diff mbox

[ovs-dev] FAQ: Add entry about ingress policing.

Message ID 1442269056-86031-1-git-send-email-jpettit@nicira.com
State Accepted
Headers show

Commit Message

Justin Pettit Sept. 14, 2015, 10:17 p.m. UTC 
Signed-off-by: Justin Pettit <jpettit@nicira.com>
---
 FAQ.md |   31 ++++++++++++++++++++++++++++++-
 1 files changed, 30 insertions(+), 1 deletions(-)

Comments

Ben Pfaff Sept. 15, 2015, 4:35 a.m. UTC | #1 
On Mon, Sep 14, 2015 at 03:17:36PM -0700, Justin Pettit wrote:
> Signed-off-by: Justin Pettit <jpettit@nicira.com>
> ---
>  FAQ.md |   31 ++++++++++++++++++++++++++++++-
>  1 files changed, 30 insertions(+), 1 deletions(-)
> 
> diff --git a/FAQ.md b/FAQ.md
> index 631f6a4..acec1bd 100644
> --- a/FAQ.md
> +++ b/FAQ.md
> @@ -944,7 +944,22 @@ A: The short answer is that this is a misuse of a "tap" device.  Use
>  Quality of Service (QoS)
>  ------------------------
>  
> -### Q: How do I configure Quality of Service (QoS)?
> +### Q: Does OVS support Quality of Service (QoS)?
> +
> +A: Yes.  However, it only support traffic shaping on egress traffic;
> +   ingress traffic is limited to policing.  

I think this is a little more negative than necessary.  How about:

A: Yes.  For traffic that egresses from a switch, OVS supports traffic
   shaping; for traffic that ingress into a switch, OVS support policing.

Either way,

Acked-by: Ben Pfaff <blp@nicira.com>
Justin Pettit Sept. 15, 2015, 5:36 a.m. UTC | #2 
> On Sep 14, 2015, at 9:35 PM, Ben Pfaff <blp@nicira.com> wrote:
> 
> On Mon, Sep 14, 2015 at 03:17:36PM -0700, Justin Pettit wrote:
>> 
>> +A: Yes.  However, it only support traffic shaping on egress traffic;
>> +   ingress traffic is limited to policing.  
> 
> I think this is a little more negative than necessary.  How about:
> 
> A: Yes.  For traffic that egresses from a switch, OVS supports traffic
>   shaping; for traffic that ingress into a switch, OVS support policing.

But I am negative on policing.  ;-)  It's a good suggestion.  I changed it and pushed it.

--Justin
diff mbox

Patch

diff --git a/FAQ.md b/FAQ.md
index 631f6a4..acec1bd 100644
--- a/FAQ.md
+++ b/FAQ.md
@@ -944,7 +944,22 @@  A: The short answer is that this is a misuse of a "tap" device.  Use
 Quality of Service (QoS)
 ------------------------
 
-### Q: How do I configure Quality of Service (QoS)?
+### Q: Does OVS support Quality of Service (QoS)?
+
+A: Yes.  However, it only support traffic shaping on egress traffic;
+   ingress traffic is limited to policing.  Policing is a simple form of
+   quality-of-service that simply drops packets received in excess of
+   the configured rate.  Due to its simplicity, policing is usually less
+   accurate and less effective than egress traffic shaping, which queues
+   packets.
+
+   Keep in mind that ingress and egress are from the perspective of the
+   switch.  That means that egress shaping limits the rate at which
+   traffic is allowed to transmit from a physical interface, but the
+   rate at which traffic will be received on a virtual machine's VIF.
+   For ingress policing, the behavior is the opposite.
+
+### Q: How do I configure egress traffic shaping?
 
 A: Suppose that you want to set up bridge br0 connected to physical
    Ethernet port eth0 (a 1 Gbps device) and virtual machine interfaces
@@ -1006,6 +1021,20 @@  A: Suppose that you want to set up bridge br0 connected to physical
    --all option), then you will have to destroy QoS and Queue records
    individually.
 
+### Q: How do I configure ingress policing?
+
+A: A policing policy can be configured on an interface to drop packets
+   that arrive at a higher rate than the configured value.  For example,
+   the following commands will rate-limit traffic that vif1.0 may
+   generate to 10Mbps:
+
+       ovs-vsctl set interface vif1.0 ingress_policing_rate=10000
+       ovs-vsctl set interface vif1.0 ingress_policing_burst=1000
+
+   Traffic policing can interact poorly with some network protocols and
+   can have surprising results.  The "Ingress Policing" section of
+   ovs-vswitchd.conf.db(5) discusses the issues in greater detail.
+
 ### Q: I configured Quality of Service (QoS) in my OpenFlow network by
    adding records to the QoS and Queue table, but the results aren't
    what I expect.