This chapter describes the details of OpenFlow via CrossFlow mode. CrossFlow mode allows traditional L2/L3 and OpenFlow protocols to run simultaneously on the same physical switch.
CrossFlow mode has been greatly improved starting in PicOS 2.6.2. Now, most of the OVS mode commands are available in CrossFlow mode.
OVS features that are available in the CrossFlow mode:
- controller (test ok)
- egress-mode (test ok)
- combinated-mode (test ok)
- multi-table (test ok)
- max-ecmp-ports (test ok)
- loopback-enable (test ok)
- flow-counter-mode (test ok)
- GRE (test ok)
- meter (test ok)
- group (test ok)
- Q-in-Q (test ok)
- udf-mode(test ok)
- manager(test ok)
- mpls flow entries(test ok)
OVS features that need to be configured in Xorplus mode:
- qos (test ok)
- qe-port-mode (test ok)
- lag-advance-hash-mapping-fields (test ok)
- LACP (test ok)
The OVS features which are unavailable in CrossFlow mode:
- proxy-arp
- proxy-icmpv6
- pbb flow entries
- VxLAN
- L2MPLS
- L2GRE
- match-mode
- Only Openflow ports can be added to an Openflow lag as members, and only Crossflow ports can be added to a Crossflow lag as members. All lag's members are configured in Switching CLI.
All LACP packets are handled by Switching.
Besides LACP, all other protocol packets received from Openflow ports will be sent to OVS. For the packets received from Crossflow ports, user can configure either Switching or OVS to handle the packets. By default, these packets are handled by Switching.
All port speed, mtu, VLAN members, and other information is configured in Switching CLI as usual, and these configurations in OVS CLI will not take effect.
- When add flow with matching mpls,mpls_label cannot be configured as 0-15.
The Switch Hardware Architecture page describes the meaning of some terms used here, such as TCAM or FIB.
CrossFlow Mode Introduction
In CrossFlow mode, switches can achieve most of the functions that exist in OVS mode, including: basic flow function, meter, group, multi-table, Q-in Q and so on.
● Like in PicOS OVS mode, in CrossFlow mode, OpenFlow 1.0, OpenFlow 1.1, OpenFlow 1.2, OpenFlow 1.3, and OpenFlow 1.4 are supported. User can configure any supported version in the CLI.
● After PicOS 2.6.2, ports in the switch can be configured in any one of these three modes: Legacy, Crossflow or Openflow. The difference in configuration is:
Legacy port: disable crossflow
Crossflow port: enable crossflow and enable local-control
Openflow port: enable crossflow and disable local-control
● After PicOS 2.4, Openflow can also support the multiple-table control, which means that Openflow can configure some flows in FIB (mac address table and routing table). The flow should match some conditions to install them in FIB. Please refer to the manual in the PicOS Openflow Configuration documentation.
As the figure above shows, the switch ports working status in Crossflow mode is shown. The Openflow flow can look up two tables including TCAM and FIB (multiple tables). The ports in Crossflow mode can be summarized as follows:
Enable Crossflow mode and local-control disable (Openflow port):
- The port is completely controlled by Openflow
- All broadcast turned off and auto learning turned off
- Packet forwarded by looking up the TCAM table default
- Packet forwarded by looking up the FIB once enable multi-table and configure L2/L3 flow table
Enable Crossflow mode and local-control enable (Crossflow port):
- The port is controlled by both local legacy stack and Openflow.
- All broadcast is turned on and auto learning is turned on
- Packet is forwarded by looking up the FIB (FDB/routing table) and TCAM table
- No matter if multi-table is enabled or not, packets all can forward by looking up the FIB
Disable Crossflow mode (Legacy port):
- The port is controlled by local legacy stacks.
- All broadcast is turned on and auto learning is turned on.
- Packet is forwarded by looking up the FIB (FDB/routing table).
In Crossflow mode, user can enable L2/L3 mode as a PicOS OVS multi-table function. If the L2/L3 mode is enabled, the FIB table resource will be shared by legacy ports and Crossflow ports, and data traffic cannot mix between the different type ports. User can allocate the resource for special ports as the following command shows.
set interface stm firewall-table ingress 100 set interface stm mac-table 20000 set interface stm ipv4-route 6000 set interface stm ipv6-route 1000
The first command, set interface stm firewall-table ingress 100, means allocate the TCAM resource for ingress ACL rule, and part of the rest of resource for Crossflow port and Openflow port;
The second command, set interface stm mac-table 20000, means allocate the FDB table resource for legacy port, and the rest of resource for Crossflow port and Openflow port.
The last two commands, set interface stm ipv4-route 6000, and set interface stm ipv6-route 1000, means allocate the route table resource for legacy port, and the rest of resources for Crossflow port and Openflow port.
In Crossflow mode, traffic can only be forwarded in the OpenFlow or Legacy network domain (as shown in the following figures). The traffic between Openflow port and Crossflow port forwarded by Tcam flow table default, if user wants to forward by FIB, enable multi-table and configure L2/L3 flow entries. The traffic between Crossflow port and Legacy port is forwarded by FIB.
Install a flow with action "NORMAL":
- By default, the traffic output port will be replaced by the TCAM flow's action after packets are switched and routed. e.g. A packet matches a route and decides the output port (ge-1/1/10) by a route, then it also matches a TCAM flow which has the output port ge-1/1/12, Then, the packet will be forwarded to ge-1/1/12 because the TCAM flow action will replace the original route output port.
- When a flow in TCAM has an action "NORMAL", the packet which has decided the output port after route table, will still be forwarded to route output port. "NORMAL" means there is no change to the packet output port.
- When a route packet will not match any flows in TCAM, the output port also will not be changed.