Reputation: 909
Forward new flows to another OVS port
I have following setup
+---2---+
s---1 OVS 4---t
+---3---+
where 1, 2, 3, 4 are OVS ports in one server (all are ports of the bridge called ovs1), and source s and target t are two other servers (connected over LAN). Say, packets are flowing through 2 (from 1) and at some point, I want to forward all new flows of port 1 through port 3 while old flows remain on 2 (until termination).
I can do this abruptly with this OVS commands
ovs-ofctl del-flows ovs1 in_port=1
ovs-ofctl del-flows ovs1 in_port=2
ovs-ofctl add-flow ovs1 in_port=1,action=output:3
ovs-ofctl add-flow ovs1 in_port=3,action=output:1
which forces all flows go through 3 instead of 2. But I need old flows remain on 2 and only new flows go through 3. Is this possible with OVS?
Ideally, I want to do this with OVS. If that is not possible, I can get rid of it and use Linux networking to achieve such "smooth" link switch.
Any help is appreciated.
Upvotes: 0
Views: 2137
Answers (2)
Reputation: 909
I got couple solutions to this problem after talking with my friend (off StackOverflow). I am sharing two different solutions, for future reference.
The first one is based on connection tracking (as suggested by @pchaigno and @karthik-prasad). I think this is more elaborate description of the solution (they had in mind). So, we install a default rule to forward all connections to port 2 and enabled connection tracking for 2. Now, before redirecting flows to 3, we install full IP tuple rules (matching src, dst, ports, etc.) to forward existing flows to port 2. In other words, if there were 100 conntrack entries for port 2 before the (port 3) fail-over, we will install 100 specific rules to forward packets to port 2. This will ensure all existing flows will keep going through port 2.
To forward new flows to port 3, we override the default forwarding rule from port 2 to port 3. When we do this, existing flows will match the more specific rules (established earlier), and go to port 2. New flows will match the wildcard rule and go to port 3. Note that even then the switch will not be atomic. We might lose some flows when you move to 3 (depends on how we install the updated rules).
Another way to solve this problem, perhaps more elegantly, is to leverage OpenFlow controller. We plug in an OpenFlow controller to the switch and keep track of flows in port 2, and install a port 2 forwarding rule on packet-in events (whenever new flow arrives). When we want to fail-over, we change OpenFlow controller behavior to start forwarding new flows to port 3 (whenever new packet-in events happen). This keeps old flows in port 2. As an example, you could use Ryu controller and write a Ryu application to respond to the suggested packet-in events.
Upvotes: 0
Reputation: 1
I don't think OVS gaurantees MBB for the backup paths. What you can ideally do is install 2 similar flows with different priorities and switch to one you want by altering the priority. In this case you are probably not disrupting the existing traffic flow.
Upvotes: 0
Related Questions
- Mininet OpenvSwitch Multi-controller Configuration
- Proactive Flow Insertion and Routing Based on Priority in OVS
- ODL flow added but doesn´t making effect
- Automatic add flow to ovs switch that connected to docker hosts
- How can I forward traffic from a specific port to another in open-vswitch
- What if there are multiple forwarding rules for the same flow in the Openflow switch?
- Does OpenVswitch accept duplicate OpenFlow rules with different priorities?
- iptables on Mininet OVS
- OVS L3 Routing with mininet
- How to add a port to an OpenFlow bridge