[ovs-dev] [PATCH 3/3] ovn-sb: Describe the pipeline stages generated by ovn-northd.
Justin Pettit
jpettit at nicira.com
Wed Sep 2 00:21:43 UTC 2015
Signed-off-by: Justin Pettit <jpettit at nicira.com>
---
ovn/ovn-sb.xml | 43 +++++++++++++++++++++++++++++++++++++++++++
1 files changed, 43 insertions(+), 0 deletions(-)
diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml
index 38837c1..cbae2e9 100644
--- a/ovn/ovn-sb.xml
+++ b/ovn/ovn-sb.xml
@@ -321,6 +321,49 @@
the logical output port replaced by the group member.
</p>
+ <p><em>Pipeline Stages</em></p>
+
+ <p>
+ <code>ovn-northd</code> is responsible for populating the
+ <ref table="Logical_Flow"/>, so the stages are an implementation
+ detail and subject to change. This section describes the current
+ logical flow table.
+ </p>
+
+ <p>
+ The ingress pipeline consists of the following stages:
+ </p>
+ <ul>
+ <li>
+ Port Security (Table 0): Validates the source address, drops
+ packets with a VLAN tag, and, if configured, verifies that the
+ logical port is allowed to send with the source address.
+ </li>
+
+ <li>
+ L2 Destination Lookup (Table 1): Forwards known unicast
+ addresses to the appropriate logical port. Unicast packets to
+ unknown hosts are forwarded to logical ports configured to have
+ an <code>unknown</code> addresses. Broadcast, and multicast are
+ flooded to all ports in the logical switch.
+ </li>
+ </ul>
+
+ <p>
+ The egress pipeline consists of the following stages:
+ </p>
+ <ul>
+ <li>
+ ACL (Table 0): Applies any specified access control lists.
+ </li>
+
+ <li>
+ Port Security (Table 1): If configured, verifies that the
+ logical port is allowed to receive packets with the destination
+ address.
+ </li>
+ </ul>
+
<column name="logical_datapath">
The logical datapath to which the logical flow belongs.
</column>
--
1.7.5.4
More information about the dev
mailing list