<div>
                    <span style="font-size: 14px;">That’s super nice ;) !!! :D</span></div><div><span style="font-size: 14px;"><br></span></div><div><span style="font-size: 14px;">I’m prototyping over here [1] to gather some benchmarks for the summit presentation</span></div><div><span style="font-size: 14px;">about “Taking Security Groups To Ludicrous Speed with Open vSwitch” with Ivar, Justin</span></div><div><span style="font-size: 14px;">and Thomas.</span></div><div><span style="font-size: 14px;"><br></span></div><div><br></div><div><span style="font-size: 14px;">I know Justin and Joe have been doing good advances on it ;) [3] lately.</span></div><div><br></div><div><span style="font-size: 14px;">[1] </span><a href="https://review.openstack.org/#/c/167671/">https://review.openstack.org/#/c/167671/</a></div><div><span style="font-size: 14px;">[2] </span><a href="https://github.com/justinpettit/ovs/tree/conntrack">https://github.com/justinpettit/ovs/tree/conntrack</a></div><div><span style="font-size: 14px;">[3] </span><a href="https://github.com/justinpettit/ovs/commits/conntrack">https://github.com/justinpettit/ovs/commits/conntrack</a></div>
                <div><div><br></div><div><span style="font-size: 10pt;">Miguel Ángel Ajo</span></div><div><br></div></div>
                 
                <p style="color: #A0A0A8;">On Tuesday, 31 de March de 2015 at 9:34, Kevin Benton wrote:</p>
                <blockquote type="cite" style="border-left-style:solid;border-width:1px;margin-left:0px;padding-left:10px;">
                    <span><div><div><div dir="ltr">Very cool. What's the latest status on data-plane support for the conntrack based things like firewall rules and conntrack integration?</div><div><br><div>On Mon, Mar 30, 2015 at 7:19 PM, Russell Bryant <span dir="ltr"><<a href="mailto:rbryant@redhat.com" target="_blank">rbryant@redhat.com</a>></span> wrote:<br><blockquote type="cite"><div><span>On 03/26/2015 07:54 PM, Russell Bryant wrote:<br>
> Gary and Kyle, I saw in my IRC backlog that you guys were briefly<br>
> talking about testing the Neutron ovn ml2 driver.  I suppose it's time<br>
> to add some more code to the devstack integration to install the current<br>
> ovn branch and set up ovsdb-server to serve up the right database for<br>
> this.  I'll try to work on that tomorrow.  Of course, note that all we<br>
> can set up right now is the northbound database.  None of the code that<br>
> reacts to updates to that database is merged yet.  We can still go ahead<br>
> and test our code and make sure the expected data makes it there, though.<br>
<br>
</span>With help from Kyle Mestery, Gary Kotton, and Gal Sagie, some great<br>
progress has been made over the last few days.  Devstack support has<br>
merged and the ML2 driver seems to be doing the right thing.<br>
<br>
After devstack runs, you can see that the default networks created by<br>
devstack are in the OVN db:<br>
<br>
> $ neutron net-list<br>
> +--------------------------------------+---------+--------------------------------------------------+<br>
> | id                                   | name    | subnets                                          |<br>
> +--------------------------------------+---------+--------------------------------------------------+<br>
> | 1c4c9a38-afae-40aa-a890-17cd460b314b | private | 115f27d1-5330-489e-b81f-e7f7da123a31 <a href="http://10.0.0.0/24" target="_blank">10.0.0.0/24</a> |<br>
> | 69fc7d7c-6906-43e7-b5e2-77c059cf4143 | public  | 6b5c1597-4af8-4ad3-b28b-a4e83a07121b             |<br>
> +--------------------------------------+---------+--------------------------------------------------+<br>
<br>
> $ ovn-nbctl lswitch-list<br>
> 47135494-6b36-4db9-8ced-3bdc9b711ca9 (neutron-1c4c9a38-afae-40aa-a890-17cd460b314b)<br>
> 03494923-48cf-4af5-a391-ed48fe180c0b (neutron-69fc7d7c-6906-43e7-b5e2-77c059cf4143)<br>
<br>
> $ ovn-nbctl lswitch-get-external-id neutron-1c4c9a38-afae-40aa-a890-17cd460b314b<br>
> neutron:network_id=1c4c9a38-afae-40aa-a890-17cd460b314b<br>
> neutron:network_name=private<br>
<br>
> $ ovn-nbctl lswitch-get-external-id neutron-69fc7d7c-6906-43e7-b5e2-77c059cf4143<br>
> neutron:network_id=69fc7d7c-6906-43e7-b5e2-77c059cf4143<br>
> neutron:network_name=public<br>
<br>
You can also create ports and see those reflected in the OVN db:<br>
<br>
> $ neutron port-create 1c4c9a38-afae-40aa-a890-17cd460b314b<br>
> Created a new port:<br>
> +-----------------------+---------------------------------------------------------------------------------+<br>
> | Field                 | Value                                                                           |<br>
> +-----------------------+---------------------------------------------------------------------------------+<br>
> | admin_state_up        | True                                                                            |<br>
> | allowed_address_pairs |                                                                                 |<br>
> | binding:vnic_type     | normal                                                                          |<br>
> | device_id             |                                                                                 |<br>
> | device_owner          |                                                                                 |<br>
> | fixed_ips             | {"subnet_id": "115f27d1-5330-489e-b81f-e7f7da123a31", "ip_address": "10.0.0.3"} |<br>
> | id                    | e7c080ad-213d-4839-aa02-1af217a6548c                                            |<br>
> | mac_address           | fa:16:3e:07:9e:68                                                               |<br>
> | name                  |                                                                                 |<br>
> | network_id            | 1c4c9a38-afae-40aa-a890-17cd460b314b                                            |<br>
> | security_groups       | be68fd4e-48d8-46f2-8204-8a916ea6f348                                            |<br>
> | status                | DOWN                                                                            |<br>
> | tenant_id             | ed782253a54c4e0a8b46e275480896c9                                                |<br>
> +-----------------------+---------------------------------------------------------------------------------+<br>
<br>
List ports on the logical switch named neutron-1c4c9a38...:<br>
<br>
> $ ovn-nbctl lport-list neutron-1c4c9a38-afae-40aa-a890-17cd460b314b<br>
> ...<br>
> 96432697-df3c-472a-b48a-9f844764d4bf (neutron-e7c080ad-213d-4839-aa02-1af217a6548c)<br>
<br>
We can also see that the proper MAC address was set on that port:<br>
<br>
> $ ovn-nbctl lport-get-macs neutron-e7c080ad-213d-4839-aa02-1af217a6548c<br>
> fa:16:3e:07:9e:68<br>
<div><div><br>
--<br>
Russell Bryant<br>
<br>
__________________________________________________________________________<br>
OpenStack Development Mailing List (not for usage questions)<br>
Unsubscribe: <a href="http://OpenStack-dev-request@lists.openstack.org?subject:unsubscribe" target="_blank">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a><br>
<a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev" target="_blank">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a><br>
</div></div></div></blockquote></div><br><br clear="all"><div><br></div>-- <br><div><div>Kevin Benton</div></div>
</div>
</div><div><div>__________________________________________________________________________</div><div>OpenStack Development Mailing List (not for usage questions)</div><div>Unsubscribe: <a href="mailto:OpenStack-dev-request@lists.openstack.org?subject:unsubscribe">OpenStack-dev-request@lists.openstack.org?subject:unsubscribe</a></div><div><a href="http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev">http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev</a></div></div></div></span>
                 
                 
                 
                 
                </blockquote>
                 
                <div>
                    <br>
                </div>