STT tunnel support will be deprecated in upcoming OVS 3.5 release and
planned for removal in OVS 3.6.
The main reasons are:
STT tunnel implementation was rejected in the upstream Linux kernel
long time ago and will probably never be there, because it is
not considered safe for use, as it can confuse parts of the network
mistaking it for normal TCP.
The only available implementation for Linux is an OOT openvswitch
kernel module shipped with OVS 2.17. This module is deprecated and
2.17 reaches EoL in Feb 2025. At that point there will be no
supported implementation for Linux.
The standard draft for the protocol itself is also expired and
archived with the latest update made in 2016:
https://datatracker.ietf.org/doc/draft-davie-stt/
Modern network interface cards support various hardware offload
features with UDP tunnels, diminishing the main selling point of
STT - the ability to reuse hardware offload features meant for TCP.
Deprecate the STT encapsulation type in OVN as well, so support can
be removed in 25.06.
Signed-off-by: Ilya Maximets <[email protected]>
---
The corresponding OVS patch:
https://patchwork.ozlabs.org/project/openvswitch/patch/[email protected]/
The OVS change is not applied yet, so maybe wait for it to be in ovs/main
before applying this deprecation patch.
Documentation/faq/general.rst | 3 +++
NEWS | 2 ++
controller/chassis.c | 8 ++++++--
controller/ovn-controller.8.xml | 4 ++++
ovn-architecture.7.xml | 7 +++----
ovn-sb.xml | 3 ++-
tests/ovn-ic.at | 2 +-
7 files changed, 21 insertions(+), 8 deletions(-)
diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst
index df4952ef5..63f5c4cbe 100644
--- a/Documentation/faq/general.rst
+++ b/Documentation/faq/general.rst
@@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or VXLAN
(or GRE)?
See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for details.
+ Note: Support for STT tunnels is deprecated and will be removed in OVN
+ 25.09 release.
+
Together, these metadata require 24 + 15 + 16 = 55 bits. GRE provides 32
bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if
logical egress pipelines do not match on the logical ingress port, thereby
diff --git a/NEWS b/NEWS
index da3aba739..c9eb8ede8 100644
--- a/NEWS
+++ b/NEWS
@@ -4,6 +4,8 @@ Post v24.09.0
hash (with specified hash fields) for ECMP routes
while choosing nexthop.
- ovn-ic: Add support for route tag to prevent route learning.
+ - Support for STT tunnels in ovn-encap-type is deprecated and will be
+ removed in the next release.
OVN v24.09.0 - 13 Sep 2024
--------------------------
diff --git a/controller/chassis.c b/controller/chassis.c
index 8b1964c54..19a251f26 100644
--- a/controller/chassis.c
+++ b/controller/chassis.c
@@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type,
{
sset_from_delimited_string(encap_type_set, encap_type, ",");
+ static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
const char *type;
SSET_FOR_EACH (type, encap_type_set) {
- if (!get_tunnel_type(type)) {
- static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
+ uint32_t tun_type = get_tunnel_type(type);
+
+ if (!tun_type) {
VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type);
+ } else if (tun_type == STT) {
+ VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated");
}
}
}
diff --git a/controller/ovn-controller.8.xml b/controller/ovn-controller.8.xml
index aeaa374c1..6a7d676af 100644
--- a/controller/ovn-controller.8.xml
+++ b/controller/ovn-controller.8.xml
@@ -168,6 +168,10 @@
are <code>geneve</code>, <code>vxlan</code>, and <code>stt</code>.
</p>
+ <p>
+ <code>stt</code> tunnel type is deprecated.
+ </p>
+
<p>
Due to the limited amount of metadata in <code>vxlan</code>,
the capabilities and performance of connected gateways and
diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
index 640944faf..b11277bb9 100644
--- a/ovn-architecture.7.xml
+++ b/ovn-architecture.7.xml
@@ -2897,10 +2897,9 @@
</diagram>
<p>
- Environments whose NICs lack Geneve offload may prefer STT encapsulation
- for performance reasons. For STT encapsulation, OVN encodes all three
- pieces of logical metadata in the STT 64-bit tunnel ID as follows, from MSB
- to LSB:
+ Support for STT encapsulation is deprecated. While using STT on setups
+ that didn't migrate to Geneve yet, OVN encodes all three pieces of logical
+ metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB:
</p>
<diagram>
diff --git a/ovn-sb.xml b/ovn-sb.xml
index ea4adc1c3..9394bb5f4 100644
--- a/ovn-sb.xml
+++ b/ovn-sb.xml
@@ -479,7 +479,8 @@
<column name="type">
The encapsulation to use to transmit packets to this chassis.
Hypervisors and gateways must use one of: <code>geneve</code>,
- <code>vxlan</code>, or <code>stt</code>.
+ <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is
+ deprecated.
</column>
<column name="options">
diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
index 1ba65fd9f..13150a453 100644
--- a/tests/ovn-ic.at
+++ b/tests/ovn-ic.at
@@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep
"192.168.0.2"])
ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt"
OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt])
-OVN_CLEANUP_SBOX(gw2)
+OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"])
OVN_CLEANUP_IC([az1], [az2])
AT_CLEANUP
--
2.47.0
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
