[ovs-dev] ovsdb implementation

Ben Pfaff blp at nicira.com
Tue Oct 8 16:51:44 UTC 2013 

On Mon, Oct 07, 2013 at 08:29:14AM +0400, Vasiliy Tolstov wrote:
> 2013/10/5 Ben Pfaff <blp at nicira.com>:
> >> I need to dynamically create gre and vxlan tunnels now.
> >
> > It seems to be little-known but you can use GRE and VXLAN without
> > creating a separate interface for each tunnel.  The best explanation is
> > in a commit message:
> >
> > commit 0ad90c845b7e82090a846fbe9f927e8d1c84cfc9
> > Author: Jarno Rajahalme <jarno.rajahalme at nsn.com>
> > Date:   Thu May 9 15:24:16 2013 +0300
> >
> >     OpenFlow-level flow-based tunneling support.
> >
> >     Adds tun_src and tun_dst match and set capabilities via new NXM fields
> >     NXM_NX_TUN_IPV4_SRC and NXM_NX_TUN_IPV4_DST.  This allows management of
> >     large number of tunnels via the flow tables, without requiring the tunnels
> >     to be pre-configured.
> >
> >     Flow-based tunnels can be configured with options remote_ip=flow and
> >     local_ip=flow.  local_ip=flow requires remote_ip=flow.  When set, the
> >     tunnel remote IP address and/or local IP address is set from the flow,
> >     instead of the tunnel configuration.
> >
> >     Example:
> >
> >     $ ovs-vsctl add-port br0 gre -- set Interface gre ofport_request=1 type=gre options:remote_ip=flow options:key=flow
> >     $ ovs-ofctl add-flow br0 "in_port=LOCAL actions=set_tunnel:1,set_field:192.168.0.1->tun_dst,output:1"
> >     $ ovs-ofctl add-flow br0 "in_port=1 tun_src=192.168.0.1 tun_id=1 actions=LOCAL"
> >
> >     Signed-off-by: Jarno Rajahalme <jarno.rajahalme at nsn.com>
> >     Signed-off-by: Ben Pfaff <blp at nicira.com>
> >
> 
> Thanks, that is very good feature. As i understand commands above
> creates interface gre for that remote_ip and key extracted from the
> flow.

Yes...

> Seconds command establish flow for local port and for each gre tunnel
> established from remote host extracts tun_dst and outputs to port 1?

The second command shows how to send all packets received on the local
port to a GRE tunnel to IP 192.168.0.1 with GRE key 1.

> Third command sets tun_id and tun_src ...

The third command shows how to send all packets received on a GRE
tunnel from 192.168.0.1 with GRE key 1 to the local port.

> If i need to create gre tunnels like this, but count of
> node1...node2... is about 60, does this flow rules works ? as i
> understand i need specify gre tun_dst on each gw and on node i need
> only  this three rules?

I don't understand your setup, but yes, you can use flow rules to
establish multiple tunnels.  60 tunnels should not be a problem.

> > The one big weakness to this support is that there's currently no way
> > to enable CFM or BFD without adding an interface.
> 
> Hmm.. Does adding this is planning feature in case of flow -based tunnels ?

We're talking about it in ONF right now.

More information about the dev mailing list