Versions Compared

Old Version 9

changes.mady.by.user Chiradeep Vittal

Saved on

compared with

New Version 10

changes.mady.by.user Venkata Siva Vijayendra Bhamidipati

Saved on

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

...

Architecture and Design description

  • Straightforward for VMware to enable PVLAN feature.
  • For OVS, flow table need following modifications:
    1. For each VM:
    Outgoing tag with pvlan: priority=50,dl_src=<VM MAC> actions=mod_vlan_vid:<secondary isolated vlan>,output:<trunk port>
    2. For each VM in the same host as DHCP server:
    <a> Allow communitcation with DHCP server(e.g. DNS): priority=100,dl_src=<VM MAC>,dl_dst=<DHCP MAC> actions=NORMAL
    <b> Allow DHCP request: priority=60,udp,dl_src=<VM MAC>,nw_dst=255.255.255.255,tp_dst=67 actions=NORMAL
    3. For each host has DHCP server:
    <a> ARP for DHCP server from outside: priority=160,arp,dl_vlan=<secondary isolated vlan>, nw_dst=<DHCP IP> actions=mod_vlan_vid:<primary vlan>,NORMAL
    <b> ARP for DHCP server: priority=150,arp,nw_dst=<DHCP IP> actions=NORMAL
    <c> Accept packets from outside(e.g. DNS): priority=100,dl_vlan=<secondary isolated vlan>,dl_dst=<DHCP MAC> actions=mod_vlan_vid:<primary vlan>,NORMAL
    <d> Accept DHCP request from outside: priority=60,udp,dl_vlan=<secondary isolated vlan>,nw_dst=255.255.255.255,tp_dst=67 actions=mod_vlan_vid:<primary vlan>,NORMAL
  • The VM migration and host restart would affect the rules, need to be reprogrammed.

...