[ovs-git] [openvswitch/ovs] 689829: ovn: Support address sets generated from port grou...
noreply at github.com
Mon Apr 16 20:58:17 UTC 2018
Author: Han Zhou <zhouhan at gmail.com>
Date: 2018-04-16 (Mon, 16 Apr 2018)
ovn: Support address sets generated from port groups
Address sets are automatically generated from corresponding port
groups, and can be used directly in ACL match conditions.
There are two address sets generated for each port group:
<port group name>_ip4
<port group name>_ip6
For example, if port_group1 is created, we can directly use below
match condition in ACL:
"outport == @port_group1 && ip4.src == $port_group1_ip4"
This will simplify OVN client implementation, and avoid some tricky
problems such as race conditions when maintaining address set
memberships as discussed in the link below.
Reported-by: Lucas Alvares Gomes <lucasagomes at gmail.com>
Reviewed-by: Mark Michelson <mmichels at redhat.com>
Reviewed-by: Daniel Alvarez <dalvarez at redhat.com>
Signed-off-by: Han Zhou <hzhou8 at ebay.com>
Signed-off-by: Ben Pfaff <blp at ovn.org>
More information about the git