Neutron/TrunkPort

This page is currently outdated. It still describes v2 of the spec proposal. It should be updated to v4.

Overview

Neutron extension to access lots of neutron networks over a single vNIC as tagged/encapsulated traffic.

API

neutron trunk

attribute name	attribute type	attribute default
uuid	str, uuid	auto-generated
name	str	empty string
tenant_id	str, uuid	id of creator tenant
port_id	str, uuid	id of an existing legacy neutron port

wishlist attributes:

subport_count

neutron subport

Usage of pre-existing neutron port attributes:

attribute name	attribute value
device_id	UUID OF PARENT TRUNK PORT
device_owner	trunk-port

Additional neutron port attributes:

attribute name	attribute type
trunk-port:segmentation-id	uint
trunk-port:segmentation-type	str

Ignored and problematic neutron port attributes:

attribute name	reason
mac_address	no mechanism to tell the guest os/app what mac to use
binding:*	FIXME

nova

FIXME nova boot --nic trunk-port-id

CLI usage example

# Legacy ports.
neutron port-create net0 --name port0
neutron port-create net1 --name port1

# Turn port0 into a trunk port, add port1 as a subport to it.
neutron trunk-create --port-id PORT0-UUID --subport PORT1-UUID,vlan,101 --name trunk0

# The only vNIC in your instance corresponds to the legacy port (turned into a trunk),
# so boot your instance with the trunk port given. Do not add subports as NICs to 'nova boot'.
# Use an image with support for vlan interfaces. CirrOS will not cut it.
# eg: sudo ip link add ... type vlan ...
nova boot ... --image VLAN-CAPABLE-IMAGE --nic trunk-port-id=PORT0-UUID --poll vm0

# The typical cloud image will auto-configure eth0 only and not the vlan interfaces (eth0.VLAN-ID).
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.101 type vlan id 101

# Further subports can be created at any time, including after boot.
neutron port-create net2 --name port2
neutron trunk-subport-add TRUNK0-UUID PORT2-UUID,vlan,102

# Again you need to bring your subport vlan interfaces up.
ssh VM0-ADDRESS sudo ip link add link eth0 name eth0.102 type vlan id 102

# Subports can be deleted at runtime too.
ssh VM0-ADDRESS sudo ip link delete dev eth0.102
neutron trunk-subport-delete PORT2-UUID
neutron port-delete port2

# Delete stuff when you're all done.
neutron trunk-delete TRUNK0-UUID
nova delete vm0
neutron port-delete port1
neutron port-delete port0

openvswitch vlan model

FIXME draw picture of wiring of tap interfaces, trunk and integration bridges

# create trunk bridge
ovs-vsctl --may-exist add-br TRUNK-BRIDGE
ovs-ofctl del-flows TRUNK-BRIDGE

# patch trunk bridge to integration bridge
ovs-vsctl add-port TRUNK-BRIDGE PATCH-TRUNK-END-PORT -- set Interface PATCH-TRUNK-END-PORT type=patch options:peer=PATCH-INT-END-PORT
ovs-vsctl add-port br-int PATCH-INT-END-PORT -- set Interface PATCH-INT-END-PORT type=patch options:peer=PATCH-TRUNK-END-PORT

# install default drop flows on patch ports
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-TRUNK-END-OFPORT,actions=drop
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=2,in_port=PATCH-INT-END-OFPORT,actions=drop

# make the tap port pass all tags
ovs-vsctl set Port TAP-PORT vlan_mode=trunk

##

# install remap flows for untagged traffic (default subport)
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=strip_vlan,normal
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=0xffff,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal

# install remap flows for tagged traffic (other subports)
ovs-ofctl add-flow TRUNK-BRIDGE hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=COMPUTE-INTERNAL-VLAN-ID,in_port=PATCH-TRUNK-END-OFPORT,actions=mod_vlan_vid:INNER-VLAN-ID,normal
ovs-ofctl add-flow br-int hard_timeout=0,idle_timeout=0,priority=3,dl_vlan=INNER-VLAN-ID,in_port=PATCH-INT-END-OFPORT,actions=mod_vlan_vid:COMPUTE-INTERNAL-VLAN-ID,normal