[ovs-discuss] What is the best hardware solution to perform simple networking operations with openvswitch

GAUTIER Philippe gautier.p-ssii at mipih.fr
Tue Jan 27 17:39:07 UTC 2015


Hy,

We are looking for the best hardware solution to run the following configuration (below openvswitch commands).

Use case:
                                                                                                              dedicated host

VMWARE                                                                          ---->        Openvswitch switch                                                                                                                  ----->    two Network probe
VSPAN mirroring session using GRE tunnels                       GRE Desencapsulation
Filtering (with different traffic filters ex: without broadcast and all traffic)
and send traffic to network probe
span mirroring session                                                ----->

We already  had the following results with our test platform (the use case is not totally covered by our test scenario, only GRE traffic and one network probe):

An intel core 2 duo E5500 2,8 Ghz processor with a HP NC360T Dual Gigabit Port Ethernet card (with 82571EB Ethernet controller)
Ovs-version: 2.3.0
Linux kernel: 3.16.0-4-amd64

400 kpkts/s at around 720 Mbits/s (simulated with real traffic capture)
~60 % cpu used on both Core


We are looking for a solution to support 10 Gbit interface rate to the network probe( So 10 Gbits/s in and 20 Gbits/s out) .  We find this intel card reference: X710DA4
http://www.intel.com/content/www/us/en/network-adapters/converged-network-adapters/ethernet-x710.html

This card support NVGRE offloading. Will our configuration be entirely  offloaded to the network card (if we do not use more than 4 Ethernet ports)?

Which intel processor is most appropriate for our configuration and DPDK support ?

Or maybe the best scalable solution for our needs is to buy a real network switch with openvswitch support ?
http://www.pica8.com/open-switching/1gbe-10gbe-40gbe-open-switches.php


Openvswitch test configuration:

ovs-vsctl add-br br-outTrafic -- set Bridge br-outTrafic fail-mode=secure

ovs-vsctl add-port br-outTrafic eth4 \
                -- set Interface eth4 ofport_request=1
ovs-ofctl mod-port br-outTrafic eth4 up


ovs-vsctl add-port br-outTrafic gre0 \
-- set interface gre0 type=gre options:remote_ip=flow options:in_key=flow options:local_ip=<ip> \
-- set Interface gre0 ofport_request=2
ovs-ofctl mod-port br-outTrafic gre0 up


Openflow commands:

# drop multicast/ broadcast
ovs-ofctl add-flow br-out \
    "cookie=1, table=0, priority=65535, out_port=1, dl_dst=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"
# drop arp
ovs-ofctl add-flow br-out \
    "cookie=2, table=0, priority=65534, out_port=1, dl_type=0x0806, actions=drop"
# delete STP
ovs-ofctl add-flow br-out \
     "cookie=3, table=0, priority=65533, out_port=1, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"

# send trafic to network probe
ovs-ofctl add-flow br-outTrafic \
                "cookie=4, table=0, priority=0,in_port=2, actions=output:1"

Regards,

Philippe


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20150127/4a667832/attachment-0002.html>


More information about the discuss mailing list