[ovs-dev] [PATCH v12] OVN: Enable E-W Traffic, Vlan backed DVR
blp at ovn.org
Fri Jul 5 18:08:21 UTC 2019
On Thu, Jun 20, 2019 at 01:36:46AM +0000, Ankur Sharma wrote:
>  https://mail.openvswitch.org/pipermail/ovs-dev/2018-October/353066.html
>  https://docs.google.com/document/d/1uoQH478wM1OZ16HrxzbOUvk5LvFnfNEWbkPT6Zmm9OU/edit?usp=sharing
> Key difference between an overlay logical switch and
> vlan backed logical switch is that for vlan logical switches
> packets are not encapsulated.
> Hence, if a distributed router port is connected to vlan backed
> logical switch, then router port mac as source mac could be
> seen from multiple hypervisors. Same <mac,vlan> pairs coming
> from multiple ports from a top of the rack switch (TOR) perspective
> could be seen as a security threat and it could send alarms, drop
> the packets or block the ports etc.
> This patch addresses the same by introducing the concept of chassis mac.
> A chassis mac is CMS provisioned unique mac per chassis. For any routed packet
> (i.e source mac is router port mac) going on the wire on a vlan type
> logical switch, we will replace its source mac with chassis mac.
Thanks. I made a few stylistic and documentation updates and applied
this to master.
More information about the dev