[ovs-discuss] open vSwitch port input buffer capacity

Ali Volkan Atli Volkan.Atli at argela.com.tr
Fri Apr 15 07:30:49 UTC 2016


Hi Ben

No doubt you are a legend but you are wrong in this question or I'm totally screwed :)

I think you did not understand the question correctly. OvS has a buffer mechanism for each controller. While trying to add a flow_mod with max_length is not OFPCML_NO_BUFFER, the packets are stored in the buffer. If the maximum capacity is exceeded, OvS start sending the whole packets instead of related parts in the packet-in messages. Finally, its size (PKTBUF_CNT) is 512. 

@Majid, just set max-lenght (different than 0xFFFF) and then drop the packet-in messages in the controller and then you'll see the whole packets after 512th packet-in.

- Volkan

________________________________________
From: discuss [discuss-bounces at openvswitch.org] on behalf of Ben Pfaff [blp at ovn.org]
Sent: Thursday, April 14, 2016 6:56 PM
To: ‪Majid Taleqani‬ ‪‬
Cc: discuss at openvswitch.org
Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity

On Thu, Apr 14, 2016 at 01:52:31PM +0000, ‪Majid Taleqani‬ ‪ wrote:
> i am writing a DDOS mitigation for openflow networks using pox
> controller and open vSwitch version 1.9. as DDOS attacks aim at
> Flooding flow tables and input buffers, i wonder what is the maximum
> capacity of each switch port input buffer.

OVS ports themselves don't have buffers, so this is a question of your
NIC driver's buffering strategy.

> i know after the switch input buffer overflows then the switch sends
> the whole packet to the controller

No, that's wrong.  Buffer overflow has nothing to do with sending
packets to the controller.

> and then the controller responses by sending packet out message which
> contains the whole packet and also the action.  i want to know how
> much data and at what rate should a host send data to overflow a
> switch port input buffer and if is it possible to change the switch
> port input buffers? is it possible to change the amount of time that a
> packet stays in buffer before timeouts?  thanks
_______________________________________________
discuss mailing list
discuss at openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss


More information about the discuss mailing list