Re: [ovs-dev] [PATCH v3 5/5] ovn: DNAT and SNAT on a gateway router.

Please see replies inline. -Guru Shetty <g...@ovn.org> wrote: - >To: Mickey Spiegel/San Jose/IBM@IBMUS >From: Guru Shetty <g...@ovn.org> >Date: 06/02/2016 10:41PM >Cc: ovs dev <dev@openvswitch.org> >Subject: Re: [ovs-dev] [PATCH v3 5/5] ovn: D

Re: [ovs-dev] [PATCH v3 5/5] ovn: DNAT and SNAT on a gateway router.

Works for me. Mickey -Guru Shetty <g...@ovn.org> wrote: - To: Mickey Spiegel/San Jose/IBM@IBMUS From: Guru Shetty <g...@ovn.org> Date: 06/09/2016 10:20AM Cc: ovs dev <dev@openvswitch.org> Subject: Re: [ovs-dev] [PATCH v3 5/5] ovn: DNAT and SNAT on a gateway router.

Re: [ovs-dev] [PATCH v3 5/5] ovn: DNAT and SNAT on a gateway router.

For the most part it looks good. I do have a few comments inline, a couple of them towards the bottom being significant. -"dev" wrote: - >To: dev@openvswitch.org >From: Gurucharan Shetty >Sent by: "dev" >Date: 05/19/2016 10:58PM >Subject: [ovs-dev] [PATCH

Re: [ovs-dev] [PATCH v3 5/5] ovn: DNAT and SNAT on a gateway router.

al_ip", my mind wanders to pieces of hardware, which is not what this is about. How about "internal_ip"/"external_ip"? Mickey -Guru Shetty <g...@ovn.org> wrote: - To: Mickey Spiegel/San Jose/IBM@IBMUS From: Guru Shetty <g...@ovn.org> Date: 06/07/2016 08:14AM Cc

Re: [ovs-dev] [OVS-dev]: OVN: RFC re: logical and physical endpoint separation proposal

Darrell, Just catching up on this thread. A few things are still unclear. The example that you gave bound the one "localnet" logical port to one physical endpoint. Perhaps this is what you are intending for the L3 gateway case (still waiting for that proposal). In existing OVN, VMs can

Re: [ovs-dev] [OVS-dev]: OVN: RFC re: logical and physical endpoint separation proposal

chassis in the port binding empty? Why is the logical port name in this example "provnet1-1-physnet1" when the logical port was defined earlier as "provnet1-physnet1"? Was this intentional or a typo? Mickey -Darrell Ball <db...@vmware.com> wrote: -

Re: [ovs-dev] [PATCH 1/1] Add Static route to logical router

Guru, Your summary is exactly what I was thinking. Mickey -Guru Shetty <g...@ovn.org> wrote: - To: Mickey Spiegel/San Jose/IBM@IBMUS From: Guru Shetty <g...@ovn.org> Date: 04/07/2016 11:05AM Cc: ovs dev <dev@openvswitch.org>, Shi Xin Ruan <steve.r...@cn.ibm.com&g

Re: [ovs-dev] [PATCH 1/1] Add Static route to logical router

Steve and Guru, I am not all that concerned about the "valid" column, but I do think that we will need a different additional column in the near future for output port. There are three different motivations for allowing output port to be specified in the static route: 1) In order to support

Re: [ovs-dev] [PATCH 3/3] ovn: Add address_set() support for ACLs.

One comment below. -"dev" wrote: - >To: Ben Pfaff >From: Russell Bryant >Sent by: "dev" >Date: 04/12/2016 09:37AM >Cc: ovs dev >Subject: Re: [ovs-dev] [PATCH 3/3] ovn: Add address_set() support for >ACLs. > >On Mon, Apr

Re: [ovs-dev] [PATCH] ovn-northd: Add support for static_routes.

Gurucharan Shetty wrote: >To: dev@openvswitch.org >From: Gurucharan Shetty >Sent by: "dev" >Date: 04/11/2016 07:46AM >Cc: Gurucharan Shetty >Subject: [ovs-dev] [PATCH] ovn-northd: Add support for static_routes. > >static routes are useful when connecting multiple

Re: [ovs-dev] [PATCH 1/1] Add Static route to logical router

See comments inline Mickey -Guru Shetty <g...@ovn.org> wrote: - >To: Mickey Spiegel/San Jose/IBM@IBMUS >From: Guru Shetty <g...@ovn.org> >Date: 04/06/2016 05:58PM >Cc: ovs dev <dev@openvswitch.org>, Shi Xin Ruan <steve.r...@cn.ibm.com> >Subjec

Re: [ovs-dev] [PATCH] ovn-northd: Add support for static_routes.

For the case where the static route specifies the output_port (logical router port), this patch is not as efficient and streamlined as it could be. With this patch, in ovn/ovn-nb.ovsschema, the output_port is defined as a string that consists of a uuid: +"Logical_Router_Static_Route": {

Re: [ovs-dev] Seek information about OVN L3 gateway and NAT

>To: Ben Pfaff >From: Guru Shetty >Sent by: "dev" >Date: 05/18/2016 09:10AM >Cc: ovs dev >Subject: Re: [ovs-dev] Seek information about OVN L3 gateway and NAT > >> >> >> >> There was an in-person meeting yesterday at VMware with Mickey (from >> that thread)

Re: [ovs-dev] [PATCH 2/5] ovn: Introduce l3 gateway router.

See comments inline. >To: dev@openvswitch.org >From: Gurucharan Shetty >Sent by: "dev" >Date: 05/10/2016 08:10PM >Cc: Gurucharan Shetty >Subject: [ovs-dev] [PATCH 2/5] ovn: Introduce l3 gateway router. > >Currently OVN has distributed switches and routers. When a packet >exits a

Re: [ovs-dev] [patch_v1] ovn: add local router support (RFC)

; can be on multiple chassis, I start thinking about multiple possible chassis and ECMP which would add significant complexity. Mickey -Darrell Ball <dlu...@gmail.com> wrote: - To: Mickey Spiegel/San Jose/IBM@IBMUS From: Darrell Ball <dlu...@gmail.com> Date: 05/09/2016 09:11PM

Re: [ovs-dev] [patch_v1] ovn: add local router support (RFC)

I am missing something basic here. In your tests, you have logical switch bob that seems like it could be present on both hv1 and hv2, and a logical router R2 that is local to hv2 but not present on hv1. Wouldn't the logical switch bob flows on hv1 still send packets locally to the patch port

[ovs-dev] [PATCH] ovn: Add second ACL stage

From: Mickey Spiegel <emspi...@us.ibm.com> This patch adds a second logical switch ingress ACL stage, and correspondingly a second logical switch egress ACL stage. This allows for more than one ACL-based feature to be applied in the ingress and egress logical switch pipelines. The fe

Re: [ovs-dev] [PATCH] ovn: Add second ACL stage

On Fri, Jul 29, 2016 at 10:28 AM, Mickey Spiegel <emspi...@us.ibm.com> wrote: > > -"dev" <dev-boun...@openvswitch.org> wrote: - >> To: Mickey Spiegel <mickeys@gmail.com> >> From: Russell Bryant >> Sent by: "dev" &

Re: [ovs-dev] [PATCH monitor_cond V11] ovn: implementation of conditional monitoring usage

Comments inline with -"dev" wrote: - To: Ben Pfaff From: Liran Schour Sent by: "dev" Date: 07/28/2016 04:49AM Cc: dev@openvswitch.org Subject: [ovs-dev] [PATCH monitor_cond V11] ovn: implementation of conditional monitoring usage

Re: [ovs-dev] [PATCH] ovn: Add second ACL stage

On Tue, Aug 2, 2016 at 1:39 PM, Darrell Ball <dlu...@gmail.com> wrote: > > > On Tue, Aug 2, 2016 at 12:05 PM, Russell Bryant <russ...@ovn.org> wrote: > >> >> >> On Tue, Aug 2, 2016 at 3:02 PM, Darrell Ball <dlu...@gmail.com> wrote: >> >&

[ovs-dev] [PATCH v2] ovn: Add second ACL stage

uot; and "acl2". ACL rules that do not specify an ACL stage are applied to the default "acl" stage. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/northd/ovn-northd.c | 319 +++--- ovn/ovn-nb.ovsschema | 7 +-

Re: [ovs-dev] [PATCH] ovn: Add second ACL stage

On Tue, Aug 2, 2016 at 9:26 AM, Darrell Ball <dlu...@gmail.com> wrote: > > > On Tue, Aug 2, 2016 at 4:52 AM, Russell Bryant <russ...@ovn.org> wrote: > >> On Sat, Jul 30, 2016 at 4:19 PM, Mickey Spiegel <mickeys@gmail.com> >> wrote: >> >&

Re: [ovs-dev] [PATCH] ovn: Add second ACL stage

On Sat, Aug 13, 2016 at 10:02 PM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jul 29, 2016 at 05:28:26PM +0000, Mickey Spiegel wrote: > > Could you expand on why priorities in a single stage aren't enough to > > satisfy the use case? > > > > > > If tw

Re: [ovs-dev] [PATCH] ovn-controller: Clean up bindings handling.

>To: dev@openvswitch.org >From: Russell Bryant >Sent by: "dev" >Date: 07/13/2016 02:53PM >Subject: [ovs-dev] [PATCH] ovn-controller: Clean up bindings handling. > >Remove the global set of logical port IDs called 'all_lports'. This is >no longer used for anything after conntrack ID assignment

Re: [ovs-dev] [PATCH] ovn: Add datapth of gateway port tolocal_datapaths

-"dev" wrote: - >To: dev@openvswitch.org >From: Chandra Sekhar Vejendla/San Jose/IBM@IBMUS >Sent by: "dev" >Date: 07/18/2016 05:50AM >Subject: [ovs-dev] [PATCH] ovn: Add datapth of gateway port to local_datapaths > >When a l3 gateway port is created on a

Re: [ovs-dev] [PATCH monitor_cond V10] RFC OVN: Implementation of conditional monitoring usage

Comments inline as -"dev" wrote: - To: Ben Pfaff From: Liran Schour Sent by: "dev" Date: 07/19/2016 01:45AM Cc: dev@openvswitch.org Subject: [ovs-dev] [PATCH monitor_cond V10] RFC OVN: Implementation of conditional monitoring usage

Re: [ovs-dev] [PATCH 1/2] ovn-northd: Ability to loop-back in a router.

>To: dev@openvswitch.org >From: Gurucharan Shetty >Sent by: "dev" >Date: 07/05/2016 11:15AM >Subject: [ovs-dev] [PATCH 1/2] ovn-northd: Ability to loop-back in a router. > >Currently, when a client looks at a load balancer VIP, >it notices that it is in a different subnet than itself >and sends

Re: [ovs-dev] [PATCH 1/2] ovn-northd: Ability to loop-back in a router.

-Guru Shetty <g...@ovn.org> wrote: - >To: Mickey Spiegel/San Jose/IBM@IBMUS >From: Guru Shetty <g...@ovn.org> >Date: 07/07/2016 09:34PM >Cc: ovs dev <dev@openvswitch.org> >Subject: Re: [ovs-dev] [PATCH 1/2] ovn-northd: Ability to loop-back >in a ro

Re: [ovs-dev] [PATCH monitor_cond V10] RFC OVN: Implementation of conditional monitoring usage

-Liran Schour/Haifa/IBM wrote: - >To: Mickey Spiegel/San Jose/IBM@IBMUS >From: Liran Schour/Haifa/IBM >Date: 07/21/2016 04:18AM >Cc: Ben Pfaff <b...@ovn.org>, dev@openvswitch.org >Subject: Re: [ovs-dev] [PATCH monitor_cond V10] RFC OVN: >Implementation of cond

Re: [ovs-dev] [PATCH] ovn: Add second ACL stage

-"dev" <dev-boun...@openvswitch.org> wrote: - To: Mickey Spiegel <mickeys@gmail.com> From: Russell Bryant Sent by: "dev" Date: 07/29/2016 10:02AM Cc: ovs dev <dev@openvswitch.org> Subject: Re: [ovs-dev] [PATCH] ovn: Add second ACL stage On

[ovs-dev] [RFC 0/2] ovn: add distributed NAT capability

from the end of the ingress pipeline to the beginning of the egress pipeline with outport = inport, which is different. Mickey Spiegel (2): ovn: Introduce "chassisredirect" port binding ovn: distributed NAT flows ovn/controller/binding.c| 151 +++- ovn/controller

[ovs-dev] [RFC 2/2] ovn: distributed NAT flows

mplementing the many test cases required to cover all code paths, some consensus on the approach would be appreciated. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/ovn-controller.c | 6 +- ovn/northd/ovn-northd.8.xml |

[ovs-dev] [RFC 1/2] ovn: Introduce "chassisredirect" port binding

The expectation is when capabilities are implemented that take advantage of "chassisredirect" ports (e.g. NAT), the addition of flows specifying a "chassisredirect" port as the outport will also be triggered by the presence of the "redirect-chassis" option. Signed-off-by: Mic

Re: [ovs-dev] [PATCH v8 2/2] DSCP marking on packets egressing VIF interface

On Tue, Aug 16, 2016 at 3:55 AM, wrote: > From: Babu Shanmugam > > ovn-northd sets 'ip.dscp' to the DSCP value > > Signed-off-by: Babu Shanmugam > --- > ovn/lib/logical-fields.c| 2 +- > ovn/northd/ovn-northd.8.xml | 5

Re: [ovs-dev] [PATCH v12 2/2] DSCP marking on packets

;bscha...@redhat.com> > Suggested-by: Mickey Spiegel <mickeys....@gmail.com> > Acked-by: Mickey Spiegel <mickeys@gmail.com> A few nits below regarding comments, whitespace changes, and documentation. --- > ovn/lib/logical-fields.c| 2 +- > ovn/northd/ovn-northd.8.x

[ovs-dev] [PATCH] Logic error in IDL parse function

pointers, or someone familiar with IDL tests could take over. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovsdb/ovsdb-idlc.in | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/ovsdb/ovsdb-idlc.in b/ovsdb/ovsdb-idlc.in index 79db4b4..cd4532e 100755 --- a/ovsdb/

Re: [ovs-dev] [patch v11 2/2] DSCP marking on packets egressing VIF interface

On Wed, Aug 31, 2016 at 12:11 AM, wrote: > ovn-northd sets 'ip.dscp' to the DSCP value > If we were to go with DSCP based on port as the initial functionality, your changes look good. A couple of nits below, and the first patch (which I have not looked at) needs a rebase

Re: [ovs-dev] [patch v10 2/2] DSCP marking on packets egressing VIF interface

On Mon, Aug 29, 2016 at 4:34 AM, wrote: > ovn-northd sets 'ip.dscp' to the DSCP value > > IMO the big question is still whether the first release of DSCP marking should be based only on ingress port, as this patch currently suggests, or whether it should allow DSCP marking

[ovs-dev] ovn: Multiple features with arbitrary match criteria (ACLs, QoS, SFC) (was Re: [PATCH] ovn: Add second ACL stage)

r, my guess is that this would be done indirectly. DPI would determine the application ID in earlier pipeline stages. The QoS marking stage could just match on the application ID, without having to worry about stateful behavior directly. - For SFC insertion:

Re: [ovs-dev] [PATCH] ovn-controller: Fix memory leak in recv_S_TLV_TABLE_REQUESTED().

On Thu, Sep 8, 2016 at 2:47 PM, Guru Shetty wrote: > On 1 September 2016 at 10:02, Ben Pfaff wrote: > > > Nothing freed 'reply'. This fixes the problem. > > > > Most of this patch is moving coding around. The essential change is that > > breaking the code that

Re: [ovs-dev] [patch_v2 1/3] ovn: Skip logical switch "router type" port arp responder install.

On Mon, Oct 3, 2016 at 2:21 PM, Darrell Ball wrote: > On Mon, Oct 3, 2016 at 10:54 AM, Han Zhou wrote: > > > > > > > On Sun, Oct 2, 2016 at 2:14 PM, Darrell Ball wrote: > > > > > > > > > > > > On Sun, Oct 2, 2016 at 11:27 AM, Han Zhou

Re: [ovs-dev] [patch_v2 1/3] ovn: Skip logical switch "router type" port arp responder install.

On Tue, Oct 4, 2016 at 4:53 PM, Darrell Ball <dlu...@gmail.com> wrote: > > > On Tue, Oct 4, 2016 at 3:48 PM, Mickey Spiegel <mickeys@gmail.com> > wrote: > >> On Mon, Oct 3, 2016 at 2:21 PM, Darrell Ball <dlu...@gmail.com> wrote: >>

Re: [ovs-dev] [patch_v2] ovn: Add additional comments regarding arp responders.

On Wed, Oct 5, 2016 at 10:08 AM, Darrell Ball wrote: > There has been enough confusion regarding logical switch datapath > arp responders in ovn to warrant some additional comments; > hence add a general description regarding why they exist and > document the special cases. > >

Re: [ovs-dev] [PATCH v9 2/2] DSCP marking on packets egressing VIF interface

On Wed, Aug 17, 2016 at 6:39 AM, wrote: > From: Babu Shanmugam > > ovn-northd sets 'ip.dscp' to the DSCP value > > Signed-off-by: Babu Shanmugam > --- > ovn/lib/logical-fields.c | 2 +- > ovn/northd/ovn-northd.c | 13 + >

Re: [ovs-dev] [RFC 0/2] ovn: add distributed NAT capability

(+ ovs dev mailing list) On Mon, Oct 3, 2016 at 1:40 PM, Guru Shetty <g...@ovn.org> wrote: > > > On 17 August 2016 at 14:11, Mickey Spiegel <mickeys@gmail.com> wrote: > >> Currently OVN supports NAT functionality by connecting each distributed >> logica

Re: [ovs-dev] [patch_v5 2/3] ovn: Add additional comments regarding arp responders.

Acked-by: Mickey Spiegel <mickeys@gmail.com> A few very minor nits below. On Fri, Oct 21, 2016 at 1:36 PM, Darrell Ball <dlu...@gmail.com> wrote: > There has been enough confusion regarding logical switch datapath > arp responders in ovn to warrant some additional com

[ovs-dev] [RFC v2 0/5] ovn: add distributed NAT capability

ct-chassis, in order to avoid messing up upstream MAC learning. 9. Gratuitous ARP for NAT addresses needs to be updated for distributed NAT. Mickey Spiegel (5): ovn: Introduce "chassisredirect" port binding ovn: add is_chassis_resident match expression component ovn: move load balanc

[ovs-dev] [RFC v2 1/5] ovn: Introduce "chassisredirect" port binding

The expectation is when capabilities are implemented that take advantage of "chassisredirect" ports (e.g. NAT), the addition of flows specifying a "chassisredirect" port as the outport will also be triggered by the presence of the "redirect-chassis" option. Signed-off-by: Mic

[ovs-dev] [RFC v2 2/5] ovn: add is_chassis_resident match expression component

". This allows higher level features to specify flows that are only installed on some chassis rather than on all chassis with the corresponding datapath. Suggested-by: Ben Pfaff <b...@ovn.org> Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/expr.h

[ovs-dev] [RFC v2 3/5] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [RFC v2 4/5] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- tests/ovn.at | 2 +- 4 files changed, 23 insertions(+), 7 deletions(-) diff --git a/include/ovn/actions.h b/include/ovn/act

[ovs-dev] [RFC v2 5/5] ovn: distributed NAT flows

Tests for east/west traffic will be added in the future. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/ovn-controller.c | 6 +- ovn/northd/ovn-northd.8.xml | 310 -- ovn/northd/ovn-northd.c | 363 ++

Re: [ovs-dev] [PATCH 3/3] ovn-northd: SNAT in either direction of gateway router.

Interesting problem. See comments inline. On Thu, Nov 3, 2016 at 3:46 AM, Gurucharan Shetty wrote: > When multiple gateway routers exist, a packet can > enter any gateway router. Once the packet reaches its > destination, its reverse direction should be via the > same gateway

Re: [ovs-dev] [PATCH 3/3] ovn-northd: SNAT in either direction of gateway router.

See reply at the bottom. On Thu, Nov 3, 2016 at 6:06 PM, Guru Shetty wrote: > It seems to me that the root of the problem has to do with > > three issues: > > 1. SNAT (and DNAT) rules should not apply to ct.rpl traffic, > > instead only UNSNAT (and UNDNAT) rules should

Re: [ovs-dev] [PATCH 3/3] ovn-northd: SNAT in either direction of gateway router.

On Thu, Nov 3, 2016 at 6:06 PM, Guru Shetty wrote: > > 2. If a stateful action such as DNAT or LB is taken on a > > gateway router, such that it is necessary for the reverse > > packet flow to come back to the same gateway router, > > then there should be an SNAT

Re: [ovs-dev] [PATCH 3/3] ovn-northd: SNAT in either direction of gateway router.

Forgot to copy the list on the last reply, but also realized something and asking for one change below. On Fri, Nov 4, 2016 at 9:54 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 3 November 2016 at 20:42, Mickey Spiegel <mickeys@gmail.com> wrote: > >> On Thu

Re: [ovs-dev] [patch_v6 2/3] ovn: Add additional comments regarding arp responders.

Acked-by: Mickey Spiegel <mickeys@gmail.com> On Fri, Nov 4, 2016 at 10:06 AM, Darrell Ball <dlu...@gmail.com> wrote: > There has been enough confusion regarding logical switch datapath > arp responders in ovn to warrant some additional comments; > hence add a general

Re: [ovs-dev] [patch_v4] ovn: Add additional comments regarding arp responders.

This is getting close. Some rewording suggestions below. On Thu, Oct 6, 2016 at 10:34 AM, Darrell Ball wrote: > There has been enough confusion regarding logical switch datapath > arp responders in ovn to warrant some additional comments; > hence add a general description

[ovs-dev] [PATCH v2 2/2] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

dress differs and the logical port often resides on a different chassis from the redirect-chassis, these addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 104

[ovs-dev] [PATCH v2 1/2] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ovn/northd/ovn-northd.c | 116 ++-- ovn/ovn-nb.xml | 42 +

[ovs-dev] [PATCH v3 2/3] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

dress differs and the logical port often resides on a different chassis from the redirect-chassis, these addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 104

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

On Sat, Jan 21, 2017 at 11:23 AM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jan 20, 2017 at 04:00:34PM -0800, Mickey Spiegel wrote: > > On Fri, Jan 20, 2017 at 3:33 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On Fri, Jan 20, 2017 at 03:17:19PM -0800, Mickey S

Re: [ovs-dev] [PATCH v3 7/8] actions: Make "next" action able to jump from egress to ingress pipeline.

On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > This feature is useful for centralized gateways. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> > The ovn-trace.c changes look good to me. No mo

Re: [ovs-dev] [PATCH v3 1/8] ovn-trace: Fix selection of table that "next" jumps to.

On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > The common case is that "next" advances to the next table, but it can > jump to any table. > > Reported-by: Mickey Spiegel <mickeys@gmail.com> > Signed-off-by: Ben Pfaff <b...@ovn.o

Re: [ovs-dev] [PATCH v3 7/8] actions: Make "next" action able to jump from egress to ingress pipeline.

On Sat, Jan 21, 2017 at 12:32 PM, Ben Pfaff <b...@ovn.org> wrote: > On Sat, Jan 21, 2017 at 12:18:59PM -0800, Mickey Spiegel wrote: > > On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > > > > > This feature is useful for centralized gateways.

Re: [ovs-dev] [ovn] What's the manner of sending GARP for distributed dnat_and_snat?

On Wed, Jan 25, 2017 at 12:26 AM, Dong Jun wrote: > Hi > > I learned about the distributed dnat_and_snat. Now I don't see what's > the manner of sending GARP for distributed dnat_and_snat IP. In the past, > we set nat_addresses column in lsp that connected to gateway lrp.

Re: [ovs-dev] [PATCH v11 3/5] ovn: distributed NAT flows

On Thu, Jan 26, 2017 at 8:53 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 21 January 2017 at 16:52, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch implements the flows required in the ingress and egress >> pipeline stages in order to support

Re: [ovs-dev] [PATCH v11 4/5] ovn: ovn-nbctl commands for distributed NAT

On Thu, Jan 26, 2017 at 9:20 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 21 January 2017 at 16:52, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch adds the new optional arguments "logical_port" and >> "external_mac" to lr-

Re: [ovs-dev] [PATCH v12 6/6] ovn: specify options:nat-addresses as "router"

On Fri, Jan 27, 2017 at 10:29 AM, Mickey Spiegel <mickeys@gmail.com> wrote: > Thanks for the review. > > On Fri, Jan 27, 2017 at 10:20 AM, Guru Shetty <g...@ovn.org> wrote: > >> >> >> On 26 January 2017 at 01:20, Mickey Spiegel <mickeys

[ovs-dev] [PATCH v13 2/6] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2

[ovs-dev] [PATCH v13 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v13 6/6] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/northd/ovn-northd.c | 114 ++-- ovn/ovn-nb.xml | 42 +++--- tests/ovn.at| 60

[ovs-dev] [PATCH v13 0/6] ovn: add distributed NAT capability

ogy. RFC v2 -> RFC v3 Reordered the first two patches. Moved non-NAT specific flows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so

Re: [ovs-dev] [PATCH v12 6/6] ovn: specify options:nat-addresses as "router"

On Fri, Jan 27, 2017 at 11:16 AM, Guru Shetty wrote: > >> >> I should clarify that statement. It is a good thing if the chassis >> changes, for example if doing simple high availability. The GARP >> packet will fix L2 learning. >> >> As I think about it, if anyone uses logical

[ovs-dev] [PATCH v12 2/6] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2

[ovs-dev] [PATCH v12 0/6] ovn: add distributed NAT capability

ows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so that they are only generated on the redirect-chassis. Mickey Spiegel (6): ovn: mov

[ovs-dev] [PATCH v12 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v12 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controlle

[ovs-dev] [PATCH v12 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/utilities/ovn-nbctl.8.xml | 27 +++--- ovn/util

Re: [ovs-dev] [PATCH 07/10] actions: Omit table number when possible for formatting "next" action.

On Fri, Jan 20, 2017 at 9:16 AM, Ben Pfaff wrote: > Until now, formatting the "next" action has always required including > the table number, because the action struct didn't include enough context > so that the formatter could decide whether the table number was the next > table

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

n structures for "next" and "ct_next". > actions: Omit table number when possible for formatting "next" action. > actions: Introduce enum ovnact_pipeline. > actions: Make "next" action able to jump from egress to ingress > pipeline. &g

Re: [ovs-dev] [PATCH 05/10] actions: Add new OVN action "clone".

On Fri, Jan 20, 2017 at 9:16 AM, Ben Pfaff <b...@ovn.org> wrote: > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> One comment below, found a copy/paste error in ovn-sb.xml. --- > include/ovn/actions.h | 5 ++-- >

[ovs-dev] [PATCH v11 5/5] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/ovn-nb.xml | 25 ++---

[ovs-dev] [PATCH v11 3/5] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controlle

[ovs-dev] [PATCH v11 4/5] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/utilities/ovn-nbctl.8.xml | 27 +++--- ovn/util

[ovs-dev] [PATCH v11 2/5] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2 +- 5 files changed, 42 insertions(+), 11 deletions(-)

[ovs-dev] [PATCH v11 1/5] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

On Fri, Jan 20, 2017 at 3:33 PM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jan 20, 2017 at 03:17:19PM -0800, Mickey Spiegel wrote: > > On Fri, Jan 20, 2017 at 2:43 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On Fri, Jan 20, 2017 at 12:29:49PM -0800, Mickey S

Re: [ovs-dev] [PATCH v2 4/7] actions: Omit table number when possible for formatting "next" action.

ious because 99+% of the time, the pipeline to be printed is > the same pipeline that the flow is in and printing it would be distracting. > So it's better to store some context to help with formatting. This commit > begins adopting that policy for the existing table number field. > > Sign

Re: [ovs-dev] [PATCH v2 6/7] actions: Make "next" action able to jump from egress to ingress pipeline.

On Fri, Jan 20, 2017 at 2:48 PM, Ben Pfaff <b...@ovn.org> wrote: > This feature is useful for centralized gateways. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> I think there is some missing functionality in ovn-tr

[ovs-dev] [PATCH v13 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g.

[ovs-dev] [PATCH v13 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ov

[ovs-dev] [PATCH v13 5/6] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org>

[ovs-dev] [PATCH v14 0/6] ovn: add distributed NAT capability

Reordered the first two patches. Moved non-NAT specific flows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so that they are only gener

[ovs-dev] [PATCH v14 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v14 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g.

[ovs-dev] [PATCH v14 6/6] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/northd/ovn-northd.c | 114 ++-- ovn/ovn-nb.xml | 42 +++--- tests/ovn.at| 60

[ovs-dev] [PATCH v14 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ov

[ovs-dev] [PATCH v14 5/6] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org>

Re: [ovs-dev] [PATCH] ovn-controller: Assign ct_zone id to local datapaths instead of lports

On Thu, Feb 23, 2017 at 6:04 AM, wrote: > From: Numan Siddique > > Having zone id per datapath is more than sufficient, because the > CT tuple information will be unique anyway with in the logical > datapath. > This proposal conflicts with another

  1   2   3   >