[ovs-dev] [PATCH v5 2/2] ovn: Add logical flows to support native DHCP
Ramu Ramamurthy
ramu.ramamurthy at gmail.com
Wed May 18 00:10:04 UTC 2016
> The reason for not adding the flow in IN_ACL is because the CMS can add
> flows to allow or drop DHCP traffic on a logical port if it wants to. In
> the case of OpenStack networking-ovn, it is adding the below flows for each
> logical port.
>
> table=4( ls_in_acl), priority= 2002, match=(ct.new && (inport ==
> "2636f285-6d1a-4ad9-89db-c3323349c554" && ip4)), action=(ct_commit; next;)
> table=4( ls_in_acl), priority= 2002, match=(ct.new && (inport ==
> "2636f285-6d1a-4ad9-89db-c3323349c554" && ip6)), action=(ct_commit; next;)
> table=4( ls_in_acl), priority= 2001, match=(inport ==
> "2636f285-6d1a-4ad9-89db-c3323349c554" && ip), action=(drop;)
>
>
> Actually if we want we can remove the 34000 OUT_ACL flow from ovn-northd and
> let CMS add it. I initially thought its good to take care of it on
> ovn-northd. But now I am not sure whats the best approach. Please let me
> know your comments.
>
Thanks, It may be fine to program the out-acl flows implicitly (by
northd) as a consequence of the CMS
setting enable_dhcp on the port (ie the user has accepted DHCP traffic
on the port by setting enable_dhcp).
More information about the dev
mailing list