mar 5, 2020 at 11:37 AM Ben Pfaff <[email protected]> wrote: > > > + <p> > > > + A <code>localnet</code> logical switch port bridges a logical switch > > to a > > > + physical VLAN. A logical switch with a <code>localnet</code> LSP > > should > > > + have only one other LSP. Some kinds of gateways (see > > <code>Gateways</code> > > > > The "only one other" part is not true. It is normal for a logical switch > > with a localnet LSP to have more than 2 LSPs. > > Thanks for the correction. > > > The common case is that a logical switch connecting multiple gateway > > routers or distributed gateway ports to an external physical > > network. In this scenario there can be N router type LSPs. Another > > case, maybe less common, is the case mentioned below that a logical > > network abstracting a physical network for features such as port > > security and ACLs. In that case there can N VIF LSPs as well. > > Thanks. I'll send a patch to fix this. > > > > + <p> > > > + LSP types <code>vtep</code> and <code>l2gateway</code> are used for > > > + gateways. See <code>Gateways</code>, below, for more information. > > > + </p> > > > > There is one more type "external" added by Numan, which may need to be > > mentioned here as well? > > I didn't do the research yet to understand "external" properly, so I > didn't want to say anything about it yet. Help welcome! > > > > + <p> > > > + DNAT and SNAT rules may be associated with a gateway router, which > > > + provides a central location that can handle one-to-many SNAT (aka IP > > > + masquerading). > > > > This description is correct, but it may seem to reader that gateway router > > is the only way to enalbe DNAT and SNAT. In fact, distributed gateway ports > > are capable of doing that as well. > > Thanks, I sent a patch for this as well. > > > > + </p> > > > + > > > + <h3>Distributed Gateway Ports</h3> > > > + > > > + <p> > > > + A <dfn>distributed gateway port</dfn> is a logical router port that > > is > > > + specially configured to designate one distinguished chassis for > > centralized > > > + processing. A distributed gateway port should connect to a logical > > switch > > > + with a <code>localnet</code> port. Packets to and from the > > distributed > > > > In both gateway router section and here it mentioned "localnet" port, but > > they don't have to be connected to a logical switch with localnet port. > > They can connect to regular logical switches, too. In the OVN > > interconnection deployment, distributed gateway ports connect to a transit > > logical switch that connects to remote OVN AZ. The transit logical switch > > is a regular logical switch, which tunnels packets between gateway nodes > > across AZs. > > Thanks. I sent a patch for this as well. > > > > + <p> > > > + <code>ovn-northd</code> creates two southbound > > <code>Port_Binding</code> > > > + records to represent a distributed gateway port, instead of the > > usual one. > > > + One of these is a <code>patch</code> port binding named for the LRP, > > which > > > + is used for as much traffic as it can. The other one is a port > > binding > > > + with type <code>chassisredirect</code>, named > > > + <code>cr-<var>port</var></code>. The <code>chassisredirect</code> > > port > > > + binding has one specialized job: when a packet is output to it, the > > flow > > > + table causes it to be tunneled to the distinguished chassis, at > > which point > > > + it is automatically output to the <code>patch</code> port binding. > > Thus, > > > > It doesn't have to be a patch port, for the reason I mentioned above. > > ovn_port_update_sbrec() suggests that LRPs can only create three types > of port bindings: "chassisredirect" for derived ports, "l3gateway" for > l3gateway ports, and "patch" for everything else. What other kind is > possible here? > My bad. Forget about this comment.
> > > + <p> > > > + If any of these are set, this logical router port represents a > > > + distributed gateway port that connects this router to a > > > + logical switch with a localnet port. There may be at most one > > > + such logical router port on each logical router. > > > > This is correct. But I am not sure why should we have this limitation. Do > > you know any reason? If no specific reason, I am think of removing this > > limit in the future. > > I barely understand these features. I don't think I'm qualified to give > advice yet. > > I think I replied to all of your comments but, please, if I missed > anything, let me know. I want the documentation to be helpful and > correct. Thanks Ben for addressing all the comments. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
