[ovs-dev] Stateful Conntrack & NAT Requirements
Joe Stringer
joe at ovn.org
Fri Jul 8 21:20:02 UTC 2016
On 8 July 2016 at 14:07, Guru Shetty <guru at ovn.org> wrote:
> On 8 July 2016 at 13:46, Arvinderpal Wander <awander at apcera.com> wrote:
>
>> Hi guys,
>>
>> I wanted to get started with the new CT and NAT functionality. I followed
>> the following discussion that was posted earlier:
>>
>> http://openvswitch.org/pipermail/dev/2016-May/070576.html
>>
>> I had a couple of questions:
>> 1. Is it possible to use this new functionality w/o a complete upgrade to
>> 4.6. That is, I don't want to do a full kernel upgrade but just update the
>> OVS userspace+km to the latest and any thing else that needs updating.
>
>
> You will have to upgrade the OVS kernel module one way or the other. i.e.
> either upgrade the entire kernel or install the kernel module that comes
> with this repo.
>
>
>> I
>> gave this a quick try with just userspace+km from the latest master, but
>> got errors when adding ct/nat rules (i.e. OFPBMC_BAD_MASK
>> and OFPBAC_BAD_TYPE). So, I suspect just userspace+km updates are not
>> sufficient. What else is needed?
Current OVS userspace from master with the kernel module from the OVS
tree should not exhibit this behaviour. Check that you are loading the
correct version of the module.
>> 2. I realize that changes will be backported to earlier kernels. How far
>> back will these changes go? I suspect it may be even longer before distros
>> incorporate these changes.
>>
>
> I think it has already been backported all the way to 3.10 on the OVS
> master branch. But when the distros will pick up, I suppose that is hard to
> answer (I atleast don't know the answer). I would not depend on it for
> anything urgent.
As far as the kernel module in the OVS tree is concerned, yes it
should build and run against 3.10+ and provide these features.
Some distributions may choose to distribute the openvswitch-dkms
package to provide this for existing kernels, but others may not in
which case the features might only be available if you bring your own
copy of the kernel module from OVS tree, or wait until the distros
start supporting the latest kernels.
More information about the dev
mailing list