On Wed, Jun 08, 2016 at 03:28:58PM +0800, Zong Kai LI wrote:
> This patch adds some lflows for 'na' action to support ND versus ARP.
>
> For ovn-northd, it will generate lflows per each IPv6 address on
> echo lport, with lport mac and IPv6 addresss, with 'na' action.
> e.g. match=(ip6 && nd && icmp6.type == 135 &&
> nd.target == fde3:f657:aac1:0:f816:3eff:fe13:8198),
> action=(na{fa:16:3e:13:81:98; reg0 = 0x1; outport = inport;
> inport = ""; output;};)
> And new lflows will be set in tabel ls_in_arp_nd_rsp, which is renamed
> from previous ls_in_arp_rsp.
>
> Setting reg0 = 0x1 to mention that such kind of NA packets are replied
> by ovn-controller, and for these packets, dont do conntrack on them.
> Also modfiy current table 32 and table 48, to make these packets
> output directly.
>
> Signed-off-by: Zong Kai LI <[email protected]>
I don't understand why it is necessary to have special-case code in
ovn-controller physical_run() for neighbor advertisements. Nothing
similar is needed for ARP. It would be much better to avoid special
cases. Can you explain? At any rate, ovn-controller should definitely
not have any knowledge of what purpose the logical flows use registers
for.
This adds a Linux-specific header file to physical.c, but that should
not be necessary.
None of these casts should be necessary:
> + match_set_nw_proto(&match, (uint8_t)IPPROTO_ICMPV6);
> + match_set_icmp_type(&match, (uint8_t)ND_NEIGHBOR_ADVERT);
> + match_set_reg(&match, 0, (uint32_t)1);
In ovn-northd, it seems like a really bad idea to use substrings
searches on ACLs as a basis for making decisions.
Thanks,
Ben.
_______________________________________________
dev mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/dev
