ovn: Add 'na' action and lflow for ND

This patch tries to support ND versus ARP for OVN. It adds a new OVN action 'na' in ovn-controller side, and modify lflows for 'na' action and relevant packets in ovn-northd. First, for ovn-northd, it will generate lflows per each lport with its IPv6 addresses and mac addresss, with 'na' action, such as: match=(icmp6 && icmp6.type == 135 && (nd.target == fd81:ce49:a948:0:f816:3eff:fe46:8a42 || nd.target == fd81:ce49:b123:0:f816:3eff:fe46:8a42)), action=(na { eth.src = fa:16:3e:46:8a:42; nd.tll = fa:16:3e:46:8a:42; outport = inport; inport = ""; /* Allow sending out inport. */ output; };) and new lflows will be set in tabel ls_in_arp_nd_rsp, which is renamed from previous ls_in_arp_rsp. Later, for ovn-controller, when it received a ND packet, it frames a template NA packet for reply. The NA packet will be initialized based on ND packet, such as NA packet will use: - ND packet eth.src as eth.dst, - ND packet eth.dst as eth.src, - ND packet ip6.src as ip6.dst, - ND packet nd.target as ip6.src, - ND packet eth.dst as nd.tll. Finally, nested actions in 'na' action will update necessary fileds for NA packet, such as: - eth.src, nd.tll - inport, outport Since patch port for IPv6 router interface is not ready yet, this patch will only try to deal with ND from VM. This patch will set RSO flags to 011 for NA packets. This patch also modified current ACL lflows for ND, not to do conntrack on ND and NA packets in following tables: - S_SWITCH_IN_PRE_ACL - S_SWITCH_OUT_PRE_ACL - S_SWITCH_IN_ACL - S_SWITCH_OUT_ACL Signed-off-by: Zong Kai LI <zealokii@gmail.com> [blp@ovn.org made several minor simplifications and improvements] Signed-off-by: Ben Pfaff <blp@ovn.org>
author: Zong Kai LI <zealokii@gmail.com> 2016-06-27 14:54:52 +0800
committer: Ben Pfaff <blp@ovn.org> 2016-07-02 11:40:24 -0700
commit: e75451fef9899e986e33d0591fd925efa4ea4dc4 (patch)
tree: e23f65bec1c4c8c29542fb70c7ec3e5883b0bc10 /tutorial
parent: c17fcc0aed0bfb1651a1343eb0762a428c905ff3 (diff)
download: openvswitch-e75451fef9899e986e33d0591fd925efa4ea4dc4.tar.gz
1 files changed, 3 insertions, 3 deletions
diff --git a/tutorial/OVN-Tutorial.md b/tutorial/OVN-Tutorial.md
index c4bcbae42..811224db3 100644
--- a/tutorial/OVN-Tutorial.md
+++ b/tutorial/OVN-Tutorial.md
@@ -104,7 +104,7 @@ show the logical flows.
       table=2(ls_in_port_sec_nd), priority=    0, match=(1), action=(next;)
       table=3(   ls_in_pre_acl), priority=    0, match=(1), action=(next;)
       table=4(       ls_in_acl), priority=    0, match=(1), action=(next;)
-      table=5(   ls_in_arp_rsp), priority=    0, match=(1), action=(next;)
+      table=5(ls_in_arp_nd_rsp), priority=    0, match=(1), action=(next;)
       table=6(   ls_in_l2_lkup), priority=  100, match=(eth.mcast), action=(outport = "_MC_flood"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:01), action=(outport = "sw0-port1"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:02), action=(outport = "sw0-port2"; output;)
@@ -277,7 +277,7 @@ OVN creates separate logical flows for each logical switch.
       table=2(ls_in_port_sec_nd), priority=    0, match=(1), action=(next;)
       table=3(   ls_in_pre_acl), priority=    0, match=(1), action=(next;)
       table=4(       ls_in_acl), priority=    0, match=(1), action=(next;)
-      table=5(   ls_in_arp_rsp), priority=    0, match=(1), action=(next;)
+      table=5(ls_in_arp_nd_rsp), priority=    0, match=(1), action=(next;)
       table=6(   ls_in_l2_lkup), priority=  100, match=(eth.mcast), action=(outport = "_MC_flood"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:03), action=(outport = "sw1-port1"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:04), action=(outport = "sw1-port2"; output;)
@@ -303,7 +303,7 @@ OVN creates separate logical flows for each logical switch.
       table=2(ls_in_port_sec_nd), priority=    0, match=(1), action=(next;)
       table=3(   ls_in_pre_acl), priority=    0, match=(1), action=(next;)
       table=4(       ls_in_acl), priority=    0, match=(1), action=(next;)
-      table=5(   ls_in_arp_rsp), priority=    0, match=(1), action=(next;)
+      table=5(ls_in_arp_nd_rsp), priority=    0, match=(1), action=(next;)
       table=6(   ls_in_l2_lkup), priority=  100, match=(eth.mcast), action=(outport = "_MC_flood"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:01), action=(outport = "sw0-port1"; output;)
       table=6(   ls_in_l2_lkup), priority=   50, match=(eth.dst == 00:00:00:00:00:02), action=(outport = "sw0-port2"; output;)
author	Zong Kai LI <zealokii@gmail.com>	2016-06-27 14:54:52 +0800
committer	Ben Pfaff <blp@ovn.org>	2016-07-02 11:40:24 -0700
commit	e75451fef9899e986e33d0591fd925efa4ea4dc4 (patch)
tree	e23f65bec1c4c8c29542fb70c7ec3e5883b0bc10 /tutorial
parent	c17fcc0aed0bfb1651a1343eb0762a428c905ff3 (diff)
download	openvswitch-e75451fef9899e986e33d0591fd925efa4ea4dc4.tar.gz