OK, so you're asking how many packets does OVS buffer on an OpenFlow connection? That was not clear from the question. It is documented in ovs-vswitchd(8):
Packet buffering. The OpenFlow specification, version 1.2, says: Switches that implement buffering are expected to expose, through documentation, both the amount of available buffering, and the length of time before buffers may be reused. Open vSwitch maintains a separate set of 256 packet buffers for each OpenFlow connection. Any given packet buffer is preserved until it is referenced by an OFPT_FLOW_MOD or OFPT_PACKET_OUT request or for 5 sec‐ onds, whichever comes first. Also, PKTBUF_CNT isn't 512, it's 256. On Fri, Apr 15, 2016 at 05:42:02AM +0000, Ali Volkan Atli wrote: > Hi Ben > > No doubt you are a legend but you are wrong in this question or I'm > totally screwed :) > > I think you did not understand the question correctly. OvS has a > buffer mechanism for each controller. While trying to add a flow_mod > with max_length is not OFPCML_NO_BUFFER, the packets are stored in the > buffer. If the maximum capacity is exceeded, OvS start sending the > whole packets instead of related parts in the packet-in > messages. Finally, its size (PKTBUF_CNT) is 512. > > @Majid, just set max-lenght (different than 0xFFFF) and then drop the > packet-in messages in the controller and then you'll see the whole packets > after 512th packet-in. > > - Volkan > > ________________________________________ > From: discuss [discuss-boun...@openvswitch.org] on behalf of Ben Pfaff > [b...@ovn.org] > Sent: Thursday, April 14, 2016 6:56 PM > To: Majid Taleqani > Cc: discuss@openvswitch.org > Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity > > On Thu, Apr 14, 2016 at 01:52:31PM +0000, Majid Taleqani wrote: > > i am writing a DDOS mitigation for openflow networks using pox > > controller and open vSwitch version 1.9. as DDOS attacks aim at > > Flooding flow tables and input buffers, i wonder what is the maximum > > capacity of each switch port input buffer. > > OVS ports themselves don't have buffers, so this is a question of your > NIC driver's buffering strategy. > > > i know after the switch input buffer overflows then the switch sends > > the whole packet to the controller > > No, that's wrong. Buffer overflow has nothing to do with sending > packets to the controller. > > > and then the controller responses by sending packet out message which > > contains the whole packet and also the action. i want to know how > > much data and at what rate should a host send data to overflow a > > switch port input buffer and if is it possible to change the switch > > port input buffers? is it possible to change the amount of time that a > > packet stays in buffer before timeouts? thanks > _______________________________________________ > discuss mailing list > discuss@openvswitch.org > http://openvswitch.org/mailman/listinfo/discuss _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss