[ovs-git] [openvswitch/ovs] 689829: ovn: Support address sets generated from port grou...

GitHub noreply at github.com
Mon Apr 16 20:58:17 UTC 2018

  Branch: refs/heads/master
  Home:   https://github.com/openvswitch/ovs
  Commit: 689829d53612a573f810271a01561f7b0948c8c8
  Author: Han Zhou <zhouhan at gmail.com>
  Date:   2018-04-16 (Mon, 16 Apr 2018)

  Changed paths:
    M NEWS
    M ovn/northd/ovn-northd.c
    M ovn/ovn-nb.xml
    M ovn/ovn-sb.xml
    M tests/ovn.at

  Log Message:
  ovn: Support address sets generated from port groups

Address sets are automatically generated from corresponding port
groups, and can be used directly in ACL match conditions.

There are two address sets generated for each port group:

<port group name>_ip4
<port group name>_ip6

For example, if port_group1 is created, we can directly use below
match condition in ACL:
    "outport == @port_group1 && ip4.src == $port_group1_ip4"

This will simplify OVN client implementation, and avoid some tricky
problems such as race conditions when maintaining address set
memberships as discussed in the link below.

Reported-by: Lucas Alvares Gomes <lucasagomes at gmail.com>
Reported-at: https://mail.openvswitch.org/pipermail/ovs-discuss/2018-February/046174.html
Reviewed-by: Mark Michelson <mmichels at redhat.com>
Reviewed-by: Daniel Alvarez <dalvarez at redhat.com>
Signed-off-by: Han Zhou <hzhou8 at ebay.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>

More information about the git mailing list