From patchwork Wed Jul 26 21:12:16 2017 Content-Type: text/plain; charset="utf-8" MIME-Version: 1.0 Content-Transfer-Encoding: 7bit X-Patchwork-Submitter: Russell Bryant X-Patchwork-Id: 794119 Return-Path: X-Original-To: incoming@patchwork.ozlabs.org Delivered-To: patchwork-incoming@bilbo.ozlabs.org Authentication-Results: ozlabs.org; spf=pass (mailfrom) smtp.mailfrom=openvswitch.org (client-ip=140.211.169.12; helo=mail.linuxfoundation.org; envelope-from=ovs-dev-bounces@openvswitch.org; receiver=) Received: from mail.linuxfoundation.org (mail.linuxfoundation.org [140.211.169.12]) (using TLSv1.2 with cipher ECDHE-RSA-AES256-GCM-SHA384 (256/256 bits)) (No client certificate requested) by ozlabs.org (Postfix) with ESMTPS id 3xHnrC2FJzz9s8P for ; Thu, 27 Jul 2017 07:12:43 +1000 (AEST) Received: from mail.linux-foundation.org (localhost [127.0.0.1]) by mail.linuxfoundation.org (Postfix) with ESMTP id C38B5B3F; Wed, 26 Jul 2017 21:12:41 +0000 (UTC) X-Original-To: dev@openvswitch.org Delivered-To: ovs-dev@mail.linuxfoundation.org Received: from smtp1.linuxfoundation.org (smtp1.linux-foundation.org [172.17.192.35]) by mail.linuxfoundation.org (Postfix) with ESMTPS id 45AAD970 for ; Wed, 26 Jul 2017 21:12:40 +0000 (UTC) X-Greylist: domain auto-whitelisted by SQLgrey-1.7.6 Received: from relay2-d.mail.gandi.net (relay2-d.mail.gandi.net [217.70.183.194]) by smtp1.linuxfoundation.org (Postfix) with ESMTPS id 4F1143F4 for ; Wed, 26 Jul 2017 21:12:39 +0000 (UTC) X-Originating-IP: 209.85.216.178 Received: from mail-qt0-f178.google.com (mail-qt0-f178.google.com [209.85.216.178]) (Authenticated sender: russell@ovn.org) by relay2-d.mail.gandi.net (Postfix) with ESMTPSA id DAF5EC5A46 for ; Wed, 26 Jul 2017 23:12:37 +0200 (CEST) Received: by mail-qt0-f178.google.com with SMTP id s6so63156021qtc.1 for ; Wed, 26 Jul 2017 14:12:37 -0700 (PDT) X-Gm-Message-State: AIVw111gozbfRMDNEvkWebqKxRETFxfpGQ6SVK/fmvkqyUM3hN9/GvrB krT3ema6nbBSJiMjDQx7W1zkxyoTEw== X-Received: by 10.200.41.166 with SMTP id 35mr3104707qts.188.1501103556637; Wed, 26 Jul 2017 14:12:36 -0700 (PDT) MIME-Version: 1.0 Received: by 10.140.93.164 with HTTP; Wed, 26 Jul 2017 14:12:16 -0700 (PDT) In-Reply-To: References: From: Russell Bryant Date: Wed, 26 Jul 2017 17:12:16 -0400 X-Gmail-Original-Message-ID: Message-ID: To: wang.qianyu@zte.com.cn X-Spam-Status: No, score=-2.1 required=5.0 tests=BAYES_00, RCVD_IN_DNSWL_LOW, RCVD_IN_SORBS_SPAM autolearn=ham version=3.3.1 X-Spam-Checker-Version: SpamAssassin 3.3.1 (2010-03-16) on smtp1.linux-foundation.org Cc: ovs dev , xurong00037997 , zhou.huijing@zte.com.cn Subject: Re: [ovs-dev] [PATCH] ovn-northd: Optimize acl of localnet-port X-BeenThere: ovs-dev@openvswitch.org X-Mailman-Version: 2.1.12 Precedence: list List-Id: List-Unsubscribe: , List-Archive: List-Post: List-Help: List-Subscribe: , Sender: ovs-dev-bounces@openvswitch.org Errors-To: ovs-dev-bounces@openvswitch.org On Sun, Jul 9, 2017 at 9:51 PM, wrote: > Localnet port is not an endpoint, and have no security requirements > to use localnet port at present. So, for performance consideration, we > could do not use ct for localnet port. > > The more specific discussion can be found from > https://mail.openvswitch.org/pipermail/ovs-dev/2017-July/335048.html > > Change-Id: Iac42ceaa3ef1d4e9b34768f802502d8326b7f507 > Signed-off-by: wangqianyu > --- > ovn/northd/ovn-northd.8.xml | 4 +++- > ovn/northd/ovn-northd.c | 24 +++++++++++++++++++++++- > 2 files changed, 26 insertions(+), 2 deletions(-) Thanks for the patch! I have applied it to master with some changes shown below. I also had to recreate the patch manually as I was not able to apply it from your email. This usually happens when copying the patch into your email client. The best method for submitting a patch is to use the "git send-email" command. If you have trouble getting that to work for some reason, you can also submit a pull request on github. My additions to the patch: dev mailing list dev@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev diff --git a/AUTHORS.rst b/AUTHORS.rst index 21a68c140..39ddcb1ef 100644 --- a/AUTHORS.rst +++ b/AUTHORS.rst @@ -317,6 +317,7 @@ Tonghao Zhang xiangxia.m.yue@gmail.com Valient Gough vgough@pobox.com Venkata Anil Kommaddi vkommadi@redhat.com Vivien Bernet-Rollande vbr@soprive.net +wangqianyu wang.qianyu@zte.com.cn Wang Sheng-Hui shhuiw@gmail.com Wei Li liw@dtdream.com Wei Yongjun yjwei@cn.fujitsu.com diff --git a/ovn/ovn-nb.xml b/ovn/ovn-nb.xml index 1e7346566..61522f140 100644 --- a/ovn/ovn-nb.xml +++ b/ovn/ovn-nb.xml @@ -1007,14 +1007,7 @@

Note that you can not create an ACL matching on a port with - type=router. -

- -

- Note that when localnet port exists in a lswitch, for - to-lport direction, the inport works only if - the to-lport is located on the same chassis as the - inport. + type=router or type=localnet.

_______________________________________________