Murali, So yes this can be implemented in OVN fairly simply.
However I must be missing something fundamental as this looks almost exactly like the current ACL schema with the addition of a label, useful for deleting flows. Are you thinking about adding custom match/action fields. If so then problem becomes hard as (I think ) they need to exist in OVS. For example in mobile using GTP, OVS would have to understand the GTP protocol, for custom actions not quite sure what needs to be done. So if the real issue is adding custom match/actions I need to defer to the core OVS team. Am I understanding this correctly? Regards John From: Murali R <muralir...@gmail.com<mailto:muralir...@gmail.com>> Date: Tuesday, May 17, 2016 at 12:02 PM To: John McDowall <jmcdow...@paloaltonetworks.com<mailto:jmcdow...@paloaltonetworks.com>> Cc: Muralidharan Rangachari <muralidharan.rangach...@huawei.com<mailto:muralidharan.rangach...@huawei.com>>, Russell Bryant <russ...@ovn.org<mailto:russ...@ovn.org>>, "discuss@openvswitch.org<mailto:discuss@openvswitch.org>" <discuss@openvswitch.org<mailto:discuss@openvswitch.org>> Subject: Re: [ovs-discuss] [ovn4nfv] John/Russell Please provide feedback on the schema as well as few questions listed below. You guys are aware of current code base and want to know if something like this can be implemented or if there is any design constraint/contradictions. "Custom_Lflows": { "columns": { "flow_id": {"type": "string"}, "priority": {"type": {"key": {"type": "integer", "minInteger": 0, "maxInteger": 32767}}}, "direction": {"type": {"key": {"type": "string", "enum": ["set", ["from-lport", "to-lport"]]}}}, "match": {"type": "string"}, "action": {"type": "string"}, "log": {"type": "boolean"}, "external_ids": { "type": {"key": "string", "value": "string", "min": 0, "max": "unlimited"}}}, "isRoot": false}, Logical flow commands:\n\ lflow-add LSWITCH DIRECTION PRIORITY MATCH ACTION FLOWID\n\ add a logical flow identified by FLOWID lflow-del LSWITCH FLOWID delete a logical flow identified by FLOWID 1. Do we need to have key-value pairs for better usability for match string & action string? 2. Can we currently get mpls tag compared in logical flow or need additional work? I read in an email Russel had it working in some form so guess would work. 3. Can we use connection tracker in another flow table after acl or are there any restrictions? The idea is to re-attach a geneve header to an egress flow within a switch.
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
