Hi IIya, Thanks for the review. One question, once vswitchd DB schema is updated to store zone level limits. OVN controller should directly update the configuration in the database , right ?
Thanks, Naveen On 04-May-2023, at 3:33 PM, Ilya Maximets <[email protected]<mailto:[email protected]>> wrote: On 3/30/23 10:17, Naveen Yerramneni wrote: Add OpenFlow extn to set conntrack entries limit per zone. This extn will be used in future to set the zone level limit for drop zones used by OVN. Signed-off-by: Naveen Yerramneni <[email protected]<mailto:[email protected]>> Reviewed-by: Simon Horman <[email protected]<mailto:[email protected]>> --- Notes: v1 -> v2 - Fix memory leak and added logs v2 -> v3 - Addressed nits v3 -> v4 - Updated change description NEWS | 2 ++ include/openflow/nicira-ext.h | 10 ++++++++++ include/openvswitch/ofp-msgs.h | 4 ++++ lib/ofp-bundle.c | 1 + lib/ofp-print.c | 11 +++++++++++ lib/rconn.c | 1 + ofproto/ofproto-dpif.c | 21 +++++++++++++++++++++ ofproto/ofproto-provider.h | 4 ++++ ofproto/ofproto.c | 25 +++++++++++++++++++++++++ tests/ofp-print.at<http://ofp-print.at> | 10 ++++++++++ tests/ovs-ofctl.at<http://ovs-ofctl.at> | 12 ++++++++++++ utilities/ovs-ofctl.8.in<http://ovs-ofctl.8.in> | 5 +++++ utilities/ovs-ofctl.c | 34 ++++++++++++++++++++++++++++++++++ 13 files changed, 140 insertions(+) diff --git a/NEWS b/NEWS index fe6055a27..f6ae60856 100644 --- a/NEWS +++ b/NEWS @@ -32,6 +32,8 @@ v3.1.0 - xx xxx xxxx - OpenFlow: * New OpenFlow extension NXT_CT_FLUSH to flush connections matching the specified fields. + * New OpenFlow extension NXT_CT_SET_ZONE_LIMIT to set conntrack table + limit at zone level. Hi, Naveen. Sorry for the late reply, but I don't think this functionality should be implemented within OpenFlow interface. OpenFlow is not great for configurations that should preserve the state on re-start, for example. CT_FLUSH is reasonable to implement via OpenFlow, because it is a one-shot stateless command. But limits are stateful. We should be able to request a current value and save and restore the configuration on re-start with ovs-save script. This is not ideal. What we should do instead is to naturally extend the existing database configuration that already supports per-zone configuration of conntrack timeouts. That will be more organic within OVS and will solve the problem with configuration persistence. See the CT_Zone and CT_Timeout_Policy database columns. Best regards, Ilya Maximets. _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
