[ovs-discuss] Simulate PVLAN(isolated secondary vlan) using OVS

Sheng Yang sheng at yasker.org
Mon Apr 22 22:17:36 UTC 2013


On Sun, Apr 21, 2013 at 9:39 PM, Ben Pfaff <blp at nicira.com> wrote:

> On Sun, Apr 21, 2013 at 07:40:46PM -0700, Sheng Yang wrote:
> > On Sun, Apr 21, 2013 at 5:06 PM, Ben Pfaff <blp at nicira.com> wrote:
> >
> > > On Sun, Apr 21, 2013 at 04:52:00PM -0700, Sheng Yang wrote:
> > > > I think openflow 1.1 should be able to deal with it, by putting rule
> 1
> > > and
> > > > rule 2 into different flow tables.
> > > >
> > > > But with openflow 1.0, I am struggling to find a better solution for
> it.
> > >
> > > You can use multiple flow tables with Open vSwitch with the "resubmit"
> > > action.  "resubmit" is documented in ovs-ofctl(8).
> > >
> >
> > Hi Ben,
> >
> > "resubmit" is really helpful!
> >
> > However, I still got some troubles to get expected result.
> >
> > If I do something like this:
> >
> > 1: priority=50,vlan_tci=0x0000,dl_src=<I-port VM MAC>
> > actions=mod_vlan_vid:<Secondary VLAN>,resubmit:1
> > 2a: priority=150,dl_vlan=<Secondary VLAN>,dl_dst=<P-port VM's MAC>
> > actions=mod_vlan_vid:<Primary VLAN>,NORMAL
> > 2b: priority=150,dl_vlan=<Secondary VLAN>,dl_dst=<P-port VM's MAC>
> > actions=strip_vlan,NORMAL
>
> It may be a mistake to try to implement this in term of "normal".  Have
> you read the Open vSwitch advanced features tutorial?  See
>
> http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=blob_plain;f=tutorial/Tutorial;hb=HEAD
> and
>
> http://openvswitch.org/cgi-bin/gitweb.cgi?p=openvswitch;a=tree;f=tutorial;hb=HEAD


Thanks Ben, I've checked the tutorial. But fully implement a switch seems a
big work for us at this time(and our current version of OVS don't have
multiple flow tables support to make it more clear), so I decided to no
longer depends on "normal" operation, but just throw all the packets
targetted to <P-port VM> to the VM's switch port directly, and it works now.

But I've thought a little more about "normal". As the tutorial said:

<quote>
2. The "normal" action. OpenFlow defines this action to submit a

       packet to "the traditional non-OpenFlow pipeline of the
       switch".  That is, if a flow uses this action, then the packets
       in the flow go through the switch in the same way that they

would if OpenFlow was not configured on the switch.

...

The second approach, using the "normal" action, has different
problems.  First, little about the "normal" action is standardized, so
it behaves differently on switches from different vendors, and the
available features and how those features are configured (usually not
through OpenFlow) varies widely.  Second, "normal" does not work well
with other OpenFlow actions.  It is "all-or-nothing", with little
potential to adjust its behavior slightly or to compose it with other
features.

</quote>

I think at least for OVS, the "normal" action should be a
determined/well-known one, right? Because it's OVS who implemented it in
this case. Is there any place I can find more information how "normal"
things work on OVS?

Thanks!

--Sheng
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20130422/1d117e39/attachment.html>


More information about the discuss mailing list