[ovs-dev] [PATCH v5 2/2] ovn: Add logical flows to support native DHCP
Numan Siddique
nusiddiq at redhat.com
Tue May 17 07:07:38 UTC 2016
On Tue, May 17, 2016 at 4:05 AM, Ramu Ramamurthy <ramu.ramamurthy at gmail.com>
wrote:
> Tested-by: Ramu Ramamurthy <ramu.ramamurthy at us.ibm.com>
>
> I tested v5 of this patchset to work end-to-end with openstack (using
> your openstack changes which are also under review). The options tested
> include dns-server and classless-static-route.
>
> A question I have is why you program these out-acl flows at prio 34000,
> whereas you did not need to program the corresponding in-acl flow ?
> table=1( ls_out_acl), priority=34000, match=(eth.src ==
> fa:16:3e:94:07:40 && ip4.src == 10.0.2.1 && udp && udp.src == 67 &&
> udp.dst == 68), action=(ct_commit; next;)
>
>
Thanks Ramu for testing it out.
The reason for not adding the flow in IN_ACL is because the CMS can add
flows to allow or drop DHCP traffic on a logical port if it wants to. In
the case of OpenStack networking-ovn, it is adding the below flows for each
logical port.
table=4( ls_in_acl), priority= 2002, match=(ct.new && (inport ==
"2636f285-6d1a-4ad9-89db-c3323349c554" && ip4)), action=(ct_commit; next;)
table=4( ls_in_acl), priority= 2002, match=(ct.new && (inport ==
"2636f285-6d1a-4ad9-89db-c3323349c554" && ip6)), action=(ct_commit; next;)
table=4( ls_in_acl), priority= 2001, match=(inport ==
"2636f285-6d1a-4ad9-89db-c3323349c554" && ip), action=(drop;)
Actually if we want we can remove the 34000 OUT_ACL flow from ovn-northd
and let CMS add it. I initially thought its good to take care of it on
ovn-northd. But now I am not sure whats the best approach. Please let me
know your comments.
Thanks
Numan
> On Mon, May 16, 2016 at 2:23 AM, Numan Siddique <nusiddiq at redhat.com>
> wrote:
> > OVN implements a native DHCP support which caters to the common
> > use case of providing an IP address to a booting instance by
> > providing stateless replies to DHCP requests based on statically
> > configured address mappings. To do this it allows a short list of
> > DHCP options to be configured and applied at each compute host
> > running ovn-controller.
> >
>
More information about the dev
mailing list