In virtual evironment, IPFIX is unable to differentiate flows
between pair of VMs on different virtual network if their IP/mac
are same.
Network:
VM1 <---- VNI1 ----> VM3
VM2 <---- VNI2 ----> VM4
In terms of IP/mac:
VM1 == VM2
VM3 == VM4
Send 10 packets each from VM1 - VM3 and VM2 - VM4
Expectation:
- Normal IPFIX record for 10 packets from VM1-VM3
- Tunnel IPFIX record for 10 packets from VM1-VM3
- Normal IPFIX record for 10 packets from VM2-VM4
- Tunnel IPFIX record for 10 packets from VM2-VM4
What really is:
- Normal IPFIX record for 20 packets from VM1-VM3 (or VM2-VM4)
- Tunnel IPFIX record for 10 packets from VM1-VM3
- Tunnel IPFIX record for 10 packets from VM2-VM4
IPFIX is unable to differentiate that VM1-VM3 and VM2-VM4 are actually
2 different flows for normal record.
Add ingress and egress interface which are the ofp_port in the OVS
bridge to differentiate the flows above.
Signed-off-by: Daniel Benli Ye <[email protected]>
---
ofproto/ofproto-dpif-ipfix.c | 8 +++++++-
1 file changed, 7 insertions(+), 1 deletion(-)
diff --git a/ofproto/ofproto-dpif-ipfix.c b/ofproto/ofproto-dpif-ipfix.c
index 59cd884..2d1f7a8 100644
--- a/ofproto/ofproto-dpif-ipfix.c
+++ b/ofproto/ofproto-dpif-ipfix.c
@@ -239,8 +239,10 @@ struct ipfix_data_record_flow_key_common {
struct eth_addr destination_mac_address; /* DESTINATION_MAC_ADDRESS */
ovs_be16 ethernet_type; /* ETHERNET_TYPE */
uint8_t ethernet_header_length; /* ETHERNET_HEADER_LENGTH */
+ ovs_be32 ingress_interface; /* INGRESS_INTERFACE */
+ ovs_be32 egress_interface; /* EGRESS_INTERFACE */
});
-BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common) == 20);
+BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_common) == 28);
/* Part of data record flow key for VLAN entities. */
OVS_PACKED(
@@ -1063,6 +1065,8 @@ ipfix_define_template_fields(enum ipfix_proto_l2 l2, enum
ipfix_proto_l3 l3,
DEF(DESTINATION_MAC_ADDRESS);
DEF(ETHERNET_TYPE);
DEF(ETHERNET_HEADER_LENGTH);
+ DEF(INGRESS_INTERFACE);
+ DEF(EGRESS_INTERFACE);
if (l2 == IPFIX_PROTO_L2_VLAN) {
DEF(VLAN_ID);
@@ -1446,6 +1450,8 @@ ipfix_cache_entry_init(struct ipfix_flow_cache_entry
*entry,
data_common->destination_mac_address = flow->dl_dst;
data_common->ethernet_type = flow->dl_type;
data_common->ethernet_header_length = ethernet_header_length;
+ data_common->ingress_interface =
htonl((ovs_be32)flow->in_port.ofp_port);
+ data_common->egress_interface = htonl((ovs_be32)flow->actset_output);
}
if (l2 == IPFIX_PROTO_L2_VLAN) {
--
1.9.1
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
