review.fuel-infra Code Review - openstack-build/neutron-build.git/commit

author	Francois Eleouet <f.eleouet@gmail.com>
	Wed, 7 Aug 2013 09:19:46 +0000 (11:19 +0200)
committer	Francois Eleouet <f.eleouet@gmail.com>
	Thu, 22 Aug 2013 16:06:16 +0000 (18:06 +0200)
commit	a369f9e39691c01a4e4f7f8668cb37fc17ba03b3
tree	817bb52d734ace8b239406a99964005e862f7889	tree \| snapshot
parent	1c2e111a0be07c9005e212ca634a1ea174f616a5	commit \| diff

Enable GRE and VXLAN with the same ID

Current packet processing in br-tun is based on tun-id,
as a consequence, two networks using different tunnel
types but sharing the same tun-id would not be properly isolated.

To ensure proper isolation within a single bridge, NORMAL action
can't be used any more as it floods unknown unicasts on all
bridges ports. It is replaced by a learn action that dynamically
sets-up flows when packets are recieved from tunnel ports. As mac
address are learnt in explicit flows (in table 20), we can use a
default action in that table to flood unknown unicasts to the
right set of ports, like broadcasts and multicasts packets.

See https://wiki.openstack.org/wiki/Ovs-flow-logic for a more
detailled explanation of the flow logic

Another alternative could have been to use distinct bridges for
each tunnel type (whithout modifying the current flow logic),
but previous alternative may be preferable as it paves the way
for new tunneling optimisations (like RPC based mac learning and
partial-mesh flooding proposed in bp/l2-population)

Change-Id: I1dfe74f96680c2c6fe4d8d4aac4821c6b020c005
Closes-Bug: #1196963

neutron/agent/linux/ovs_lib.py		diff \| blob \| history
neutron/plugins/openvswitch/agent/ovs_neutron_agent.py		diff \| blob \| history
neutron/plugins/openvswitch/common/constants.py		diff \| blob \| history
neutron/tests/unit/openvswitch/test_ovs_neutron_agent.py		diff \| blob \| history
neutron/tests/unit/openvswitch/test_ovs_tunnel.py		diff \| blob \| history