[ovs-dev] [PATCH 00/12] Support zone-based conntrack timeout policy

Justin Pettit jpettit at ovn.org
Wed Jul 31 19:49:57 UTC 2019


> On Jul 31, 2019, at 1:25 AM, Ilya Maximets <i.maximets at samsung.com> wrote:
> 
> On 29.07.2019 21:53, Yi-Hung Wei wrote:
>> 
>> As for the database schema, we intend to make CT_Zone table references
>> to CT_Timeout_Policy table because some other zone-based feature can
>> be configured through ovsdb later on. For example, we can have a new
>> column in CT_Zone table that stores 'limit' as an integer to support
>> the zone limit feature (limiting number of connection in a zone).  It
>> is currently configured through dpctl commands.
> 
> At least, since each zone could have only one timeout policy it's easy to just
> inline CT_Timeout_Policy into CT_Zone like this:

The reason we arranged it like this is that we wanted to be able to allow per-flow timeout policies later.  The idea is that in the Bridge or Datapath table we could have a column that goes from integer to timeout policy row.  Those integers could then be used in OpenFlow ct(commit) actions.  This would allow a hierarchy of timeout policies from flow -> zone -> system.

--Justin




More information about the dev mailing list