mir/ovs
2
0
Fork 0
mirror of https://github.com/openvswitch/ovs synced 2025-08-22 01:51:26 +00:00
Code Issues Releases Wiki Activity

tunnels: Remove support for deprecated STT and LISP.

Browse Source 
STT and LISP tunnel types were deprecated and marked for removal in
the following commits in the OVS 3.5 release:

  3b37a6154a59 ("netdev-vport: Deprecate STT tunnel port type.")
  8d7ac031c03d ("netdev-vport: Deprecate LISP tunnel port type.")

Main reasons were that STT was rejected in upstream kernel and the
LISP was never upstreamed as well and doesn't really have a supported
implementation.  Both protocols also appear to have lost their former
relevance.

Removing both now.  While at it, also fixing some small documentation
issues and comments.

Acked-by: Eelco Chaudron <echaudro@redhat.com>
Acked-by: Alin Serdean <aserdean@ovn.org>
Acked-by: Kevin Traynor <ktraynor@redhat.com>
Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
This commit is contained in:
Ilya Maximets 2025-02-24 20:14:57 +01:00
parent 410e0f519f
commit 19b8941620
38 changed files with 65 additions and 1681 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

1
Documentation/automake.mk
View File

@ -69,7 +69,6 @@ DOC_SOURCE = \
Documentation/howto/libvirt.rst \
Documentation/howto/selinux.rst \
Documentation/howto/ssl.rst \
Documentation/howto/lisp.rst \
Documentation/howto/qos.png \
Documentation/howto/qos.rst \
Documentation/howto/sflow.png \

5
Documentation/faq/releases.rst
View File

@ -141,8 +141,6 @@ Q: Are all features available with all datapaths?
Conntrack NAT 4.6 2.6 2.8 YES
Conntrack NAT6 4.6 2.6 2.8 3.0
Conntrack Helper Persist. YES YES 3.3 NO
Tunnel - LISP (deprecated) NO 2.11 NO NO
Tunnel - STT (deprecated) NO 2.4 NO YES
Tunnel - GRE 3.11 1.0 2.4 YES
Tunnel - VXLAN 3.12 1.10 2.4 YES
Tunnel - Geneve 3.18 2.4 2.4 YES
@ -190,7 +188,6 @@ Q: Are all features available with all datapaths?
TCP flags matching 3.13 YES YES NO
Validate flow actions YES YES N/A NO
Multiple datapaths YES YES YES NO
Tunnel TSO - STT N/A YES NO YES
===================== ============== ============== ========= =======
Q: What DPDK version does each Open vSwitch release work with?
@ -294,8 +291,6 @@ packaged with Open vSwitch?
VXLAN 3.12
Geneve 3.18
ERSPAN 4.18
LISP not upstream
STT not upstream
======== ============
If you are using a version of the kernel that is older than the one listed

1
Documentation/howto/index.rst
View File

@ -41,7 +41,6 @@ OVS
selinux
libvirt
ssl
lisp
tunneling
userspace-tunneling
vlan

8
Documentation/howto/ipsec.rst
View File

@ -45,10 +45,10 @@ OVS IPsec
~~~~~~~~~
OVS IPsec aims to provide a simple interface for user to add encryption on OVS
tunnels. It supports GRE, GENEVE, VXLAN, and STT tunnel. The IPsec
configuration is done by setting options of the tunnel interface and
other_config of Open_vSwitch. You can choose different authentication methods
and plaintext tunnel policies based on your requirements.
tunnels. It supports GRE, GENEVE, and VXLAN tunnels. The IPsec configuration is
done by setting options of the tunnel interface and other_config of
Open_vSwitch. You can choose different authentication methods and plaintext
tunnel policies based on your requirements.
OVS does not currently provide any support for IPsec encryption for traffic not
encapsulated in a tunnel.

117
Documentation/howto/lisp.rst
View File

@ -1,117 +0,0 @@
..
Licensed under the Apache License, Version 2.0 (the "License"); you may
not use this file except in compliance with the License. You may obtain
a copy of the License at
http://www.apache.org/licenses/LICENSE-2.0
Unless required by applicable law or agreed to in writing, software
distributed under the License is distributed on an "AS IS" BASIS, WITHOUT
WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied. See the
License for the specific language governing permissions and limitations
under the License.
Convention for heading levels in Open vSwitch documentation:
======= Heading 0 (reserved for the title in a document)
------- Heading 1
~~~~~~~ Heading 2
+++++++ Heading 3
''''''' Heading 4
Avoid deeper levels because they do not render well.
====================
Using LISP tunneling
====================
.. warning::
LISP tunnel port type is deprecated and will be removed in OVS 3.6.
LISP is a layer 3 tunneling mechanism, meaning that encapsulated packets do not
carry Ethernet headers, and ARP requests shouldn't be sent over the tunnel.
Because of this, there are some additional steps required for setting up LISP
tunnels in Open vSwitch, until support for L3 tunnels will improve.
This guide assumes tunneling between two VMs connected to OVS bridges on
different hypervisors reachable over IPv4. Of course, more than one VM may be
connected to any of the hypervisors, and a hypervisor may communicate with
several different hypervisors over the same lisp tunneling interface. A LISP
"map-cache" can be implemented using flows, see example at the bottom of this
file.
There are several scenarios:
1) the VMs have IP addresses in the same subnet and the hypervisors are also
in a single subnet (although one different from the VM's);
2) the VMs have IP addresses in the same subnet but the hypervisors are
separated by a router;
3) the VMs are in different subnets.
In cases 1) and 3) ARP resolution can work as normal: ARP traffic is configured
not to go through the LISP tunnel. For case 1) ARP is able to reach the other
VM, if both OVS instances default to MAC address learning. Case 3) requires
the hypervisor be configured as the default router for the VMs.
In case 2) the VMs expect ARP replies from each other, but this is not possible
over a layer 3 tunnel. One solution is to have static MAC address entries
preconfigured on the VMs (e.g., ``arp -f /etc/ethers`` on startup on Unix based
VMs), or have the hypervisor do proxy ARP. In this scenario, the eth0
interfaces need not be added to the br0 bridge in the examples below.
On the receiving side, the packet arrives without the original MAC header. The
LISP tunneling code attaches a header with hard-coded source and destination MAC
address ``02:00:00:00:00:00``. This address has all bits set to 0, except the
locally administered bit, in order to avoid potential collisions with existing
allocations. In order for packets to reach their intended destination, the
destination MAC address needs to be rewritten. This can be done using the flow
table.
See below for an example setup, and the associated flow rules to enable LISP
tunneling.
::
Diagram
+---+ +---+
|VM1| |VM2|
+---+ +---+
| |
+--[tap0]--+ +--[tap0]---+
| | | |
[lisp0] OVS1 [eth0]-----------------[eth0] OVS2 [lisp0]
| | | |
+----------+ +-----------+
On each hypervisor, interfaces tap0, eth0, and lisp0 are added to a single
bridge instance, and become numbered 1, 2, and 3 respectively:
::
$ ovs-vsctl add-br br0
$ ovs-vsctl add-port br0 tap0
$ ovs-vsctl add-port br0 eth0
$ ovs-vsctl add-port br0 lisp0 \
-- set Interface lisp0 type=lisp options:remote_ip=flow options:key=flow
The last command sets up flow based tunneling on the lisp0 interface. From
the LISP point of view, this is like having the Tunnel Router map cache
implemented as flow rules.
Flows on br0 should be configured as follows:
::
priority=3,dl_dst=02:00:00:00:00:00,action=mod_dl_dst:<VMx_MAC>,output:1
priority=2,in_port=1,dl_type=0x0806,action=NORMAL
priority=1,in_port=1,dl_type=0x0800,vlan_tci=0,nw_src=<EID_prefix>,action=set_field:<OVSx_IP>->tun_dst,output:3
priority=0,action=NORMAL
The third rule is like a map cache entry: the ``<EID_prefix>`` specified by the
``nw_src`` match field is mapped to the RLOC ``<OVSx_IP>``, which is set as the
tunnel destination for this particular flow.
Optionally, if you want to use Instance ID in a flow, you can add
``set_tunnel:<IID>`` to the action list.

2
Documentation/intro/install/rhel.rst
View File

@ -199,7 +199,7 @@ Red Hat Network Scripts Integration
A RHEL host has default firewall rules that prevent any Open vSwitch tunnel
traffic from passing through. If a user configures Open vSwitch tunnels like
Geneve, GRE, VXLAN, LISP etc., they will either have to manually add iptables
Geneve, GRE, VXLAN, etc., they will either have to manually add iptables
firewall rules to allow the tunnel traffic or add it through a startup script
Refer to the "enable-protocol" command in the ovs-ctl(8) manpage for more
information.

5
Documentation/intro/install/windows.rst
View File

@ -703,8 +703,7 @@ Add tunnels
#. IPv4 tunnel, e.g.:
The Windows Open vSwitch implementation support VXLAN and STT tunnels
(STT tunnel ports are deprecated).
The Windows Open vSwitch implementation supports VXLAN and Geneve tunnels.
To add tunnels. For example, first add the tunnel port between
172.168.201.101 <->172.168.201.102:
@ -728,7 +727,7 @@ Add tunnels
> ovs-vsctl set Interface tun-2 options:in_key=flow
> ovs-vsctl set Interface tun-2 options:out_key=flow
Where ``<port-type>`` is one of: ``stt`` or ``vxlan``
Where ``<port-type>`` is one of: ``geneve`` or ``vxlan``
.. note::

3
NEWS
View File

@ -5,6 +5,9 @@ Post-v3.5.0
- ovs-ctl:
* Added a new option, --oom-score=<score>, to set the daemons' Linux
Out-Of-Memory (OOM) killer score.
- Tunnels:
* Support for previously deprecated LISP and STT tunnel port types
is now removed.
v3.5.0 - 17 Feb 2025

2
README.rst
View File

@ -37,7 +37,7 @@ following features:
- NIC bonding with or without LACP on upstream switch
- NetFlow, sFlow(R), and mirroring for increased visibility
- QoS (Quality of Service) configuration, plus policing
- Geneve, GRE, VXLAN, STT, ERSPAN, GTP-U, SRv6, Bareudp, and LISP tunneling
- Geneve, GRE, VXLAN, ERSPAN, GTP-U, SRv6, and Bareudp tunneling
- 802.1ag connectivity fault management
- OpenFlow 1.0 plus numerous extensions
- Transactional configuration database with C and Python bindings

2
datapath-windows/automake.mk
View File

@ -63,8 +63,6 @@ EXTRA_DIST += \
datapath-windows/ovsext/PacketParser.h \
datapath-windows/ovsext/Recirc.c \
datapath-windows/ovsext/Recirc.h \
datapath-windows/ovsext/Stt.c \
datapath-windows/ovsext/Stt.h \
datapath-windows/ovsext/Switch.c \
datapath-windows/ovsext/Switch.h \
datapath-windows/ovsext/Tunnel.c \

22
datapath-windows/ovsext/Actions.c
View File

@ -29,7 +29,6 @@
#include "Offload.h"
#include "PacketIO.h"
#include "Recirc.h"
#include "Stt.h"
#include "Switch.h"
#include "User.h"
#include "Vport.h"
@ -49,8 +48,6 @@ typedef struct _OVS_ACTION_STATS {
UINT64 txGre;
UINT64 rxVxlan;
UINT64 txVxlan;
UINT64 rxStt;
UINT64 txStt;
UINT64 rxGeneve;
UINT64 txGeneve;
UINT64 flowMiss;
@ -212,9 +209,6 @@ OvsDetectTunnelRxPkt(OvsForwardingContext *ovsFwdCtx,
dstPort, nwProto);
if (tunnelVport) {
switch(tunnelVport->ovsType) {
case OVS_VPORT_TYPE_STT:
ovsActionStats.rxStt++;
break;
case OVS_VPORT_TYPE_VXLAN:
ovsActionStats.rxVxlan++;
break;
@ -314,9 +308,6 @@ OvsDetectTunnelPkt(OvsForwardingContext *ovsFwdCtx,
case OVS_VPORT_TYPE_VXLAN:
ovsActionStats.txVxlan++;
break;
case OVS_VPORT_TYPE_STT:
ovsActionStats.txStt++;
break;
case OVS_VPORT_TYPE_GENEVE:
ovsActionStats.txGeneve++;
break;
@ -671,11 +662,6 @@ OvsTunnelPortTx(OvsForwardingContext *ovsFwdCtx)
&ovsFwdCtx->tunKey, ovsFwdCtx->switchContext,
&ovsFwdCtx->layers, &newNbl, &switchFwdInfo);
break;
case OVS_VPORT_TYPE_STT:
status = OvsEncapStt(ovsFwdCtx->tunnelTxNic, ovsFwdCtx->curNbl,
&ovsFwdCtx->tunKey, ovsFwdCtx->switchContext,
&ovsFwdCtx->layers, &newNbl, &switchFwdInfo);
break;
case OVS_VPORT_TYPE_GENEVE:
status = OvsEncapGeneve(ovsFwdCtx->tunnelTxNic, ovsFwdCtx->curNbl,
&ovsFwdCtx->tunKey, ovsFwdCtx->switchContext,
@ -767,14 +753,6 @@ OvsTunnelPortRx(OvsForwardingContext *ovsFwdCtx)
status = OvsDecapVxlan(ovsFwdCtx->switchContext, ovsFwdCtx->curNbl,
&ovsFwdCtx->tunKey, &newNbl);
break;
case OVS_VPORT_TYPE_STT:
status = OvsDecapStt(ovsFwdCtx->switchContext, ovsFwdCtx->curNbl,
&ovsFwdCtx->tunKey, &newNbl);
if (status == NDIS_STATUS_SUCCESS && newNbl == NULL) {
/* This was an STT-LSO Fragment */
dropReason = L"OVS-STT segment is cached";
}
break;
case OVS_VPORT_TYPE_GENEVE:
status = OvsDecapGeneve(ovsFwdCtx->switchContext, ovsFwdCtx->curNbl,
&ovsFwdCtx->tunKey, &newNbl);

9
datapath-windows/ovsext/Debug.h
View File

@ -39,12 +39,11 @@
#define OVS_DBG_OTHERS BIT32(19)
#define OVS_DBG_NETLINK BIT32(20)
#define OVS_DBG_TUNFLT BIT32(21)
#define OVS_DBG_STT BIT32(22)
#define OVS_DBG_CONTRK BIT32(23)
#define OVS_DBG_GENEVE BIT32(24)
#define OVS_DBG_IPFRAG BIT32(25)
#define OVS_DBG_CONTRK BIT32(22)
#define OVS_DBG_GENEVE BIT32(23)
#define OVS_DBG_IPFRAG BIT32(24)
#define OVS_DBG_LAST 25 /* Set this to the last defined module number. */
#define OVS_DBG_LAST 24 /* Set this to the last defined module number. */
/* Please add above OVS_DBG_LAST. */
#define OVS_DBG_ERROR DPFLTR_ERROR_LEVEL

1094
datapath-windows/ovsext/Stt.c
View File

File diff suppressed because it is too large Load Diff

124
datapath-windows/ovsext/Stt.h
View File

@ -1,124 +0,0 @@
/*
* Copyright (c) 2015 VMware, Inc.
*
* Licensed under the Apache License, Version 2.0 (the "License");
* you may not use this file except in compliance with the License.
* You may obtain a copy of the License at:
*
* http://www.apache.org/licenses/LICENSE-2.0
*
* Unless required by applicable law or agreed to in writing, software
* distributed under the License is distributed on an "AS IS" BASIS,
* WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
* See the License for the specific language governing permissions and
* limitations under the License.
*/
#ifndef __OVS_STT_H_
#define __OVS_STT_H_ 1
#include "IpHelper.h"
typedef union _OVS_FWD_INFO *POVS_FWD_INFO;
#define STT_TCP_PORT 7471
#define STT_TCP_PORT_NBO 0x2f1d
#define MAX_IP_TOTAL_LEN 65535
// STT defines.
#define STT_SEQ_LEN_SHIFT 16
#define STT_SEQ_OFFSET_MASK ((1 << STT_SEQ_LEN_SHIFT) - 1)
#define STT_FRAME_LEN(seq) ((seq) >> STT_SEQ_LEN_SHIFT)
#define STT_SEGMENT_OFF(seq) ((seq) & STT_SEQ_OFFSET_MASK)
#define STT_CSUM_VERIFIED (1 << 0)
#define STT_CSUM_PARTIAL (1 << 1)
#define STT_PROTO_IPV4 (1 << 2)
#define STT_PROTO_TCP (1 << 3)
#define STT_PROTO_TYPES (STT_PROTO_IPV4 | STT_PROTO_TCP)
#define STT_HASH_TABLE_SIZE ((UINT32)1 << 10)
#define STT_HASH_TABLE_MASK (STT_HASH_TABLE_SIZE - 1)
#define STT_ENTRY_TIMEOUT 300000000 // 30s
#define STT_CLEANUP_INTERVAL 300000000 // 30s
#define STT_ETH_PAD 2
typedef struct SttHdr {
UINT8 version;
UINT8 flags;
UINT8 l4Offset;
UINT8 reserved;
UINT16 mss;
UINT16 vlanTCI;
UINT64 key;
} SttHdr, *PSttHdr;
#define STT_HDR_LEN (sizeof(SttHdr) + STT_ETH_PAD)
typedef struct _OVS_STT_VPORT {
UINT16 dstPort;
UINT64 ackNo;
UINT64 ipId;
} OVS_STT_VPORT, *POVS_STT_VPORT;
typedef struct _OVS_STT_PKT_KEY {
UINT32 sAddr;
UINT32 dAddr;
UINT32 ackSeq;
} OVS_STT_PKT_KEY, *POVS_STT_PKT_KEY;
typedef struct _OVS_STT_PKT_ENTRY {
OVS_STT_PKT_KEY ovsPktKey;
UINT64 timeout;
UINT32 recvdLen;
UINT32 allocatedLen;
UINT8 ecn;
SttHdr sttHdr;
PCHAR packetBuf;
LIST_ENTRY link;
} OVS_STT_PKT_ENTRY, *POVS_STT_PKT_ENTRY;
typedef struct _OVS_STT_THREAD_CTX {
KEVENT event;
PVOID threadObject;
UINT32 exit;
} OVS_STT_THREAD_CTX, *POVS_STT_THREAD_CTX;
NTSTATUS OvsInitSttTunnel(POVS_VPORT_ENTRY vport,
UINT16 udpDestPort);
VOID OvsCleanupSttTunnel(POVS_VPORT_ENTRY vport);
NDIS_STATUS OvsEncapStt(POVS_VPORT_ENTRY vport,
PNET_BUFFER_LIST curNbl,
OvsIPTunnelKey *tunKey,
POVS_SWITCH_CONTEXT switchContext,
POVS_PACKET_HDR_INFO layers,
PNET_BUFFER_LIST *newNbl,
POVS_FWD_INFO switchFwdInfo);
NDIS_STATUS OvsDecapStt(POVS_SWITCH_CONTEXT switchContext,
PNET_BUFFER_LIST curNbl,
OvsIPTunnelKey *tunKey,
PNET_BUFFER_LIST *newNbl);
NTSTATUS OvsInitSttDefragmentation();
VOID OvsCleanupSttDefragmentation(VOID);
static __inline UINT32
OvsGetSttTunHdrSize(VOID)
{
return sizeof (EthHdr) + sizeof(IPHdr) + sizeof(TCPHdr) +
STT_HDR_LEN;
}
static __inline UINT32
OvsGetSttTunHdrSizeFromLayers(POVS_PACKET_HDR_INFO layers)
{
return layers->l7Offset + STT_HDR_LEN;
}
#endif /*__OVS_STT_H_ */

7
datapath-windows/ovsext/Switch.c
View File

@ -215,12 +215,6 @@ OvsCreateSwitch(NDIS_HANDLE ndisFilterHandle,
goto create_switch_done;
}
status = OvsInitSttDefragmentation();
if (status != STATUS_SUCCESS) {
OVS_LOG_ERROR("Exit: Failed to initialize Stt Defragmentation");
goto create_switch_done;
}
status = OvsInitConntrack(switchContext);
if (status != STATUS_SUCCESS) {
OvsUninitSwitchContext(switchContext);
@ -284,7 +278,6 @@ OvsExtDetach(NDIS_HANDLE filterModuleContext)
}
OvsDeleteSwitch(switchContext);
OvsCleanupIpHelper();
OvsCleanupSttDefragmentation();
OvsCleanupConntrack();
OvsCleanupCtRelated();
OvsCleanupIpFragment();

1
datapath-windows/ovsext/Util.h
View File

@ -33,7 +33,6 @@
#define OVS_SWITCH_POOL_TAG 'SSVO'
#define OVS_USER_POOL_TAG 'USVO'
#define OVS_VPORT_POOL_TAG 'PSVO'
#define OVS_STT_POOL_TAG 'RSVO'
#define OVS_GRE_POOL_TAG 'GSVO'
#define OVS_TUNFLT_POOL_TAG 'WSVO'
#define OVS_RECIRC_POOL_TAG 'CSVO'

20
datapath-windows/ovsext/Vport.c
View File

@ -22,7 +22,6 @@
#include "IpHelper.h"
#include "Jhash.h"
#include "Oid.h"
#include "Stt.h"
#include "Switch.h"
#include "User.h"
#include "Vport.h"
@ -764,11 +763,6 @@ OvsFindTunnelVportByDstPortAndNWProto(POVS_SWITCH_CONTEXT switchContext,
continue;
}
break;
case IPPROTO_TCP:
if (vport->ovsType != OVS_VPORT_TYPE_STT) {
continue;
}
break;
case IPPROTO_GRE:
break;
default:
@ -1114,9 +1108,6 @@ OvsInitTunnelVport(PVOID userContext,
}
break;
}
case OVS_VPORT_TYPE_STT:
status = OvsInitSttTunnel(vport, dstPort);
break;
case OVS_VPORT_TYPE_GENEVE:
status = OvsInitGeneveTunnel(vport, dstPort);
break;
@ -1254,7 +1245,6 @@ InitOvsVportCommon(POVS_SWITCH_CONTEXT switchContext,
switch(vport->ovsType) {
case OVS_VPORT_TYPE_GRE:
case OVS_VPORT_TYPE_VXLAN:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_GENEVE:
{
UINT16 dstPort = GetPortFromPriv(vport);
@ -1336,9 +1326,6 @@ OvsRemoveAndDeleteVport(PVOID usrParamsContext,
case OVS_VPORT_TYPE_GENEVE:
OvsCleanupGeneveTunnel(vport);
break;
case OVS_VPORT_TYPE_STT:
OvsCleanupSttTunnel(vport);
break;
case OVS_VPORT_TYPE_GRE:
OvsCleanupGreTunnel(vport);
break;
@ -2299,10 +2286,6 @@ OvsNewVportCmdHandler(POVS_USER_PARAMS_CONTEXT usrParamsCtx,
case OVS_VPORT_TYPE_GENEVE:
transportPortDest = GENEVE_UDP_PORT;
break;
case OVS_VPORT_TYPE_STT:
transportPortDest = STT_TCP_PORT;
nwProto = IPPROTO_TCP;
break;
default:
nlError = NL_ERROR_INVAL;
goto Cleanup;
@ -2421,9 +2404,6 @@ Cleanup:
case OVS_VPORT_TYPE_VXLAN:
OvsCleanupVxlanTunnel(NULL, vport, NULL, NULL);
break;
case OVS_VPORT_TYPE_STT:
OvsCleanupSttTunnel(vport);
break;
case OVS_VPORT_TYPE_GENEVE:
OvsCleanupGeneveTunnel(vport);
break;

5
datapath-windows/ovsext/Vport.h
View File

@ -18,7 +18,6 @@
#define __VPORT_H_ 1
#include "Gre.h"
#include "Stt.h"
#include "Switch.h"
#include "VxLan.h"
#include "Geneve.h"
@ -180,7 +179,6 @@ OvsIsTunnelVportType(OVS_VPORT_TYPE ovsType)
{
return ovsType == OVS_VPORT_TYPE_VXLAN ||
ovsType == OVS_VPORT_TYPE_GENEVE ||
ovsType == OVS_VPORT_TYPE_STT ||
ovsType == OVS_VPORT_TYPE_GRE;
}
@ -253,9 +251,6 @@ GetPortFromPriv(POVS_VPORT_ENTRY vport)
switch(vport->ovsType) {
case OVS_VPORT_TYPE_GRE:
break;
case OVS_VPORT_TYPE_STT:
dstPort = ((POVS_STT_VPORT)vportPriv)->dstPort;
break;
case OVS_VPORT_TYPE_VXLAN:
dstPort = ((POVS_VXLAN_VPORT)vportPriv)->dstPort;
break;

2
datapath-windows/ovsext/ovsext.vcxproj
View File

@ -179,7 +179,6 @@
<ClInclude Include="precomp.h" />
<ClInclude Include="Recirc.h" />
<ClInclude Include="resource.h" />
<ClInclude Include="Stt.h" />
<ClInclude Include="Switch.h" />
<ClInclude Include="Tunnel.h" />
<ClInclude Include="TunnelIntf.h" />
@ -426,7 +425,6 @@
<PreCompiledHeaderOutputFile>$(IntDir)\precomp.h.pch</PreCompiledHeaderOutputFile>
</ClCompile>
<ClCompile Include="Recirc.c" />
<ClCompile Include="Stt.c" />
<ClCompile Include="Switch.c" />
<ClCompile Include="Tunnel.c" />
<ClCompile Include="TunnelFilter.c" />

4
include/linux/openvswitch.h
View File

@ -247,8 +247,8 @@ enum ovs_vport_type {
OVS_VPORT_TYPE_GRE, /* GRE tunnel. */
OVS_VPORT_TYPE_VXLAN, /* VXLAN tunnel. */
OVS_VPORT_TYPE_GENEVE, /* Geneve tunnel. */
OVS_VPORT_TYPE_LISP = 105, /* LISP tunnel (deprecated). */
OVS_VPORT_TYPE_STT = 106, /* STT tunnel (deprecated). */
/* OVS_VPORT_TYPE_LISP = 105, LISP tunnel (no longer supported). */
/* OVS_VPORT_TYPE_STT = 106, STT tunnel (no longer supported). */
OVS_VPORT_TYPE_ERSPAN = 107, /* ERSPAN tunnel. */
OVS_VPORT_TYPE_IP6ERSPAN = 108, /* ERSPAN tunnel. */
OVS_VPORT_TYPE_IP6GRE = 109,

34
ipsec/ovs-monitor-ipsec.in
View File

@ -56,17 +56,6 @@ $auth_section
leftprotoport=udp
rightprotoport=udp/6081
"""), "stt": Template("""\
conn $ifname-in-$version
$auth_section
leftprotoport=tcp/7471
rightprotoport=tcp
conn $ifname-out-$version
$auth_section
leftprotoport=tcp
rightprotoport=tcp/7471
"""), "vxlan": Template("""\
conn $ifname-in-$version
$auth_section
@ -227,11 +216,6 @@ conn prevent_unencrypted_geneve
leftprotoport=udp/6081
mark={0}
conn prevent_unencrypted_stt
type=drop
leftprotoport=tcp/7471
mark={0}
conn prevent_unencrypted_vxlan
type=drop
leftprotoport=udp/4789
@ -456,12 +440,6 @@ conn prevent_unencrypted_geneve
leftprotoport=udp/6081
mark={0}
conn prevent_unencrypted_stt
type=drop
left=%defaultroute
leftprotoport=tcp/7471
mark={0}
conn prevent_unencrypted_vxlan
type=drop
left=%defaultroute
@ -746,11 +724,6 @@ conn prevent_unencrypted_vxlan
"--ctlsocket", self.IPSEC_CTL,
"--add",
"--asynchronous", "prevent_unencrypted_geneve"])
run_command(self.IPSEC_AUTO +
["--config", self.ROOT_IPSEC_CONF,
"--ctlsocket", self.IPSEC_CTL,
"--add",
"--asynchronous", "prevent_unencrypted_stt"])
run_command(self.IPSEC_AUTO +
["--config", self.ROOT_IPSEC_CONF,
"--ctlsocket", self.IPSEC_CTL,
@ -767,11 +740,6 @@ conn prevent_unencrypted_vxlan
"--ctlsocket", self.IPSEC_CTL,
"--delete",
"--asynchronous", "prevent_unencrypted_geneve"])
run_command(self.IPSEC_AUTO +
["--config", self.ROOT_IPSEC_CONF,
"--ctlsocket", self.IPSEC_CTL,
"--delete",
"--asynchronous", "prevent_unencrypted_stt"])
run_command(self.IPSEC_AUTO +
["--config", self.ROOT_IPSEC_CONF,
"--ctlsocket", self.IPSEC_CTL,
@ -1178,7 +1146,7 @@ class IPsecMonitor(object):
def is_tunneling_type_supported(self, tunnel_type):
"""Returns True if we know how to configure IPsec for these
types of tunnels. Otherwise, returns False."""
return tunnel_type in ["gre", "geneve", "vxlan", "stt"]
return tunnel_type in ["gre", "geneve", "vxlan"]
def is_ipsec_required(self, options_column):
"""Return True if tunnel needs to be encrypted. Otherwise,

8
lib/dpif-netlink-rtnl.c
View File

@ -135,8 +135,6 @@ vport_type_to_kind(enum ovs_vport_type type,
return "bareudp";
case OVS_VPORT_TYPE_NETDEV:
case OVS_VPORT_TYPE_INTERNAL:
case OVS_VPORT_TYPE_LISP:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_UNSPEC:
case __OVS_VPORT_TYPE_MAX:
default:
@ -318,8 +316,6 @@ dpif_netlink_rtnl_verify(const struct netdev_tunnel_config *tnl_cfg,
break;
case OVS_VPORT_TYPE_NETDEV:
case OVS_VPORT_TYPE_INTERNAL:
case OVS_VPORT_TYPE_LISP:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_GTPU:
case OVS_VPORT_TYPE_SRV6:
case OVS_VPORT_TYPE_UNSPEC:
@ -411,8 +407,6 @@ dpif_netlink_rtnl_create(const struct netdev_tunnel_config *tnl_cfg,
break;
case OVS_VPORT_TYPE_NETDEV:
case OVS_VPORT_TYPE_INTERNAL:
case OVS_VPORT_TYPE_LISP:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_GTPU:
case OVS_VPORT_TYPE_SRV6:
case OVS_VPORT_TYPE_UNSPEC:
@ -528,8 +522,6 @@ dpif_netlink_rtnl_port_destroy(const char *name, const char *type)
return dpif_netlink_rtnl_destroy(name);
case OVS_VPORT_TYPE_NETDEV:
case OVS_VPORT_TYPE_INTERNAL:
case OVS_VPORT_TYPE_LISP:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_GTPU:
case OVS_VPORT_TYPE_UNSPEC:
case __OVS_VPORT_TYPE_MAX:

10
lib/dpif-netlink.c
View File

@ -901,12 +901,6 @@ get_vport_type(const struct dpif_netlink_vport *vport)
case OVS_VPORT_TYPE_VXLAN:
return "vxlan";
case OVS_VPORT_TYPE_LISP:
return "lisp";
case OVS_VPORT_TYPE_STT:
return "stt";
case OVS_VPORT_TYPE_ERSPAN:
return "erspan";
@ -942,14 +936,10 @@ netdev_to_ovs_vport_type(const char *type)
return OVS_VPORT_TYPE_NETDEV;
} else if (!strcmp(type, "internal")) {
return OVS_VPORT_TYPE_INTERNAL;
} else if (strstr(type, "stt")) {
return OVS_VPORT_TYPE_STT;
} else if (!strcmp(type, "geneve")) {
return OVS_VPORT_TYPE_GENEVE;
} else if (!strcmp(type, "vxlan")) {
return OVS_VPORT_TYPE_VXLAN;
} else if (!strcmp(type, "lisp")) {
return OVS_VPORT_TYPE_LISP;
} else if (!strcmp(type, "erspan")) {
return OVS_VPORT_TYPE_ERSPAN;
} else if (!strcmp(type, "ip6erspan")) {

13
lib/meta-flow.xml
View File

@ -27,7 +27,7 @@
Open vSwitch 2.7 and earlier considered Ethernet fields to be root fields,
and this remains the default mode of operation for Open vSwitch bridges.
When a packet is received from a non-Ethernet interfaces, such as a layer-3
LISP tunnel, Open vSwitch 2.7 and earlier force-fit the packet to this
VXLAN-GPE tunnel, Open vSwitch 2.7 and earlier force-fit the packet to this
Ethernet-centric point of view by pretending that an Ethernet header is
present whose Ethernet type that indicates the packet's actual type (and
whose source and destination addresses are all-zero).
@ -44,7 +44,7 @@
turn off this legacy behavior, on a port-by-port basis, by setting
<code>options:packet_type</code> to <code>ptap</code> in the
<code>Interface</code> table. This is significant only for ports that can
handle non-Ethernet packets, which is currently just LISP, VXLAN-GPE, and
handle non-Ethernet packets, which is currently just VXLAN-GPE, and
GRE tunnel ports. See <code>ovs-vwitchd.conf.db</code>(5) for more
information.
</p>
@ -1455,9 +1455,7 @@ ovs-ofctl add-flow br-int 'in_port=3,tun_src=192.168.1.1,tun_id=5001 actions=1'
<li>
VXLAN and Geneve have a 24-bit virtual network identifier (VNI).
</li>
<li>LISP has a 24-bit instance ID.</li>
<li>GRE has an optional 32-bit key.</li>
<li>STT has a 64-bit key.</li>
<li>ERSPAN has a 10-bit key (Session ID).</li>
<li>GTPU has a 32-bit key (Tunnel Endpoint ID).</li>
</ul>
@ -4832,13 +4830,6 @@ r c c c r.
href="http://www.ietf.org/rfc/rfc5462.txt"/>.
</dd>
<dt>RFC 6830</dt>
<dd>
D. Farinacci, V. Fuller, D. Meyer, and D. Lewis, ``The
Locator/ID Separation Protocol (LISP),'' <url
href="http://www.ietf.org/rfc/rfc6830.txt"/>.
</dd>
<dt>RFC 7348</dt>
<dd>
M. Mahalingam, D. Dutt, K. Duda, P. Agarwal, L. Kreeger, T. Sridhar,

39
lib/netdev-vport.c
View File

@ -57,8 +57,6 @@ VLOG_DEFINE_THIS_MODULE(netdev_vport);
#define GENEVE_DST_PORT 6081
#define VXLAN_DST_PORT 4789
#define LISP_DST_PORT 4341
#define STT_DST_PORT 7471
#define DEFAULT_TTL 64
@ -119,7 +117,6 @@ netdev_vport_needs_dst_port(const struct netdev *dev)
return (class->get_config == get_tunnel_config &&
(!strcmp("geneve", type) || !strcmp("vxlan", type) ||
!strcmp("lisp", type) || !strcmp("stt", type) ||
!strcmp("gtpu", type) || !strcmp("bareudp",type)));
}
@ -224,12 +221,6 @@ netdev_vport_construct(struct netdev *netdev_)
} else if (!strcmp(type, "vxlan")) {
tnl_cfg->dst_port = port ? htons(port) : htons(VXLAN_DST_PORT);
update_vxlan_global_cfg(netdev_, NULL, tnl_cfg);
} else if (!strcmp(type, "lisp")) {
tnl_cfg->dst_port = port ? htons(port) : htons(LISP_DST_PORT);
VLOG_WARN("%s: 'lisp' port type is deprecated.", name);
} else if (!strcmp(type, "stt")) {
tnl_cfg->dst_port = port ? htons(port) : htons(STT_DST_PORT);
VLOG_WARN("%s: 'stt' port type is deprecated.", name);
} else if (!strcmp(type, "gtpu")) {
tnl_cfg->dst_port = port ? htons(port) : htons(GTPU_DST_PORT);
} else if (!strcmp(type, "bareudp")) {
@ -480,9 +471,7 @@ static enum tunnel_layers
tunnel_supported_layers(const char *type,
const struct netdev_tunnel_config *tnl_cfg)
{
if (!strcmp(type, "lisp")) {
return TNL_L3;
} else if (!strcmp(type, "gre")) {
if (!strcmp(type, "gre")) {
return TNL_L2 | TNL_L3;
} else if (!strcmp(type, "vxlan")
&& tnl_cfg->exts & (1 << OVS_VXLAN_EXT_GPE)) {
@ -630,7 +619,7 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args, char **errp)
int err;
has_csum = strstr(type, "gre") || strstr(type, "geneve") ||
strstr(type, "stt") || strstr(type, "vxlan");
strstr(type, "vxlan");
has_seq = strstr(type, "gre");
memset(&tnl_cfg, 0, sizeof tnl_cfg);
@ -643,14 +632,6 @@ set_tunnel_config(struct netdev *dev_, const struct smap *args, char **errp)
tnl_cfg.dst_port = htons(VXLAN_DST_PORT);
}
if (!strcmp(type, "lisp")) {
tnl_cfg.dst_port = htons(LISP_DST_PORT);
}
if (!strcmp(type, "stt")) {
tnl_cfg.dst_port = htons(STT_DST_PORT);
}
if (!strcmp(type, "gtpu")) {
tnl_cfg.dst_port = htons(GTPU_DST_PORT);
}
@ -1032,8 +1013,6 @@ get_tunnel_config(const struct netdev *dev, struct smap *args)
if ((!strcmp("geneve", type) && dst_port != GENEVE_DST_PORT) ||
(!strcmp("vxlan", type) && dst_port != VXLAN_DST_PORT) ||
(!strcmp("lisp", type) && dst_port != LISP_DST_PORT) ||
(!strcmp("stt", type) && dst_port != STT_DST_PORT) ||
(!strcmp("gtpu", type) && dst_port != GTPU_DST_PORT) ||
!strcmp("bareudp", type)) {
smap_add_format(args, "dst_port", "%d", dst_port);
@ -1316,20 +1295,6 @@ netdev_vport_tunnel_register(void)
},
{{NULL, NULL, 0, 0}}
},
{ "lisp_sys",
{
TUNNEL_FUNCTIONS_COMMON,
.type = "lisp"
},
{{NULL, NULL, 0, 0}}
},
{ "stt_sys",
{
TUNNEL_FUNCTIONS_COMMON,
.type = "stt"
},
{{NULL, NULL, 0, 0}}
},
{ "erspan_sys",
{
TUNNEL_FUNCTIONS_COMMON,

2
lib/tnl-ports.c
View File

@ -169,8 +169,6 @@ tnl_type_to_nw_proto(const char type[], uint8_t nw_protos[2])
if (!strcmp(type, "geneve") || !strcmp(type, "vxlan") ||
!strcmp(type, "gtpu")) {
nw_protos[0] = IPPROTO_UDP;
} else if (!strcmp(type, "stt")) {
nw_protos[0] = IPPROTO_TCP;
} else if (!strcmp(type, "gre") || !strcmp(type, "erspan") ||
!strcmp(type, "ip6erspan") || !strcmp(type, "ip6gre")) {
nw_protos[0] = IPPROTO_GRE;

44
ofproto/ofproto-dpif-ipfix.c
View File

@ -66,27 +66,27 @@ enum ipfix_sampled_packet_type {
};
/* The standard layer2SegmentId (ID 351) element is included in vDS to send
* the VxLAN tunnel's VNI. It is 64-bit long, the most significant byte is
* used to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three
* least significant bytes hold the value of the layer 2 overlay network
* segment identifier: a 24-bit VxLAN tunnel's VNI or a 24-bit GRE tunnel's
* TNI. This is not compatible with STT, as implemented in OVS, as
* its tunnel IDs is 64-bit.
* the VxLAN tunnel's VNI. It is 64-bit long, the most significant byte is used
* to indicate the type of tunnel (0x01 = VxLAN, 0x02 = GRE) and the three or
* four least significant bytes hold the value of the layer 2 overlay network
* segment identifier: a 24-bit VxLAN or Geneve tunnel's VNI or a 32-bit GRE
* tunnel's TNI.
*
* Two new enterprise information elements are defined which are similar to
* laryerSegmentId but support 64-bit IDs:
* tunnelType (ID 891) and tunnelKey (ID 892).
* OVS currently doesn't support any tunnel types that require 64-bit IDs, but
* these elements are used for historical reasons.
*
* The enum dpif_ipfix_tunnel_type is to declare the types supported in the
* tunnelType element.
* The number of ipfix tunnel types includes two reserverd types: 0x04 and 0x06.
*/
enum dpif_ipfix_tunnel_type {
DPIF_IPFIX_TUNNEL_UNKNOWN = 0x00,
DPIF_IPFIX_TUNNEL_VXLAN = 0x01,
DPIF_IPFIX_TUNNEL_GRE = 0x02,
DPIF_IPFIX_TUNNEL_LISP = 0x03,
DPIF_IPFIX_TUNNEL_STT = 0x04,
/* 0x03 - 0x06 are either reserved or previously used by no longer
* supported tunnel types, hence should not be used for any new ones. */
DPIF_IPFIX_TUNNEL_GENEVE = 0x07,
NUM_DPIF_IPFIX_TUNNEL
};
@ -226,7 +226,7 @@ enum ipfix_proto_l4 {
};
enum ipfix_proto_tunnel {
IPFIX_PROTO_NOT_TUNNELED = 0,
IPFIX_PROTO_TUNNELED, /* Support gre, lisp and vxlan. */
IPFIX_PROTO_TUNNELED, /* Support gre, geneve and vxlan. */
NUM_IPFIX_PROTO_TUNNEL
};
@ -386,13 +386,9 @@ struct ipfix_data_record_flow_key_icmp {
BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_flow_key_icmp) == 2);
static uint8_t tunnel_protocol[NUM_DPIF_IPFIX_TUNNEL] = {
0, /* reserved */
IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_VXLAN */
IPPROTO_GRE, /* DPIF_IPFIX_TUNNEL_GRE */
IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_LISP*/
IPPROTO_TCP, /* DPIF_IPFIX_TUNNEL_STT*/
0 , /* reserved */
IPPROTO_UDP, /* DPIF_IPFIX_TUNNEL_GENEVE*/
[DPIF_IPFIX_TUNNEL_VXLAN] = IPPROTO_UDP,
[DPIF_IPFIX_TUNNEL_GRE] = IPPROTO_GRE,
[DPIF_IPFIX_TUNNEL_GENEVE] = IPPROTO_UDP,
};
OVS_PACKED(
@ -511,12 +507,11 @@ BUILD_ASSERT_DECL(sizeof(struct ipfix_data_record_aggregated_tcp) == 48);
/*
* support tunnel key for:
* VxLAN: 24-bit VIN,
* VxLAN: 24-bit VNI,
* Geneve: 24-bit VNI,
* GRE: 32-bit key,
* LISP: 24-bit instance ID
* STT: 64-bit key
*/
#define MAX_TUNNEL_KEY_LEN 8
#define MAX_TUNNEL_KEY_LEN 4
#define MAX_IF_NAME_LEN 64
#define MAX_IF_DESCR_LEN 128
@ -866,12 +861,8 @@ dpif_ipfix_tunnel_type(const struct ofport *ofport)
return DPIF_IPFIX_TUNNEL_GRE;
} else if (strcmp(type, "vxlan") == 0) {
return DPIF_IPFIX_TUNNEL_VXLAN;
} else if (strcmp(type, "lisp") == 0) {
return DPIF_IPFIX_TUNNEL_LISP;
} else if (strcmp(type, "geneve") == 0) {
return DPIF_IPFIX_TUNNEL_GENEVE;
} else if (strcmp(type, "stt") == 0) {
return DPIF_IPFIX_TUNNEL_STT;
}
return DPIF_IPFIX_TUNNEL_UNKNOWN;
@ -886,11 +877,8 @@ dpif_ipfix_tunnel_key_length(enum dpif_ipfix_tunnel_type tunnel_type)
/* 32-bit key gre */
return 4;
case DPIF_IPFIX_TUNNEL_VXLAN:
case DPIF_IPFIX_TUNNEL_LISP:
case DPIF_IPFIX_TUNNEL_GENEVE:
return 3;
case DPIF_IPFIX_TUNNEL_STT:
return 8;
case DPIF_IPFIX_TUNNEL_UNKNOWN:
case NUM_DPIF_IPFIX_TUNNEL:
default:

4
ofproto/ofproto-dpif-sflow.c
View File

@ -60,7 +60,6 @@ enum dpif_sflow_tunnel_type {
DPIF_SFLOW_TUNNEL_UNKNOWN = 0,
DPIF_SFLOW_TUNNEL_VXLAN,
DPIF_SFLOW_TUNNEL_GRE,
DPIF_SFLOW_TUNNEL_LISP,
DPIF_SFLOW_TUNNEL_GENEVE
};
@ -628,8 +627,6 @@ dpif_sflow_tunnel_type(struct ofport *ofport) {
return DPIF_SFLOW_TUNNEL_GRE;
} else if (strcmp(type, "vxlan") == 0) {
return DPIF_SFLOW_TUNNEL_VXLAN;
} else if (strcmp(type, "lisp") == 0) {
return DPIF_SFLOW_TUNNEL_LISP;
} else if (strcmp(type, "geneve") == 0) {
return DPIF_SFLOW_TUNNEL_GENEVE;
}
@ -649,7 +646,6 @@ dpif_sflow_tunnel_proto(enum dpif_sflow_tunnel_type tunnel_type)
break;
case DPIF_SFLOW_TUNNEL_VXLAN:
case DPIF_SFLOW_TUNNEL_LISP:
case DPIF_SFLOW_TUNNEL_GENEVE:
ipproto = IPPROTO_UDP;

2
ofproto/ofproto-dpif-xlate.c
View File

@ -3840,8 +3840,6 @@ propagate_tunnel_data_to_flow(struct xlate_ctx *ctx, struct eth_addr dmac,
nw_proto = (flow->dl_type == htons(ETH_TYPE_IP))
? IPPROTO_IPIP : IPPROTO_IPV6;
break;
case OVS_VPORT_TYPE_LISP:
case OVS_VPORT_TYPE_STT:
case OVS_VPORT_TYPE_UNSPEC:
case OVS_VPORT_TYPE_NETDEV:
case OVS_VPORT_TYPE_INTERNAL:

6
tests/ofproto-dpif.at
View File

@ -8593,7 +8593,7 @@ AT_SETUP([ofproto-dpif - Flow IPFIX sanity check - tunnel set])
OVS_VSWITCHD_START([add-port br0 p1 -- set Interface p1 type=gre \
options:remote_ip=1.1.1.1 options:local_ip=2.2.2.2 \
options:key=5 ofport_request=1\
-- add-port br0 p2 -- set Interface p2 type=stt \
-- add-port br0 p2 -- set Interface p2 type=geneve \
options:remote_ip=1.1.1.2 options:local_ip=2.2.2.3 \
options:key=6 ofport_request=2\
-- add-port br0 p3 -- set Interface p3 type=dummy \
@ -8651,14 +8651,14 @@ AT_CHECK([ovs-appctl ofproto/trace ovs-dummy 'in_port(3),eth(src=50:54:00:00:00:
dnl Make sure flow sample action in datapath is behind set tunnel
dnl action at egress point of tunnel port.
AT_CHECK([tail -1 stdout], [0], [dnl
Datapath actions: set(tunnel(tun_id=0x5,src=2.2.2.2,dst=1.1.1.1,tos=0x1,ttl=64,flags(df|key))),userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=1),tunnel_out_port=1),1,set(tunnel(tun_id=0x6,src=2.2.2.3,dst=1.1.1.2,tos=0x1,ttl=64,tp_dst=7471,flags(df|key))),userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=7471),tunnel_out_port=7471),7471
Datapath actions: set(tunnel(tun_id=0x5,src=2.2.2.2,dst=1.1.1.1,tos=0x1,ttl=64,flags(df|key))),userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=1),tunnel_out_port=1),1,set(tunnel(tun_id=0x6,src=2.2.2.3,dst=1.1.1.2,tos=0x1,ttl=64,tp_dst=6081,flags(df|key))),userspace(pid=0,flow_sample(probability=65535,collector_set_id=1,obs_domain_id=0,obs_point_id=0,output_port=6081),tunnel_out_port=6081),6081
])
dnl Remove the flow which contains sample action.
AT_CHECK([ovs-ofctl del-flows br0 in_port=3], [0], [ignore])
AT_CHECK([ovs-vsctl destroy Flow_Sample_Collector_Set 1], [0], [ignore])
OVS_VSWITCHD_STOP(["/'stt' port type is deprecated/d"])
OVS_VSWITCHD_STOP
AT_CLEANUP
AT_SETUP([ofproto-dpif - Flow IPFIX sanity check - from field])

10
tests/ovs-vsctl.at
View File

@ -1613,7 +1613,6 @@ m4_foreach(
[ovs-dummy],
[genev_sys],
[gre_sys],
[lisp_sys],
[vxlan_sys]],
[
# Try creating the port
@ -1639,19 +1638,16 @@ AT_SETUP([add-port -- reserved names 2])
# Creates all type of tunnel ports
OVS_VSWITCHD_START([add-port br0 p1 -- set Interface p1 type=gre \
options:remote_ip=1.1.1.1 ofport_request=1\
-- add-port br0 p3 -- set Interface p3 type=lisp \
-- add-port br0 p3 -- set Interface p3 type=vxlan \
options:remote_ip=2.2.2.2 ofport_request=3 \
-- add-port br0 p4 -- set Interface p4 type=vxlan \
options:remote_ip=2.2.2.2 ofport_request=4 \
-- add-port br0 p5 -- set Interface p5 type=geneve \
options:remote_ip=2.2.2.2 ofport_request=5])
-- add-port br0 p4 -- set Interface p4 type=geneve \
options:remote_ip=2.2.2.2 ofport_request=4])
# Test creating all reserved tunnel port names
m4_foreach(
[reserved_name],
[[genev_sys],
[gre_sys],
[lisp_sys],
[vxlan_sys]],
[
# Try creating the port

2
tests/system-kmod-macros.at
View File

@ -20,7 +20,7 @@ m4_define([_ADD_BR], [[add-br $1 -- set Bridge $1 protocols=OpenFlow10,OpenFlow1
m4_define([OVS_TRAFFIC_VSWITCHD_START],
[AT_CHECK([modprobe openvswitch])
on_exit 'modprobe -r openvswitch'
m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_lisp], [vport_stt], [vport_vxlan]],
m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_vxlan]],
[modprobe -q mod || echo "Module mod not loaded."
on_exit 'modprobe -q -r mod'
])

2
tests/system-offloads-testsuite-macros.at
View File

@ -18,7 +18,7 @@ limitations under the License.])
m4_define([OVS_TRAFFIC_VSWITCHD_START],
[AT_CHECK([modprobe openvswitch])
on_exit 'modprobe -r openvswitch'
m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_lisp], [vport_stt], [vport_vxlan]],
m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_vxlan]],
[modprobe -q mod || echo "Module mod not loaded."
on_exit 'modprobe -q -r mod'
])

12
tests/tunnel.at
View File

@ -564,18 +564,6 @@ ffffffffffffaa55aa55000008060001080006040001aa55aa550000ac1f0101000000000000ac1f
OVS_VSWITCHD_STOP
AT_CLEANUP
AT_SETUP([tunnel - LISP])
OVS_VSWITCHD_START([add-port br0 p1 -- set Interface p1 type=lisp \
options:remote_ip=1.1.1.1 ofport_request=1])
AT_CHECK([ovs-appctl dpif/show | tail -n +3], [0], [dnl
br0 65534/100: (dummy-internal)
p1 1/4341: (lisp: remote_ip=1.1.1.1)
])
OVS_VSWITCHD_STOP(["/'lisp' port type is deprecated/d"])
AT_CLEANUP
AT_SETUP([tunnel - ERSPAN])
OVS_VSWITCHD_START([add-port br0 p1 -- set Interface p1 type=erspan \
options:remote_ip=1.1.1.1 options:key=1 options:erspan_ver=1 \

1
utilities/docker/ovs-override.conf
View File

@ -1,4 +1,3 @@
override openvswitch * extra
override vport-geneve * extra
override vport-stt * extra
override vport-* * extra

1
utilities/docker/start-ovs
View File

@ -27,7 +27,6 @@ case $1 in
;;
"ovs-vswitchd") depmod -a
modprobe openvswitch
modprobe vport_stt
modprobe vport_geneve
/usr/share/openvswitch/scripts/ovs-ctl \
--no-ovsdb-server start

113
vswitchd/vswitch.xml
View File

@ -2823,56 +2823,6 @@
</p>
</dd>
<dt><code>lisp</code></dt>
<dd>
<p>
This port type is deprecated.
</p>
<p>
A layer 3 tunnel over the experimental, UDP-based Locator/ID
Separation Protocol (RFC 6830).
</p>
<p>
Only IPv4 and IPv6 packets are supported by the protocol, and
they are sent and received without an Ethernet header. Traffic
to/from LISP ports is expected to be configured explicitly, and
the ports are not intended to participate in learning based
switching. As such, they are always excluded from packet
flooding.
</p>
</dd>
<dt><code>stt</code></dt>
<dd>
<p>
This port type is deprecated.
</p>
<p>
The Stateless TCP Tunnel (STT) is particularly useful when tunnel
endpoints are in end-systems, as it utilizes the capabilities of
standard network interface cards to improve performance.
STT utilizes a TCP-like header inside the IP header. It is
stateless, i.e., there is no TCP connection state of any kind
associated with the tunnel. The TCP-like header is used to
leverage the capabilities of existing network interface cards,
but should not be interpreted as implying any sort of connection
state between endpoints.
</p>
<p>
Since the STT protocol does not engage in the usual TCP 3-way
handshake, so it will have difficulty traversing stateful
firewalls.
</p>
<p>
The protocol is documented at
<code>https://tools.ietf.org/html/draft-davie-stt</code>.
All traffic uses a default destination port of 7471.
</p>
</dd>
<dt><code>patch</code></dt>
<dd>
A pair of virtual devices that act as a patch cable.
@ -2928,8 +2878,7 @@
<p>
These options apply to interfaces with <ref column="type"/> of
<code>geneve</code>, <code>bareudp</code>, <code>gre</code>,
<code>ip6gre</code>, <code>vxlan</code>, <code>lisp</code>,
<code>stt</code> and <code>srv6</code>.
<code>ip6gre</code>, <code>vxlan</code>, and <code>srv6</code>.
</p>
<p>
@ -3023,9 +2972,8 @@
key="in_key"/> at all.
</li>
<li>
A positive 24-bit (for Geneve, VXLAN, and LISP), 32-bit (for GRE)
or 64-bit (for STT) number. The tunnel receives only
packets with the specified key.
A positive 24-bit (for Geneve and VXLAN) or 32-bit (for GRE)
number. The tunnel receives only packets with the specified key.
</li>
<li>
The word <code>flow</code>. The tunnel accepts packets with any
@ -3054,9 +3002,9 @@
key="out_key"/> at all.
</li>
<li>
A positive 24-bit (for Geneve, VXLAN and LISP), 32-bit (for GRE) or
64-bit (for STT) number. Packets sent through the tunnel
will have the specified key.
A positive 24-bit (for Geneve and VXLAN) or 32-bit (for GRE)
number. Packets sent through the tunnel will have the specified
key.
</li>
<li>
The word <code>flow</code>. Packets sent through the tunnel will
@ -3069,8 +3017,8 @@
</column>
<column name="options" key="dst_port">
Optional. The tunnel transport layer destination port, for UDP and TCP
based tunnel protocols (Geneve, VXLAN, LISP, and STT).
Optional. The tunnel transport layer destination port, for UDP
based tunnel protocols (Geneve, VXLAN).
</column>
<column name="options" key="key">
@ -3107,35 +3055,6 @@
including tunnel monitoring.
</column>
<group title="Tunnel Options: lisp only">
<column name="options" key="packet_type"
type='{"type": "string", "enum": ["set",
["legacy_l3", "ptap"]]}'>
<p>
LISP tunnel type is deprecated.
</p>
<p>
A LISP tunnel sends and receives only IPv4 and IPv6 packets. This
option controls what how the tunnel represents the packets that it
sends and receives:
</p>
<ul>
<li>
By default, or if this option is <code>legacy_l3</code>, the
tunnel represents packets as Ethernet frames for compatibility
with legacy OpenFlow controllers that expect this behavior.
</li>
<li>
If this option is <code>ptap</code>, the tunnel represents
packets using the <code>packet_type</code> mechanism introduced
in OpenFlow 1.5.
</li>
</ul>
</column>
</group>
<group title="Tunnel Options: vxlan only">
<column name="options" key="exts">
@ -3279,11 +3198,10 @@
<group title="Tunnel Options: IPsec">
<p>
Setting any of these options enables IPsec support for a given
tunnel. <code>gre</code>, <code>geneve</code>,
<code>vxlan</code> and <code>stt</code>
interfaces support these options. See the <code>IPsec</code>
section in the <ref table="Open_vSwitch"/> table for a description
of each mode.
tunnel. <code>gre</code>, <code>geneve</code> and
<code>vxlan</code> interfaces support these options. See the
<code>IPsec</code> section in the <ref table="Open_vSwitch"/> table
for a description of each mode.
</p>
<column name="options" key="psk" type='{"type": "string"}'>
<p>
@ -6944,7 +6862,7 @@ ovs-vsctl add-port br0 p0 -- set Interface p0 type=patch options:peer=p1 \
<p>type: unsigned 8-bit integer.</p>
<p>data type semantics: identifier.</p>
<p>description: Identifier of the layer 2 network overlay network
encapsulation type: 0x01 VxLAN, 0x02 GRE, 0x03 LISP, 0x07 GENEVE.</p>
encapsulation type: 0x01 VxLAN, 0x02 GRE, 0x07 GENEVE.</p>
</dd>
<dt>tunnelKey:</dt>
<dd>
@ -6953,9 +6871,8 @@ ovs-vsctl add-port br0 p0 -- set Interface p0 type=patch options:peer=p1 \
<p>data type semantics: identifier.</p>
<p>description: Key which is used for identifying an individual
traffic flow within a VxLAN (24-bit VNI), GENEVE (24-bit VNI),
GRE (32-bit key), or LISP (24-bit instance ID) tunnel. The
key is encoded in this octetarray as a 3-, 4-, or 8-byte integer
ID in network byte order.</p>
or GRE (32-bit key) tunnel. The key is encoded in this octetarray
as a 3- or 4-byte integer ID in network byte order.</p>
</dd>
<dt>tunnelSourceIPv4Address:</dt>
<dd>

9
vtep/vtep.xml
View File

@ -730,11 +730,10 @@
<group title="Per Logical-Switch Tunnel Key">
<p>
Tunnel protocols tend to have a field that allows the tunnel
to be partitioned into sub-tunnels: VXLAN has a VNI, GRE and
STT have a key, CAPWAP has a WSI, and so on. We call these
generically ``tunnel keys.'' Given that one needs to use a
tunnel key at all, there are at least two reasonable ways to
assign their values:
to be partitioned into sub-tunnels: VXLAN has a VNI, GRE has a key,
CAPWAP has a WSI, and so on. We call these generically
``tunnel keys.'' Given that one needs to use a tunnel key at all,
there are at least two reasonable ways to assign their values:
</p>
<ul>