'[ovs-discuss] What is the best hardware solution to perform simple networking operations with openvs'

[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openvswitch-discuss
Subject:    [ovs-discuss] What is the best hardware solution to perform simple networking operations with openvs
From:       gautier.p-ssii () mipih ! fr (GAUTIER Philippe)
Date:       2015-01-27 17:39:07
Message-ID: 491056227D08804AB0BBEF45575E388E1D806A42 () SV-T-VNW-EX10 ! mipih ! net
[Download RAW message or body]

Hy,

We are looking for the best hardware solution to run the following configuration \
(below openvswitch commands).

Use case:
                                                                                      \
dedicated host

VMWARE                                                                          ----> \
Openvswitch switch                                                                    \
----->    two Network probe VSPAN mirroring session using GRE tunnels                 \
GRE Desencapsulation Filtering (with different traffic filters ex: without broadcast \
and all traffic) and send traffic to network probe
span mirroring session                                                ----->

We already  had the following results with our test platform (the use case is not \
totally covered by our test scenario, only GRE traffic and one network probe):

An intel core 2 duo E5500 2,8 Ghz processor with a HP NC360T Dual Gigabit Port \
                Ethernet card (with 82571EB Ethernet controller)
Ovs-version: 2.3.0
Linux kernel: 3.16.0-4-amd64

400 kpkts/s at around 720 Mbits/s (simulated with real traffic capture)
~60 % cpu used on both Core


We are looking for a solution to support 10 Gbit interface rate to the network probe( \
So 10 Gbits/s in and 20 Gbits/s out) .  We find this intel card reference: X710DA4 \
http://www.intel.com/content/www/us/en/network-adapters/converged-network-adapters/ethernet-x710.html


This card support NVGRE offloading. Will our configuration be entirely  offloaded to \
the network card (if we do not use more than 4 Ethernet ports)?

Which intel processor is most appropriate for our configuration and DPDK support ?

Or maybe the best scalable solution for our needs is to buy a real network switch \
with openvswitch support ? \
http://www.pica8.com/open-switching/1gbe-10gbe-40gbe-open-switches.php


Openvswitch test configuration:

ovs-vsctl add-br br-outTrafic -- set Bridge br-outTrafic fail-mode=secure

ovs-vsctl add-port br-outTrafic eth4 \
                -- set Interface eth4 ofport_request=1
ovs-ofctl mod-port br-outTrafic eth4 up


ovs-vsctl add-port br-outTrafic gre0 \
-- set interface gre0 type=gre options:remote_ip=flow options:in_key=flow \
                options:local_ip=<ip> \
-- set Interface gre0 ofport_request=2
ovs-ofctl mod-port br-outTrafic gre0 up


Openflow commands:

# drop multicast/ broadcast
ovs-ofctl add-flow br-out \
    "cookie=1, table=0, priority=65535, out_port=1, \
dl_dst=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop" # drop arp
ovs-ofctl add-flow br-out \
    "cookie=2, table=0, priority=65534, out_port=1, dl_type=0x0806, actions=drop"
# delete STP
ovs-ofctl add-flow br-out \
     "cookie=3, table=0, priority=65533, out_port=1, \
dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"

# send trafic to network probe
ovs-ofctl add-flow br-outTrafic \
                "cookie=4, table=0, priority=0,in_port=2, actions=output:1"

Regards,

Philippe


-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/discuss/attachments/20150127/4a667832/attachment.html>



[prev in list] [next in list] [prev in thread] [next in thread]
Configure | About | News | Add a list | Sponsored by KoreLogic