Implement configurable forwarding mode for VN
| Affects | Status | Importance | Assigned to | Milestone | ||
|---|---|---|---|---|---|---|
| Juniper Openstack | Status tracked in Trunk | |||||
| | R2.20 |
Medium
|
asbalaji | |||
| | Trunk |
Medium
|
Rahul | |||
Bug Description
Should support configurable forwarding mode for VN. The 3 modes to be
supported are:
1. L2+ L3 mode: This is currently supported in 2.20 and newer releases. It
should be the default mode for a VN. Intra subnet traffic is bridged and inter-subnet traffic is routed.
2. L2 only mode: This is required for certain applications that need pure
L2 forwarding capabilities e.g. Junosphere. Even though there could be a
subnet configured for the VN, the ports/VMIs do not use addresses from the
subnet. Proxy ARP is disabled and all ARP packets are flooded - endpoints
are responsible for responding to ARP requests. Similarly, DHCP and DNS
are also disabled. The vRouter should not advertise any IP addresses in
MAC routes.
There's a known limitation with nova compute wherein it requires an IP
address for a port. Instead of forcing the user to configure a subnet
for L3 only networks in order to satisfy nova compute, we should consider
creating all L2 only networks with 0.0.0.0/8 subnet, which is reserved by
IANA for the "Current Network". An address from this subnet can only be
used a a source address, not as a destination. This should be OK for L2
only networks since we don't expect these addresses to even be used as
source addresses. Further, we should not add subnet, default gateway or
dns server routes to the VRF.
Need to figure out a way to allow multiple VNs in same project to use the
same 0.0.0.0/8 subnet.
3. L3 only mode: This is the classic mode supported in 1.x releases before
BMS and and IRB support was implemented. The vRouter responds to all ARP
requests with the VRRP MAC address. DNS and DHCP are also supported. The
vRouter should not advertise any EVPN routes for MACs.
In addition to supporting a mode per VN, it might also be worth making it
configurable in the global system config and allowing the user to override
it on a per VN basis. In this case, the default mode for a VN will be the
value from the global system config, which can then we overridden by a per
VN mode.
| information type: | Proprietary → Public |
| summary: |
- Support configurable mode for VN + Implement configurable mode for VN |
| description: | updated |
| description: | updated |
| description: | updated |
| description: | updated |
| summary: |
- Implement configurable mode for VN + Implement configurable forwarding mode for VN |
| description: | updated |
| Nischal Sheth (nsheth) wrote : | #1 |
Review in progress for https:/
Submitter: Sachin Bansal (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 455b05fbfa184f2
Author: Sachin Bansal <email address hidden>
Date: Thu Jul 9 14:37:13 2015 -0700
Added l3 as forwarding mode
Change-Id: Id205422109086b
Partial-Bug: 1471637
| Sachin Bansal (sbansal) wrote : | #4 |
Schema changes committed to mainline. Please make ui changes and assign to vrouter team.
Review in progress for https:/
Submitter: Sachin Bansal (<email address hidden>)
| tags: | added: quench |
| Nischal Sheth (nsheth) wrote : | #6 |
Please see comment #1.
If a VN is configured as L2 only, we should not allow a subnet to be configured
and instead use 0.0.0.0/8.
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 8551d3832f2e6a4
Author: Sachin Bansal <email address hidden>
Date: Thu Jul 9 14:37:13 2015 -0700
Added l3 as forwarding mode
Change-Id: Id205422109086b
Partial-Bug: 1471637
(cherry picked from commit 455b05fbfa184f2
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 6d8b38ffb0cdc8a
Author: Manish <email address hidden>
Date: Mon Jul 20 08:52:09 2015 +0530
Add forwarding-mode configuration in global vrouter for global defaults.
Change-Id: I66c7df45dd0377
Partial-Bug: 1471637
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit c87a0cf76778d08
Author: Manish <email address hidden>
Date: Tue Aug 4 01:47:26 2015 +0530
Add support for l3 mode in agent.
There are three forwarding modes at VN level and global level-
l2_l3(IRB), l3 only(v4+v6), l2 only.
VN level configuration is always at highest priority.
In case VN level forwarding mode is not configured then global
mode is consulted.
For multicast store the knowledge of bridging enabled in local peer path. This
helps in identifying if EVPN/TOR subscription/
Change-Id: I46aa0d1d30f8f6
Partial-Bug: 1471637
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
| OpenContrail Admin (ci-admin-f) wrote : | #18 |
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
| OpenContrail Admin (ci-admin-f) wrote : | #19 |
Review in progress for https:/
Submitter: Manish Singh (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 0e0ee2f9ca91076
Author: Manish <email address hidden>
Date: Mon Jul 20 08:52:09 2015 +0530
Add forwarding-mode configuration in global vrouter for global defaults.
Change-Id: I66c7df45dd0377
Partial-Bug: 1471637
(cherry picked from commit 6d8b38ffb0cdc8a
| OpenContrail Admin (ci-admin-f) wrote : | #21 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: master
commit 6b46e72b0bfb81b
Author: Manish <email address hidden>
Date: Tue Aug 4 01:47:26 2015 +0530
Add support for l3 mode in agent.
There are three forwarding modes at VN level and global level-
l2_l3(IRB), l3 only(v4+v6), l2 only.
VN level configuration is always at highest priority.
In case VN level forwarding mode is not configured then global
mode is consulted.
For multicast store the knowledge of bridging enabled in local peer path. This
helps in identifying if EVPN/TOR subscription/
Partial-Bug: 1471637
(cherry picked from commit c87a0cf76778d08
Conflicts:
src/vnsw/
src/vnsw/
Change-Id: I03f5a883f39c7b
Review in progress for https:/
Submitter: asbalaji (<email address hidden>)
| OpenContrail Admin (ci-admin-f) wrote : | #24 |
Review in progress for https:/
Submitter: asbalaji (<email address hidden>)
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 519357718d98d0e
Author: Balaji Kumar AS <email address hidden>
Date: Tue Aug 18 18:11:16 2015 +0530
Support forwarding_mode from Global Vrouter config.
Closes-Bug: #1471637
Closes-Bug: #1475370
1471637
Implemented forwarding_mode in VN page by removing web server config knob and using forwarding_mode of global vrouter config instead.
Also added UI knob to configure forwarding_mode of global vrouter config under 'Global Options' page.
1475370
In BGP peers config page, removed text change handler on ASN.
Change-Id: Ia59f2cd6ab9a6e
| OpenContrail Admin (ci-admin-f) wrote : | #31 |
Reviewed: https:/
Committed: http://
Submitter: Zuul
Branch: R2.20
commit 8d9623be5beff8b
Author: Balaji Kumar AS <email address hidden>
Date: Tue Aug 18 18:00:57 2015 +0530
Remove web server config knob L2_enable and use forwarding_mode from global vrouter config.
Closes-Bug: #1471637
Implemented forwarding_mode in VN page by removing web server config knob L2_enable
and using forwarding_mode of global vrouter config instead.
Change-Id: I51c420309217d2
Review in progress for https:/
Submitter: Vinay Vithal Mahuli (<email address hidden>)
| Rahul (rahuls) wrote : | #33 |
A regular L2+L3 network with 0.0.0.0/8 subnet seems to work without
any issues. The network was created successfully and VMs with ports
in the network were spawned and assigned IP addresses. This indicates
we shouldn't have any problem using this subnet for L2 only networks.
We should ideally disallow 0.0.0.0/8 for L3 only and L2+L3 networks
since the subnet is reserved and addresses in the subnet cannot be
used as destination addresses.