[ovs-dev] [PATCH 2/2] Extend sFlow agent to report tunnel and MPLS structures

Fri Jul 17 23:31:54 UTC 2015

On Thu, Jun 11, 2015 at 09:43:59AM -0700, Neil McKee wrote:
> Packets are still sampled at ingress only, so the egress
> tunnel and/or MPLS structures are only included when there is just 1 output
> port.  The actions are either provided by the datapath in the sample upcall
> or looked up in the userspace cache.  The former is preferred because it is
> more reliable and does not present any new demands or constraints on the
> userspace cache, however the code falls back on the userspace lookup so that
> this solution can work with existing kernel datapath modules. If the lookup
> fails it is not critical: the compiled user-action-cookie is still available
> and provides the essential output port and output VLAN forwarding information
> just as before.
> 
> The openvswitch actions can express almost any tunneling/mangling so the only
> totally faithful representation would be to somehow encode the whole list of
> flow actions in the sFlow output.  However the standard sFlow tunnel structures
> can express most common real-world scenarios, so in parsing the actions we
> look for those and skip the encoding if we see anything unusual. For example,
> a single set(tunnel()) or tnl_push() is interpreted,  but if a second such
> action is encountered then the egress tunnel reporting is suppressed.
> 
> The sFlow standard allows "best effort" encoding so that if a field is not
> knowable or too onerous to look up then it can be left out. This is often
> the case for the layer-4 source port or even the src ip address of a tunnel.
> The assumption is that monitoring is enabled everywhere so a missing field
> can typically be seen at ingress to the next switch in the path.
> 
> This patch also adds unit tests to check the sFlow encoding of set(tunnel()),
> tnl_push() and push_mpls() actions.
> 
> The netlink attribute to request that actions be included in the upcall
> from the datapath is inserted for sFlow sampling only.  To make that option
> be explicit would require further changes to the printing and parsing of
> actions in lib/odp-util.c, and to scripts in the test suite.
> 
> Further enhancements to report on 802.1AD QinQ, 64-bit tunnel IDs, and NAT
> transformations can follow in future patches that make only incremental
> changes.
> 
> Signed-off-by: Neil McKee <neil.mckee at inmon.com>

Neil, would you mind posting a new version of this patch rebased against
current master?  I'll review it next week.

Thanks,

Ben.