Thank you Ben for answering my questionBen you mentioned that OVS have the
capacity to buffer 256 packets per connection. i guess OVS buffer size should
be in byte not in packet count. i mean if i send 256 packets that each packet
size is 1024 byte should overflow OVS buffer sooner that sending 256 packets
with the size of 20 byte. also consider that these 256 packets do not match
flow table and therefore will be buffered and sent to controller and also
suppose that controller just drop Packt_IN messages to test overflowing OVS
buffer.am i right or OVS just care about packet count?
thank you
From: Ben Pfaff <b...@ovn.org>
To: Ali Volkan Atli <volkan.a...@argela.com.tr>
Cc: Majid Taleqani <majid.taleq...@yahoo.com>; "discuss@openvswitch.org"
<discuss@openvswitch.org>
Sent: Friday, 15 April 2016, 10:17:22
Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity
OK, so you're asking how many packets does OVS buffer on an OpenFlow
connection? That was not clear from the question. It is documented in
ovs-vswitchd(8):
Packet buffering.
The OpenFlow specification, version 1.2, says:
Switches that implement buffering are expected to expose,
through documentation, both the amount of available buffering,
and the length of time before buffers may be reused.
Open vSwitch maintains a separate set of 256 packet buffers for each
OpenFlow connection. Any given packet buffer is preserved until it is
referenced by an OFPT_FLOW_MOD or OFPT_PACKET_OUT request or for 5 sec‐
onds, whichever comes first.
Also, PKTBUF_CNT isn't 512, it's 256.
On Fri, Apr 15, 2016 at 05:42:02AM +0000, Ali Volkan Atli wrote:
> Hi Ben
>
> No doubt you are a legend but you are wrong in this question or I'm
> totally screwed :)
>
> I think you did not understand the question correctly. OvS has a
> buffer mechanism for each controller. While trying to add a flow_mod
> with max_length is not OFPCML_NO_BUFFER, the packets are stored in the
> buffer. If the maximum capacity is exceeded, OvS start sending the
> whole packets instead of related parts in the packet-in
> messages. Finally, its size (PKTBUF_CNT) is 512.
>
> @Majid, just set max-lenght (different than 0xFFFF) and then drop the
> packet-in messages in the controller and then you'll see the whole packets
> after 512th packet-in.
>
> - Volkan
>
> ________________________________________
> From: discuss [discuss-boun...@openvswitch.org] on behalf of Ben Pfaff
> [b...@ovn.org]
> Sent: Thursday, April 14, 2016 6:56 PM
> To: Majid Taleqani
> Cc: discuss@openvswitch.org
> Subject: Re: [ovs-discuss] open vSwitch port input buffer capacity
>
> On Thu, Apr 14, 2016 at 01:52:31PM +0000, Majid Taleqani wrote:
> > i am writing a DDOS mitigation for openflow networks using pox
> > controller and open vSwitch version 1.9. as DDOS attacks aim at
> > Flooding flow tables and input buffers, i wonder what is the maximum
> > capacity of each switch port input buffer.
>
> OVS ports themselves don't have buffers, so this is a question of your
> NIC driver's buffering strategy.
>
> > i know after the switch input buffer overflows then the switch sends
> > the whole packet to the controller
>
> No, that's wrong. Buffer overflow has nothing to do with sending
> packets to the controller.
>
> > and then the controller responses by sending packet out message which
> > contains the whole packet and also the action. i want to know how
> > much data and at what rate should a host send data to overflow a
> > switch port input buffer and if is it possible to change the switch
> > port input buffers? is it possible to change the amount of time that a
> > packet stays in buffer before timeouts? thanks
> _______________________________________________
> discuss mailing list
> discuss@openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
