[ovs-discuss] Hashing to megaflow entry
Hi, Suppose we support megaflows, How the hashing is performed in the kernel module ? when packet arrives how do we know 'beforehand' to mask key fields in order to hit the megaflow entry ? Thank in advance Sara ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
[ovs-discuss] [ovs-dpdk-tests] where is ovs-dpdk test case?
Hi all, I'm working with ovs-dpdk, I want to run ovs-dpdk test case. But I found there is no test case for 'netdev' type bridge and no test case for ovs-dpdk datapath(which is pmd_thread_main). So my question is where could I find these test cases? Also I change some code in dpdk-vhost client mode, how could I find test case for this module? Thank you~ ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Service chaining in openvswitch
Nurat, SFC is also available in OpenStack: https://docs.openstack.org/networking-sfc/latest/ https://docs.openstack.org/networking-sfc/latest/contributor/ovs_driver_and_agent_workflow.html - Louis -Original Message- From: ovs-discuss-boun...@openvswitch.org [mailto:ovs-discuss-boun...@openvswitch.org] On Behalf Of Justin Pettit Sent: Wednesday, August 16, 2017 11:26 AM To: Nusrat Atta Cc: ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] Service chaining in openvswitch You should be able to find plenty with a web search. It sounds like you want to configure it manually, so I'd recommend using ovs-ofctl. The OVS man pages are also pretty thorough. --Justin > On Aug 16, 2017, at 11:20 AM, Nusrat Atta wrote: > > Any tutorials or examples using ovs commands? I don't want to use it via open > daylight, so that I can understand it better. > Thanks > > Sent from my iPhone > >> On Aug 16, 2017, at 1:08 PM, Justin Pettit wrote: >> >> >>> On Aug 16, 2017, at 10:32 AM, nus...@attaresources.com wrote: >>> >>> Hi, >>> Is it possible to service chain in openvswitch w/o using opendaylight? For >>> example, I have 4 ports configured to a bridge in ovs. The server on port 4 >>> serves up http web pages, I want to make a call from a host on port 1 but I >>> want that request to flow to port 2 and then port 3 and finally to port 4. >>> Is this possible? >> >> Yes, you should be able to do such a thing with OpenFlow rules through a >> controller or the ovs-ofctl command. >> >> --Justin >> >> ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Service chaining in openvswitch
You should be able to find plenty with a web search. It sounds like you want to configure it manually, so I'd recommend using ovs-ofctl. The OVS man pages are also pretty thorough. --Justin > On Aug 16, 2017, at 11:20 AM, Nusrat Atta wrote: > > Any tutorials or examples using ovs commands? I don't want to use it via open > daylight, so that I can understand it better. > Thanks > > Sent from my iPhone > >> On Aug 16, 2017, at 1:08 PM, Justin Pettit wrote: >> >> >>> On Aug 16, 2017, at 10:32 AM, nus...@attaresources.com wrote: >>> >>> Hi, >>> Is it possible to service chain in openvswitch w/o using opendaylight? For >>> example, I have 4 ports configured to a bridge in ovs. The server on port 4 >>> serves up http web pages, I want to make a call from a host on port 1 but I >>> want that request to flow to port 2 and then port 3 and finally to port 4. >>> Is this possible? >> >> Yes, you should be able to do such a thing with OpenFlow rules through a >> controller or the ovs-ofctl command. >> >> --Justin >> >> ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Service chaining in openvswitch
Any tutorials or examples using ovs commands? I don't want to use it via open daylight, so that I can understand it better. Thanks Sent from my iPhone > On Aug 16, 2017, at 1:08 PM, Justin Pettit wrote: > > >> On Aug 16, 2017, at 10:32 AM, nus...@attaresources.com wrote: >> >> Hi, >> Is it possible to service chain in openvswitch w/o using opendaylight? For >> example, I have 4 ports configured to a bridge in ovs. The server on port 4 >> serves up http web pages, I want to make a call from a host on port 1 but I >> want that request to flow to port 2 and then port 3 and finally to port 4. >> Is this possible? > > Yes, you should be able to do such a thing with OpenFlow rules through a > controller or the ovs-ofctl command. > > --Justin > > ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] Service chaining in openvswitch
> On Aug 16, 2017, at 10:32 AM, nus...@attaresources.com wrote: > > Hi, > Is it possible to service chain in openvswitch w/o using opendaylight? For > example, I have 4 ports configured to a bridge in ovs. The server on port 4 > serves up http web pages, I want to make a call from a host on port 1 but I > want that request to flow to port 2 and then port 3 and finally to port 4. > Is this possible? Yes, you should be able to do such a thing with OpenFlow rules through a controller or the ovs-ofctl command. --Justin ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
[ovs-discuss] Service chaining in openvswitch
Hi, Is it possible to service chain in openvswitch w/o using opendaylight? For example, I have 4 ports configured to a bridge in ovs. The server on port 4 serves up http web pages, I want to make a call from a host on port 1 but I want that request to flow to port 2 and then port 3 and finally to port 4. Is this possible? thanks Sent from Mail for Windows 10 ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] question about mtu of vxlan port
On 08/10/2017 11:46 PM, Jiaojianbing wrote: dear, There is a question about mtu of vxlan port. In below scene, there are two node(compute or vm), and we send udp packets between two docker with nic’s(eth0) mtu setting to 1500. Vxlan port’s mtu is 65485 setting in ovs code(we don’t change it). It works well that packet can be sent and receive to/from other docker. But we add conntrack flow table in interface of one bridge, such as: ovs-ofctl add-flow $1 "table=0,arp,action=resubmit(,1)" ovs-ofctl add-flow $1 "table=0,ip,action=ct(commit,zone=1,table=1)" ovs-ofctl add-flow $1 "table=1,actions=NORMAL" 1、It is ok with packet length <= 1450 bytes; 2、but when we send packet length > 1450 bytes, such as 2000 bytes, the packet will be dropped at the vxlan port in the sending node. 3、if we modi the mtu of vxlan port from 65485 to 1450, it works well when packet length >=1450. First when send big udp packet(len>1450), it will be fragged when send from one docker. when add conntrack flow table, udp packet(length>1450) will be deal with do_execute_actions in which “case OVS_ACTION_ATTR_CT” will be called. In this switch case, handle_fragments routine is called to defrag udp frags. When packet comes to vxlan port, packet is aggregated to one packet with length >1450, then it is compared with mtu of vxlan port, it is less than 65485(mtu length of vxlan port) so it does not frag and pass through to eth0 (mtu=1450), then in routine output_ip it return error code of -90. When no conntrack flow table is added, big udp packet will not go through “case OVS_ACTION_ATTR_CT” in do_execute_actions, then defrag will not been done. So eack frags with lengh 1450, can go through vxlan port and eth0. so my question is, why the mtu of vxlan port is set to 65485(so big!), and can it be modified to 1450? [scene]: [ Docker0] [ Docker1] | | [br_int] [br_int] | | [br_tunnel] [br_tunnel] | | | [vxlan port] | [vxlan port] | | | [eth0]- -- - - - -- |- - - - - - - - - - -- -- - [eth0] | node1 | node 2 Try leaving the vxlan port MTU as is (65485) and set the MTU for the eth0 physical ports on node1 and node2 to 1600. - Greg ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] BFD with 'option : remote_ip = flow'
-Original Message- From: Raymond Burkholder [mailto:r...@oneunified.net] Sent: Wednesday, August 16, 2017 5:05 PM To: Vivek Srivastava V Cc: ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] BFD with 'option : remote_ip = flow' > On 16 Aug 2017, at 07:54, Vivek Srivastava V > wrote: > > No. I hadn't heard of multi-hop BFD before, so I looked around a bit and > found RFC 5883. That RFC, though, doesn't really provide a specification for > how to do this. Is there a detailed specification somewhere else? > > [Viveks] Unfortunately I also couldn't find any implementation > specific details about multihop BFD, other than RFC 5883 and some > configuration related info available on the net. What I could gather > is that it is mostly same as onehop BFD, with some additional > considerations- Out of curiosity, would you be able to explain what your use case is? I gather you don’t have a BFD partner on the ‘other end’ of the layer 2 link? And that you are going across some sort of layer 3 network? And if that is a multi-hop l3 network, don’t things get a bit dicey in terms of time-outs, possible changes in packet flows, etc? [Viveks] the use case is to monitor availability of DCGWs from computes in a DC with L3 fabric. There will be multiple (but limited) l3 hops in between. I believe BFD is still applicable in this scenario and it should be okay with possible change in packet flows/paths. Time-outs/false failure detections can be avoided with appropriate/tuned monitoring intervals. Do you see any other issues in this scenario? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] BFD with 'option : remote_ip = flow'
> On 16 Aug 2017, at 07:54, Vivek Srivastava V > wrote: > > No. I hadn't heard of multi-hop BFD before, so I looked around a bit and > found RFC 5883. That RFC, though, doesn't really provide a specification for > how to do this. Is there a detailed specification somewhere else? > > [Viveks] Unfortunately I also couldn't find any implementation specific > details about multihop BFD, other than RFC 5883 and some configuration > related info available on the net. What I could gather is that it is mostly > same as onehop BFD, with some additional considerations- Out of curiosity, would you be able to explain what your use case is? I gather you don’t have a BFD partner on the ‘other end’ of the layer 2 link? And that you are going across some sort of layer 3 network? And if that is a multi-hop l3 network, don’t things get a bit dicey in terms of time-outs, possible changes in packet flows, etc? -- This message has been scanned for viruses and dangerous content by MailScanner, and is believed to be clean. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] BFD with 'option : remote_ip = flow'
Hi Ben, Thanks for your response. Please see below inline. Regards, Vivek -Original Message- From: Ben Pfaff [mailto:b...@ovn.org] Sent: Friday, August 11, 2017 9:24 PM To: Vivek Srivastava V Cc: ovs-discuss@openvswitch.org Subject: Re: [ovs-discuss] BFD with 'option : remote_ip = flow' On Fri, Aug 11, 2017 at 08:48:20AM +, Vivek Srivastava V wrote: > 1. Is there any way to configure/manage BFD sessions to destinations, > independent of the tunnel port/interface created? Not currently. If you have a good idea for how to extend the OVS BFD support to be more flexible, we'd accept patches. [Viveks] We are planning to create a separate table/schema for maintaining independent BFD sessions. An entry in this BFD table can be identified by a session ID generated/configured and will have same columns as we have for BFD in interface table. In future we can choose to remove the BFD related fields from interface table and use a reference (session_id) from the BFD table. WDYT? > 2. Does OVS support multi-hop BFD? In roadmap? No. I hadn't heard of multi-hop BFD before, so I looked around a bit and found RFC 5883. That RFC, though, doesn't really provide a specification for how to do this. Is there a detailed specification somewhere else? [Viveks] Unfortunately I also couldn't find any implementation specific details about multihop BFD, other than RFC 5883 and some configuration related info available on the net. What I could gather is that it is mostly same as onehop BFD, with some additional considerations- 1. uses different UDP destination port 4784 (MUST) 2. suggests session authentication (SHOULD) 3. De-multiplexing (applicable only in case of multiple BFD sessions between same pair of TEPs) So I think we should be good with supporting the first item initially. ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] OVS megaflows
I took a look at the datapath code - saw only single table, which its entries are microflows and megaflows the megaflows are indicated by non-zero mask fields Sara On Wed, Aug 16, 2017 at 9:59 AM, Sara Gittlin wrote: > Thank you Joe > Few questions: > 1. Are there 2 separate flow tables in the kernel data-path ? for > microflows and megaflows ? > > 2. If the answer is yes : >- When pkt arrives, is it first checked against the microflows > table and if there is no match, then it checked against the megaflows > table ? > >- Then if the pkt matches a megaflow - a new microflow will be > generated by the kernel for this pkt ? this make sense to improve > performance. > > > Sara > > > On Tue, Aug 15, 2017 at 7:16 PM, Joe Stringer wrote: >> On the first point - it's a little more subtle than that. A traffic >> flow (eg, a connection) must arrive at OVS, the first packet is sent >> through userspace, which causes userspace to install a megaflow into >> the datapath. Subsequently, if any traffic which matches that megaflow >> arrives, it will directly 'hit' the megaflow entry and execute the >> associated actions without going to userspace. Typically we use >> "microflow" to refer to a packet headers description which >> exact-matches all known fields, while "megaflow" allows a mask to be >> applied in addition to this, which allows the traffic which would >> otherwise be handled by multiple microflows to instead be handled by a >> single megaflow. There is no dependency between megaflows and >> microflows. >> >> Cheers, >> Joe ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] OVS megaflows
Thank you Joe Few questions: 1. Are there 2 separate flow tables in the kernel data-path ? for microflows and megaflows ? 2. If the answer is yes : - When pkt arrives, is it first checked against the microflows table and if there is no match, then it checked against the megaflows table ? - Then if the pkt matches a megaflow - a new microflow will be generated by the kernel for this pkt ? this make sense to improve performance. Sara On Tue, Aug 15, 2017 at 7:16 PM, Joe Stringer wrote: > On the first point - it's a little more subtle than that. A traffic > flow (eg, a connection) must arrive at OVS, the first packet is sent > through userspace, which causes userspace to install a megaflow into > the datapath. Subsequently, if any traffic which matches that megaflow > arrives, it will directly 'hit' the megaflow entry and execute the > associated actions without going to userspace. Typically we use > "microflow" to refer to a packet headers description which > exact-matches all known fields, while "megaflow" allows a mask to be > applied in addition to this, which allows the traffic which would > otherwise be handled by multiple microflows to instead be handled by a > single megaflow. There is no dependency between megaflows and > microflows. > > Cheers, > Joe ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
