[openstack-dev] [Neutron] support of NSH in networking-SFC
Yang, Yi Y
yi.y.yang at intel.com
Thu Jun 2 00:19:53 UTC 2016
Also cc to Jiri and Jesse, I think mandatory L3 requirement is not reasonable for tunnel port, say VxLAN or VxLAN-gpe, its intention is to L2 over L3, so L2 header is must-have, but mandatory L3 requirement removed L2.
I also think VxLAN + Eth + NSH + Original frame should be an option, at least industries have such requirements in practice.
So my point is it will be great if we can support both VxLAN-gpe+ETH+NSH+Original L2 and VxLAN+ETH+NSH+Original L2, this will simplify our nsh patches upstreaming efforts and speed up merging.
From: Cathy Zhang [mailto:Cathy.H.Zhang at huawei.com]
Sent: Thursday, June 02, 2016 2:54 AM
To: OpenStack Development Mailing List (not for usage questions) <openstack-dev at lists.openstack.org>; blp at ovn.org; Yang, Yi Y <yi.y.yang at intel.com>
Cc: Cathy Zhang <Cathy.H.Zhang at huawei.com>
Subject: RE: [openstack-dev] [Neutron] support of NSH in networking-SFC
Looks like the work of removing the mandatory L3 requirement associated with decapsulated VxLAN-gpe packet also involves OVS kernel change, which is difficult. Furthermore, even this blocking issue is resolved and eventually OVS accepts the VLAN-gpe+NSH encapsulation, there is still another issue.
Current Neutron only supports VXLAN, not VXLAN-gpe, and adopting VXLAN-gpe involves consideration of backward compatibility with existing VXLAN VTEP and VXLAN Gateway.
An alternative and maybe easier/faster path could be to push a patch of " VxLAN + Eth + NSH + Original frame" into OVS kernel. This is also IETF compliant encapsulation for SFC and does not have the L3 requirement issue and Neutron VXLAN-gpe support issue.
We can probably take this discussion to the OVS mailing alias.
From: Ben Pfaff [mailto:blp at ovn.org]
Sent: Tuesday, May 31, 2016 9:48 PM
To: OpenStack Development Mailing List (not for usage questions)
Subject: Re: [openstack-dev] [Neutron] support of NSH in networking-SFC
On Wed, Jun 01, 2016 at 12:08:23AM +0000, Yang, Yi Y wrote:
> Ben, yes, we submitted nsh support patch set last year, but ovs
> community told me we have to push kernel part into Linux kernel tree,
> we're struggling to do this, but something blocked us from doing this.
It's quite difficult to get patches for a new protocol into the kernel.
You have my sympathy.
> Recently, ovs did some changes in tunnel protocols which requires the
> packet decapsulated by a tunnel must be a Ethernet packet, but Linux
> kernel (net-next) tree accepted VxLAN-gpe patch set from Redhat guy
> (Jiri Benc) which requires the packet decapsulated by VxLAN-gpe port
> must be L3 packet but not L2 Ethernet packet, this blocked us from
> progressing better.
> Simon Horman (Netronome guy) has posted a series of patches to remove
> the mandatory requirement from ovs in order that the packet from a
> tunnel can be any packet, but so far we didn't see they are merged.
These are slowly working their way through OVS review, but these also have a prerequisite on kernel patches, so it's not easy to get them in either.
> I heard ovs community looks forward to getting nsh patches merged, it
> will be great if ovs guys can help progress this.
I do plan to do my part in review (but much of this is kernel review, which I'm not really involved in anymore).
OpenStack Development Mailing List (not for usage questions)
Unsubscribe: OpenStack-dev-request at lists.openstack.org?subject:unsubscribe
More information about the OpenStack-dev