Message ID | 1441153303-86713-3-git-send-email-jpettit@nicira.com |
---|---|
State | Accepted |
Headers | show |
On 09/01/2015 08:21 PM, Justin Pettit wrote: > Signed-off-by: Justin Pettit <jpettit@nicira.com> some wording suggestions inline, but otherwise: Acked-by: Russell Bryant <rbryant@redhat.com> > --- > ovn/ovn-sb.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ > 1 files changed, 43 insertions(+), 0 deletions(-) > > diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml > index 38837c1..cbae2e9 100644 > --- a/ovn/ovn-sb.xml > +++ b/ovn/ovn-sb.xml > @@ -321,6 +321,49 @@ > the logical output port replaced by the group member. > </p> > > + <p><em>Pipeline Stages</em></p> > + > + <p> > + <code>ovn-northd</code> is responsible for populating the > + <ref table="Logical_Flow"/>, so the stages are an implementation Should you add "table" here? the <ref table="Logical_Flow"/> table > + detail and subject to change. This section describes the current > + logical flow table. > + </p> > + > + <p> > + The ingress pipeline consists of the following stages: > + </p> > + <ul> > + <li> > + Port Security (Table 0): Validates the source address, drops > + packets with a VLAN tag, and, if configured, verifies that the > + logical port is allowed to send with the source address. > + </li> > + > + <li> > + L2 Destination Lookup (Table 1): Forwards known unicast > + addresses to the appropriate logical port. Unicast packets to > + unknown hosts are forwarded to logical ports configured to have > + an <code>unknown</code> addresses. Broadcast, and multicast are "an unknown addresses" would read better as "an unknown set of addresses" or just "unknown addresses". > + flooded to all ports in the logical switch. > + </li> > + </ul> > + > + <p> > + The egress pipeline consists of the following stages: > + </p> > + <ul> > + <li> > + ACL (Table 0): Applies any specified access control lists. > + </li> > + > + <li> > + Port Security (Table 1): If configured, verifies that the > + logical port is allowed to receive packets with the destination > + address. > + </li> > + </ul> > + > <column name="logical_datapath"> > The logical datapath to which the logical flow belongs. > </column> >
> On Sep 1, 2015, at 5:37 PM, Russell Bryant <rbryant@redhat.com> wrote: > > On 09/01/2015 08:21 PM, Justin Pettit wrote: >> Signed-off-by: Justin Pettit <jpettit@nicira.com> >> >> + <code>ovn-northd</code> is responsible for populating the >> + <ref table="Logical_Flow"/>, so the stages are an implementation > > Should you add "table" here? > > the <ref table="Logical_Flow"/> table Done. Thanks. >> + L2 Destination Lookup (Table 1): Forwards known unicast >> + addresses to the appropriate logical port. Unicast packets to >> + unknown hosts are forwarded to logical ports configured to have >> + an <code>unknown</code> addresses. Broadcast, and multicast are > > "an unknown addresses" would read better as "an unknown set of > addresses" or just "unknown addresses". The <code> block was trying to indicate the special value "unknown" in the "mac" column, not emphasize it. How about this instead? Unicast packets to unknown hosts are forwarded to logical ports configured with the special <code>unknown</code> mac address. --Justin
On 09/01/2015 09:02 PM, Justin Pettit wrote: > >> On Sep 1, 2015, at 5:37 PM, Russell Bryant <rbryant@redhat.com> wrote: >> >> On 09/01/2015 08:21 PM, Justin Pettit wrote: >>> Signed-off-by: Justin Pettit <jpettit@nicira.com> >>> >>> + <code>ovn-northd</code> is responsible for populating the >>> + <ref table="Logical_Flow"/>, so the stages are an implementation >> >> Should you add "table" here? >> >> the <ref table="Logical_Flow"/> table > > Done. Thanks. > >>> + L2 Destination Lookup (Table 1): Forwards known unicast >>> + addresses to the appropriate logical port. Unicast packets to >>> + unknown hosts are forwarded to logical ports configured to have >>> + an <code>unknown</code> addresses. Broadcast, and multicast are >> >> "an unknown addresses" would read better as "an unknown set of >> addresses" or just "unknown addresses". > > The <code> block was trying to indicate the special value "unknown" in the "mac" column, not emphasize it. How about this instead? Right, I was just lazy and didn't re-type it. I meant for it to still be there. > Unicast packets to unknown hosts are forwarded to > logical ports configured with the special <code>unknown</code> > mac address. Perfect, thanks.
> On Sep 1, 2015, at 6:09 PM, Russell Bryant <rbryant@redhat.com> wrote: > > On 09/01/2015 09:02 PM, Justin Pettit wrote: >> >>> On Sep 1, 2015, at 5:37 PM, Russell Bryant <rbryant@redhat.com> wrote: >>> >>> On 09/01/2015 08:21 PM, Justin Pettit wrote: >>>> Signed-off-by: Justin Pettit <jpettit@nicira.com> >>>> >>>> + <code>ovn-northd</code> is responsible for populating the >>>> + <ref table="Logical_Flow"/>, so the stages are an implementation >>> >>> Should you add "table" here? >>> >>> the <ref table="Logical_Flow"/> table >> >> Done. Thanks. >> >>>> + L2 Destination Lookup (Table 1): Forwards known unicast >>>> + addresses to the appropriate logical port. Unicast packets to >>>> + unknown hosts are forwarded to logical ports configured to have >>>> + an <code>unknown</code> addresses. Broadcast, and multicast are >>> >>> "an unknown addresses" would read better as "an unknown set of >>> addresses" or just "unknown addresses". >> >> The <code> block was trying to indicate the special value "unknown" in the "mac" column, not emphasize it. How about this instead? > > Right, I was just lazy and didn't re-type it. I meant for it to still > be there. > >> Unicast packets to unknown hosts are forwarded to >> logical ports configured with the special <code>unknown</code> >> mac address. > > Perfect, thanks. Thanks for the reviews. I pushed the series. --Justin
diff --git a/ovn/ovn-sb.xml b/ovn/ovn-sb.xml index 38837c1..cbae2e9 100644 --- a/ovn/ovn-sb.xml +++ b/ovn/ovn-sb.xml @@ -321,6 +321,49 @@ the logical output port replaced by the group member. </p> + <p><em>Pipeline Stages</em></p> + + <p> + <code>ovn-northd</code> is responsible for populating the + <ref table="Logical_Flow"/>, so the stages are an implementation + detail and subject to change. This section describes the current + logical flow table. + </p> + + <p> + The ingress pipeline consists of the following stages: + </p> + <ul> + <li> + Port Security (Table 0): Validates the source address, drops + packets with a VLAN tag, and, if configured, verifies that the + logical port is allowed to send with the source address. + </li> + + <li> + L2 Destination Lookup (Table 1): Forwards known unicast + addresses to the appropriate logical port. Unicast packets to + unknown hosts are forwarded to logical ports configured to have + an <code>unknown</code> addresses. Broadcast, and multicast are + flooded to all ports in the logical switch. + </li> + </ul> + + <p> + The egress pipeline consists of the following stages: + </p> + <ul> + <li> + ACL (Table 0): Applies any specified access control lists. + </li> + + <li> + Port Security (Table 1): If configured, verifies that the + logical port is allowed to receive packets with the destination + address. + </li> + </ul> + <column name="logical_datapath"> The logical datapath to which the logical flow belongs. </column>
Signed-off-by: Justin Pettit <jpettit@nicira.com> --- ovn/ovn-sb.xml | 43 +++++++++++++++++++++++++++++++++++++++++++ 1 files changed, 43 insertions(+), 0 deletions(-)