Hi
I would like to take this opportunity to ask a question about buffering. I've
been trying to figure the buffering issue out for a couple of days. I tested it
using ryu-controller and OvS produced ~1700 packet-in messages (and also ~1700
packet-out and ~1700 flow-mod) for one udp-flow on 1G (packet size is 1024). I
think I should change pktbuf_save functions with a hash (like microflow but not
in cache) for 5-tuple key (src_ip, dst_ip, src_port, dst_port and protocol) and
also add a linked-list for each flow. It will be suitable for your proposal
below which discussed before in a different thread. Also I should add a
parameter into vswitch.xml to enable/disable buffering. Does my pre-design make
sense?
******STARTS *****
Here's a new copy of the change that I proposed to Open vSwitch:
- When a packet misses in the flow table, check for a buffered packet whose
flow is identical.
* If there is one, just append the new packet to a linked list attached to that
buffered packet. Don't send a packet-in.
* If there is none, make a new packet buffer and send a packet-in to the
controller.
- If the controller sends a flow-add for a buffered packet, apply it to the
buffered packet itself and to every packet on the linked list.
- If the controller sends a packet-out for a buffered packet, send it. Then if
there's a list attached to the buffered packet, send the first packet in the
list to the controller as a packet-in.
- If a buffered packet times out, send the first packet in the list to the
controller as a packet-in.
- Volkan
________________________________________
From: Ben Pfaff [b...@ovn.org]
Sent: Friday, April 15, 2016 8:47 AM
To: Ali Volkan Atli
Cc: Majid Taleqani ; discuss@openvswitch.org
Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity
OK, so you're asking how many packets does OVS buffer on an OpenFlow
connection? That was not clear from the question. It is documented in
ovs-vswitchd(8):
Packet buffering.
The OpenFlow specification, version 1.2, says:
Switches that implement buffering are expected to expose,
through documentation, both the amount of available buffering,
and the length of time before buffers may be reused.
Open vSwitch maintains a separate set of 256 packet buffers for each
OpenFlow connection. Any given packet buffer is preserved until it is
referenced by an OFPT_FLOW_MOD or OFPT_PACKET_OUT request or for 5 sec‐
onds, whichever comes first.
Also, PKTBUF_CNT isn't 512, it's 256.
On Fri, Apr 15, 2016 at 05:42:02AM +0000, Ali Volkan Atli wrote:
> Hi Ben
>
> No doubt you are a legend but you are wrong in this question or I'm
> totally screwed :)
>
> I think you did not understand the question correctly. OvS has a
> buffer mechanism for each controller. While trying to add a flow_mod
> with max_length is not OFPCML_NO_BUFFER, the packets are stored in the
> buffer. If the maximum capacity is exceeded, OvS start sending the
> whole packets instead of related parts in the packet-in
> messages. Finally, its size (PKTBUF_CNT) is 512.
>
> @Majid, just set max-lenght (different than 0xFFFF) and then drop the
> packet-in messages in the controller and then you'll see the whole packets
> after 512th packet-in.
>
> - Volkan
>
> ________________________________________
> From: discuss [discuss-boun...@openvswitch.org] on behalf of Ben Pfaff
> [b...@ovn.org]
> Sent: Thursday, April 14, 2016 6:56 PM
> To: Majid Taleqani
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity
>
> On Thu, Apr 14, 2016 at 01:52:31PM +0000, Majid Taleqani wrote:
> > i am writing a DDOS mitigation for openflow networks using pox
> > controller and open vSwitch version 1.9. as DDOS attacks aim at
> > Flooding flow tables and input buffers, i wonder what is the maximum
> > capacity of each switch port input buffer.
>
> OVS ports themselves don't have buffers, so this is a question of your
> NIC driver's buffering strategy.
>
> > i know after the switch input buffer overflows then the switch sends
> > the whole packet to the controller
>
> No, that's wrong. Buffer overflow has nothing to do with sending
> packets to the controller.
>
> > and then the controller responses by sending packet out message which
> > contains the whole packet and also the action. i want to know how
> > much data and at what rate should a host send data to overflow a
> > switch port input buffer and if is it possible to change the switch
> > port input buffers? is it possible to change the amount of time that a
> > packet stays in buffer before timeouts? thanks
> _______________________________________________
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
