[ovs-discuss] open vSwitch port input buffer capacity
Ali Volkan Atli
Volkan.Atli at argela.com.tr
Fri Apr 15 07:30:49 UTC 2016
Hi Ben
No doubt you are a legend but you are wrong in this question or I'm totally screwed :)
I think you did not understand the question correctly. OvS has a buffer mechanism for each controller. While trying to add a flow_mod with max_length is not OFPCML_NO_BUFFER, the packets are stored in the buffer. If the maximum capacity is exceeded, OvS start sending the whole packets instead of related parts in the packet-in messages. Finally, its size (PKTBUF_CNT) is 512.
@Majid, just set max-lenght (different than 0xFFFF) and then drop the packet-in messages in the controller and then you'll see the whole packets after 512th packet-in.
- Volkan
________________________________________
From: discuss [discuss-bounces at openvswitch.org] on behalf of Ben Pfaff [blp at ovn.org]
Sent: Thursday, April 14, 2016 6:56 PM
To: Majid Taleqani
Cc: discuss at openvswitch.org
Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity
On Thu, Apr 14, 2016 at 01:52:31PM +0000, Majid Taleqani wrote:
> i am writing a DDOS mitigation for openflow networks using pox
> controller and open vSwitch version 1.9. as DDOS attacks aim at
> Flooding flow tables and input buffers, i wonder what is the maximum
> capacity of each switch port input buffer.
OVS ports themselves don't have buffers, so this is a question of your
NIC driver's buffering strategy.
> i know after the switch input buffer overflows then the switch sends
> the whole packet to the controller
No, that's wrong. Buffer overflow has nothing to do with sending
packets to the controller.
> and then the controller responses by sending packet out message which
> contains the whole packet and also the action. i want to know how
> much data and at what rate should a host send data to overflow a
> switch port input buffer and if is it possible to change the switch
> port input buffers? is it possible to change the amount of time that a
> packet stays in buffer before timeouts? thanks
_______________________________________________
discuss mailing list
discuss at openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
More information about the discuss
mailing list