Thanks Brady for putting this together. I wanted to add a few more comments on:
1. Need for packet handoffs NetVirt <-> SFC 2. Priority ordering of SFC pipelines. 3. Non-NSH service chaining. Brady discussed some of the packet flows on his slides 5-6. Slides 4-6 in [2] may be useful for understanding why we need to be able to hand packets off both from NetVirt -> SFC, and from SFC -> NetVirt. It seems this would require either resubmitting packets from egress back to ingress, or sending packets from a lower priority pipeline to a higher priority pipeline. In either case, we'd need to think about preventing loops. E.g., we could have a "recirc" flag in the packet metadata, and make sure this happens at most once. Re: Order of [P1, P2, P3]: I'd like to highlight the point that the pipeline needs to handle both service chained and non-service chained (regular packets. e.g., management of the service function). Slide 6 in [2]. It seems that the service chained traffic should bypass the ingress security group rules. This is why I suggested putting SFC above Ingress ACL in [3]. Also, if we use the preferred SFC chain egress alternative, we'll never go from SFC classifer directly to SFC, so there's no need to have SFC classifier run before SFC. For these reasons, I proposed the order in [3]. I think we should also consider how to handle non-NSH service chaining, and I've added some thoughts in [2] on how to deal with this case. [2] https://docs.google.com/presentation/d/1BeSynV9trxq8q0Re h-cA-8PghXwbPiJq8pQgCYE8Wog/edit?usp=sharing [3] https://docs.google.com/presentation/d/1LCdBzWWWvS5usZQU yg8JuHWK4ccxSkZZwIf7RzE310Y/edit?usp=sharing Thanks, Andre On Tue, Mar 7, 2017 at 8:41 AM, Brady Allen Johnson < [email protected]> wrote: > Right, only in Netvirt. > > As I understood it, the only thing we needed from Genius was a new > Id/Priority for the classifier, but the classifier would be implemented in > the new Netvirt. > > Thanks, > > Brady > > -----Original Message----- > *From*: David Suarez Fuentes <[email protected] > <david%20suarez%20fuentes%20%[email protected]%3e>> > *To*: Brady Allen Johnson <[email protected] > <brady%20allen%20johnson%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e> > > > *Cc*: [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>>, Dayavanti > Gopal Kamath <[email protected] > <dayavanti%20gopal%20kamath%20%[email protected]%3e>>, > Vishal Thapar <[email protected] > <vishal%20thapar%20%[email protected]%3e>>, [email protected] > <[email protected] > <%[email protected]%22%20%[email protected]%3e>> > *Subject*: Re: [sfc-dev] Slides detailing new Netvirt classifier and > Genius/SFC/Netvirt integration > *Date*: Tue, 7 Mar 2017 13:40:03 +0000 > > Hi Brady, > > > I like the Alternative 1 as you describe in the presentation, I think it > is clear. I guess this means that we are not going to implement the > "generic classifier" in Genius, but just in Netvirt, right? > > > Best regards, > > David Suárez. > ------------------------------ > *De:* [email protected] <sfc-dev-bounces@lists. > opendaylight.org> en nombre de Brady Allen Johnson < > [email protected]> > *Enviado:* martes, 7 de marzo de 2017 13:44:30 > *Para:* [email protected]; [email protected]; > [email protected]; [email protected] > *Cc:* [email protected]; Dayavanti Gopal Kamath; Vishal Thapar; > [email protected] > *Asunto:* Re: [sfc-dev] Slides detailing new Netvirt classifier and > Genius/SFC/Netvirt integration > > > Alon, > > Answers to your questions: > > I already added permissions for comments. > > I'll look into setting the TunIpv4Dst/VNID, but we're able to set it > today, so it shouldnt be too problematic. > > As for when the packets go through the classifier: The classifier will > call the push_nsh OpenFlow action, which does nothing more than set some > fields in the OVS metadata. The rest of the pipeline will still be able to > access the original pipeline as if there was nothing NSH associated. The > actual NSH header is encapsulated when the packet egresses the Vxgpe port. > That is, if we did an OpenFlow push_nsh, but then just sent the packet out > a normal TAP port, nothing NSH would be added to the packet. > > We would reach SFC with C1/C2 set once the packet has egressed the br-int > where the classifier is located: which would be when the packets return > from an SF, when they are received in an SFF by the classifier on a > different br-int, or when they are sent SFF-SFF. SFF-SFF is for when an SF > is on one SFF, and the next SF is on another SFF. > > Regards, > > Brady > > > -----Original Message----- > *From*: Brady Johnson <[email protected] > <brady%20johnson%20%[email protected]%3e>> > *To*: "Kochba, Alon" <[email protected] > <%22Kochba,%20alon%22%20%[email protected]%3e>>, Brady Allen Johnson < > [email protected] > <brady%20allen%20johnson%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e> > > > *Cc*: Vishal Thapar <[email protected] > <vishal%20thapar%20%[email protected]%3e>>, "Ben-Meir, Tali" < > [email protected] > <%22Ben-Meir,%20tali%22%20%[email protected]%3e>>, Dayavanti Gopal > Kamath <[email protected] > <dayavanti%20gopal%20kamath%20%[email protected]%3e>>, > [email protected] <[email protected] > <%[email protected]%22%20%[email protected]%3e>> > *Subject*: Re: [sfc-dev] Slides detailing new Netvirt classifier and > Genius/SFC/Netvirt integration > *Date*: Tue, 7 Mar 2017 12:21:00 +0000 > > Here's the correct link: > > https://docs.google.com/presentation/d/1gN8GnpVGwku4mp1on7EBZiE41RI7l > Z-FFmFS2QlUTKk/edit?usp=drivesdk > > On Tue, Mar 7, 2017, 12:48 Kochba, Alon <[email protected]> wrote: > > Thanks Brady! > > > > I think you forgot the link [0], added below J > > > > Could you open comment permissions for everyone so we can comment on the > doc itself? > > Looks much clearer now.. > > > > I think you might run into some trouble copying the tunnel destination IP > and VNI into the NSH in the egress dispatcher. > > There is ongoing work in Genius to have tunnels go through the egress > dispatcher - need to sync with Faseela on how this would work together, > here's the spec [1]. You also mentioned tunnel destination IP, today it's > not openflow based yet but that's being worked on for Carbon as well. > > > > Another point for thought is the case where you go through the classifier, > add the NSH (but don't set C1/C2). > > You then plan to go to the SFC service, and send it to the rest of the > pipeline since C1/C2 isn't set - I'm not sure how the netvirt pipeline > would react to this packet (or is the NSH header not pushed until the > actual output?) > > Also when would we reach SFC with C1/C2 actually set? > > > > [0] https://docs.google.com/presentation/d/1gN8GnpVGwku4mp1on7EBZiE41RI7l > Z-FFmFS2QlUTK > > [1] http://docs.opendaylight.org/en/latest/submodules/genius/ > docs/specs/service-binding-on-tunnels.html > > --alon > > > > *From:* Brady Allen Johnson [mailto:[email protected]] > *Sent:* Tuesday, 7 March 2017 13:02 > *To:* [email protected]; [email protected] > *Cc:* Ben-Meir, Tali <[email protected]>; Vinayak Joshi < > [email protected]>; [email protected]; Dayavanti Gopal Kamath < > [email protected]>; David Suarez Fuentes < > [email protected]>; Vivek Srivastava V < > [email protected]>; [email protected]; > [email protected]; Vishal Thapar <[email protected]>; Diego > Jesus Granados Lopez <[email protected]>; Miguel > Duarte DE MORA BARROSO <[email protected]>; > Kochba, Alon <[email protected]> > *Subject:* Slides detailing new Netvirt classifier and Genius/SFC/Netvirt > integration > > > > > > Hello all, > > > > We have been discussing how to create the new Netvirt classifier and how > to integrate Netvirt, SFC, and Genius together, and I tried to capture > what's been discussed so far and create a solution. > > > > Here [0] are the slides. We can discuss this further in tomorrow's ODL SFC > weekly meeting. Or if necessary, we can create a dedicated meeting today, > just let me know. > > > > Implementation will start on this very soon (as in this week). > > > > Regards, > > > > Brady > > > _______________________________________________ > sfc-dev mailing list > [email protected] > https://lists.opendaylight.org/mailman/listinfo/sfc-dev > > > _______________________________________________ > sfc-dev mailing list > [email protected] > https://lists.opendaylight.org/mailman/listinfo/sfc-dev > >
_______________________________________________ sfc-dev mailing list [email protected] https://lists.opendaylight.org/mailman/listinfo/sfc-dev
