Configuring Loopback
Loop the traffic which into switch back to ingress.
It is possible to configure the egress interface to be the ingress interface.
PicOS supports loopback interface in hardware. By default, a packet coming into an interface cannot be sent back to the same interface via Openflow. That means the user cannot configure a flow whose output port is the "in_port". For example, the following flow will not work in hardware by default:
root@PicOS-OVS# ovs-ofctl add-flow br0 in_port=1,actions=in_port
This behavior can be changed with the following commands:
ovs-appctl loopback/enable true
This is supported starting in PicOS 2.2. It should only be used for specific traffic as it can be dangerous to send broadcast traffic back on the same port on a Layer 2 network.
Except this one, also supports another command to enable loopback. This one will replace above command.
root@PicOS-OVS#ovs-vsctl set-loopback-enable true
With the above configuration, hardware can allow the flow output port to be the same as in_port. The user can disable the loopback interface with the following command:
ovs-vsctl set-loopback-enable false
Users should know the limitation of the loopback interface in hardware. In the OpenFlow Specification, there are some actions ( Flood, Group table, for example) that are for broadcasting. The packet should not be forwarded back to the in_port port. Be cautious using the enable loopback interface, so that the packet is not forwarded back to the in_port port.
Example1, loop the traffic back to in_port.
admin@PicOS-OVS$ovs-vsctl set-loopback-enable true admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=1,actions=in_port
Example2, loop the traffic back to in_port and same time send out from others.
admin@PicOS-OVS$ovs-vsctl set-loopback-enable true admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=1,actions=in_port,all
1, The port can be physical port, lag interface.
Loop the traffic which out from switch back to switch again.
From version 2.8.1, PicOS also support enable loop in interface, and the feature is different from above.
User can configure one or more ports as loopbcak port. Thus, traffic can be outputed and loopback to itself. The port can be plugin module or not.
Command:
ovs-vsctl set interface <port> options:loopback=true|false
<port>: can be physical port, lag port and GRE/L2GRE/VxLAN tunnel port.
Configure port te-1/1/1 as a loopback port:
ovs-vsctl set interface te-1/1/1 options:loopback=true
Example1, Modify traffic dl_dst=22:22:22:11:11:11 and out from port14, then modify dl_dst=22:22:22:22:22:22 and out from port25.
Need configure two port as loopback port, use port2 and port3 here.
admin@PicOS-OVS$ovs-vsctl set interface te-1/1/2 options:loopback=true admin@PicOS-OVS$ovs-vsctl set interface te-1/1/3 options:loopback=true admin@PicOS-OVS$ admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=1,actions=output:2,3 admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=2,actions=set_field:22:22:22:11:11:11-\>eth_dst,output:14 admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=3,actions=set_field:22:22:22:22:22:22-\>eth_dst,output:25
Example2, traffic after encap vxlan then go through L3 flow table.
Configure loopback in physical port.
admin@PicOS-OVS$ovs-vsctl set-l2-mode true admin@PicOS-OVS$ovs-vsctl set-l3-mode true admin@PicOS-OVS$ admin@PicOS-OVS$ovs-vsctl add-port br0 vxlan1 -- set interface vxlan1 type=pica8_vxlan options:remote_ip=10.10.10.2 options:local_ip=10.10.10.1 options:vlan=1 options:vnid=1122867 options:udp_dst_port=4789 options:src_mac=C8:0A:A9:04:49:1A options:dst_mac=C8:0A:A9:9E:14:A5 options:egress_port=te-1/1/2 admin@PicOS-OVS$ admin@PicOS-OVS$ovs-vsctl set interface te-1/1/2 options:loopback=true admin@PicOS-OVS$ admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=1,actions=output:4097 admin@PicOS-OVS$ovs-ofctl add-flow br0 table=251,dl_vlan=1,dl_dst=C8:0A:A9:9E:14:A5,actions=normal admin@PicOS-OVS$ovs-ofctl add-flow br0 table=252,ip,nw_dst=10.10.10.2,actions=set_field:100-\>vlan_vid,set_field:22:22:22:00:00:11-\>eth_src,set_field:22:22:22:00:00:22-\>eth_dst,output:3
Example2, traffic go through L3 flow table then discap vxlan.
Configure loopback in physical port.
admin@PicOS-OVS$ovs-vsctl set-l2-mode true admin@PicOS-OVS$ovs-vsctl set-l3-mode true admin@PicOS-OVS$ admin@PicOS-OVS$ovs-vsctl add-port br0 vxlan1 -- set interface vxlan1 type=pica8_vxlan options:remote_ip=10.10.10.2 options:local_ip=10.10.10.1 options:vlan=1 options:vnid=1122867 options:udp_dst_port=4789 options:src_mac=C8:0A:A9:04:49:1A options:dst_mac=C8:0A:A9:9E:14:A5 options:egress_port=te-1/1/2 admin@PicOS-OVS$ admin@PicOS-OVS$ovs-vsctl set interface te-1/1/2 options:loopback=true admin@PicOS-OVS$ admin@PicOS-OVS$ovs-ofctl add-flow br0 table=251,dl_vlan=1,dl_dst=C8:0A:A9:04:49:1A,actions=normal admin@PicOS-OVS$ovs-ofctl add-flow br0 table=252,ip,nw_dst=10.10.10.1,actions=set_field:1-\>vlan_vid,set_field:C8:0A:A9:9E:14:A5-\>eth_src,set_field:C8:0A:A9:04:49:1A-\>eth_dst,output:2 admin@PicOS-OVS$ovs-ofctl add-flow br0 in_port=4097,actions=output:1
1. The port will be always be "linkup" because it is a loopback port 2. Add loopback config in interface options for phyical ports and lag ports at ovs mode.
3. Due to different switch's chip are different, so some switch loopback port can send out packets, and others can not.
4. This function in crossflow mode should be added by xorplus.
Copyright © 2024 Pica8 Inc. All Rights Reserved.