[ovs-dev] [PATCH] bridge: Eject NORMAL flows from datapath after bridge flush.

Jesse Gross jesse at nicira.com
Thu Oct 22 18:12:51 UTC 2009

Ben Pfaff wrote:
> Jesse Gross <jesse at nicira.com> writes:
>> During a bridge flush we clear the learning table and revalidate all
>> flows.  When revalidating NORMAL flows we consult the empty learning
>> table and install flows that flood packets.  This means that existing
>> flows can continue as is but flooding packets because we don't learn
>> the MAC addresses as the flows never come to userspace.  The problem
>> is worse with bonding because we can receive one of the flooded
>> packets back on a bond slave and learn that port, causing us to send
>> traffic to the wrong location.
> This seems like a reasonable stopgap.  We have the opportunity to
> do better:
>         - We shouldn't need to flush the bridge in so many cases.

I'm not sure that it is ever necessary to explicitly flush the learning 
table though clearly there are several configuration changes that 
require revalidation of flows.  The only situation that I can think of 
where the learning table would be important is if a VM migrates, in 
which case it should send a gratuitous ARP to update the learning table.

>         - We ought to feed flow stats back into the learning
>           table.

This is definitely important, though at this point I think that it's 
going to have to wait for the future.  In the meantime, I realized that 
this patch should be generalized a little bit to eject flows that are 
being revalidated without a learning table entry.  Since flows can be 
revalidated at essentially any time, this will prevent bad things from 
happening to flows with an expired learning entry.  I'm going to push 
this version of the patch to hold us over until we have time for the 
larger changes.

More information about the dev mailing list