Table of Contents
Opendaylight Netvirt programs specific flows to OVS, for the various VM connectivity usecases to work. The purpose of this document is to give a detailed picture of the various flows that happen on OVS when a packet arrives.
TABLE NUMBER | TABLE NAME | OWNERSHIP |
---|---|---|
0 | INTERFACE INGRESS TABLE | GENIUS - INTERFACEMANAGER |
17 | INGRESS DISPATCHER TABLE | GENIUS - INTERFACEMANAGER |
18 | EXTERNAL TUNNEL DHCP TABLE | NETVIRT - L2GW SERVICE |
19 | GATEWAY MAC TABLE | NETVIRT - L3VPN |
20 | L3 LFIB TABLE | NETVIRT - L3VPN |
21 | L3 FIB TABLE | NETVIRT - L3VPN |
22 | L3 SUBNET ROUTE TABLE | NETVIRT - L3VPN |
25 | Floating IP to Internal IP Translation Table | NETVIRT - NAT |
26 | Internal IP to FIP/ External IP Translation Table | NETVIRT - NAT |
27 | Intermediate Pre-FIB Table after Reverse Translation | NETVIRT - NAT |
28 | Intermediate Pre-FIB Table after Forward Translation | NETVIRT - NAT |
36 | Internal Terminating Service Table | ALL SERVICES(which require communication over vxlan) |
38 | External Terminating Service Table | NETVIRT - L2GW SERVICE |
43 | ARP Check Table | NETVIRT - ELAN |
44 | Inbound Translation in NAPT vSwitch | NETVIRT - NAT |
45 | IPv6 Table | NETVIRT - IPV6 |
46 | Outbound Translation in NAPT vSwitch | NETVIRT - NAT |
47 | NAPT vSwitch Pre-FIB Table | NETVIRT - NAT |
48 | ELAN DestIpToDMac Table | NETVIRT - ELAN |
49 | Temporary Source MAC Learned Table | NETVIRT - ELAN |
50 | ELAN SMAC Table | NETVIRT - ELAN |
51 | ELAN DMAC Table | NETVIRT - ELAN |
52 | ELAN Unknown DMAC Table | NETVIRT - ELAN |
55 | ELAN Filter Equals Table | NETVIRT - ELAN |
60 | DHCP Table | NETVIRT - DHCP |
80 | L3 Interface Table | NETVIRT - L3VPN |
81 | ARP Responder Table | NETVIRT - L3VPN |
210 | Ingress ACL Anti-spoofing table | NETVIRT - ACL |
211 | Ingress ACL Conntrack classifier table | NETVIRT - ACL |
212 | Ingress ACL Conntrack sender table | NETVIRT - ACL |
213 | Applying ACL for existing Ingress traffic table | NETVIRT - ACL |
214 | Ingress ACL Filter cum dispatcher table | NETVIRT - ACL |
215 | Ingress ACL filter table | NETVIRT - ACL |
216 | Ingress Remote ACL filter table | NETVIRT - ACL |
217 | Ingress ACL committer table | NETVIRT - ACL |
220 | Interface Egress Dispatcher Table | GENIUS - INTERFACEMANAGER |
239 | Clear Egress conntrack state table | NETVIRT - ACL |
240 | Egress ACL Anti-spoofing table | NETVIRT - ACL |
241 | Egress ACL Conntrack classifier table | NETVIRT - ACL |
242 | Egress ACL Conntrack sender table | NETVIRT - ACL |
243 | Applying ACL for existing Egress traffic table | NETVIRT - ACL |
244 | Egress ACL Filter cum dispatcher table | NETVIRT - ACL |
245 | Egress ACL filter table | NETVIRT - ACL |
246 | Egress Remote ACL filter table | NETVIRT - ACL |
247 | Egress ACL committer table | NETVIRT - ACL |
Netvirt uses Genius interface-manager to program ingress and egress flows for VMs as well as Tunnel ports. interface-manager is also used for binding multiple services on the same interface. A high level overview of the pipeline for ingress/egress is shown below in the diagram. This will be applicable for all service traffic flows explained in the subsequent sections.
Traffic Type | FLOW | |
---|---|---|
Known unicast traffic flow(both direction) | Table 0 => Table 17 => Table 43 => Table 48 => Table 49 => Table 50 => Table 51 => Table 220 => Output Port | |
Unknown unicast/ multicast/broadcast traffic | Table 0 => Table 17 => Table 43 => Table 50 => Table 51 => Table 52 => Remote BC Group => Local BC Group => Table 55 => Table 220 => Output Port |
Traffic Type | FLOW | |
---|---|---|
L3VPN Traffic Flow within same DPN | Table 0 => Table 17 => Table 19 => Table 21 => Local nexthop Group => Table 220 => output VM port | |
L3VPN Traffic Flow across DPNs within Data Center(source DPN) | Table 0 => Table 17 => Table 19 => Table 21 => Table 220 => Output tunnel port | |
L3VPN Traffic Flow across DPNs within DC(destination) | Table 0 => Table 36 => Table 220 => Output VM port | |
L3VPN Traffic Flow across DC(towards DC) | Table 0 => Table 17 => Table 19 => Table 21 => push MPLS, => Table 220 => output tunnel port | |
L3VPN Traffic Flow across DC(from DC) | Table 0 => Table 20 => Local nexthop group => Table 220 => output tunnel port |
Traffic Type | FLOW | |
---|---|---|
DNAT Traffic Flow on source DPN | Table 0 => Table 20 => Table 25 => Table 27 => Table 21 => Local nexthop Group => Table 220 =>Output port | |
DNAT Traffic Flow on destination DPN | Table 0 => Table 17 => Table 21 => Table 26 => Table 28 => Table 21 => External Tunnel Groups |
Traffic Type | FLOW | |
---|---|---|
DPN (source traffic) | Table 0 => Table 17 => Table 21 => Table 26 => Table 46 => Table 47 => Table 21 => External Tunnel Groups | |
DPN (reverse traffic) | Table 0 => Table 20 => Table 44 => Table 47 => Table 21 => Local nexthop Group => Table 220 => output port |
Traffic Type | FLOW | |
---|---|---|
DPN (source traffic) | Table 0 => Table 17 => Table 21 => Table 26 => Internal Tunnel Group => Table 220 => output tunnel port | |
NAPT DPN (reverse traffic) | Table 0 => Table 36 => Table 46 => Table 47 => Table 21 => External Tunnel Group => Table 220 => Output port |
Traffic Type | FLOW | |
---|---|---|
NAPT DPN (source traffic) | Table 0 => Table 20 => Table 44 => Table 47 => Table 21 => Internal Tunnel Group => Table 220 => output port | |
DPN (reverse traffic) | Table 0 => Table 36 => Local nexthop Group => Table 220 => output port |
<TBD>