Open Stack

I think this sounds reasonable. Do you have code for this already, or are
you looking for a developer to help implement it?


On Thu, Aug 21, 2014 at 8:45 AM, Andreas Scheuring <
scheuran at linux.vnet.ibm.com> wrote:

> Hi,
> last week I started discussing an extension to the existing neutron
> openvswitch agent to support network adapters that are not in
> promiscuous mode. Now I would like to enhance the round to get feedback
> from a broader audience via the mailing list.
>
>
> The Problem
> When driving vlan or flat networking, openvswitch requires an network
> adapter in promiscuous mode.
>
>
> Why not having promiscuous mode in your adapter?
> - Admins like to have full control over their environment and which
> network packets enter the system.
> - The network adapter just does not have support for it.
>
>
> What to do?
> Linux net-dev driver offer an interface to manually register additional
> mac addresses (also called secondary unicast addresses). Exploiting this
> one can register additional mac addresses to the network adapter. This
> also works via a well known ip user space tool.
>
> `bridge fdb add aa:aa:aa:aa:aa:aa dev eth0`
>
>
> What to do in openstack?
> As neutron is aware of all the mac addresses that are in use it's the
> perfect candidate for doing the mac registrations. The idea is to modify
> the neutron openvswitch agent that it does the registration on "port
> add" and "port remove" via the bridge command.
> There would be a new optional configuration parameter, something like
> 'non-promisc-mode' that is by default set to false. Only when set to
> true, macs get manually registered. Otherwise the agent behaves like it
> does today. So I guess only very little changes to the agent code are
> required. From my current point of view we do not need any changes to
> the ml2 plug-in.
>
>
> Blueprint or a bug?
> I guess it's a blueprint.
>
> What's the timeframe?
> K would be great.
>
>
>
> I would be thankful for any feedback on this! Feel free to contact me
> anytime. Thanks in advance!
>
> Regards,
> Andreas
>
> (irc: scheuran)
>
>
> _______________________________________________
> OpenStack-dev mailing list
> OpenStack-dev at lists.openstack.org
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>



-- 
Kevin Benton
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20140821/c357d123/attachment.html>