Re: [ovs-dev] [PATCH] ovn-controller: use localnet port for directly connected datapath only.

On Wed, Jul 5, 2017 at 12:36 AM, Han Zhou <zhou...@gmail.com> wrote: > > > On Tue, Jul 4, 2017 at 10:56 PM, Mickey Spiegel <mickeys@gmail.com> > wrote: > > > > > > On Tue, Jun 27, 2017 at 10:42 AM, Han Zhou <zhou...@gmail.com> wrote: > >

Re: [ovs-dev] [PATCH] ovn-controller: use localnet port for directly connected datapath only.

On Tue, Jun 27, 2017 at 10:42 AM, Han Zhou <zhou...@gmail.com> wrote: > > > On Tue, Jun 27, 2017 at 10:40 AM, Han Zhou <zhou...@gmail.com> wrote: > > > > > > > > On Tue, Jun 27, 2017 at 10:12 AM, Mickey Spiegel <mickeys@gmail.com> > wr

Re: [ovs-dev] 答复: Re: 答复: [spam可疑邮件]Re: 答复: Re: [PATCH 2/2] ovn-northd: Fix ping failure of vlan networks.

On Thu, Jun 29, 2017 at 2:19 PM, Han Zhou wrote: > I learned that this use case is kind of Hierarchical scenario: > https://specs.openstack.org/openstack/neutron-specs/specs/ > kilo/ml2-hierarchical-port-binding.html > > In such scenario, user wants to use OVN to manage vlan

Re: [ovs-dev] [PATCH] ovn-controller: use localnet port for directly connected datapath only.

On Tue, Jun 27, 2017 at 1:02 AM, Han Zhou wrote: > Localnet port was supposed to work for directly connected datapath > only. However, the recursive local_datapath filling introduced a > problem in below scenario: > > LS A <-> LR <-> LS B, port a@HV1 is on LS A, port b@HV2 is

Re: [ovs-dev] 答复: [spam可疑邮件]Re: 答复: Re: [PATCH 2/2] ovn-northd: Fix ping failure of vlan networks.

On Thu, Jun 15, 2017 at 1:04 AM, wrote: > Hi Russell, I am sorry for the late reply. > The route not bound to a chassis, and have no redirect-chassis. The dumped > northbound db is as follow. > Ip addresses of 100.0.0.148 and 200.0.0.2 locate on different chassis. The >

Re: [ovs-dev] ovn: SFC Patch V3

table 10. For the egress pipeline, I guess just output directly? Mickey On Wed, May 10, 2017 at 3:49 PM, Mickey Spiegel <mickeys@gmail.com> wrote: > Three issues before diving in: > > > 1. Placement of S_SWITCH_IN_CHAIN > > For some reason I thought S_SWITCH_IN_CH

Re: [ovs-dev] 回复： [PATCH] ovn-northd: Add logical flows to reply ICMP echo requests for all the other router ports connected to one switch

On Thu, Jun 1, 2017 at 4:28 AM, 钢锁0918 wrote: > that is for this problem[ovs-dev] [ovs-discuss] ovn: unsnat handling error > for Distributed Gatewayhttps://mail.openvswitch.org/pipermail/ovs- > dev/2017-April/330536.html I don't understand why this workaround is a good

[ovs-dev] [PATCH v2] ovn: increase size of ingress and egress pipelines

umn in ovn/ovn-sb.ovsschema from 0 to 15, to 0 to 23. Ran automated tests with an extra noop table, pushing S_SWITCH_IN_L2_LKUP to 16. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/lflow.h | 6 +++--- ovn/ovn-architecture.7.xml | 27 ++-

[ovs-dev] [PATCH] ovn: increase size of ingress and egress pipelines

The OVN ingress pipeline for a logical switch is maxed out at 16 stages. This patch takes the simple approach of starting the ingress pipeline at table 8 rather than table 16, and starting the egress pipeline at table 40 rather than table 48. Signed-off-by: Mickey Spiegel <mickeys@gmail.

Re: [ovs-dev] OVN: Increasing size of Switch Ingress Pipeline Stage Table

On Thu, May 11, 2017 at 11:05 AM, John McDowall < jmcdow...@paloaltonetworks.com> wrote: > With the addition of the DNS stages there are no entries left in the > PIPELINE_STAGE, SWITCH IN table. I need one for SFC. As this is a core > part of the infrastructure I do not want to make changes

Re: [ovs-dev] ovn: SFC Patch V3

K if flags.loopback is left as 0. If this case is ever triggered and the second time around through the ingress pipeline still sets outport = 1, then the Table 34 loopback check will detect that outport == inport and drop the packet. Mickey > > Regards > > > > John > > *F

Re: [ovs-dev] 答复: Re: 答复: Re: [PATCH] ovn-controller: Support vxlan tunnel in ovn

There are some assumptions that you are making which need to be called out. These assumptions may not hold going forward. In fact I refer to two different patches below that are currently under review, that break your assumptions. On Fri, May 5, 2017 at 7:18 PM, wrote: >

Re: [ovs-dev] [PATCH v2 09/13] ovn-trace: Add some basic tracing for ct_snat and ct_dnat actions.

On Wed, May 3, 2017 at 8:45 AM, Ben Pfaff <b...@ovn.org> wrote: > Without this support, ovn-trace is not very useful with OpenStack, which > uses connection tracking extensively. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys

Re: [ovs-dev] [PATCH 23/27] ovn-trace: Add some basic tracing for ct_snat and ct_dnat actions.

One minor nit and one real comment below. On Tue, May 2, 2017 at 11:07 AM, Ben Pfaff <b...@ovn.org> wrote: > On Mon, May 01, 2017 at 05:50:57PM -0700, Mickey Spiegel wrote: > > On Mon, May 1, 2017 at 5:12 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On M

Re: [ovs-dev] [PATCH 23/27] ovn-trace: Add some basic tracing for ct_snat and ct_dnat actions.

On Mon, May 1, 2017 at 5:12 PM, Ben Pfaff <b...@ovn.org> wrote: > On Mon, May 01, 2017 at 03:39:32PM -0700, Mickey Spiegel wrote: > > On Sun, Apr 30, 2017 at 4:22 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > Without this support, ovn-trace is not very usefu

Re: [ovs-dev] ovn: SFC Patch V3

On Mon, Apr 24, 2017 at 12:56 PM, wrote: > From: John McDowall > > > Fixed changes from Mickey's last review. > > Changes > > 1) Fixed re-circulation rules > Still a few modifications required. See comments inline. I just typed

Re: [ovs-dev] [PATCH] ovn.at: Fix "ovn -- 1 LR with distributed router gateway port" test

AMAMOTO Takashi <yamam...@ovn.org> > There are three more in one of the tests in system-ovn.at, affecting make check-kernel. Acked-by: Mickey Spiegel <mickeys@gmail.com> > --- > tests/ovn.at | 18 ++ > 1 file changed, 6 insertions(+), 12 deletio

Re: [ovs-dev] [PATCH] system-ovn.at: Add test for ping other router's port on distributed router

I forgot one other comment. On Thu, Apr 20, 2017 at 11:05 AM, Mickey Spiegel <mickeys@gmail.com> wrote: > > On Tue, Apr 18, 2017 at 4:49 AM, Guoshuai Li <l...@dtdream.com> wrote: > >> Signed-off-by: Guoshuai Li <l...@dtdream.com> >>

Re: [ovs-dev] [PATCH] system-ovn.at: Add test for ping other router's port on distributed router

On Tue, Apr 18, 2017 at 4:49 AM, Guoshuai Li wrote: > Signed-off-by: Guoshuai Li > --- > tests/system-ovn.at | 101 ++ > ++ > tests/system-traffic.at | 20 ++ > 2 files changed, 121 insertions(+) > >

Re: [ovs-dev] OVN: SFC Patch V2

On Thu, Apr 13, 2017 at 6:20 PM, John McDowall < jmcdow...@paloaltonetworks.com> wrote: > From: jmcdow...@paloaltonetworks.com > > > I think I have covered all the current comments and have a first level > of tests written and passing. The tests are not integrated with the ovs > test framework -

Re: [ovs-dev] [ovs-discuss] ovn: unsnat handling error for Distributed Gateway

On Sun, Apr 9, 2017 at 3:23 PM, Mickey Spiegel <mickeys@gmail.com> wrote: > > > On Thu, Apr 6, 2017 at 7:34 AM, Guoshuai Li <l...@dtdream.com> wrote: > >> >> revese my topology: >> >> +-++ &

Re: [ovs-dev] [ovs-discuss] ovn: unsnat handling error for Distributed Gateway

On Thu, Apr 6, 2017 at 7:34 AM, Guoshuai Li wrote: > > revese my topology: > > +-++ > | VM 172.16.1.7 | > +-++ >| >

Re: [ovs-dev] [ovs-dev, RFC] ovn: Revised support for service function chaining

t; flows exit the chain from the original src so the mac addresses are correct. > If you advance to an ingress table after S_SWITCH_IN_CHAIN, then you do not need the flag. I saw the ability to start at a later table after I wrote the flag comment, and forgot that that makes the flag unnecessary. M

[ovs-dev] [PATCH v6 2/2] ovn: Gratuitous ARP for distributed NAT rules

if present), or 'options:nat-addresses' otherwise. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- NEWS | 1 + ovn/controller/pinctrl.c | 108 +-- ovn/northd/ovn-northd.c | 92 -

[ovs-dev] [PATCH v6 1/2] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

hese addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ovn/controller/pinctrl.c | 115 --

Re: [ovs-dev] [PATCH v5 3/3] ovn: Gratuitous ARP for distributed NAT rules

On Wed, Mar 29, 2017 at 10:16 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 27 March 2017 at 18:34, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch extends gratuitous ARP support for NAT addresses so that it >> applies to distributed NAT r

[ovs-dev] [PATCH v5 2/3] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

hese addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 115 --- ovn/lib/ovn-util.c | 38 ++

[ovs-dev] [PATCH v5 3/3] ovn: Gratuitous ARP for distributed NAT rules

if present), or 'options:nat-addresses' otherwise. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- NEWS | 1 + ovn/controller/pinctrl.c | 108 +-- ovn/northd/ovn-northd.c | 85 +-

[ovs-dev] [PATCH v5 1/3] ovn: Fix options:router-port in Gratuitous ARP tests

In two of the Gratuitous ARP tests, "options:router-port" is not set correctly. This does not currently affect validity of the tests since the next line resets "options:router-port" to the correct value. Reported-by: Guruchuran Shetty <g...@ovn.org> Signed-off-b

Re: [ovs-dev] [PATCH v4 1/2] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

On Tue, Mar 21, 2017 at 1:39 PM, Guru Shetty <g...@ovn.org> wrote: > > > On 17 March 2017 at 15:30, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch extends gratuitous ARP support for NAT addresses so that it >> applies to centralized NAT rules

[ovs-dev] [PATCH v4 2/2] ovn: Gratuitous ARP for distributed NAT rules

' is replaced by a 'nat_addresses' column that can have an unlimited number of instances. In order to allow for upgrades, pinctrl in the ovn-controller can work off either the 'nat_addresses' column (if present), or 'options:nat-addresses' otherwise. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v4 1/2] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

dress differs and the logical port often resides on a different chassis from the redirect-chassis, these addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 104

Re: [ovs-dev] [PATCH v3 2/3] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

On Fri, Mar 17, 2017 at 12:47 PM, Guru Shetty <g...@ovn.org> wrote: > > > On 2 February 2017 at 20:48, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch extends gratuitous ARP support for NAT addresses so that it >> applies to centralized NAT rules

Re: [ovs-dev] [ovs-dev, RFC] ovn: Revised support for service function chaining

On Mon, Mar 13, 2017 at 1:28 PM, John McDowall < jmcdow...@paloaltonetworks.com> wrote: > This patch set is an alternative implementation of service function > chaining (SFC) for OVS/OVN. The major change from the previous patch is > that the overloading of the ACL stage in ovn-northd.c has been

Re: [ovs-dev] OVN: Compromised Chassis Mitigation

On Wed, Mar 15, 2017 at 7:18 AM, Lance Richardson <lrich...@redhat.com> wrote: > > From: "Mickey Spiegel" <mickeys@gmail.com> > > To: "Lance Richardson" <lrich...@redhat.com> > > Cc: "Russell Bryant" <russ...@ovn.org>, &

Re: [ovs-dev] OVN: Compromised Chassis Mitigation

On Tue, Mar 14, 2017 at 12:01 PM, Lance Richardson <lrich...@redhat.com> wrote: > > > - Original Message ----- > > From: "Mickey Spiegel" <mickeys@gmail.com> > > To: "Lance Richardson" <lrich...@redhat.com> > > Cc: &

Re: [ovs-dev] OVN: Compromised Chassis Mitigation

On Tue, Mar 14, 2017 at 11:14 AM, Lance Richardson <lrich...@redhat.com> wrote: > > From: "Russell Bryant" <russ...@ovn.org> > > To: "Mickey Spiegel" <mickeys@gmail.com> > > Cc: "Lance Richardson" <lrich...@redhat.com>, &

Re: [ovs-dev] OVN: Compromised Chassis Mitigation

On Mon, Mar 13, 2017 at 1:20 PM, Lance Richardson <lrich...@redhat.com> wrote: > > From: "Mickey Spiegel" <mickeys@gmail.com> > > To: "Lance Richardson" <lrich...@redhat.com> > > Cc: "devovs" <d...@openvswitch.org> >

Re: [ovs-dev] OVN: Compromised Chassis Mitigation

On Thu, Mar 9, 2017 at 8:52 AM, Lance Richardson <lrich...@redhat.com> wrote: > > From: "Mickey Spiegel" <mickeys@gmail.com> > > To: "Lance Richardson" <lrich...@redhat.com> > > Cc: "devovs" <d...@openvswitch.org> >

Re: [ovs-dev] [PATCH] Support multiple logical routing port configuration "redirect-chassis" on a distributed router

This is a quick preliminary review. I will review this in more detail tomorrow afternoon. On Mon, Feb 27, 2017 at 5:12 AM, Guoshuai Li wrote: > The main application scenario of this patch is that the user flow wants to > different destination addresses through different

Re: [ovs-dev] [PATCH] ovn-controller: Assign ct_zone id to local datapaths instead of lports

On Thu, Feb 23, 2017 at 6:04 AM, wrote: > From: Numan Siddique > > Having zone id per datapath is more than sufficient, because the > CT tuple information will be unique anyway with in the logical > datapath. > This proposal conflicts with another

Re: [ovs-dev] [ovs-dev, RFC] ovn: support for service function chaining

On Thu, Feb 2, 2017 at 3:22 PM, wrote: > From: John McDowall > > This patchset is the first round at having Service Function Chaining > functionality through OVN. The implementation is done entirely > on the northbound side of OVN.

[ovs-dev] [PATCH] AUTHORS: Add Mickey Spiegel

Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- AUTHORS.rst | 1 + 1 file changed, 1 insertion(+) diff --git a/AUTHORS.rst b/AUTHORS.rst index b567fcc..3833041 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -207,6 +207,7 @@ Maxime Coquelin maxime.coque...@redh

[ovs-dev] [PATCH branch-2.7] ovn: Mention distributed NAT in NEWS

Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- NEWS | 10 ++ debian/changelog | 10 ++ 2 files changed, 20 insertions(+) diff --git a/NEWS b/NEWS index 3006f77..89bb026 100644 --- a/NEWS +++ b/NEWS @@ -20,6 +20,16 @@ v2.7.0 - xx xxx infor

[ovs-dev] [PATCH v3 2/3] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

dress differs and the logical port often resides on a different chassis from the redirect-chassis, these addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 104

[ovs-dev] [PATCH v2 2/2] ovn: Gratuitous ARP for centralized NAT rules on a distributed router

dress differs and the logical port often resides on a different chassis from the redirect-chassis, these addresses cannot be included in the same "nat-addresses" string as for centralized NAT rules. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controller/pinctrl.c | 104

[ovs-dev] [PATCH v2 1/2] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ovn/northd/ovn-northd.c | 116 ++-- ovn/ovn-nb.xml | 42 +

Re: [ovs-dev] [PATCH v12 6/6] ovn: specify options:nat-addresses as "router"

On Fri, Jan 27, 2017 at 11:16 AM, Guru Shetty wrote: > >> >> I should clarify that statement. It is a good thing if the chassis >> changes, for example if doing simple high availability. The GARP >> packet will fix L2 learning. >> >> As I think about it, if anyone uses logical

Re: [ovs-dev] [PATCH v12 6/6] ovn: specify options:nat-addresses as "router"

On Fri, Jan 27, 2017 at 10:29 AM, Mickey Spiegel <mickeys@gmail.com> wrote: > Thanks for the review. > > On Fri, Jan 27, 2017 at 10:20 AM, Guru Shetty <g...@ovn.org> wrote: > >> >> >> On 26 January 2017 at 01:20, Mickey Spiegel <mickeys

[ovs-dev] [PATCH v14 6/6] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/northd/ovn-northd.c | 114 ++-- ovn/ovn-nb.xml | 42 +++--- tests/ovn.at| 60

[ovs-dev] [PATCH v14 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g.

[ovs-dev] [PATCH v14 5/6] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org>

[ovs-dev] [PATCH v14 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ov

[ovs-dev] [PATCH v14 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v14 0/6] ovn: add distributed NAT capability

Reordered the first two patches. Moved non-NAT specific flows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so that they are only gener

[ovs-dev] [PATCH v13 6/6] ovn: specify options:nat-addresses as "router"

mentioned in ovn-nb.xml will need to be updated from OVS 2.7 to OVS 2.8. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/northd/ovn-northd.c | 114 ++-- ovn/ovn-nb.xml | 42 +++--- tests/ovn.at| 60

[ovs-dev] [PATCH v13 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g.

[ovs-dev] [PATCH v13 5/6] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org>

[ovs-dev] [PATCH v13 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- ov

[ovs-dev] [PATCH v13 2/6] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2

[ovs-dev] [PATCH v13 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v13 0/6] ovn: add distributed NAT capability

ogy. RFC v2 -> RFC v3 Reordered the first two patches. Moved non-NAT specific flows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so

Re: [ovs-dev] [PATCH v11 4/5] ovn: ovn-nbctl commands for distributed NAT

On Thu, Jan 26, 2017 at 9:20 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 21 January 2017 at 16:52, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch adds the new optional arguments "logical_port" and >> "external_mac" to lr-

Re: [ovs-dev] [PATCH v11 3/5] ovn: distributed NAT flows

On Thu, Jan 26, 2017 at 8:53 AM, Guru Shetty <g...@ovn.org> wrote: > > > On 21 January 2017 at 16:52, Mickey Spiegel <mickeys@gmail.com> wrote: > >> This patch implements the flows required in the ingress and egress >> pipeline stages in order to support

[ovs-dev] [PATCH v12 3/6] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controlle

[ovs-dev] [PATCH v12 4/6] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/utilities/ovn-nbctl.8.xml | 27 +++--- ovn/util

[ovs-dev] [PATCH v12 2/6] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Gurucharan Shetty <g...@ovn.org> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2

[ovs-dev] [PATCH v12 1/6] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v12 0/6] ovn: add distributed NAT capability

ows from patch 5 to patch 2. Added automated tests for is_chassis_resident (which is ready for review) and chassisredirect patches. Added flows to limit ICMP echo replies for router IPs on the gateway interface, so that they are only generated on the redirect-chassis. Mickey Spiegel (6): ovn: mov

Re: [ovs-dev] [ovn] What's the manner of sending GARP for distributed dnat_and_snat?

On Wed, Jan 25, 2017 at 12:26 AM, Dong Jun wrote: > Hi > > I learned about the distributed dnat_and_snat. Now I don't see what's > the manner of sending GARP for distributed dnat_and_snat IP. In the past, > we set nat_addresses column in lsp that connected to gateway lrp.

[ovs-dev] [PATCH v11 5/5] ovn: rewrite redirect-chassis description in ovn-nb.xml

This optional patch addresses offline comments that the documentation in ovn-nb.xml should not describe southbound constructs or flow details, since it is user facing documentation. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/ovn-nb.xml | 25 ++---

[ovs-dev] [PATCH v11 3/5] ovn: distributed NAT flows

h NAT traffic, with most east/west traffic not requiring NAT. Automated tests are currently limited to only a single node. The single node automated tests cover both north/south and east/west traffic flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/controlle

[ovs-dev] [PATCH v11 4/5] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/utilities/ovn-nbctl.8.xml | 27 +++--- ovn/util

[ovs-dev] [PATCH v11 2/5] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2 +- 5 files changed, 42 insertions(+), 11 deletions(-)

[ovs-dev] [PATCH v11 1/5] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

Re: [ovs-dev] [PATCH v3 7/8] actions: Make "next" action able to jump from egress to ingress pipeline.

On Sat, Jan 21, 2017 at 12:32 PM, Ben Pfaff <b...@ovn.org> wrote: > On Sat, Jan 21, 2017 at 12:18:59PM -0800, Mickey Spiegel wrote: > > On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > > > > > This feature is useful for centralized gateways.

Re: [ovs-dev] [PATCH v3 7/8] actions: Make "next" action able to jump from egress to ingress pipeline.

On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > This feature is useful for centralized gateways. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> > The ovn-trace.c changes look good to me. No mo

Re: [ovs-dev] [PATCH v3 1/8] ovn-trace: Fix selection of table that "next" jumps to.

On Sat, Jan 21, 2017 at 11:13 AM, Ben Pfaff <b...@ovn.org> wrote: > The common case is that "next" advances to the next table, but it can > jump to any table. > > Reported-by: Mickey Spiegel <mickeys@gmail.com> > Signed-off-by: Ben Pfaff <b...@ovn.o

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

On Sat, Jan 21, 2017 at 11:23 AM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jan 20, 2017 at 04:00:34PM -0800, Mickey Spiegel wrote: > > On Fri, Jan 20, 2017 at 3:33 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On Fri, Jan 20, 2017 at 03:17:19PM -0800, Mickey S

Re: [ovs-dev] [PATCH v2 6/7] actions: Make "next" action able to jump from egress to ingress pipeline.

On Fri, Jan 20, 2017 at 2:48 PM, Ben Pfaff <b...@ovn.org> wrote: > This feature is useful for centralized gateways. > > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> I think there is some missing functionality in ovn-tr

Re: [ovs-dev] [PATCH v2 4/7] actions: Omit table number when possible for formatting "next" action.

ious because 99+% of the time, the pipeline to be printed is > the same pipeline that the flow is in and printing it would be distracting. > So it's better to store some context to help with formatting. This commit > begins adopting that policy for the existing table number field. > > Sign

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

On Fri, Jan 20, 2017 at 3:33 PM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jan 20, 2017 at 03:17:19PM -0800, Mickey Spiegel wrote: > > On Fri, Jan 20, 2017 at 2:43 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On Fri, Jan 20, 2017 at 12:29:49PM -0800, Mickey S

Re: [ovs-dev] [PATCH 00/10] Add actions for egress loopback

n structures for "next" and "ct_next". > actions: Omit table number when possible for formatting "next" action. > actions: Introduce enum ovnact_pipeline. > actions: Make "next" action able to jump from egress to ingress > pipeline. &g

Re: [ovs-dev] [PATCH 07/10] actions: Omit table number when possible for formatting "next" action.

On Fri, Jan 20, 2017 at 9:16 AM, Ben Pfaff wrote: > Until now, formatting the "next" action has always required including > the table number, because the action struct didn't include enough context > so that the formatter could decide whether the table number was the next > table

Re: [ovs-dev] [PATCH 05/10] actions: Add new OVN action "clone".

On Fri, Jan 20, 2017 at 9:16 AM, Ben Pfaff <b...@ovn.org> wrote: > Signed-off-by: Ben Pfaff <b...@ovn.org> > Acked-by: Mickey Spiegel <mickeys@gmail.com> One comment below, found a copy/paste error in ovn-sb.xml. --- > include/ovn/actions.h | 5 ++-- >

[ovs-dev] [PATCH v10 8/8] ovn: ovn-nbctl commands for distributed NAT

This patch adds the new optional arguments "logical_port" and "external_mac" to lr-nat-add, and displays that information in lr-nat-list. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/utilities/ovn-nbctl.8.xml | 27 +++--- ovn/util

[ovs-dev] [PATCH v10 6/8] ovn: avoid snat recirc only on gateway routers

-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/actions.h | 3 +++ ovn/controller/lflow.c | 10 ++ ovn/lib/actions.c | 15 +-- ovn/ovn-sb.xml | 23 +++ tests/ovn.at | 2 +- 5 files changed, 42 insertions(+), 11 deletions(-)

[ovs-dev] [PATCH v10 5/8] ovn: move load balancing flows after NAT flows

This will make it easy for distributed NAT to reuse some of the existing code for NAT flows, while leaving load balancing and defrag as functionality specific to gateway routers. There is no intent to change any functionality in this patch. Signed-off-by: Mickey Spiegel <mickeys@gmail.

[ovs-dev] [PATCH v10 4/8] ovn: add egress_loopback action

T flows. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- include/ovn/actions.h | 5 +++- ovn/controller/lflow.c| 1 + ovn/lib/actions.c | 71 +-- ovn/ovn-sb.xml| 35 +++ ovn/

[ovs-dev] [PATCH v10 3/8] ovn: Introduce distributed gateway port and "chassisredirect" port binding

edirect-chassis" option. There is no explicit notion of a "chassisredirect" port in the NB database. The expectation is when capabilities are implemented that take advantage of "chassisredirect" ports (e.g. distributed gateway ports), flows specifying a "chassisredirect&quo

[ovs-dev] [PATCH v10 2/8] ovn: add is_chassis_resident match expression component

". This allows higher level features to specify flows that are only installed on some chassis rather than on all chassis with the corresponding datapath. Suggested-by: Ben Pfaff <b...@ovn.org> Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Ben Pfaff <b.

[ovs-dev] [PATCH v10 1/8] ovn: document logical routers and logical patch ports in ovn-architecture

This patch adds a description of logical routers and logical patch ports, including gateway routers, to ovn/ovn-architecture.7.xml. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/ovn-architecture.7.xml | 148 ++--- 1 file change

[ovs-dev] [PATCH v9 3/3] ovn: introduce distributed gateway port

f associating a "redirect-chassis" with a logical router port is to cause the additional table 32 flow to be created (through the southbound port_binding), and to restrict some flows to the "redirect-chassis" through "is_chassis_resident()" match conditions. Signed-off-by: Mick

[ovs-dev] [PATCH v9 2/3] ovn: add is_chassis_resident match expression component

". This allows higher level features to specify flows that are only installed on some chassis rather than on all chassis with the corresponding datapath. Suggested-by: Ben Pfaff <b...@ovn.org> Signed-off-by: Mickey Spiegel <mickeys@gmail.com> Acked-by: Ben Pfaff <b.

[ovs-dev] [PATCH v9 1/3] ovn: document logical routers and logical patch ports in ovn-architecture

This patch adds a description of logical routers and logical patch ports, including gateway routers, to ovn/ovn-architecture.7.xml. Signed-off-by: Mickey Spiegel <mickeys@gmail.com> --- ovn/ovn-architecture.7.xml | 148 ++--- 1 file change

Re: [ovs-dev] [PATCH v7 3/7] ovn: Introduce "chassisredirect" port binding

On Fri, Jan 13, 2017 at 4:21 PM, Ben Pfaff <b...@ovn.org> wrote: > On Fri, Jan 13, 2017 at 02:19:21PM -0800, Mickey Spiegel wrote: > > On Thu, Jan 12, 2017 at 5:12 PM, Mickey Spiegel <mickeys@gmail.com> > > wrote: > > > > > > > > On Su

Re: [ovs-dev] [PATCH v7 3/7] ovn: Introduce "chassisredirect" port binding

On Thu, Jan 12, 2017 at 5:12 PM, Mickey Spiegel <mickeys@gmail.com> wrote: > > On Sun, Jan 8, 2017 at 10:30 PM, Mickey Spiegel <mickeys@gmail.com> > wrote: > >> >> On Fri, Jan 6, 2017 at 8:31 PM, Mickey Spiegel <mickeys@gmail.com> >>

Re: [ovs-dev] [PATCH v7 4/7] ovn: add egress loopback capability

On Mon, Jan 9, 2017 at 2:44 PM, Ben Pfaff <b...@ovn.org> wrote: > On Mon, Jan 09, 2017 at 02:30:54PM -0800, Mickey Spiegel wrote: > > On Mon, Jan 9, 2017 at 2:22 PM, Ben Pfaff <b...@ovn.org> wrote: > > > > > On Fri, Jan 06, 2017 at 04:28:00PM -0800, Mickey

Re: [ovs-dev] [PATCH v7 4/7] ovn: add egress loopback capability

On Fri, Jan 6, 2017 at 4:28 PM, Mickey Spiegel <mickeys@gmail.com> wrote: > > On Fri, Jan 6, 2017 at 3:57 PM, Ben Pfaff <b...@ovn.org> wrote: > >> On Fri, Jan 06, 2017 at 12:00:31PM -0800, Mickey Spiegel wrote: >> > This patch adds the cap

Re: [ovs-dev] [PATCH v7 3/7] ovn: Introduce "chassisredirect" port binding

On Fri, Jan 6, 2017 at 8:31 PM, Mickey Spiegel <mickeys@gmail.com> wrote: > > On Fri, Jan 6, 2017 at 4:21 PM, Mickey Spiegel <mickeys@gmail.com> > wrote: > >> >> On Fri, Jan 6, 2017 at 4:11 PM, Ben Pfaff <b...@ovn.org> wrote: >> >>>

  1   2   3   >