[openstack-dev] [Neutron] VLAN trunking network for NFV
Ian Wells
ijw.ubuntu at cack.org.uk
Wed Mar 25 14:12:45 UTC 2015
Today:
You need to ensure that your cloud is using a suitable networking config -
with ML2, use Linuxbridge and either VXLAN or GRE. If you're using either
OVS or VLAN you won't get a trunking network. A tenant can't tell this, so
they can't easily tell that all or any networks are VLAN trunks without
testing the network.
Tomorrow (i.e. on trunk, or when Kilo is released):
You can use the vlan_transparent flag on a network to explicitly request a
trunk. The dataplane code hasn't changed, so the cloud will report that
the network is a trunk if you're using ML2 with Linuxbridge and GRE or
VXLAN, and will report you can't have a trunk if you use OVS or VLAN. This
means that you are no more likely to get a trunk if you ask for one - you
still need a suitable configuration - but your application will immediately
know if it works or not (the old alternative was pretty much to start it
and see if it works, which wasn't helpful).
ML2 now has a reference implementation of this; other plugins (to the best
of my knowledge) don't support the flag. When they do, then any plugin or
driver can theoretically be written to behave differently if you have ask
for a trunk; for instance, in the future we can change the code to program
OVS differently if you want a trunk, or change ML2 to use a trunk-safe
VXLAN overlay even though VLAN networks are also available in a system. No
driver does this today.
--
Ian.
On 24 March 2015 at 17:48, Guo, Ruijing <ruijing.guo at intel.com> wrote:
> I am trying to understand how guest os use trunking network.
>
>
>
> If guest os use bridge like Linuxbride and OVS, how we launch it and how
> libvirt to support it?
>
>
>
> Thanks,
>
> -Ruijing
>
>
>
>
>
> *From:* Ian Wells [mailto:ijw.ubuntu at cack.org.uk]
> *Sent:* Wednesday, March 25, 2015 2:18 AM
> *To:* OpenStack Development Mailing List (not for usage questions)
> *Subject:* Re: [openstack-dev] [Neutron] VLAN trunking network for NFV
>
>
>
> That spec ensures that you can tell what the plugin is doing. You can ask
> for a VLAN transparent network, but the cloud may tell you it can't make
> one.
>
> The OVS driver in Openstack drops VLAN tagged packets, I'm afraid, and the
> spec you're referring to doesn't change that. The spec does ensure that if
> you try and create a VLAN trunk on a cloud that uses the OVS driver, you'll
> be told you can't. in the future, the OVS driver can be fixed, but that's
> how things stand at present. Fixing the OVS driver really involves getting
> in at the OVS flow level - can be done, but we started with the basics.
>
> If you want to use a VLAN trunk using the current code, I recommend VXLAN
> or GRE along with the Linuxbridge driver, both of which support VLAN
> transparent networking. If they're configured and you ask for a VLAN trunk
> you'll be told you got one.
> --
>
> Ian.
>
>
>
>
>
> On 24 March 2015 at 09:43, Daniele Casini <daniele.casini at dektech.com.au>
> wrote:
>
> Hi all:
>
> in reference to the following specification about the creation of VLAN
> trunking network for NFV
>
> https://review.openstack.org/#/c/136554/3/specs/kilo/nfv-vlan-trunks.rst
>
> I would like to better understand how the tagged traffic will be realized.
> In order to explain myself, I report the following use case:
>
> A VNF is deployed in one VM, which has a trunk port carrying traffic for
> two VLANs over a single link able to transport more than one VLAN through a
> single integration-bridge (br-int) port. So, How does br-int manage the
> VLAN-ID? In other words, what are the action performed by the br-int when a
> VM forwards traffic to another host?
> Does it put an additional tag or replace the existing one keeping the
> match with a table or something like that?
>
> Thank you very much.
>
> Daniele
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
>
> __________________________________________________________________________
> OpenStack Development Mailing List (not for usage questions)
> Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
> http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack-dev
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20150325/0b67c0f0/attachment.html>
More information about the OpenStack-dev
mailing list