[ovs-discuss] Understanding VXLAN packet handling in OVS with DPDK userspace datapath

[Filippo Carloni via discuss]

Hi everyone, and happy New Year,

I am experimenting with Open vSwitch using the DPDK datapath 
(datapath_type=netdev)
to analyze VXLAN tunneling behavior.

My target setup is conceptually the following:
            
+---------------------------+
| OVS (DPDK, userspace)     |
| - VXLAN decapsulation     |                     +---------------------------+
| - Packet analysis         |                     | Remote traffic generator  |
| - Re-encapsulation        |                     | - Generates VXLAN traffic |
+—--------------------------+                     +---------------------------+
           |                                                 |
           |                                                 |
           |                                                 |
   +--------------+                                  +---------------+
   |  dpdk0/eth   |----------------------------------|      eth      |
   +--------------+                                  +---------------+
    Host A with OVS.                          Remote host with the traffic 
generator.

The general idea is:
- Generate VXLAN traffic on a remote host,
- Receive it on a DPDK interface,
- Decapsulate it in OVS,
- Analyze the inner packet,
- Re-encapsulate and send it back through the VXLAN tunnel.

I tried to follow the userspace tunneling tutorial 
(https://docs.openvswitch.org/en/latest/howto/userspace-tunneling/), but I am 
seeing behavior that I do not fully understand.

Case 1: separate bridges (similar to the tutorial)
- DPDK interface attached to a physical bridge
- VXLAN interface attached to br-int

In this case, packet processing components (e.g., miniflow_extract) appear to 
process both:
- the original VXLAN packet arriving from the DPDK interface (not decapsulated)
- the decapsulated packet coming from the VXLAN interface

Additionally, I am not able to redirect traffic back to the VXLAN interface 
using a simple OpenFlow rule, while similar rules work as expected when applied 
directly to the DPDK interface.

Case 2: DPDK and VXLAN interfaces on the same bridge
I also tried attaching both the DPDK interface and the VXLAN interface to the 
same bridge (br-int), and steering traffic from the DPDK port to the VXLAN port 
using OpenFlow rules.

In this configuration, I do not observe any packets arriving on the VXLAN 
interface at all.

At this point I am unsure whether:
- This is expected behavior of VXLAN ports in the netdev/DPDK datapath, or
- I am misunderstanding how VXLAN decapsulation and reinjection into the
  datapath is supposed to work in userspace OVS.

Any clarification or references would be greatly appreciated.

Thank you for your time!

Filippo

_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss