[ovs-dev] [PATCH v2 ovn 0/5] Add CoPP (Control Plane Protection).

Dumitru Ceara dceara at redhat.com
Tue Nov 5 12:48:13 UTC 2019 

On Tue, Nov 5, 2019 at 1:47 PM Dumitru Ceara <dceara at redhat.com> wrote:
>
> This series adds support for user configured control plane protection
> policies. Such policies are implemented through OVS meters and are
> useful for protecting ovn-controller from being overloaded by control
> traffic (any type of traffic that requires ovn-controller additional
> processing).
>
> First, logical flows are extended to allow ovn-northd to refer to a
> specific Meter that would be used when traffic matching logical flows
> is punted to ovn-controller.
>
> The following commit builds the infrastructure required for configuring
> control plane policies and adds code to ovn-northd to allow creation
> of logical flows that have an associated control meter.
>
> Then CoPP is implemented for all types of traffic that currently gets
> punted to ovn-controller.
>
> CoPP can be applied at different levels: logical switch port, logical
> router port, logical switch, logical router. Whenever a CoPP policy
> is configured for a logical port, it will take precedence over the
> policy configured at router/switch level. However, per port CoPP
> policies are allowed only for types of traffic that are currently
> handled by ovn-northd through logical flows that also match on
> "inport". This could be further refined by follow-up commits.
>
> Post-RFC remaining items:
> - add autotests for CoPP

Please ignore this, it was supposed to be sent as RFC.

Sorry for the noise,
Dumitru

>
> Reported-at: https://mail.openvswitch.org/pipermail/ovs-dev/2019-September/362732.html
> CC: Han Zhou <hzhou at ovn.org>
> CC: Numan Siddique <numans at ovn.org>>
> Signed-off-by: Dumitru Ceara <dceara at redhat.com>
>
> Dumitru Ceara (5):
>       ovn-controller: Add support for Logical_Flow control meters.
>       ovn-northd: Add support for CoPP.
>       ovn-northd: Add CoPP policies for flows that punt packets to ovn-controller.
>       ovn-northd: Extend metering to Controller-Events
>       NEWS: Add CoPP support.
>
>
>  NEWS                      |    1
>  controller/lflow.c        |   37 ++++
>  controller/ofctrl.c       |   29 +++
>  controller/ofctrl.h       |   13 +
>  controller/physical.c     |    3
>  include/ovn/actions.h     |    3
>  lib/actions.c             |  104 ++++-------
>  lib/automake.mk           |    2
>  lib/copp.c                |   99 +++++++++++
>  lib/copp.h                |   58 ++++++
>  northd/ovn-northd.c       |  300 ++++++++++++++++++++++-----------
>  ovn-nb.ovsschema          |   24 ++-
>  ovn-nb.xml                |   91 ++++++++++
>  ovn-sb.ovsschema          |    6 -
>  ovn-sb.xml                |    6 +
>  tests/ovn.at              |    3
>  utilities/ovn-nbctl.8.xml |   94 ++++++++++
>  utilities/ovn-nbctl.c     |  412 +++++++++++++++++++++++++++++++++++++++++++++
>  18 files changed, 1099 insertions(+), 186 deletions(-)
>  create mode 100644 lib/copp.c
>  create mode 100644 lib/copp.h
>
>
> ---
> v2:
>   - Address Han's comment and split the RFC in a series.
>   - Simplify a bit the logic of applying CoPP on logical ports.
>
> _______________________________________________
> dev mailing list
> dev at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev

More information about the dev mailing list