[ovs-dev] [PATCH 2/3] ovn-northd: Minor logical flow table optimizations.
Ben Pfaff
blp at nicira.com
Fri Sep 11 20:42:28 UTC 2015
On Fri, Sep 11, 2015 at 12:57:18PM -0700, Justin Pettit wrote:
>
> > On Sep 11, 2015, at 11:36 AM, Ben Pfaff <blp at nicira.com> wrote:
> >
> > @@ -744,22 +744,23 @@ build_lflows(struct northd_context *ctx, struct hmap *datapaths,
> >
> > /* Port security flows have priority 50 (see below) and will continue
> > * to the next table if packet source is acceptable. */
> > -
> > - /* Otherwise drop the packet. */
> > - ovn_lflow_add(&lflows, od, P_IN, S_IN_PORT_SEC, 0, "1", "drop;");
> > }
> >
> > /* Ingress table 0: Ingress port security (priority 50). */
> > struct ovn_port *op;
> > HMAP_FOR_EACH (op, key_node, ports) {
> > + if (!lport_is_enabled(op->nb)) {
> > + continue;
> > + }
>
> Do you think it's worth mentioning here that this effectively drops packets coming from disabled ports?
OK, I added a comment:
if (!lport_is_enabled(op->nb)) {
/* Drop packets from disabled logical ports (since logical flow
* tables are default-drop). */
continue;
}
> Acked-by: Justin Pettit <jpettit at nicira.com>
Thanks, I'll apply this in a minute.
More information about the dev
mailing list