On 12/10/24 10:31 AM, Ales Musil wrote:
> On Tue, Dec 10, 2024 at 10:30 AM Ales Musil <[email protected]> wrote:
>
>>
>>
>> On Thu, Dec 5, 2024 at 1:28 PM Ilya Maximets <[email protected]> wrote:
>>
>>> STT tunnel support will be deprecated in upcoming OVS 3.5 release and
>>> planned for removal in OVS 3.6.
>>>
>>
>>
>> Hi Ilya,
>>
>> thank you for the patch. I have two small comments that could be addressed
>> during merge.
>> We should leave a note in "enum chassis_tunnel_type" about the deprecation.
>>
>>
>>> The main reasons are:
>>>
>>> STT tunnel implementation was rejected in the upstream Linux kernel
>>> long time ago and will probably never be there, because it is
>>> not considered safe for use, as it can confuse parts of the network
>>> mistaking it for normal TCP.
>>>
>>> The only available implementation for Linux is an OOT openvswitch
>>> kernel module shipped with OVS 2.17. This module is deprecated and
>>> 2.17 reaches EoL in Feb 2025. At that point there will be no
>>> supported implementation for Linux.
>>>
>>> The standard draft for the protocol itself is also expired and
>>> archived with the latest update made in 2016:
>>> https://datatracker.ietf.org/doc/draft-davie-stt/
>>>
>>> Modern network interface cards support various hardware offload
>>> features with UDP tunnels, diminishing the main selling point of
>>> STT - the ability to reuse hardware offload features meant for TCP.
>>>
>>> Deprecate the STT encapsulation type in OVN as well, so support can
>>> be removed in 25.06.
>>>
>>
>> nit: 25.09 we don't have 25.06 anymore.
>>
>>
>>>
>>> Signed-off-by: Ilya Maximets <[email protected]>
>>> ---
>>>
>>> The corresponding OVS patch:
>>>
>>> https://patchwork.ozlabs.org/project/openvswitch/patch/[email protected]/
>>>
>>> The OVS change is not applied yet, so maybe wait for it to be in ovs/main
>>> before applying this deprecation patch.
>>>
>>> Documentation/faq/general.rst | 3 +++
>>> NEWS | 2 ++
>>> controller/chassis.c | 8 ++++++--
>>> controller/ovn-controller.8.xml | 4 ++++
>>> ovn-architecture.7.xml | 7 +++----
>>> ovn-sb.xml | 3 ++-
>>> tests/ovn-ic.at | 2 +-
>>> 7 files changed, 21 insertions(+), 8 deletions(-)
>>>
>>> diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst
>>> index df4952ef5..63f5c4cbe 100644
>>> --- a/Documentation/faq/general.rst
>>> +++ b/Documentation/faq/general.rst
>>> @@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or
>>> VXLAN (or GRE)?
>>>
>>> See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for
>>> details.
>>>
>>> + Note: Support for STT tunnels is deprecated and will be removed in
>>> OVN
>>> + 25.09 release.
>>> +
>>> Together, these metadata require 24 + 15 + 16 = 55 bits. GRE
>>> provides 32
>>> bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if
>>> logical egress pipelines do not match on the logical ingress port,
>>> thereby
>>> diff --git a/NEWS b/NEWS
>>> index da3aba739..c9eb8ede8 100644
>>> --- a/NEWS
>>> +++ b/NEWS
>>> @@ -4,6 +4,8 @@ Post v24.09.0
>>> hash (with specified hash fields) for ECMP routes
>>> while choosing nexthop.
>>> - ovn-ic: Add support for route tag to prevent route learning.
>>> + - Support for STT tunnels in ovn-encap-type is deprecated and will be
>>> + removed in the next release.
>>>
>>> OVN v24.09.0 - 13 Sep 2024
>>> --------------------------
>>> diff --git a/controller/chassis.c b/controller/chassis.c
>>> index 8b1964c54..19a251f26 100644
>>> --- a/controller/chassis.c
>>> +++ b/controller/chassis.c
>>> @@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type,
>>> {
>>> sset_from_delimited_string(encap_type_set, encap_type, ",");
>>>
>>> + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5);
>>> const char *type;
>>>
>>> SSET_FOR_EACH (type, encap_type_set) {
>>> - if (!get_tunnel_type(type)) {
>>> - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1,
>>> 5);
>>> + uint32_t tun_type = get_tunnel_type(type);
>>> +
>>> + if (!tun_type) {
>>> VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type);
>>> + } else if (tun_type == STT) {
>>> + VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated");
>>> }
>>> }
>>> }
>>> diff --git a/controller/ovn-controller.8.xml
>>> b/controller/ovn-controller.8.xml
>>> index aeaa374c1..6a7d676af 100644
>>> --- a/controller/ovn-controller.8.xml
>>> +++ b/controller/ovn-controller.8.xml
>>> @@ -168,6 +168,10 @@
>>> are <code>geneve</code>, <code>vxlan</code>, and
>>> <code>stt</code>.
>>> </p>
>>>
>>> + <p>
>>> + <code>stt</code> tunnel type is deprecated.
>>> + </p>
>>> +
>>> <p>
>>> Due to the limited amount of metadata in <code>vxlan</code>,
>>> the capabilities and performance of connected gateways and
>>> diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
>>> index 640944faf..b11277bb9 100644
>>> --- a/ovn-architecture.7.xml
>>> +++ b/ovn-architecture.7.xml
>>> @@ -2897,10 +2897,9 @@
>>> </diagram>
>>>
>>> <p>
>>> - Environments whose NICs lack Geneve offload may prefer STT
>>> encapsulation
>>> - for performance reasons. For STT encapsulation, OVN encodes all
>>> three
>>> - pieces of logical metadata in the STT 64-bit tunnel ID as follows,
>>> from MSB
>>> - to LSB:
>>> + Support for STT encapsulation is deprecated. While using STT on
>>> setups
>>> + that didn't migrate to Geneve yet, OVN encodes all three pieces of
>>> logical
>>> + metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB:
>>> </p>
>>>
>>> <diagram>
>>> diff --git a/ovn-sb.xml b/ovn-sb.xml
>>> index ea4adc1c3..9394bb5f4 100644
>>> --- a/ovn-sb.xml
>>> +++ b/ovn-sb.xml
>>> @@ -479,7 +479,8 @@
>>> <column name="type">
>>> The encapsulation to use to transmit packets to this chassis.
>>> Hypervisors and gateways must use one of: <code>geneve</code>,
>>> - <code>vxlan</code>, or <code>stt</code>.
>>> + <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is
>>> + deprecated.
>>> </column>
>>>
>>> <column name="options">
>>> diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
>>> index 1ba65fd9f..13150a453 100644
>>> --- a/tests/ovn-ic.at
>>> +++ b/tests/ovn-ic.at
>>> @@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep
>>> "192.168.0.2"])
>>> ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt"
>>> OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt])
>>>
>>> -OVN_CLEANUP_SBOX(gw2)
>>> +OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"])
>>> OVN_CLEANUP_IC([az1], [az2])
>>>
>>> AT_CLEANUP
>>> --
>>> 2.47.0
>>>
>>> _______________________________________________
>>> dev mailing list
>>> [email protected]
>>> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>>>
>>>
>> Thanks,
>> Ales
>>
>
> Forgot to add, that with those 2 things addressed:
> Acked-by: Ales Musil <[email protected]>
>
Thanks, Ilya and Ales! I took care of the 2 small things and applied
the patch to main.
The incremental was:
diff --git a/lib/ovn-util.h b/lib/ovn-util.h
index 7b98b9b9a1..b48573a93a 100644
--- a/lib/ovn-util.h
+++ b/lib/ovn-util.h
@@ -332,7 +332,8 @@ hash_add_in6_addr(uint32_t hash, const struct in6_addr
*addr)
* least-preferred (lower number). */
enum chassis_tunnel_type {
GENEVE = 1 << 2,
- STT = 1 << 1,
+ STT = 1 << 1, /* NOTE: STT support is deprecated and will be removed
+ * in an upcoming release. */
VXLAN = 1 << 0
};
Regards,
Dumitru
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
