Skip to content

Commit

Permalink
northd: Allow flow simplification for ACL sampling.
Browse files Browse the repository at this point in the history
Currently, OVN would generate up to 2 flows per sample, depending
on the configuration. Add optimization that can reduce the number
of flows added into the ACL pipeline down to 3 per collector. This
optimization can be achieved only when the sample action with
registers is supported in OvS and the sample has only single
collector. The single collector per sample should be the case
in most configurations, usually even the same collector
for all samples which greatly reduces the number of flows per
ACL with sampling.

If there are more collectors per sample or the OvS feature is not
supported, the implementation will fall back to flows per sample.

Reported-at: https://issues.redhat.com/browse/FDP-709
Signed-off-by: Ales Musil <[email protected]>
---
V7:
- Addressed Nadia's comment:
  - Increased number of ct mark bits used for storing the collector id
    to 8.
- Addressed Mark's comment:
  - cleaned up conditional match build.
V6:
- Rebased.
- Removed Dumitru's ack.
- Store (newly created) Sample_Collector.id in ct state - instead of the
  actual set-id to avoid ambiguity when multiple probabilities are used
  with the same collector set id.
- Fixed bug with stateful to-lport ACLs on router ports.
- Reduced number of ct mark bits used for storing the collector id to 4.
V5:
- Address Ilya's comments:
  - Explicitly set acl_observation_stage enum values.
- Added Dumitru's ack
  • Loading branch information
almusil authored and dceara committed Aug 6, 2024
1 parent ba620ca commit a1a7a68
Show file tree
Hide file tree
Showing 6 changed files with 553 additions and 130 deletions.
2 changes: 2 additions & 0 deletions include/ovn/logical-fields.h
Original file line number Diff line number Diff line change
Expand Up @@ -197,6 +197,8 @@ const struct ovn_field *ovn_field_from_name(const char *name);
#define OVN_CT_NATTED_BIT 1
#define OVN_CT_LB_SKIP_SNAT_BIT 2
#define OVN_CT_LB_FORCE_SNAT_BIT 3
#define OVN_CT_OBS_STAGE_1ST_BIT 4
#define OVN_CT_OBS_STAGE_END_BIT 5

#define OVN_CT_BLOCKED 1
#define OVN_CT_NATTED 2
Expand Down
8 changes: 8 additions & 0 deletions lib/logical-fields.c
Original file line number Diff line number Diff line change
Expand Up @@ -165,6 +165,14 @@ ovn_init_symtab(struct shash *symtab)
OVN_CT_STR(OVN_CT_LB_FORCE_SNAT_BIT)
"]",
WR_CT_COMMIT);
expr_symtab_add_subfield_scoped(symtab, "ct_mark.obs_stage", NULL,
"ct_mark["
OVN_CT_STR(OVN_CT_OBS_STAGE_1ST_BIT) ".."
OVN_CT_STR(OVN_CT_OBS_STAGE_END_BIT)
"]",
WR_CT_COMMIT);
expr_symtab_add_subfield_scoped(symtab, "ct_mark.obs_collector_id", NULL,
"ct_mark[16..23]", WR_CT_COMMIT);

expr_symtab_add_field_scoped(symtab, "ct_label", MFF_CT_LABEL, NULL,
false, WR_CT_COMMIT);
Expand Down
Loading

0 comments on commit a1a7a68

Please sign in to comment.