Message ID | 20241205122751.3309292-1-i.maximets@ovn.org |
---|---|
State | Accepted |
Headers | show |
Series | [ovs-dev] chassis: Deprecate support for STT encapsulation. | expand |
Context | Check | Description |
---|---|---|
ovsrobot/apply-robot | success | apply and check: success |
ovsrobot/github-robot-_Build_and_Test | success | github build: passed |
ovsrobot/github-robot-_ovn-kubernetes | success | github build: passed |
On Thu, Dec 5, 2024 at 1:28 PM Ilya Maximets <i.maximets@ovn.org> wrote: > STT tunnel support will be deprecated in upcoming OVS 3.5 release and > planned for removal in OVS 3.6. > Hi Ilya, thank you for the patch. I have two small comments that could be addressed during merge. We should leave a note in "enum chassis_tunnel_type" about the deprecation. > The main reasons are: > > STT tunnel implementation was rejected in the upstream Linux kernel > long time ago and will probably never be there, because it is > not considered safe for use, as it can confuse parts of the network > mistaking it for normal TCP. > > The only available implementation for Linux is an OOT openvswitch > kernel module shipped with OVS 2.17. This module is deprecated and > 2.17 reaches EoL in Feb 2025. At that point there will be no > supported implementation for Linux. > > The standard draft for the protocol itself is also expired and > archived with the latest update made in 2016: > https://datatracker.ietf.org/doc/draft-davie-stt/ > > Modern network interface cards support various hardware offload > features with UDP tunnels, diminishing the main selling point of > STT - the ability to reuse hardware offload features meant for TCP. > > Deprecate the STT encapsulation type in OVN as well, so support can > be removed in 25.06. > nit: 25.09 we don't have 25.06 anymore. > > Signed-off-by: Ilya Maximets <i.maximets@ovn.org> > --- > > The corresponding OVS patch: > > https://patchwork.ozlabs.org/project/openvswitch/patch/20241204204518.3250827-3-i.maximets@ovn.org/ > > The OVS change is not applied yet, so maybe wait for it to be in ovs/main > before applying this deprecation patch. > > Documentation/faq/general.rst | 3 +++ > NEWS | 2 ++ > controller/chassis.c | 8 ++++++-- > controller/ovn-controller.8.xml | 4 ++++ > ovn-architecture.7.xml | 7 +++---- > ovn-sb.xml | 3 ++- > tests/ovn-ic.at | 2 +- > 7 files changed, 21 insertions(+), 8 deletions(-) > > diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst > index df4952ef5..63f5c4cbe 100644 > --- a/Documentation/faq/general.rst > +++ b/Documentation/faq/general.rst > @@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or > VXLAN (or GRE)? > > See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for > details. > > + Note: Support for STT tunnels is deprecated and will be removed in OVN > + 25.09 release. > + > Together, these metadata require 24 + 15 + 16 = 55 bits. GRE > provides 32 > bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if > logical egress pipelines do not match on the logical ingress port, > thereby > diff --git a/NEWS b/NEWS > index da3aba739..c9eb8ede8 100644 > --- a/NEWS > +++ b/NEWS > @@ -4,6 +4,8 @@ Post v24.09.0 > hash (with specified hash fields) for ECMP routes > while choosing nexthop. > - ovn-ic: Add support for route tag to prevent route learning. > + - Support for STT tunnels in ovn-encap-type is deprecated and will be > + removed in the next release. > > OVN v24.09.0 - 13 Sep 2024 > -------------------------- > diff --git a/controller/chassis.c b/controller/chassis.c > index 8b1964c54..19a251f26 100644 > --- a/controller/chassis.c > +++ b/controller/chassis.c > @@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type, > { > sset_from_delimited_string(encap_type_set, encap_type, ","); > > + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); > const char *type; > > SSET_FOR_EACH (type, encap_type_set) { > - if (!get_tunnel_type(type)) { > - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); > + uint32_t tun_type = get_tunnel_type(type); > + > + if (!tun_type) { > VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type); > + } else if (tun_type == STT) { > + VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated"); > } > } > } > diff --git a/controller/ovn-controller.8.xml > b/controller/ovn-controller.8.xml > index aeaa374c1..6a7d676af 100644 > --- a/controller/ovn-controller.8.xml > +++ b/controller/ovn-controller.8.xml > @@ -168,6 +168,10 @@ > are <code>geneve</code>, <code>vxlan</code>, and > <code>stt</code>. > </p> > > + <p> > + <code>stt</code> tunnel type is deprecated. > + </p> > + > <p> > Due to the limited amount of metadata in <code>vxlan</code>, > the capabilities and performance of connected gateways and > diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml > index 640944faf..b11277bb9 100644 > --- a/ovn-architecture.7.xml > +++ b/ovn-architecture.7.xml > @@ -2897,10 +2897,9 @@ > </diagram> > > <p> > - Environments whose NICs lack Geneve offload may prefer STT > encapsulation > - for performance reasons. For STT encapsulation, OVN encodes all three > - pieces of logical metadata in the STT 64-bit tunnel ID as follows, > from MSB > - to LSB: > + Support for STT encapsulation is deprecated. While using STT on > setups > + that didn't migrate to Geneve yet, OVN encodes all three pieces of > logical > + metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB: > </p> > > <diagram> > diff --git a/ovn-sb.xml b/ovn-sb.xml > index ea4adc1c3..9394bb5f4 100644 > --- a/ovn-sb.xml > +++ b/ovn-sb.xml > @@ -479,7 +479,8 @@ > <column name="type"> > The encapsulation to use to transmit packets to this chassis. > Hypervisors and gateways must use one of: <code>geneve</code>, > - <code>vxlan</code>, or <code>stt</code>. > + <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is > + deprecated. > </column> > > <column name="options"> > diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at > index 1ba65fd9f..13150a453 100644 > --- a/tests/ovn-ic.at > +++ b/tests/ovn-ic.at > @@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep > "192.168.0.2"]) > ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt" > OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt]) > > -OVN_CLEANUP_SBOX(gw2) > +OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"]) > OVN_CLEANUP_IC([az1], [az2]) > > AT_CLEANUP > -- > 2.47.0 > > _______________________________________________ > dev mailing list > dev@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-dev > > Thanks, Ales
On Tue, Dec 10, 2024 at 10:30 AM Ales Musil <amusil@redhat.com> wrote: > > > On Thu, Dec 5, 2024 at 1:28 PM Ilya Maximets <i.maximets@ovn.org> wrote: > >> STT tunnel support will be deprecated in upcoming OVS 3.5 release and >> planned for removal in OVS 3.6. >> > > > Hi Ilya, > > thank you for the patch. I have two small comments that could be addressed > during merge. > We should leave a note in "enum chassis_tunnel_type" about the deprecation. > > >> The main reasons are: >> >> STT tunnel implementation was rejected in the upstream Linux kernel >> long time ago and will probably never be there, because it is >> not considered safe for use, as it can confuse parts of the network >> mistaking it for normal TCP. >> >> The only available implementation for Linux is an OOT openvswitch >> kernel module shipped with OVS 2.17. This module is deprecated and >> 2.17 reaches EoL in Feb 2025. At that point there will be no >> supported implementation for Linux. >> >> The standard draft for the protocol itself is also expired and >> archived with the latest update made in 2016: >> https://datatracker.ietf.org/doc/draft-davie-stt/ >> >> Modern network interface cards support various hardware offload >> features with UDP tunnels, diminishing the main selling point of >> STT - the ability to reuse hardware offload features meant for TCP. >> >> Deprecate the STT encapsulation type in OVN as well, so support can >> be removed in 25.06. >> > > nit: 25.09 we don't have 25.06 anymore. > > >> >> Signed-off-by: Ilya Maximets <i.maximets@ovn.org> >> --- >> >> The corresponding OVS patch: >> >> https://patchwork.ozlabs.org/project/openvswitch/patch/20241204204518.3250827-3-i.maximets@ovn.org/ >> >> The OVS change is not applied yet, so maybe wait for it to be in ovs/main >> before applying this deprecation patch. >> >> Documentation/faq/general.rst | 3 +++ >> NEWS | 2 ++ >> controller/chassis.c | 8 ++++++-- >> controller/ovn-controller.8.xml | 4 ++++ >> ovn-architecture.7.xml | 7 +++---- >> ovn-sb.xml | 3 ++- >> tests/ovn-ic.at | 2 +- >> 7 files changed, 21 insertions(+), 8 deletions(-) >> >> diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst >> index df4952ef5..63f5c4cbe 100644 >> --- a/Documentation/faq/general.rst >> +++ b/Documentation/faq/general.rst >> @@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or >> VXLAN (or GRE)? >> >> See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for >> details. >> >> + Note: Support for STT tunnels is deprecated and will be removed in >> OVN >> + 25.09 release. >> + >> Together, these metadata require 24 + 15 + 16 = 55 bits. GRE >> provides 32 >> bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if >> logical egress pipelines do not match on the logical ingress port, >> thereby >> diff --git a/NEWS b/NEWS >> index da3aba739..c9eb8ede8 100644 >> --- a/NEWS >> +++ b/NEWS >> @@ -4,6 +4,8 @@ Post v24.09.0 >> hash (with specified hash fields) for ECMP routes >> while choosing nexthop. >> - ovn-ic: Add support for route tag to prevent route learning. >> + - Support for STT tunnels in ovn-encap-type is deprecated and will be >> + removed in the next release. >> >> OVN v24.09.0 - 13 Sep 2024 >> -------------------------- >> diff --git a/controller/chassis.c b/controller/chassis.c >> index 8b1964c54..19a251f26 100644 >> --- a/controller/chassis.c >> +++ b/controller/chassis.c >> @@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type, >> { >> sset_from_delimited_string(encap_type_set, encap_type, ","); >> >> + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); >> const char *type; >> >> SSET_FOR_EACH (type, encap_type_set) { >> - if (!get_tunnel_type(type)) { >> - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, >> 5); >> + uint32_t tun_type = get_tunnel_type(type); >> + >> + if (!tun_type) { >> VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type); >> + } else if (tun_type == STT) { >> + VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated"); >> } >> } >> } >> diff --git a/controller/ovn-controller.8.xml >> b/controller/ovn-controller.8.xml >> index aeaa374c1..6a7d676af 100644 >> --- a/controller/ovn-controller.8.xml >> +++ b/controller/ovn-controller.8.xml >> @@ -168,6 +168,10 @@ >> are <code>geneve</code>, <code>vxlan</code>, and >> <code>stt</code>. >> </p> >> >> + <p> >> + <code>stt</code> tunnel type is deprecated. >> + </p> >> + >> <p> >> Due to the limited amount of metadata in <code>vxlan</code>, >> the capabilities and performance of connected gateways and >> diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml >> index 640944faf..b11277bb9 100644 >> --- a/ovn-architecture.7.xml >> +++ b/ovn-architecture.7.xml >> @@ -2897,10 +2897,9 @@ >> </diagram> >> >> <p> >> - Environments whose NICs lack Geneve offload may prefer STT >> encapsulation >> - for performance reasons. For STT encapsulation, OVN encodes all >> three >> - pieces of logical metadata in the STT 64-bit tunnel ID as follows, >> from MSB >> - to LSB: >> + Support for STT encapsulation is deprecated. While using STT on >> setups >> + that didn't migrate to Geneve yet, OVN encodes all three pieces of >> logical >> + metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB: >> </p> >> >> <diagram> >> diff --git a/ovn-sb.xml b/ovn-sb.xml >> index ea4adc1c3..9394bb5f4 100644 >> --- a/ovn-sb.xml >> +++ b/ovn-sb.xml >> @@ -479,7 +479,8 @@ >> <column name="type"> >> The encapsulation to use to transmit packets to this chassis. >> Hypervisors and gateways must use one of: <code>geneve</code>, >> - <code>vxlan</code>, or <code>stt</code>. >> + <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is >> + deprecated. >> </column> >> >> <column name="options"> >> diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at >> index 1ba65fd9f..13150a453 100644 >> --- a/tests/ovn-ic.at >> +++ b/tests/ovn-ic.at >> @@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep >> "192.168.0.2"]) >> ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt" >> OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt]) >> >> -OVN_CLEANUP_SBOX(gw2) >> +OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"]) >> OVN_CLEANUP_IC([az1], [az2]) >> >> AT_CLEANUP >> -- >> 2.47.0 >> >> _______________________________________________ >> dev mailing list >> dev@openvswitch.org >> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >> >> > Thanks, > Ales > Forgot to add, that with those 2 things addressed: Acked-by: Ales Musil <amusil@redhat.com>
On 12/10/24 10:31 AM, Ales Musil wrote: > On Tue, Dec 10, 2024 at 10:30 AM Ales Musil <amusil@redhat.com> wrote: > >> >> >> On Thu, Dec 5, 2024 at 1:28 PM Ilya Maximets <i.maximets@ovn.org> wrote: >> >>> STT tunnel support will be deprecated in upcoming OVS 3.5 release and >>> planned for removal in OVS 3.6. >>> >> >> >> Hi Ilya, >> >> thank you for the patch. I have two small comments that could be addressed >> during merge. >> We should leave a note in "enum chassis_tunnel_type" about the deprecation. >> >> >>> The main reasons are: >>> >>> STT tunnel implementation was rejected in the upstream Linux kernel >>> long time ago and will probably never be there, because it is >>> not considered safe for use, as it can confuse parts of the network >>> mistaking it for normal TCP. >>> >>> The only available implementation for Linux is an OOT openvswitch >>> kernel module shipped with OVS 2.17. This module is deprecated and >>> 2.17 reaches EoL in Feb 2025. At that point there will be no >>> supported implementation for Linux. >>> >>> The standard draft for the protocol itself is also expired and >>> archived with the latest update made in 2016: >>> https://datatracker.ietf.org/doc/draft-davie-stt/ >>> >>> Modern network interface cards support various hardware offload >>> features with UDP tunnels, diminishing the main selling point of >>> STT - the ability to reuse hardware offload features meant for TCP. >>> >>> Deprecate the STT encapsulation type in OVN as well, so support can >>> be removed in 25.06. >>> >> >> nit: 25.09 we don't have 25.06 anymore. >> >> >>> >>> Signed-off-by: Ilya Maximets <i.maximets@ovn.org> >>> --- >>> >>> The corresponding OVS patch: >>> >>> https://patchwork.ozlabs.org/project/openvswitch/patch/20241204204518.3250827-3-i.maximets@ovn.org/ >>> >>> The OVS change is not applied yet, so maybe wait for it to be in ovs/main >>> before applying this deprecation patch. >>> >>> Documentation/faq/general.rst | 3 +++ >>> NEWS | 2 ++ >>> controller/chassis.c | 8 ++++++-- >>> controller/ovn-controller.8.xml | 4 ++++ >>> ovn-architecture.7.xml | 7 +++---- >>> ovn-sb.xml | 3 ++- >>> tests/ovn-ic.at | 2 +- >>> 7 files changed, 21 insertions(+), 8 deletions(-) >>> >>> diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst >>> index df4952ef5..63f5c4cbe 100644 >>> --- a/Documentation/faq/general.rst >>> +++ b/Documentation/faq/general.rst >>> @@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or >>> VXLAN (or GRE)? >>> >>> See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for >>> details. >>> >>> + Note: Support for STT tunnels is deprecated and will be removed in >>> OVN >>> + 25.09 release. >>> + >>> Together, these metadata require 24 + 15 + 16 = 55 bits. GRE >>> provides 32 >>> bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if >>> logical egress pipelines do not match on the logical ingress port, >>> thereby >>> diff --git a/NEWS b/NEWS >>> index da3aba739..c9eb8ede8 100644 >>> --- a/NEWS >>> +++ b/NEWS >>> @@ -4,6 +4,8 @@ Post v24.09.0 >>> hash (with specified hash fields) for ECMP routes >>> while choosing nexthop. >>> - ovn-ic: Add support for route tag to prevent route learning. >>> + - Support for STT tunnels in ovn-encap-type is deprecated and will be >>> + removed in the next release. >>> >>> OVN v24.09.0 - 13 Sep 2024 >>> -------------------------- >>> diff --git a/controller/chassis.c b/controller/chassis.c >>> index 8b1964c54..19a251f26 100644 >>> --- a/controller/chassis.c >>> +++ b/controller/chassis.c >>> @@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type, >>> { >>> sset_from_delimited_string(encap_type_set, encap_type, ","); >>> >>> + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); >>> const char *type; >>> >>> SSET_FOR_EACH (type, encap_type_set) { >>> - if (!get_tunnel_type(type)) { >>> - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, >>> 5); >>> + uint32_t tun_type = get_tunnel_type(type); >>> + >>> + if (!tun_type) { >>> VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type); >>> + } else if (tun_type == STT) { >>> + VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated"); >>> } >>> } >>> } >>> diff --git a/controller/ovn-controller.8.xml >>> b/controller/ovn-controller.8.xml >>> index aeaa374c1..6a7d676af 100644 >>> --- a/controller/ovn-controller.8.xml >>> +++ b/controller/ovn-controller.8.xml >>> @@ -168,6 +168,10 @@ >>> are <code>geneve</code>, <code>vxlan</code>, and >>> <code>stt</code>. >>> </p> >>> >>> + <p> >>> + <code>stt</code> tunnel type is deprecated. >>> + </p> >>> + >>> <p> >>> Due to the limited amount of metadata in <code>vxlan</code>, >>> the capabilities and performance of connected gateways and >>> diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml >>> index 640944faf..b11277bb9 100644 >>> --- a/ovn-architecture.7.xml >>> +++ b/ovn-architecture.7.xml >>> @@ -2897,10 +2897,9 @@ >>> </diagram> >>> >>> <p> >>> - Environments whose NICs lack Geneve offload may prefer STT >>> encapsulation >>> - for performance reasons. For STT encapsulation, OVN encodes all >>> three >>> - pieces of logical metadata in the STT 64-bit tunnel ID as follows, >>> from MSB >>> - to LSB: >>> + Support for STT encapsulation is deprecated. While using STT on >>> setups >>> + that didn't migrate to Geneve yet, OVN encodes all three pieces of >>> logical >>> + metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB: >>> </p> >>> >>> <diagram> >>> diff --git a/ovn-sb.xml b/ovn-sb.xml >>> index ea4adc1c3..9394bb5f4 100644 >>> --- a/ovn-sb.xml >>> +++ b/ovn-sb.xml >>> @@ -479,7 +479,8 @@ >>> <column name="type"> >>> The encapsulation to use to transmit packets to this chassis. >>> Hypervisors and gateways must use one of: <code>geneve</code>, >>> - <code>vxlan</code>, or <code>stt</code>. >>> + <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is >>> + deprecated. >>> </column> >>> >>> <column name="options"> >>> diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at >>> index 1ba65fd9f..13150a453 100644 >>> --- a/tests/ovn-ic.at >>> +++ b/tests/ovn-ic.at >>> @@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep >>> "192.168.0.2"]) >>> ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt" >>> OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt]) >>> >>> -OVN_CLEANUP_SBOX(gw2) >>> +OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"]) >>> OVN_CLEANUP_IC([az1], [az2]) >>> >>> AT_CLEANUP >>> -- >>> 2.47.0 >>> >>> _______________________________________________ >>> dev mailing list >>> dev@openvswitch.org >>> https://mail.openvswitch.org/mailman/listinfo/ovs-dev >>> >>> >> Thanks, >> Ales >> > > Forgot to add, that with those 2 things addressed: > Acked-by: Ales Musil <amusil@redhat.com> > Thanks, Ilya and Ales! I took care of the 2 small things and applied the patch to main. The incremental was: diff --git a/lib/ovn-util.h b/lib/ovn-util.h index 7b98b9b9a1..b48573a93a 100644 --- a/lib/ovn-util.h +++ b/lib/ovn-util.h @@ -332,7 +332,8 @@ hash_add_in6_addr(uint32_t hash, const struct in6_addr *addr) * least-preferred (lower number). */ enum chassis_tunnel_type { GENEVE = 1 << 2, - STT = 1 << 1, + STT = 1 << 1, /* NOTE: STT support is deprecated and will be removed + * in an upcoming release. */ VXLAN = 1 << 0 }; Regards, Dumitru
diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst index df4952ef5..63f5c4cbe 100644 --- a/Documentation/faq/general.rst +++ b/Documentation/faq/general.rst @@ -88,6 +88,9 @@ Q: Why does OVN use STT and Geneve instead of VLANs or VXLAN (or GRE)? See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for details. + Note: Support for STT tunnels is deprecated and will be removed in OVN + 25.09 release. + Together, these metadata require 24 + 15 + 16 = 55 bits. GRE provides 32 bits, VXLAN provides 24, and VLAN only provides 12. Most notably, if logical egress pipelines do not match on the logical ingress port, thereby diff --git a/NEWS b/NEWS index da3aba739..c9eb8ede8 100644 --- a/NEWS +++ b/NEWS @@ -4,6 +4,8 @@ Post v24.09.0 hash (with specified hash fields) for ECMP routes while choosing nexthop. - ovn-ic: Add support for route tag to prevent route learning. + - Support for STT tunnels in ovn-encap-type is deprecated and will be + removed in the next release. OVN v24.09.0 - 13 Sep 2024 -------------------------- diff --git a/controller/chassis.c b/controller/chassis.c index 8b1964c54..19a251f26 100644 --- a/controller/chassis.c +++ b/controller/chassis.c @@ -243,12 +243,16 @@ chassis_parse_ovs_encap_type(const char *encap_type, { sset_from_delimited_string(encap_type_set, encap_type, ","); + static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); const char *type; SSET_FOR_EACH (type, encap_type_set) { - if (!get_tunnel_type(type)) { - static struct vlog_rate_limit rl = VLOG_RATE_LIMIT_INIT(1, 5); + uint32_t tun_type = get_tunnel_type(type); + + if (!tun_type) { VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type); + } else if (tun_type == STT) { + VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated"); } } } diff --git a/controller/ovn-controller.8.xml b/controller/ovn-controller.8.xml index aeaa374c1..6a7d676af 100644 --- a/controller/ovn-controller.8.xml +++ b/controller/ovn-controller.8.xml @@ -168,6 +168,10 @@ are <code>geneve</code>, <code>vxlan</code>, and <code>stt</code>. </p> + <p> + <code>stt</code> tunnel type is deprecated. + </p> + <p> Due to the limited amount of metadata in <code>vxlan</code>, the capabilities and performance of connected gateways and diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml index 640944faf..b11277bb9 100644 --- a/ovn-architecture.7.xml +++ b/ovn-architecture.7.xml @@ -2897,10 +2897,9 @@ </diagram> <p> - Environments whose NICs lack Geneve offload may prefer STT encapsulation - for performance reasons. For STT encapsulation, OVN encodes all three - pieces of logical metadata in the STT 64-bit tunnel ID as follows, from MSB - to LSB: + Support for STT encapsulation is deprecated. While using STT on setups + that didn't migrate to Geneve yet, OVN encodes all three pieces of logical + metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB: </p> <diagram> diff --git a/ovn-sb.xml b/ovn-sb.xml index ea4adc1c3..9394bb5f4 100644 --- a/ovn-sb.xml +++ b/ovn-sb.xml @@ -479,7 +479,8 @@ <column name="type"> The encapsulation to use to transmit packets to this chassis. Hypervisors and gateways must use one of: <code>geneve</code>, - <code>vxlan</code>, or <code>stt</code>. + <code>vxlan</code>, or <code>stt</code>. <code>stt</code> is + deprecated. </column> <column name="options"> diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at index 1ba65fd9f..13150a453 100644 --- a/tests/ovn-ic.at +++ b/tests/ovn-ic.at @@ -333,7 +333,7 @@ OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep "192.168.0.2"]) ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt" OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt]) -OVN_CLEANUP_SBOX(gw2) +OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"]) OVN_CLEANUP_IC([az1], [az2]) AT_CLEANUP
STT tunnel support will be deprecated in upcoming OVS 3.5 release and planned for removal in OVS 3.6. The main reasons are: STT tunnel implementation was rejected in the upstream Linux kernel long time ago and will probably never be there, because it is not considered safe for use, as it can confuse parts of the network mistaking it for normal TCP. The only available implementation for Linux is an OOT openvswitch kernel module shipped with OVS 2.17. This module is deprecated and 2.17 reaches EoL in Feb 2025. At that point there will be no supported implementation for Linux. The standard draft for the protocol itself is also expired and archived with the latest update made in 2016: https://datatracker.ietf.org/doc/draft-davie-stt/ Modern network interface cards support various hardware offload features with UDP tunnels, diminishing the main selling point of STT - the ability to reuse hardware offload features meant for TCP. Deprecate the STT encapsulation type in OVN as well, so support can be removed in 25.06. Signed-off-by: Ilya Maximets <i.maximets@ovn.org> --- The corresponding OVS patch: https://patchwork.ozlabs.org/project/openvswitch/patch/20241204204518.3250827-3-i.maximets@ovn.org/ The OVS change is not applied yet, so maybe wait for it to be in ovs/main before applying this deprecation patch. Documentation/faq/general.rst | 3 +++ NEWS | 2 ++ controller/chassis.c | 8 ++++++-- controller/ovn-controller.8.xml | 4 ++++ ovn-architecture.7.xml | 7 +++---- ovn-sb.xml | 3 ++- tests/ovn-ic.at | 2 +- 7 files changed, 21 insertions(+), 8 deletions(-)