So we would have something like: $ ovn-nbctl acl-add sw0 to-lport 1003 'outport == "sw0-port1" && ip' sfc-action sfc-stage external_ids:lsp_chain_id=”chain-id”
The chain-id would be passed as metadata with the packet to the ls_in_chain stage where it would be processed according to the current state of its in/out ports in the chain. Where sfc is the stage and the action – would the SFC ACL Table have any other action other than SFC? It seems a little redundant – not sure if there is a better way though. Regards John From: Flaviof <fla...@flaviof.com> Date: Tuesday, November 1, 2016 at 6:53 AM To: Russell Bryant <russ...@ovn.org> Cc: discuss <discuss@openvswitch.org>, John McDowall <jmcdow...@paloaltonetworks.com>, Russell Bryant <russ...@russellbryant.net>, Farhad Sunavala <farhad.sunav...@huawei.com> Subject: Re: [ovs-discuss] OVN SFC: Changes to include ACL based classifiers On Tue, Nov 1, 2016 at 8:55 AM, Russell Bryant <russ...@ovn.org<mailto:russ...@ovn.org>> wrote: On Tue, Nov 1, 2016 at 11:09 AM, Flaviof <fla...@flaviof.com<mailto:fla...@flaviof.com>> wrote: [cc: John, Louis, Farhad, Russell] Hi folks, Picking up from where we left off at the summit [1], I took a stab at the nb schema changes to represent what I understood Russell and others saying on how we could use a secondary table of ACLs to serve as the SFC classifiers: [2]. What I had in mind was proceeding with a proposal like this one where we change ACLs to have multiple stages. This patch proposed two, but I think we later talked about extending it to have more (8 perhaps?). http://openvswitch.org/pipermail/dev/2016-July/076674.html<https://urldefense.proofpoint.com/v2/url?u=http-3A__openvswitch.org_pipermail_dev_2016-2DJuly_076674.html&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=wvhP2oSBZFyV_nQ-c2XcdksW3_eCKb3VJmtXZ9WEhrk&e=> Then if SFC was an ACL action, you could put it in any stage of ACLs you want, with other things before or after as desired. I see. I like that! Let me better understand the code changes from that email. Thanks, -- flaviof Does it look right to you? If so, I will start making the changes to incorporate that and obsolete the classifier based code [3]. I'm not sure if I will be able to migrate to this new table in time for the talk at OVSCon [4], but I will try. Thanks, -- flaviof [1]: https://etherpad.openstack.org/p/r.f7cebb215b63ae657d91a28ab0da42bf<https://urldefense.proofpoint.com/v2/url?u=https-3A__etherpad.openstack.org_p_networking-2Dovn-2Docata-2Dsummit&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=L2np7u37seRJXk1u6IKRGCbc9_CyxRnM_jRs5I3I6tM&e=> [2]: https://github.com/doonhammer/ovs/pull/3/commits/b10224a07de2970358eb5e105146ef1d5f5eca6d<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_doonhammer_ovs_pull_3_commits_b10224a07de2970358eb5e105146ef1d5f5eca6d&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=RNYzurF4GoXhr8svoqHm31SEhh_vxggb75i7ZWoXx6o&e=> [3]: https://github.com/doonhammer/ovs/pull/3/commits/2ebea7881c523dd356cd043a24531c268bddf6b4#diff-2c35162acf6ad144624954fdc4c3d9f4R2505<https://urldefense.proofpoint.com/v2/url?u=https-3A__github.com_doonhammer_ovs_pull_3_commits_2ebea7881c523dd356cd043a24531c268bddf6b4-23diff-2D2c35162acf6ad144624954fdc4c3d9f4R2505&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=4AhPmbuGG7Pes0gDKq1rmhrtn4MRN21A3XzWc1uDOuI&e=> [4]: http://sched.co/8aZE<https://urldefense.proofpoint.com/v2/url?u=http-3A__sched.co_8aZE&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=wAosiaJVTnwkZz4KZQq00jBKyfdam0y0M6aaP0UXAQU&e=> _______________________________________________ discuss mailing list discuss@openvswitch.org<mailto:discuss@openvswitch.org> http://openvswitch.org/mailman/listinfo/discuss<https://urldefense.proofpoint.com/v2/url?u=http-3A__openvswitch.org_mailman_listinfo_discuss&d=DQMFaQ&c=V9IgWpI5PvzTw83UyHGVSoW3Uc1MFWe5J8PTfkrzVSo&r=vZ6VUDaavDpfOdPQrz1ED54jEjvAE36A8TVJroVlrOQ&m=Qcx3nInKFEOSnlKXJtFFNQKK58goOQs1a4EpsKii8Oo&s=dah33q0ouBl8zSgAGHB8R5dBHqckveNUfwE7X-wR7XQ&e=> -- Russell Bryant
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
