1fda57f4b9
Current packet processing in br-tun is based on tun-id, as a consequence, two networks using different tunnel types but sharing the same tun-id would not be properly isolated. To ensure proper isolation within a single bridge, NORMAL action can't be used any more as it floods unknown unicasts on all bridges ports. It is replaced by a learn action that dynamically sets-up flows when packets are recieved from tunnel ports. As mac address are learnt in explicit flows (in table 20), we can use a default action in that table to flood unknown unicasts to the right set of ports, like broadcasts and multicasts packets. See https://wiki.openstack.org/wiki/Ovs-flow-logic for a more detailled explanation of the flow logic Another alternative could have been to use distinct bridges for each tunnel type (whithout modifying the current flow logic), but previous alternative may be preferable as it paves the way for new tunneling optimisations (like RPC based mac learning and partial-mesh flooding proposed in bp/l2-population) Change-Id: I1dfe74f96680c2c6fe4d8d4aac4821c6b020c005 Closes-Bug: #1196963
51 lines
1.5 KiB
Python
51 lines
1.5 KiB
Python
# Copyright (c) 2012 OpenStack Foundation.
|
|
#
|
|
# Licensed under the Apache License, Version 2.0 (the "License");
|
|
# you may not use this file except in compliance with the License.
|
|
# You may obtain a copy of the License at
|
|
#
|
|
# http://www.apache.org/licenses/LICENSE-2.0
|
|
#
|
|
# Unless required by applicable law or agreed to in writing, software
|
|
# distributed under the License is distributed on an "AS IS" BASIS,
|
|
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
|
|
# implied.
|
|
# See the License for the specific language governing permissions and
|
|
# limitations under the License.
|
|
|
|
# Special vlan_id value in ovs_vlan_allocations table indicating flat network
|
|
FLAT_VLAN_ID = -1
|
|
|
|
# Topic for tunnel notifications between the plugin and agent
|
|
TUNNEL = 'tunnel'
|
|
|
|
# Values for network_type
|
|
TYPE_FLAT = 'flat'
|
|
TYPE_VLAN = 'vlan'
|
|
TYPE_GRE = 'gre'
|
|
TYPE_LOCAL = 'local'
|
|
TYPE_VXLAN = 'vxlan'
|
|
TYPE_NONE = 'none'
|
|
VXLAN_UDP_PORT = 4789
|
|
|
|
# Name prefixes for veth device pair linking the integration bridge
|
|
# with the physical bridge for a physical network
|
|
VETH_INTEGRATION_PREFIX = 'int-'
|
|
VETH_PHYSICAL_PREFIX = 'phy-'
|
|
|
|
# The minimum version of OVS which supports VXLAN tunneling
|
|
MINIMUM_OVS_VXLAN_VERSION = "1.10"
|
|
|
|
# The different types of tunnels
|
|
TUNNEL_NETWORK_TYPES = [TYPE_GRE, TYPE_VXLAN]
|
|
|
|
# Various tables for tunneling flows
|
|
PATCH_LV_TO_TUN = 1
|
|
GRE_TUN_TO_LV = 2
|
|
VXLAN_TUN_TO_LV = 3
|
|
LEARN_FROM_TUN = 10
|
|
UCAST_TO_TUN = 20
|
|
FLOOD_TO_TUN = 21
|
|
# Map tunnel types to tables number
|
|
TUN_TABLE = {TYPE_GRE: GRE_TUN_TO_LV, TYPE_VXLAN: VXLAN_TUN_TO_LV}
|