Configuring TTP
Pipeline
"table_map": {
"Ingress_Port_Flow_Table": 0,
"Ingress_Port_Group_Flow_Table": 5,
"Ingress_VFilter_Flow_Table": 10,
"Ingress_VLAN_Xlate_Flow_Table": 11,
"Termination_MAC_Flow_Table": 20,
"Unicast_Routing_Flow_Table": 30,
"Multicast_Routing_Flow_Table": 40,
"Bridging_Flow_Table": 50,
"ACL_Policy_Flow_Table": 60,
"Egress_Port_Flow_Table": 70,
"Egress_Port_Group_Flow_Table": 80,
"Egress_VLAN_Xlate_Flow_Table": 90,
"Egress_ACL_Flow_Table": 200
}
Flow Tables
Required flow table:
- Ingress_VFilter_Flow_Table (Required)
Ingress_VFilter_Flow_Table uses the vcap tcam in hardware, supports QinQ vlan actions.Vcap has the highest priority in VLAN stage.
- Ingress_VLAN_Xlate_Flow_Table (Required)
Ingress_VLAN_Xlate_Flow_Table uses the VLAN Translation in hardware, supports QinQ vlan actions.
- Termination_MAC_Flow_Table (Required)
Termination_MAC_Flow_Table add system mac entry in my_station_tcam, to match input packet's service-vlan and dst-mac, and determine whether to route this packet.
- Unicast_Routing_Flow_Table (Required)
Unicast_Routing_Flow_Table supports match Host and Route IP address.L3 unicast supports ECMP.
- Multicast_Routing_Flow_Table (Required)
Multicast_Routing_Flow_Table supports l2 ports multicast and l3 multicast.
L2 ports multicast use “L3 Multicast” group and has no set-field actions.
- Bridging_Flow_Table (Required)
Bridging_Flow_Table supports static mac entries installed by openflow controller and dynamic mac entries if mac-learning enabled.If packet hits a mac entry, the packet will be marked bridging_hit=1.Dynamic mac entry is learned in hardware, and will send an upcall event to software, ovs store the mac entry in bridging table and may notify controller with an experimenter message.
- ACL_Policy_Flow_Table (Required)
ACL_Policy_Flow_Table uses ICAP TCAM in hardware, can meter, redirect, normal, controller, drop, set-queue, ecmp, etc.
- Egress_VLAN_Xlate_Flow_Table (Required)
Egress_VLAN_Xlate_Flow_Table uses the egress VLAN Translation in hardware, supports QinQ vlan actions.
- Egress_ACL_Flow_Table (Required)
Egress_ACL_Flow_Table uses ECAP TCAM in hardware, supports set-dscp, normal, drop actions.Not support matching metadata now.
optional flow table
- Ingress_Port_Flow_Table (Optional)
Ingress_Port_Flow_Table is the first table in pipeline, represent ingress pipeline start.No flow is allowed to add in this table.
- Ingress_Port_Group_Flow_Table (Optional)
Ingress_Port_Group_Flow_Table matches in_port, and is used to set port ingress port-group id for input port grouping.The port-group is similar to bond port, it is a physical port attribute and can bundle multiple physical ports in a group. Port-group can be used on vlan_xlate table and vfilter flow table, as a match key. Each physical port has a port-group id, default value is 0.
- Egress_Port_Flow_Table (Optional)
Egress_Port_Flow_Table is the first table in egress pipeline, represent egress pipeline start.No flow is allowed to add in this table.
- Egress_Port_Group_Flow_Table (Optional)
Egress_Port_Group_Flow_Table matches output port (use <in_port> match field), and is used to set port egress port-group id for output port grouping.
Descriptions
Metadata:16-22bits of metadata represents ingress/egress port group.
default-config:You can check the default state using "ovs-vsctl show-port-default-config",admin state is up,config is 0,you can change the state by "ovs-vsctl set-port-default-admin-down true".Need to restart the service after changing the admin state.
default-flood:default state is false,all packets will be dropped if do not matching any flow in flow table.You can change this state by "ovs-vsctl set-port-default-flood true".Need to restart the service after changing the flood state.
Restrictions
- not support ip_ecn in ingress acl match field.
- Do not support following commands “ovs-appctl pica/dump-flows 30””ovs-appctl pica/dump-flows Unicast”
- egress acl table do not support match-mode
Copyright © 2024 Pica8 Inc. All Rights Reserved.