On Wed, Oct 26, 2016 at 12:45:48PM +0300, Ben Kelly wrote: > Hi, > > I've been searching for ways to implement something like "protected > mode" for ovs without much luck so far. Hoping someone on the discuss > mailing list might have some suggestions. > > Protected mode is available on some broadcom switch ASIC, and cisco > switches also have this as a configurable option > (http://www.cisco.com/en/US/docs/switches/lan/catalyst3850/software/release/3.2_0_se/multibook/configuration_guide/b_consolidated_config_guide_3850_chapter_011101.html). > > Basically, I would like to nominate a set of ports in my ovs bridge to > have layer 2 forwarding between them disabled. A "protected" port will > not forward frames to another protected port, however forwarding > occurs as normal between protected <-> non-protected ports and > vice-versa. > > My underlying requirement is that I need to use OpenvSwitch for 802.1q > and associate layer 3 addressing with internal ovs ports, however I'd > like to disable layer 2 forwarding between physical ports. > > I've looked at things such as "ovs-ofctl mod-port [phys port] noflood" > etc. but this seems to be an all-or-nothing approach with regards to > forwarding between ports. > > I'd appreciate any suggestions!
You could implement this with an OpenFlow controller. You could submit patches to add such a feature to base OVS. _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
