|
|
(3 intermediate revisions by the same user not shown) |
Line 1: |
Line 1: |
| OpenFlow1.3 flow table for OFAgent | | OpenFlow1.3 flow table for OFAgent |
| | | |
− | WIP implementation: https://github.com/yamt/neutron/tree/ofagent-merge-bridges
| + | moved to: http://git.openstack.org/cgit/openstack/neutron/tree/neutron/plugins/ofagent/agent/flows.py |
− | | |
− | * requirements
| |
− | ** plain OpenFlow 1.3. no vendor extensions.
| |
− | | |
− | * todo: VXLAN (same as GRE?)
| |
− | | |
− | * legends
| |
− | xxx: network id (agent internal use)
| |
− | yyy: segment id (vlan id, gre key, ...)
| |
− | a,b,c: tunnel port (tun_ofports, map[net_id].tun_ofports)
| |
− | i,j,k: vm port (map[net_id].vif_ports[vif_id].ofport)
| |
− | x,y,z: physical port (int_ofports)
| |
− | N: tunnel type (0 for TYPE_GRE, 1 for TYPE_xxx, ...)
| |
− | uuu: unicast l2 address
| |
− | | |
− | * tables (in order)
| |
− | CHECK_IN_PORT
| |
− | TUNNEL_IN+N
| |
− | PHYS_IN
| |
− | LOCAL_IN
| |
− | TUNNEL_OUT
| |
− | PHYS_OUT
| |
− | LOCAL_OUT
| |
− | TUNNEL_FLOOD+N
| |
− | PHYS_FLOOD
| |
− | LOCAL_FLOOD
| |
− | | |
− | * CHECK_IN_PORT
| |
− | | |
− | for each vm ports:
| |
− | in_port=i, write_metadata(xxx),goto(ARP_PROXY) // port_bound
| |
− | TYPE_GRE
| |
− | for each tunnel ports:
| |
− | in_port=a, goto(TUNNEL_IN+N) // setup_tunnel_port
| |
− | TYPE_VLAN
| |
− | for each physical ports:
| |
− | in_port=x, goto(PHYS_IN)
| |
− | TYPE_FLAT
| |
− | in_port=x, goto(PHYS_IN)
| |
− | default drop
| |
− | | |
− | * TUNNEL_IN+N (per tunnel types) tunnel -> network
| |
− | | |
− | TYPE_GRE
| |
− | for each networks: // _provision_local_vlan_tunnel
| |
− | // don't goto(TUNNEL_OUT) as it can create a loop with meshed tunnels
| |
− | // what to do when using multiple tunnel types?
| |
− | tun_id=yyy, write_metadata(xxx),goto(PHYS_OUT)
| |
− | | |
− | default drop
| |
− | | |
− | * PHYS_IN // for vlan and flat
| |
− | | |
− | TYPE_VLAN
| |
− | for each networks:
| |
− | vlan_vid=present|yyy, write_metadata(xxx),pop_vlan,goto(TUNNEL_OUT)
| |
− | | |
− | TYPE_FLAT
| |
− | // XXX vlan_vid=none check necessary?? it's what OVS agent does.
| |
− | vlan_vid=none, write_metadata(xxx),pop_vlan,goto(TUNNEL_OUT)
| |
− | | |
− | default drop
| |
− | | |
− | * LOCAL_IN
| |
− | ** todo: local arp responder
| |
− | | |
− | default goto(next_table)
| |
− | | |
− | * TUNNEL_OUT
| |
− | TYPE_GRE
| |
− | // _add_fdb_flow (!FLOODING_ENTRY)
| |
− | metadata=xxx,eth_dst=uuu set_tunnel(yyy),output:a
| |
− | | |
− | default goto(next table)
| |
− | | |
− | * PHYS_OUT
| |
− | ** todo: learning and/or l2 pop
| |
− | | |
− | for each known destinations:
| |
− | TYPE_VLAN
| |
− | metadata=xxx,eth_dst=uuu push_vlan,set_field:present|yyy->vlan_vid,output:a
| |
− | default goto(next table)
| |
− | | |
− | * LOCAL_OUT
| |
− | ** todo: learning and/or l2 pop
| |
− | | |
− | for each known destinations:
| |
− | metadata=xxx,eth_dst=uuu output:i
| |
− | default goto(next table)
| |
− | | |
− | * TUNNEL_FLOOD+N. (per tunnel types)
| |
− | | |
− | network -> tunnel/vlan
| |
− | output to tunnel/physical ports
| |
− | "next table" might be LOCAL_OUT
| |
− | TYPE_GRE
| |
− | for each networks: // _add_fdb_flow (FLOODING_ENTRY)
| |
− | metadata=xxx, set_tunnel(yyy),output:a,b,c,goto(next table)
| |
− | | |
− | default goto(next table)
| |
− | | |
− | * PHYS_FLOOD
| |
− | | |
− | TYPE_VLAN
| |
− | for each networks:
| |
− | metadata=xxx, push_vlan:0x8100,set_field:present|yyy->vlan_vid,output:x,y,z,goto(next table)
| |
− | TYPE_FLAT
| |
− | for each networks:
| |
− | metadata=xxx, output:x,y,z,goto(next table)
| |
− | default goto(next table)
| |
− | | |
− | * LOCAL_FLOOD
| |
− | ** todo: learning and/or l2 pop
| |
− | | |
− | for each networks:
| |
− | metadata=xxx, output:i,j,k // port_bound
| |
− | default drop
| |
− | | |
− | * references
| |
− | ** similar attempts for OVS agent https://wiki.openstack.org/wiki/Ovs-flow-logic
| |
− | *** we use metadata instead of "internal" VLANs
| |
− | *** we don't want to use NX learn action
| |