Re: [ovs-discuss] using OVS with FRR within eVPN environment

2019-07-04 Thread Raymond Burkholder 

On 2019-07-04 1:30 a.m., Lee Wilson via discuss wrote:
The only way i have seen it done is as per below example.. This is a 
script i found on this forum which creates a veth between the kernel 
bridge and the ovs-switch.

... script cut out 

This works, though using veth seems like a bit of a hack.. Is there a 
better way to do this? Is anyone else using ovs with frr and evpn?


You may want to follow up on the FRR list.  There were some other 
experimental tie-ins to OVS via a different feature set.  I don't know 
if any progress has been made on this particular integration in order to 
bypass the 'hack' in the script.


Raymond



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] Open vSwitch openflow example

2019-07-04 Thread Raymond Burkholder 
Your question is somewhat vague.  But for what it is worth, to provide 
an idea of what can be done, this is an extract from a bash script which 
maps the flows in each direction from one vlan on one port to another 
vlan on another port.


VLANA=$(ovs-vsctl get Interface {{ mapping.a.port }} ofport)
VLANZ=$(ovs-vsctl get Interface {{ mapping.z.port }} ofport)
ovs-ofctl add-flow {{ bridge.name }} 
priority=100,in_port=${VLANA},dl_vlan={{ mapping.a.vlan 
}},actions=mod_vlan_vid:{{ mapping.z.vlan }},output:${VLANZ}
ovs-ofctl add-flow {{ bridge.name }} 
priority=100,in_port=${VLANZ},dl_vlan={{ mapping.z.vlan 
}},actions=mod_vlan_vid:{{ mapping.a.vlan }},output:${VLANA}



But you mention you have an open flow controller, which may inject flows 
directly via the control channel.


If you would like more assistance, please let me know directly.

On 2019-07-04 2:58 p.m., Heim, Dennis wrote:


I am trying to do a vlan trunk from my open vSwitch when connected 
with an openflow controller. Does anyone have any examples of what an 
openflow rule should look like to do that?


*Dennis Heim | Domain Architect (Collaboration Labs)*

World Wide Technology, Inc. | +1 314-212-1814



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss


___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] Open vSwitch openflow example

2019-07-04 Thread Ben Pfaff 
The OVS docs have a worked out example:
http://docs.openvswitch.org/en/latest/tutorials/ovs-advanced/

On Thu, Jul 04, 2019 at 08:58:38PM +, Heim, Dennis wrote:
> I am trying to do a vlan trunk from my open vSwitch when connected with an 
> openflow controller. Does anyone have any examples of what an openflow rule 
> should look like to do that?
> 
> Dennis Heim | Domain Architect (Collaboration Labs)
> World Wide Technology, Inc. | +1 314-212-1814
> [cid:image001.png@01D10DD2.7FC81F90]
> [cid:image002.png@01D10DD2.7FC81F90][cid:image003.png@01D10DD2.7FC81F90][cid:image004.png@01D10DD2.7FC81F90]
> "The most powerful person in the world is the story teller. The storyteller 
> sets the vision, values and agenda of an entire generation that is to come" - 
> Steve Jobs
> "Leaders who don't listen will eventually be surrounded by people who have 
> nothing to say" --- Andy Stanley
> "Worry less about who you might offend, and more about who you might inspire" 
> -- Tim Allen
> "Imagination is more important than knowledge."  -- Albert Einstein
> "If you can raise the level of effort and performance in those around you, 
> you are officially a leader" - Urban Meyer
> "The greatest danger for most of us is not that our aim is too high and we 
> miss it, but that it is too low and we reach it." -- Michelangelo Buonarroti
> "Mediocore managers play checkers (assuming everyone is the same). Great 
> managers play chess (acknowledging that everyone is unique)" - Marcus 
> Buckingham
> "If you're not failing every now and again, it's a sign you're not doing 
> anything very innovative" - Woody Allen
> 
> Click here to join me in my Collaboration Meeting 
> Room
> 






> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] Controller + dot1Q trunk

2019-07-04 Thread Ben Pfaff 
Should be easy with Faucet.

On Thu, Jul 04, 2019 at 08:53:51PM +, Heim, Dennis wrote:
> Are there any SDN controllers that support VLAN trunks without too much work?
> 
> Dennis Heim | Domain Architect (Collaboration Labs)
> World Wide Technology, Inc. | +1 314-212-1814
> [cid:image001.png@01D10DD2.7FC81F90]
> [cid:image002.png@01D10DD2.7FC81F90][cid:image003.png@01D10DD2.7FC81F90][cid:image004.png@01D10DD2.7FC81F90]
> “The most powerful person in the world is the story teller. The storyteller 
> sets the vision, values and agenda of an entire generation that is to come” – 
> Steve Jobs
> "Leaders who don't listen will eventually be surrounded by people who have 
> nothing to say" --- Andy Stanley
> "Worry less about who you might offend, and more about who you might inspire" 
> -- Tim Allen
> “Imagination is more important than knowledge.”  -- Albert Einstein
> “If you can raise the level of effort and performance in those around you, 
> you are officially a leader” – Urban Meyer
> “The greatest danger for most of us is not that our aim is too high and we 
> miss it, but that it is too low and we reach it.” -- Michelangelo Buonarroti
> “Mediocore managers play checkers (assuming everyone is the same). Great 
> managers play chess (acknowledging that everyone is unique)” – Marcus 
> Buckingham
> “If you’re not failing every now and again, it’s a sign you’re not doing 
> anything very innovative” – Woody Allen
> 
> Click here to join me in my Collaboration Meeting 
> Room
> 
> From: Ben Pfaff 
> Sent: Wednesday, July 03, 2019 9:01 PM
> To: Heim, Dennis 
> Cc: ovs-discuss@openvswitch.org
> Subject: Re: [ovs-discuss] Controller + dot1Q trunk
> 
> On July 3, 2019 4:59:56 PM PDT, "Heim, Dennis" 
> mailto:dennis.h...@wwt.com>> wrote:
> 
> Is there a module that exists for that?
> 
> Sent from my iPhone
> 
> On Jul 3, 2019, at 7:58 PM, Ben Pfaff mailto:b...@ovn.org>> 
> wrote:
> 
> On Wed, Jul 03, 2019 at 09:25:24PM +, Heim, Dennis wrote:
> My topology is I have VLANs (10,11,12, 15) configured as access ports on the 
> OvS. I also have a VLAN trunk terminating on my Cisco CSR1K. I have layer 3 
> interfaces on the CSR1Kv. When the OvS is standalone it works without a 
> problem. However, when I connect it to the ONOS controller, pings do not 
> reach the CSR1K. With some testing, it appears when connected to the 
> controller, it is not sending the vlan tags. If I go to the CSR1Kv and 
> configure VLAN10 as the native vlan, then VLAN 10 can ping the interface.
> 
> Is there something that has to be done when connected to a controller to get 
> it to VLAN tag the traffic?
> 
> If ONOS is controlling OVS, then it needs to implement the VLAN support
> itself.
> 
> I don't know.





___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] Open vSwitch openflow example

2019-07-04 Thread Heim, Dennis 
I am trying to do a vlan trunk from my open vSwitch when connected with an 
openflow controller. Does anyone have any examples of what an openflow rule 
should look like to do that?

Dennis Heim | Domain Architect (Collaboration Labs)
World Wide Technology, Inc. | +1 314-212-1814
[cid:image001.png@01D10DD2.7FC81F90]
[cid:image002.png@01D10DD2.7FC81F90][cid:image003.png@01D10DD2.7FC81F90][cid:image004.png@01D10DD2.7FC81F90]
"The most powerful person in the world is the story teller. The storyteller 
sets the vision, values and agenda of an entire generation that is to come" - 
Steve Jobs
"Leaders who don't listen will eventually be surrounded by people who have 
nothing to say" --- Andy Stanley
"Worry less about who you might offend, and more about who you might inspire" 
-- Tim Allen
"Imagination is more important than knowledge."  -- Albert Einstein
"If you can raise the level of effort and performance in those around you, you 
are officially a leader" - Urban Meyer
"The greatest danger for most of us is not that our aim is too high and we miss 
it, but that it is too low and we reach it." -- Michelangelo Buonarroti
"Mediocore managers play checkers (assuming everyone is the same). Great 
managers play chess (acknowledging that everyone is unique)" - Marcus Buckingham
"If you're not failing every now and again, it's a sign you're not doing 
anything very innovative" - Woody Allen

Click here to join me in my Collaboration Meeting 
Room

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] Controller + dot1Q trunk

2019-07-04 Thread Heim, Dennis 
Are there any SDN controllers that support VLAN trunks without too much work?

Dennis Heim | Domain Architect (Collaboration Labs)
World Wide Technology, Inc. | +1 314-212-1814
[cid:image001.png@01D10DD2.7FC81F90]
[cid:image002.png@01D10DD2.7FC81F90][cid:image003.png@01D10DD2.7FC81F90][cid:image004.png@01D10DD2.7FC81F90]
“The most powerful person in the world is the story teller. The storyteller 
sets the vision, values and agenda of an entire generation that is to come” – 
Steve Jobs
"Leaders who don't listen will eventually be surrounded by people who have 
nothing to say" --- Andy Stanley
"Worry less about who you might offend, and more about who you might inspire" 
-- Tim Allen
“Imagination is more important than knowledge.”  -- Albert Einstein
“If you can raise the level of effort and performance in those around you, you 
are officially a leader” – Urban Meyer
“The greatest danger for most of us is not that our aim is too high and we miss 
it, but that it is too low and we reach it.” -- Michelangelo Buonarroti
“Mediocore managers play checkers (assuming everyone is the same). Great 
managers play chess (acknowledging that everyone is unique)” – Marcus Buckingham
“If you’re not failing every now and again, it’s a sign you’re not doing 
anything very innovative” – Woody Allen

Click here to join me in my Collaboration Meeting 
Room

From: Ben Pfaff 
Sent: Wednesday, July 03, 2019 9:01 PM
To: Heim, Dennis 
Cc: ovs-discuss@openvswitch.org
Subject: Re: [ovs-discuss] Controller + dot1Q trunk

On July 3, 2019 4:59:56 PM PDT, "Heim, Dennis" 
mailto:dennis.h...@wwt.com>> wrote:

Is there a module that exists for that?

Sent from my iPhone

On Jul 3, 2019, at 7:58 PM, Ben Pfaff mailto:b...@ovn.org>> wrote:

On Wed, Jul 03, 2019 at 09:25:24PM +, Heim, Dennis wrote:
My topology is I have VLANs (10,11,12, 15) configured as access ports on the 
OvS. I also have a VLAN trunk terminating on my Cisco CSR1K. I have layer 3 
interfaces on the CSR1Kv. When the OvS is standalone it works without a 
problem. However, when I connect it to the ONOS controller, pings do not reach 
the CSR1K. With some testing, it appears when connected to the controller, it 
is not sending the vlan tags. If I go to the CSR1Kv and configure VLAN10 as the 
native vlan, then VLAN 10 can ping the interface.

Is there something that has to be done when connected to a controller to get it 
to VLAN tag the traffic?

If ONOS is controlling OVS, then it needs to implement the VLAN support
itself.

I don't know.
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] using OVS with FRR within eVPN environment

2019-07-04 Thread Lee Wilson via discuss 

Hi All,

Container > openvswitch vlan500 > vxlan 1000 FRR > BGP eVPN

I am using openvswitch to connect containers within a gentoo host, though I 
have been struggling to get the macs within the fdb used by FRR installed on 
the same host for propagation into a BGP eVPN network.

The only way i have seen it done is as per below example.. This is a script i 
found on this forum which creates a veth between the kernel bridge and the 
ovs-switch.

(VXLAN VNI=1000 VLAN=500)

# kernel bridge, bring it up without spanning tree
brctl addbr br1000
ip link set dev br1000 up
brctl stp br1000 off
# create vxlan interface, where VNI is tied to vni in FRR, lo is a loopback or 
main interface
ip link add vx1000 type vxlan id 1000 dstport 4789 local ${lo} nolearning
# add the vxlan interface to kernel bridge, bring it up
brctl addif br1000 vx1000
ip link set dev vx1000 up
# add a veth to tie kernel bridge to ovs
ip link add vo1000 type veth peer name vb1000
# add veth to kernel bridge
brctl addif br1000 vb1000
# add veth to ovs bridge
ovs-vsctl --if-exists del-port br-int vo1000
ovs-vsctl add-port br-int vo1000 tag=500
# bring up both ends of veth
ip link set dev vo1000 up
ip link set dev vb1000 up


This works, though using veth seems like a bit of a hack.. Is there a better 
way to do this? Is anyone else using ovs with frr and evpn?

regards,
Lee.



___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] Re:[HELP] Question about userspace geneve/vxlan port

2019-07-04 Thread txfh2007 via discuss 
Hi all:
I have found theoritically during the upcall process, task tnl_port_receive 
could be called(via upcall_cb() -> upcall_receive() -> xlate_lookup() 
->xport_lookup). But in my env, after tracing code by gdb,  I have found the 
task "tnl_port_should_receive(flow)" always returns "false" for 
flow->tunnel->ip_dst is "0", even if the pkt received by dpdk port has a tunnel 
header.  
 I guess the reason is in userspace task "handle_packet_upcall", the 
match.tun_md.valid has been set "false", so the expanded flow has no tunnel 
info, and also in task "miniflow_extract" in flow.c, the packet->md is null as 
in dfc_processing task the "md_is_valid" flag is always "false". Am I right ?

Please correct me if I was wrong. Many Thanks

Timo

ovs-discuss 
Topic:[HELP] Question about userspace geneve/vxlan port


Hi all:
I have a question about userspace geneve type port. In my test env, the 
ovs-appctl dpif/show command will show geneve type port in dp. but from 
ovs-appctl dpif-netdev/pmd-rxq-show command I can only find vhu and dpdk type 
port. So the pmd thread can't handle pkt rx from geneve or vxlan type port ? 
Thanks for your reply, the ovs-appctl commands results is as below:
TIMO

#  ovs-appctl dpif/-show
netdev@ovs-netdev: hit:5196535 missed:13532
  br-int:
br-int 65534/6: (tap)
ovn-096621-0 2/10: (geneve: csum=true, key=flow, remote_ip=10.142.18.13)
ovn-e1c6a3-0 1/10: (geneve: csum=true, key=flow, remote_ip=10.142.18.12)
vhu1d1d6de9-49 18/3: (dpdkvhostuser: configured_rx_queues=1, 
configured_tx_queues=1, mtu=1422, requested_rx_queues=1, requested_tx_queues=1)
 
br-provider 65534/1: (tap)
dpdk0 1/2: (dpdk: configured_rx_queues=1, configured_rxq_descriptors=2048, 
configured_tx_queues=5, configured_txq_descriptors=2048, 
lsc_interrupt_mode=false, mtu=1500, requested_rx_queues=1, 
requested_rxq_descriptors=2048, requested_tx_queues=5, 
requested_txq_descriptors=2048, rx_csum_offload=true)

#  ovs-appctl dpif-netdev/pmd-rxq-show
pmd thread numa_id 0 core_id 2:
  isolated : false
  port: vhu1d1d6de9-49queue-id:  0  pmd usage:  0 %
pmd thread numa_id 1 core_id 10:
  isolated : false
pmd thread numa_id 0 core_id 18:
  isolated : false
pmd thread numa_id 1 core_id 26:
  port: dpdk0 queue-id:  0  pmd usage:  0 %
  isolated : false









___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss