[ovs-dev] [PATCH 1/3] ovn: Add port_security proposal
Russell Bryant
russell at ovn.org
Thu Jan 28 15:44:07 UTC 2016
On 01/28/2016 10:11 AM, Numan Siddique wrote:
> On 01/28/2016 08:04 PM, Russell Bryant wrote:
>> You raised another thread about the proposed syntax here:
>>
>> http://openvswitch.org/pipermail/dev/2016-January/064921.html
>>
>> Let's make sure we agree on that before proceeding. In that thread, Han
>> suggested:
>>
>>> I would suggest to have the format ["MAC1 IP1-1 IP1-2 IP1-3 ...", "MAC2
>>> IP2-1 IP2-2 ...", ...] for both "port_security" and "addresses" columns.
>> That mostly follows this proposal and means another patch is needed to
>> change 'addresses'. That's not exactly backwards compatible, but I
>> don't think that's a problem.
>>
>> In this port_security documentation, it seems to suggest that this form
>> is also allowed:
>>
>> 1)
>> ["MAC1 MAC2 MAC3 IP1 IP2 IP3"]
>>
>> Is that intentional? or should we require this instead which seems to
>> be what you and Han were discussing?
>>
>> 2)
>> ["MAC1 IP1 IP2 IP3", "MAC2 IP1 IP2 IP3", "MAC3 IP1 IP2 IP3"]
>>
>> The other alternative is to adopt how the addresses column works today,
>> and require:
>>
>> 3)
>> ["MAC1 IP1", "MAC1 IP2", "MAC1 IP3",
>> "MAC2 IP1", "MAC2 IP2", "MAC2 IP3",
>> "MAC3 IP1", "MAC3 IP2", "MAC3 IP3"]
>>
>>
>> The thing I care about most is consistency. I think option #1 is the
>> least clear. Option #3 is nicely explicit, but more verbose. #2 seems
>> like a compromise on clarity and verbosity.
>>
>> My suggestion would be to adopt #2 and update this documentation to
>> reflect that. It seems that #2 is actually what you have implemented in
>> this series.
>>
>
> Thanks Russel for the comments. Yes, I assumed #2. I will update the documentation.
> Is your suggestion (#2) for both port security and addresses or just for port security ?
I suggest that whatever we adopt here, we make 'addresses' consistent
with it, so it would be for both. The change to 'addresses' can be done
in another patch series, though.
--
Russell Bryant
More information about the dev
mailing list