[ovs-git] [openvswitch/ovs] 8697d4: ovn: move load balancing flows after NAT flows
GitHub
noreply at github.com
Fri Jan 27 19:11:48 UTC 2017
Branch: refs/heads/master
Home: https://github.com/openvswitch/ovs
Commit: 8697d4268b9a4578cfe0b783bc83b91b6a0c9e11
https://github.com/openvswitch/ovs/commit/8697d4268b9a4578cfe0b783bc83b91b6a0c9e11
Author: Mickey Spiegel <mickeys.dev at gmail.com>
Date: 2017-01-27 (Fri, 27 Jan 2017)
Changed paths:
M ovn/northd/ovn-northd.c
Log Message:
-----------
ovn: move load balancing flows after NAT flows
This will make it easy for distributed NAT to reuse some of the
existing code for NAT flows, while leaving load balancing and defrag
as functionality specific to gateway routers. There is no intent to
change any functionality in this patch.
Signed-off-by: Mickey Spiegel <mickeys.dev at gmail.com>
Signed-off-by: Gurucharan Shetty <guru at ovn.org>
Commit: 1b4413004f48ce1ddb1a6de9f4ed5824ccd35a7d
https://github.com/openvswitch/ovs/commit/1b4413004f48ce1ddb1a6de9f4ed5824ccd35a7d
Author: Mickey Spiegel <mickeys.dev at gmail.com>
Date: 2017-01-27 (Fri, 27 Jan 2017)
Changed paths:
M include/ovn/actions.h
M ovn/controller/lflow.c
M ovn/lib/actions.c
M ovn/ovn-sb.xml
M tests/ovn.at
Log Message:
-----------
ovn: avoid snat recirc only on gateway routers
Currently, for performance reasons on gateway routers, ct_snat
that does not specify an IP address does not immediately trigger
recirculation. On gateway routers, ct_snat that does not specify
an IP address happens in the UNSNAT pipeline stage, which is
followed by the DNAT pipeline stage that triggers recirculation
for all packets. This DNAT pipeline stage recirculation takes
care of the recirculation needs of UNSNAT as well as other cases
such as UNDNAT.
On distributed routers, UNDNAT is handled in the egress pipeline
stage, separately from DNAT in the ingress pipeline stages. The
DNAT pipeline stage only triggers recirculation for some packets.
Due to this difference in design, UNSNAT needs to trigger its own
recirculation.
This patch restricts the logic that avoids recirculation for
ct_snat, so that it only applies to datapaths representing
gateway routers.
Signed-off-by: Mickey Spiegel <mickeys.dev at gmail.com>
Signed-off-by: Gurucharan Shetty <guru at ovn.org>
Commit: 06a26dd2b4b80c2c4159eac245c9cc8e5ccb93e6
https://github.com/openvswitch/ovs/commit/06a26dd2b4b80c2c4159eac245c9cc8e5ccb93e6
Author: Mickey Spiegel <mickeys.dev at gmail.com>
Date: 2017-01-27 (Fri, 27 Jan 2017)
Changed paths:
M ovn/controller/ovn-controller.c
M ovn/northd/ovn-northd.8.xml
M ovn/northd/ovn-northd.c
M ovn/ovn-architecture.7.xml
M ovn/ovn-nb.ovsschema
M ovn/ovn-nb.xml
M tests/system-ovn.at
Log Message:
-----------
ovn: distributed NAT flows
This patch implements the flows required in the ingress and egress
pipeline stages in order to support NAT on a distributed logical router.
NAT functionality is associated with the logical router gateway port.
The flows that carry out NAT functionality all have match conditions on
inport or outport equal to the logical router gateway port. There are
additional flows that are used to redirect traffic when necessary,
using the tunnel key of a "chassisredirect" SB port binding in order to
redirect traffic to the instance of the logical router gateway port on
the centralized "redirect-chassis".
North/south traffic subject to one-to-one "dnat_and_snat" is handled
in a distributed manner, with south-to-north traffic going to the
local instance of the logical router gateway port. North/south
traffic subject to (possibly one-to-many) "snat" is handled in a
centralized manner, with south-to-north traffic going to the instance
of the logical router gateway port on the "redirect-chassis".
North-to-south traffic is directed to the corresponding chassis by
limiting ARP responses to the appropriate instance of the logical
router gateway port on one chassis. For centralized NAT rules, this
is the instance on the "redirect-chassis". For distributed NAT rules,
this is the chassis where the corresponding logical port resides, using
an ethernet address specified in the NB NAT rule to trigger upstream
MAC learning.
East/west NAT traffic is all handled in a centralized manner. While it
is certainly possible to handle some of this traffic in a distributed
manner, the centralized approach keeps the NAT flows simpler and
cleaner. The expectation is that east/west NAT traffic is not as
important to optimize as north/south NAT traffic, with most east/west
traffic not requiring NAT.
Automated tests are currently limited to only a single node. The
single node automated tests cover both north/south and east/west
traffic flows.
Signed-off-by: Mickey Spiegel <mickeys.dev at gmail.com>
Signed-off-by: Gurucharan Shetty <guru at ovn.org>
Commit: 6a725785aef83909c8100a60694c916f3a94cfcf
https://github.com/openvswitch/ovs/commit/6a725785aef83909c8100a60694c916f3a94cfcf
Author: Mickey Spiegel <mickeys.dev at gmail.com>
Date: 2017-01-27 (Fri, 27 Jan 2017)
Changed paths:
M ovn/utilities/ovn-nbctl.8.xml
M ovn/utilities/ovn-nbctl.c
M tests/ovn-nbctl.at
M tests/system-ovn.at
Log Message:
-----------
ovn: ovn-nbctl commands for distributed NAT
This patch adds the new optional arguments "logical_port" and
"external_mac" to lr-nat-add, and displays that information in
lr-nat-list.
Signed-off-by: Mickey Spiegel <mickeys.dev at gmail.com>
Signed-off-by: Gurucharan Shetty <guru at ovn.org>
Commit: 0bc60d7ae5a58ae607b0d2f0d34d57f4e48df18c
https://github.com/openvswitch/ovs/commit/0bc60d7ae5a58ae607b0d2f0d34d57f4e48df18c
Author: Mickey Spiegel <mickeys.dev at gmail.com>
Date: 2017-01-27 (Fri, 27 Jan 2017)
Changed paths:
M ovn/ovn-nb.xml
Log Message:
-----------
ovn: rewrite redirect-chassis description in ovn-nb.xml
This optional patch addresses offline comments that the documentation
in ovn-nb.xml should not describe southbound constructs or flow
details, since it is user facing documentation.
Signed-off-by: Mickey Spiegel <mickeys.dev at gmail.com>
Signed-off-by: Gurucharan Shetty <guru at ovn.org>
Compare: https://github.com/openvswitch/ovs/compare/72c84bc2db23...0bc60d7ae5a5
More information about the git
mailing list