summaryrefslogtreecommitdiff
path: root/vswitchd
diff options
context:
space:
mode:
authorEric Garver <e@erig.me>2017-03-01 17:48:00 -0500
committerBen Pfaff <blp@ovn.org>2017-03-17 08:35:44 -0700
commitfed8962aff57f552163ef718cc1b0db582f2295e (patch)
treeee588e491e621b5c7a6fb99caab92ae8636c2092 /vswitchd
parentcc3ef008877089e0b93e64437d857ae422313db3 (diff)
downloadopenvswitch-fed8962aff57f552163ef718cc1b0db582f2295e.tar.gz
Add new port VLAN mode "dot1q-tunnel"
- Example: ovs-vsctl set Port p1 vlan_mode=dot1q-tunnel tag=100 Pushes another VLAN 100 header on packets (tagged and untagged) on ingress, and pops it on egress. - Customer VLAN check: ovs-vsctl set Port p1 vlan_mode=dot1q-tunnel tag=100 cvlans=10,20 Only customer VLAN of 10 and 20 are allowed. Co-authored-by: Xiao Liang <shaw.leon@gmail.com> Signed-off-by: Xiao Liang <shaw.leon@gmail.com> Signed-off-by: Eric Garver <e@erig.me> Signed-off-by: Ben Pfaff <blp@ovn.org>
Diffstat (limited to 'vswitchd')
-rw-r--r--vswitchd/bridge.c17
-rw-r--r--vswitchd/vswitch.ovsschema12
-rw-r--r--vswitchd/vswitch.xml88
3 files changed, 111 insertions, 6 deletions
diff --git a/vswitchd/bridge.c b/vswitchd/bridge.c
index f1483112b..b182e0a5a 100644
--- a/vswitchd/bridge.c
+++ b/vswitchd/bridge.c
@@ -1,4 +1,4 @@
-/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016 Nicira, Inc.
+/* Copyright (c) 2008, 2009, 2010, 2011, 2012, 2013, 2014, 2015, 2016, 2017 Nicira, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
@@ -978,6 +978,11 @@ port_configure(struct port *port)
s.trunks = vlan_bitmap_from_array(cfg->trunks, cfg->n_trunks);
}
+ s.cvlans = NULL;
+ if (cfg->n_cvlans) {
+ s.cvlans = vlan_bitmap_from_array(cfg->cvlans, cfg->n_cvlans);
+ }
+
/* Get VLAN mode. */
if (cfg->vlan_mode) {
if (!strcmp(cfg->vlan_mode, "access")) {
@@ -988,6 +993,8 @@ port_configure(struct port *port)
s.vlan_mode = PORT_VLAN_NATIVE_TAGGED;
} else if (!strcmp(cfg->vlan_mode, "native-untagged")) {
s.vlan_mode = PORT_VLAN_NATIVE_UNTAGGED;
+ } else if (!strcmp(cfg->vlan_mode, "dot1q-tunnel")) {
+ s.vlan_mode = PORT_VLAN_DOT1Q_TUNNEL;
} else {
/* This "can't happen" because ovsdb-server should prevent it. */
VLOG_WARN("port %s: unknown VLAN mode %s, falling "
@@ -997,7 +1004,7 @@ port_configure(struct port *port)
} else {
if (s.vlan >= 0) {
s.vlan_mode = PORT_VLAN_ACCESS;
- if (cfg->n_trunks) {
+ if (cfg->n_trunks || cfg->n_cvlans) {
VLOG_WARN("port %s: ignoring trunks in favor of implicit vlan",
port->name);
}
@@ -1005,6 +1012,12 @@ port_configure(struct port *port)
s.vlan_mode = PORT_VLAN_TRUNK;
}
}
+
+ const char *qe = smap_get_def(&cfg->other_config, "qinq-ethtype", "");
+ s.qinq_ethtype = (!strcmp(qe, "802.1q")
+ ? ETH_TYPE_VLAN_8021Q
+ : ETH_TYPE_VLAN_8021AD);
+
s.use_priority_tags = smap_get_bool(&cfg->other_config, "priority-tags",
false);
diff --git a/vswitchd/vswitch.ovsschema b/vswitchd/vswitch.ovsschema
index b04d360d6..19b49daf1 100644
--- a/vswitchd/vswitch.ovsschema
+++ b/vswitchd/vswitch.ovsschema
@@ -1,6 +1,6 @@
{"name": "Open_vSwitch",
- "version": "7.14.0",
- "cksum": "3374030633 22987",
+ "version": "7.15.0",
+ "cksum": "544856471 23228",
"tables": {
"Open_vSwitch": {
"columns": {
@@ -145,6 +145,11 @@
"minInteger": 0,
"maxInteger": 4095},
"min": 0, "max": 4096}},
+ "cvlans": {
+ "type": {"key": {"type": "integer",
+ "minInteger": 0,
+ "maxInteger": 4095},
+ "min": 0, "max": 4096}},
"tag": {
"type": {"key": {"type": "integer",
"minInteger": 0,
@@ -152,7 +157,8 @@
"min": 0, "max": 1}},
"vlan_mode": {
"type": {"key": {"type": "string",
- "enum": ["set", ["trunk", "access", "native-tagged", "native-untagged"]]},
+ "enum": ["set", ["trunk", "access", "native-tagged",
+ "native-untagged", "dot1q-tunnel"]]},
"min": 0, "max": 1}},
"qos": {
"type": {"key": {"type": "uuid",
diff --git a/vswitchd/vswitch.xml b/vswitchd/vswitch.xml
index 464a211ad..14297bf9a 100644
--- a/vswitchd/vswitch.xml
+++ b/vswitchd/vswitch.xml
@@ -1281,7 +1281,39 @@
</column>
<group title="VLAN Configuration">
- <p>Bridge ports support the following types of VLAN configuration:</p>
+ <p>
+ In short, a VLAN (short for ``virtual LAN'') is a way to partition a
+ single switch into multiple switches. VLANs can be confusing, so for
+ an introduction, please refer to the question ``What's a VLAN?'' in the
+ Open vSwitch FAQ.
+ </p>
+
+ <p>
+ A VLAN is sometimes encoded into a packet using a 802.1Q or 802.1ad
+ VLAN header, but every packet is part of some VLAN whether or not it is
+ encoded in the packet. (A packet that appears to have no VLAN is part
+ of VLAN 0, by default.) As a result, it's useful to think of a VLAN as
+ a metadata property of a packet, separate from how the VLAN is encoded.
+ For a given port, this column determines how the encoding of a packet
+ that ingresses or egresses the port maps to the packet's VLAN. When a
+ packet enters the switch, its VLAN is determined based on its setting
+ in this column and its VLAN headers, if any, and then, conceptually,
+ the VLAN headers are then stripped off. Conversely, when a packet
+ exits the switch, its VLAN and the settings in this column determine
+ what VLAN headers, if any, are pushed onto the packet before it
+ egresses the port.
+ </p>
+
+ <p>
+ The VLAN configuration in this column affects Open vSwitch only when it
+ is doing ``normal switching.'' It does not affect flows set up by an
+ OpenFlow controller, outside of the OpenFlow ``normal action.''
+ </p>
+
+ <p>
+ Bridge ports support the following types of VLAN configuration:
+ </p>
+
<dl>
<dt>trunk</dt>
<dd>
@@ -1329,6 +1361,29 @@
exception that a packet that egresses on a native-untagged port in
the native VLAN will not have an 802.1Q header.
</dd>
+
+ <dt>dot1q-tunnel</dt>
+ <dd>
+ <p>
+ A dot1q-tunnel port is somewhat like an access port. Like an
+ access port, it carries packets on the single VLAN specified in the
+ <ref column="tag"/> column and this VLAN, called the service VLAN,
+ does not appear in an 802.1Q header for packets that ingress or
+ egress on the port. The main difference lies in the behavior when
+ packets that include a 802.1Q header ingress on the port. Whereas
+ an access port drops such packets, a dot1q-tunnel port treats these
+ as double-tagged with the outer service VLAN <ref column="tag"/>
+ and the inner customer VLAN taken from the 802.1Q header.
+ Correspondingly, to egress on the port, a packet outer VLAN (or
+ only VLAN) must be <ref column="tag"/>, which is removed before
+ egress, which exposes the inner (customer) VLAN if one is present.
+ </p>
+
+ <p>
+ If <ref column="cvlans"/> is set, only allows packets in the
+ specified customer VLANs.
+ </p>
+ </dd>
</dl>
<p>
A packet will only egress through bridge ports that carry the VLAN of
@@ -1373,6 +1428,37 @@
</p>
</column>
+ <column name="cvlans">
+ <p>
+ For a dot1q-tunnel port, the customer VLANs that this port includes.
+ If this is empty, the port includes all customer VLANs.
+ </p>
+ <p>
+ For other kinds of ports, this setting is ignored.
+ </p>
+ </column>
+
+ <column name="other_config" key="qinq-ethtype"
+ type='{"type": "string", "enum": ["set", ["802.1ad", "802.1q"]]}'>
+ <p>
+ For a dot1q-tunnel port, this is the TPID for the service tag, that
+ is, for the 802.1Q header that contains the service VLAN ID. Because
+ packets that actually ingress and egress a dot1q-tunnel port do not
+ include an 802.1Q header for the service VLAN, this does not affect
+ packets on the dot1q-tunnel port itself. Rather, it determines the
+ service VLAN for a packet that ingresses on a dot1q-tunnel port and
+ egresses on a trunk port.
+ </p>
+ <p>
+ The value <code>802.1ad</code> specifies TPID 0x88a8, which is also
+ the default if the setting is omitted. The value <code>802.1q</code>
+ specifies TPID 0x8100.
+ </p>
+ <p>
+ For other kinds of ports, this setting is ignored.
+ </p>
+ </column>
+
<column name="other_config" key="priority-tags"
type='{"type": "boolean"}'>
<p>
View Lorry Controller Status