Currently if user has a stateless and statetul ACLs (allow-stateless and allow-related) in one port group or in one logical switch simultaneously, the stateless rules whould take precedence. This patch series adds support for mixing all the ACLs types with the respect to their priority. This change requires next:
Also, as an optimisation, traffic from HW VTEP switch in ingress datapath is passed from ls_in_l2_sec directly to ls_in_l2_lkup, as it doesn't need any processing in ingress pipeline except determining outport in ls_in_l2_lkup table. Vladislav Odintsov (3): Revert "northd: support HW VTEP with stateful datapath" northd: send ingress packets from HW VTEP directly to L2_LKUP table northd: support mix of stateless ACL with lower priority than stateful northd/northd.c | 113 ++++++++++++++++++++++------------------ northd/ovn-northd.8.xml | 35 ++++--------- northd/ovn_northd.dl | 47 +++++------------ tests/ovn-northd.at | 50 ++++++++++-------- 4 files changed, 114 insertions(+), 131 deletions(-) -- 2.30.0 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
