On 2/12/25 13:41, Ilya Maximets wrote:
> Currently, FDB learning is not enabled for the switch-switch ports
> connecting switches in the Spine-Leaf topology. This is causing a
> traffic broadcast in the spine switch for every packet. Even in cases
> where it doesn't end up creating extra work in the datapath (since
> ovn-controller knows the whole topology), this still creates a lot
> of extra work for OpenFlow processing, since we need to evaluate
> those rules for every connected switch during upcall processing.
> And in cases where leaf switches have ports with unknown addresses,
> we may end up unnecessarily broadcasting the actual traffic within
> the datapath to those ports.
>
> Fix that by enabling FDB learning for switch ports as it is already
> done for other ports with unknown addresses.
>
> Tests are enhanced to check that FDB is actually working and that
> we're not unnecessarily broadcasting traffic.
>
> For the case with interconnect this only partially solves the problem,
> since we can't learn from remote ports, and so the packets are still
> broadcasted to all the zones on the transit spine switch. At least,
> now the traffic will be dropped on the unrelated leaf switches, once
> they learn that the actual destination is behind the spine switch from
> witch the packet just arrived. Learning from remote ports to stop
> the broadcasting will be addressed in the next commits.
>
> Having an upcall per switch seems a little excessive, but it should
> only happen once per MAC address and should not be a problem after
> all the addresses are learned. Also, with the main use case being
> a transit switch, learning will only be triggered for switches local
> to the availability zone, which should be a relatively small number.
> However, this learning per switch behavior might still be a good
> candidate for a future improvement.
>
> Fixes: a2db2b2f263a ("northd: Add support for spine-leaf logical switch
> topology.")
> Suggested-by: Numan Siddique <[email protected]>
> Signed-off-by: Ilya Maximets <[email protected]>
> ---
> northd/northd.c | 8 +-
> northd/ovn-northd.8.xml | 7 +-
> tests/ovn-ic.at | 141 +++++++++++++++++++++--
> tests/ovn-northd.at | 18 +++
> tests/ovn.at | 244 +++++++++++++++++++++++++++++++++++++---
> 5 files changed, 385 insertions(+), 33 deletions(-)
Docker Hub rate-limiting failed the container build.
Recheck-request: github-robot-_Build_and_Test
_______________________________________________
dev mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
