Hi All,
I have two set of Environment (including vlan tag & ingress policing).
For One Case ingress policing works & for other its not work.
1. *Case Vlan tag & ingress policing not Works:*
A. One HOST
B. Two VM in Single Host
Both VMs has vlan tag at Ethernet interface, like:
eth0 , eth0.2 ( have IP)
C. On openvswitch Bridge (Host Side), vnet0 & vnet1 don't have vlan
tag.
D. Ingress Policing is applied on vnet0:
ovs-vsctl set Interface vnet0 ingress_policing_rate=1000
ovs-vsctl set Interface vnet0 ingress_policing_burst=100
E. Traffic send from VM0 to VM1 (using netperf -4 -H eth0.2 IP of
VM1).
F. ingress policing not work.
2.
*Case Vlan tag & ingress policing Works:*
Set up is same as above with only two difference:
A. NO Vlan tag at VMs, ie only eth0 presents at VMs.
B. Vlan tag present at vnet0 & vnet1, ie:
ovs-vsctl set port vnet0 tag=2
ovs-vsctl set port vnet1 tag=2
C. Ingress Policing is applied on vnet0:
ovs-vsctl set Interface vnet0 ingress_policing_rate=1000
ovs-vsctl set Interface vnet0 ingress_policing_burst=100
D. Traffic send from VM0 to VM1 (using netperf -4 -H eth0 IP of VM1).
E. ingress policing work.
So why with changing Vlan tag position, Ingress policing works ?
Thanks
On Wed, Dec 11, 2013 at 9:56 AM, Linux user <linuxuser...@gmail.com> wrote:
> Hi Ashish,
>
> That a strange ....trunk port not support ingress policing for Vlan ....
>
> Any one also experience this issue & how got it resolved .?
> Please let me know if you need more info from my side.
>
>
> Thanks
>
>
> On Tue, Dec 10, 2013 at 4:37 PM, ashish yadav <ashishyada...@gmail.com>wrote:
>
>> Hi,
>>
>> I also face same problem few months back but not found any resolution.
>>
>> I think, tagged packets are received by trunk port (vnet0 in this case)
>> and at the trunk port ingress policing may not applicable for these vlan
>> tag packets(802.1q).
>>
>>
>> Thanks & Regards
>> Ashish
>>
>>
>>
>>
>> On Tue, Dec 10, 2013 at 2:34 PM, Linux user <linuxuser...@gmail.com>wrote:
>>
>>> Hi,
>>>
>>> One more information that Host1 & Host2 are connected directly with
>>> Ethernet Cable (eth1 <--->eth1, no switch in between).
>>> But I don't think, its make any difference as far as Vlan & Ingress
>>> Policing Concern.
>>>
>>>
>>> Thanks
>>>
>>>
>>> On Tue, Dec 10, 2013 at 2:09 PM, Linux user <linuxuser...@gmail.com>wrote:
>>>
>>>> Hi,
>>>>
>>>> Could any one from openvswitch community help in understanding Vlan &
>>>> Ingress Policing Issue.
>>>>
>>>> Thanks
>>>>
>>>>
>>>>
>>>>
>>>> On Tue, Dec 10, 2013 at 11:28 AM, Linux user <linuxuser...@gmail.com>wrote:
>>>>
>>>>> Hi ,
>>>>>
>>>>> I was to trying to control traffic from VM in our environment.
>>>>> Ingress rate limiting Policing work well (ingress applied at tun
>>>>> device vnet0).
>>>>>
>>>>> But as soon as Vlan tag used at VM (like eth0.2), Ingress rate
>>>>> limiting Policing not works ? Its allow more packets than desire (default
>>>>> packet rate depending on host interface speed).
>>>>>
>>>>> I am using following commands:
>>>>> ovs-vsctl set Interface vnet0 ingress_policing_rate=1000
>>>>> ovs-vsctl set Interface vnet0 ingress_policing_burst=100
>>>>>
>>>>> Also confirm that Ingress Policing is configure at vnet0:
>>>>> tc filter show dev vnet0 parent ffff:fff1
>>>>> filter parent ffff: protocol ip pref 50 u32
>>>>> filter parent ffff: protocol ip pref 50 u32 fh 800: ht divisor 1
>>>>> filter parent ffff: protocol ip pref 50 u32 fh 800::800 order 2048 key
>>>>> ht 800 bkt 0 flowid :1
>>>>> match 00000000/00000000 at 12
>>>>> police 0x7 rate 1000Kbit burst 100Kb mtu 64Kb action drop overhead 0b
>>>>> ref 1 bind 1
>>>>>
>>>>> At Host1 (with VM):
>>>>> [root@localhost etc]# ovs-vsctl show
>>>>> 86494214-302a-4889-bba0-ee7bd66c8b0b
>>>>> Bridge "ovsbr0"
>>>>> Port "eth1"
>>>>> Interface "eth1"
>>>>> Port "ovsbr0"
>>>>> Interface "ovsbr0"
>>>>> type: internal
>>>>> Port "vnet0"
>>>>> Interface "vnet0"
>>>>> ovs_version: "1.4.6"
>>>>>
>>>>> At VM:
>>>>> [root@CentOS-6 ~]# ifconfig
>>>>> eth0 Link encap:Ethernet HWaddr 52:54:00:DC:87:6E
>>>>> inet6 addr: fe80::5054:ff:fedc:876e/64 Scope:Link
>>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>>>>> RX packets:1216572 errors:0 dropped:0 overruns:0 frame:0
>>>>> TX packets:2437042 errors:0 dropped:0 overruns:0 carrier:0
>>>>> collisions:0 txqueuelen:1000
>>>>> RX bytes:83603230 (79.7 MiB) TX bytes:3682548484 (3.4 GiB)
>>>>>
>>>>> eth0.4093 Link encap:Ethernet HWaddr 52:54:00:DC:87:6E
>>>>> inet addr:192.168.200.11 Bcast:192.168.200.255
>>>>> Mask:255.255.255.0
>>>>> inet6 addr: fe80::5054:ff:fedc:876e/64 Scope:Link
>>>>> UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
>>>>> RX packets:808841 errors:0 dropped:0 overruns:0 frame:0
>>>>> TX packets:1622423 errors:0 dropped:0 overruns:0 carrier:0
>>>>> collisions:0 txqueuelen:0
>>>>> RX bytes:45360666 (43.2 MiB) TX bytes:2449279050 (2.2 GiB)
>>>>>
>>>>> lo Link encap:Local Loopback
>>>>> inet addr:127.0.0.1 Mask:255.0.0.0
>>>>> inet6 addr: ::1/128 Scope:Host
>>>>> UP LOOPBACK RUNNING MTU:16436 Metric:1
>>>>> RX packets:0 errors:0 dropped:0 overruns:0 frame:0
>>>>> TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
>>>>> collisions:0 txqueuelen:0
>>>>> RX bytes:0 (0.0 b) TX bytes:0 (0.0 b)
>>>>>
>>>>> [root@CentOS-6 ~]#
>>>>>
>>>>> At Host2 (another host):
>>>>> [root@localhost ~]# ovs-vsctl show
>>>>> d5c321fc-30ce-4278-a947-ec37d76a8f23
>>>>> Bridge "ovsbr0"
>>>>> Port "ovsbr0.4093"
>>>>> tag: 4093
>>>>> Interface "ovsbr0.4093"
>>>>> type: internal
>>>>> Port "eth1"
>>>>> Interface "eth1"
>>>>> Port "ovsbr0"
>>>>> Interface "ovsbr0"
>>>>> type: internal
>>>>> ovs_version: "1.4.6"
>>>>>
>>>>>
>>>>>
>>>>> Could any one please help me to understand what went wrong with
>>>>> Ingress rate limiting Policing when using VLAN ?
>>>>>
>>>>> Please let me know if any logs from system is needed.
>>>>>
>>>>>
>>>>> Thanks
>>>>>
>>>>>
>>>>>
>>>>
>>>
>>> _______________________________________________
>>> discuss mailing list
>>> discuss@openvswitch.org
>>> http://openvswitch.org/mailman/listinfo/discuss
>>>
>>>
>>
>
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
