[ovs-discuss] Disable MAC learning on certain ports

Farhad Sunavala fsbiz at yahoo.com
Tue Apr 19 17:30:21 UTC 2016


>"normal" consists of a number of more or less independent steps:
>        * Drop certain malformed or invalid frames.
>        * Check VLAN.
>        * Check for other inadmissible frames.
>        * Learn source MAC.
>       * Decide on output interface(s).
>       * Output to each output interface.
Yes, that sounds good too.Does a flow rule as shown below make sense ?

table=20, actions=normal,no_learn_inport:4,no_learn_inport:5 
(If the packet hits table 20, do normal actions but no SRC MAC learning on OF ports 4 and 5).


>Can you explain why you'd want this to be apply per interface instead of
>to an entire bond?
My focus was on service chaining virtual appliances.Since bonding really applies to physical links,  I really was'ntgiving it much thought.  And you are right, no reason we can't apply this to an entire bond.
Thanks,Farhad.


    On Tuesday, April 19, 2016 9:57 AM, Ben Pfaff <blp at ovn.org> wrote:
 

 On Tue, Apr 19, 2016 at 04:27:19PM +0000, Farhad Sunavala wrote:
> >>  Proposal:
> >> We introduce the interface keyword "learn= no".
> >> E.g. ovs-vsctl set interface foo learn=no
> >> 
> >> This will instruct br-int NOT to do MAC learning on packets received on
> >> interface foo.
> 
> >This seems less flexible than adding some kind of option to "normal", or
> >breaking "normal" into sub-actions.  Why do it this way?
>
> Can you elaborate more on your thoughts about breaking "normal" into
> sub-actions ?

"normal" consists of a number of more or less independent steps:

        * Drop certain malformed or invalid frames.
        * Check VLAN.
        * Check for other inadmissible frames.
        * Learn source MAC.
        * Decide on output interface(s).
        * Output to each output interface.

These, or some of these, could be made into separate actions that could
be applied independently.

> >> This cannot be applied to a bonded port with 2 or more interfaces. 
> >Why?
> 
> Just to make it simple for now.  These are virtual appliances and
> unlikely tosupport bonding anyway.  Issues such as what happens if the
> bonded port has 3 interfaces and only oneof the interfaces has
> learning disabled.  Do we disable learning for the entire port?

Can you explain why you'd want this to be apply per interface instead of
to an entire bond?


  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20160419/b47d146d/attachment-0002.html>


More information about the discuss mailing list