diff mbox series

[ovs-dev,1/2] treewide: Remove support for deprecated STT encapsulation.

Message ID 20250331140716.171324-2-i.maximets@ovn.org
State Accepted
Delegated to: Dumitru Ceara
Headers show
Series Remove deprecated STT and TLSv1/v1.1 support. | expand

Checks

Context Check Description
ovsrobot/apply-robot success apply and check: success
ovsrobot/github-robot-_Build_and_Test success github build: passed
ovsrobot/github-robot-_ovn-kubernetes success github build: passed

Commit Message

Ilya Maximets March 31, 2025, 2:07 p.m. UTC 
STT encapsulation type was deprecated in OVN 25.03 and is no longer
supported in OVS since commit:

  19b89416203f ("tunnels: Remove support for deprecated STT and LISP.")

Remove support in OVN as well.

OVS submodule is moved beyond the corresponding commit because we must
have the flake8 fix for the F824 check, otherwise CI will fail.

Note: This commit makes backward incompatible change in the Southbound
DB schema by removing support for 'stt' from the encapsulation type
column.  Users must migrate to other encapsulation types before
attempting upgrade to the future OVN 25.09.  Corresponding warning is
added to the NEWS file.

Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
---
 Documentation/faq/general.rst              | 12 +++-----
 Documentation/howto/docker.rst             | 11 +++-----
 Documentation/howto/firewalld.rst          |  2 +-
 Documentation/topics/high-availability.rst |  2 +-
 Documentation/tutorials/ovn-openstack.rst  |  2 +-
 NEWS                                       |  6 ++++
 controller/chassis.c                       |  2 --
 controller/local_data.c                    |  5 +---
 controller/ovn-controller.8.xml            |  6 +---
 controller/physical.c                      | 21 ++------------
 include/ovn/logical-fields.h               |  2 +-
 lib/ovn-util.c                             |  2 --
 lib/ovn-util.h                             |  5 +---
 ovn-architecture.7.xml                     | 32 ++++++----------------
 ovn-ic-sb.ovsschema                        |  6 ++--
 ovn-ic-sb.xml                              |  4 +--
 ovn-nb.xml                                 |  2 +-
 ovn-sb.ovsschema                           |  6 ++--
 ovn-sb.xml                                 | 12 ++++----
 ovs                                        |  2 +-
 tests/ovn-controller.at                    | 10 +------
 tests/ovn-ic.at                            |  6 ++--
 tests/ovn-sbctl.at                         | 14 ++++------
 tests/ovn.at                               |  1 -
 tests/system-kmod-macros.at                |  2 +-
 25 files changed, 56 insertions(+), 119 deletions(-)

Comments

Ales Musil April 3, 2025, 8:26 a.m. UTC | #1 
On Mon, Mar 31, 2025 at 4:07 PM Ilya Maximets <i.maximets@ovn.org> wrote:

> STT encapsulation type was deprecated in OVN 25.03 and is no longer
> supported in OVS since commit:
>
>   19b89416203f ("tunnels: Remove support for deprecated STT and LISP.")
>
> Remove support in OVN as well.
>
> OVS submodule is moved beyond the corresponding commit because we must
> have the flake8 fix for the F824 check, otherwise CI will fail.
>
> Note: This commit makes backward incompatible change in the Southbound
> DB schema by removing support for 'stt' from the encapsulation type
> column.  Users must migrate to other encapsulation types before
> attempting upgrade to the future OVN 25.09.  Corresponding warning is
> added to the NEWS file.
>
> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
> ---
>  Documentation/faq/general.rst              | 12 +++-----
>  Documentation/howto/docker.rst             | 11 +++-----
>  Documentation/howto/firewalld.rst          |  2 +-
>  Documentation/topics/high-availability.rst |  2 +-
>  Documentation/tutorials/ovn-openstack.rst  |  2 +-
>  NEWS                                       |  6 ++++
>  controller/chassis.c                       |  2 --
>  controller/local_data.c                    |  5 +---
>  controller/ovn-controller.8.xml            |  6 +---
>  controller/physical.c                      | 21 ++------------
>  include/ovn/logical-fields.h               |  2 +-
>  lib/ovn-util.c                             |  2 --
>  lib/ovn-util.h                             |  5 +---
>  ovn-architecture.7.xml                     | 32 ++++++----------------
>  ovn-ic-sb.ovsschema                        |  6 ++--
>  ovn-ic-sb.xml                              |  4 +--
>  ovn-nb.xml                                 |  2 +-
>  ovn-sb.ovsschema                           |  6 ++--
>  ovn-sb.xml                                 | 12 ++++----
>  ovs                                        |  2 +-
>  tests/ovn-controller.at                    | 10 +------
>  tests/ovn-ic.at                            |  6 ++--
>  tests/ovn-sbctl.at                         | 14 ++++------
>  tests/ovn.at                               |  1 -
>  tests/system-kmod-macros.at                |  2 +-
>  25 files changed, 56 insertions(+), 119 deletions(-)
>
> diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst
> index 63f5c4cbe..c2386e7ad 100644
> --- a/Documentation/faq/general.rst
> +++ b/Documentation/faq/general.rst
> @@ -49,7 +49,7 @@ Q: How can I try OVN?
>      various Linux distributions are available on many platforms,
> including:
>      Debian, Ubuntu, Fedora.
>
> -Q: Why does OVN use STT and Geneve instead of VLANs or VXLAN (or GRE)?
> +Q: Why does OVN use Geneve instead of VLANs or VXLAN (or GRE)?
>
>      A: OVN implements a fairly sophisticated packet processing pipeline in
>      "logical datapaths" that can implement switching or routing
> functionality.
> @@ -77,20 +77,16 @@ Q: Why does OVN use STT and Geneve instead of VLANs or
> VXLAN (or GRE)?
>      metadata must pass across the physical network:
>
>      * Logical datapath ID, a 24-bit identifier.  In Geneve, OVN uses the
> VNI to
> -      hold the logical datapath ID; in STT, OVN uses 24 bits of STT's
> 64-bit
> -      context ID.
> +      hold the logical datapath ID.
>
>      * Logical ingress port, a 15-bit identifier.  In Geneve, OVN uses an
> option
> -      to hold the logical ingress port; in STT, 15 bits of the context ID.
> +      to hold the logical ingress port.
>
>      * Logical egress port, a 16-bit identifier.  In Geneve, OVN uses an
> option
> -      to hold the logical egress port; in STT, 16 bits of the context ID.
> +      to hold the logical egress port.
>
>      See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for
> details.
>
> -    Note: Support for STT tunnels is deprecated and will be removed in OVN
> -    25.09 release.
> -
>      Together, these metadata require 24 + 15 + 16 = 55 bits.  GRE
> provides 32
>      bits, VXLAN provides 24, and VLAN only provides 12.  Most notably, if
>      logical egress pipelines do not match on the logical ingress port,
> thereby
> diff --git a/Documentation/howto/docker.rst
> b/Documentation/howto/docker.rst
> index 15bf07c94..1ada1fa2c 100644
> --- a/Documentation/howto/docker.rst
> +++ b/Documentation/howto/docker.rst
> @@ -117,13 +117,10 @@ The "overlay" mode
>
>     ``$ENCAP_TYPE``
>       is the type of tunnel that you would like to use for overlay
> networking.
> -     The options are ``geneve`` or ``stt``. Your kernel must have support
> for
> -     your chosen ``$ENCAP_TYPE``. Both ``geneve`` and ``stt`` are part of
> the
> -     Open vSwitch kernel module that is compiled from this repo. If you
> use the
> -     Open vSwitch kernel module from upstream Linux, you will need a
> minimum
> -     kernel version of 3.18 for ``geneve``. There is no ``stt`` support in
> -     upstream Linux. You can verify whether you have the support in your
> kernel
> -     as follows::
> +     The options are ``geneve`` or ``vxlan``. Your kernel must have
> support for
> +     your chosen ``$ENCAP_TYPE``.  You will need a minimum Linux kernel
> version
> +     of 3.18 for ``geneve``.  You can verify whether you have the support
> in
> +     your kernel as follows::
>
>           $ lsmod | grep $ENCAP_TYPE
>
> diff --git a/Documentation/howto/firewalld.rst
> b/Documentation/howto/firewalld.rst
> index 27faebeea..9487d1074 100644
> --- a/Documentation/howto/firewalld.rst
> +++ b/Documentation/howto/firewalld.rst
> @@ -91,7 +91,7 @@ time the firewalld service restarts.
>  The ovn-host-firewall-service only opens port 6081. This is because the
>  default protocol for OVN tunnels is geneve. If you are using a different
>  encapsulation protocol, you will need to modify the XML service file to
> open
> -the appropriate port(s). For VXLAN, open port 4789. For STT, open port
> 7471.
> +the appropriate port(s). For VXLAN, open port 4789.
>
>  Recommendations
>  ---------------
> diff --git a/Documentation/topics/high-availability.rst
> b/Documentation/topics/high-availability.rst
> index e85a1cd04..56c1b03e9 100644
> --- a/Documentation/topics/high-availability.rst
> +++ b/Documentation/topics/high-availability.rst
> @@ -77,7 +77,7 @@ Basic Architecture
>
>  In an OVN deployment, the set of hypervisors and network elements
> operating
>  under the guidance of ovn-northd are in what's called "logical space".
> These
> -servers use VXLAN, STT, or Geneve to communicate, oblivious to the
> details of
> +servers use VXLAN or Geneve to communicate, oblivious to the details of
>  the underlying physical network.  When these systems need to communicate
> with
>  legacy networks, traffic must be routed through a Gateway which
> translates from
>  OVN controlled tunnel traffic, to raw physical network traffic.
> diff --git a/Documentation/tutorials/ovn-openstack.rst
> b/Documentation/tutorials/ovn-openstack.rst
> index 557d6284f..93341d58c 100644
> --- a/Documentation/tutorials/ovn-openstack.rst
> +++ b/Documentation/tutorials/ovn-openstack.rst
> @@ -1946,7 +1946,7 @@ explore some of these directions:
>
>  * Adding more than one hypervisor ("compute node", in OpenStack
>    parlance).  OVN connects compute nodes by tunneling packets with the
> -  STT or Geneve protocols.  OVN scales to 1000 compute nodes or more,
> +  Geneve protocol.  OVN scales to 1000 compute nodes or more,
>    but two compute nodes demonstrate the principle.  All of the tools
>    and techniques we demonstrated also work with multiple compute
>    nodes.
> diff --git a/NEWS b/NEWS
> index 656176d20..edb3ded0d 100644
> --- a/NEWS
> +++ b/NEWS
> @@ -1,5 +1,11 @@
>  Post v25.03.0
>  -------------
> +   - STT tunnels are no longer supported in ovn-encap-type.
> +     ** WARNING ** Existing setups must be fully reconfigured to use
> Geneve
> +     or VxLAN before upgrading.  To avoid potential database conversion
> issues
> +     all OVN databases should be manually compacted after the
> reconfiguration.
> +     For instructions see:
> +
> https://docs.openvswitch.org/en/latest/ref/ovsdb.7/#compacting-databases
>     - Added support for "ovn-cleanup-on-exit" config option in Open_vSwitch
>       external-ids, this option allows to specify if ovn-controller should
>       perform cleanup when exiting. The "--restart" exit always has
> priority
> diff --git a/controller/chassis.c b/controller/chassis.c
> index aa5980d92..c28a26a97 100644
> --- a/controller/chassis.c
> +++ b/controller/chassis.c
> @@ -253,8 +253,6 @@ chassis_parse_ovs_encap_type(const char *encap_type,
>
>          if (!tun_type) {
>              VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type);
> -        } else if (tun_type == STT) {
> -            VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated");
>          }
>      }
>  }
> diff --git a/controller/local_data.c b/controller/local_data.c
> index 5383f49cf..9c6974ce7 100644
> --- a/controller/local_data.c
> +++ b/controller/local_data.c
> @@ -482,8 +482,6 @@ local_nonvif_data_run(const struct ovsrec_bridge
> *br_int,
>                  enum chassis_tunnel_type tunnel_type;
>                  if (!strcmp(iface_rec->type, "geneve")) {
>                      tunnel_type = GENEVE;
> -                } else if (!strcmp(iface_rec->type, "stt")) {
> -                    tunnel_type = STT;
>                  } else if (!strcmp(iface_rec->type, "vxlan")) {
>                      tunnel_type = VXLAN;
>                  } else {
> @@ -527,8 +525,7 @@ local_nonvif_data_handle_ovs_iface_changes(
>      OVSREC_INTERFACE_TABLE_FOR_EACH_TRACKED (iface_rec, iface_table) {
>          if (!strcmp(iface_rec->type, "geneve") ||
>              !strcmp(iface_rec->type, "patch") ||
> -            !strcmp(iface_rec->type, "vxlan") ||
> -            !strcmp(iface_rec->type, "stt")) {
> +            !strcmp(iface_rec->type, "vxlan")) {
>              return false;
>          }
>      }
> diff --git a/controller/ovn-controller.8.xml
> b/controller/ovn-controller.8.xml
> index 31f790875..ca4df9148 100644
> --- a/controller/ovn-controller.8.xml
> +++ b/controller/ovn-controller.8.xml
> @@ -166,11 +166,7 @@
>
>          <p>
>            Supported tunnel types for connecting hypervisors and gateways
> -          are <code>geneve</code>, <code>vxlan</code>, and
> <code>stt</code>.
> -        </p>
> -
> -        <p>
> -          <code>stt</code> tunnel type is deprecated.
> +          are <code>geneve</code> and <code>vxlan</code>.
>          </p>
>
>          <p>
> diff --git a/controller/physical.c b/controller/physical.c
> index a28dfd9ae..ee184ed23 100644
> --- a/controller/physical.c
> +++ b/controller/physical.c
> @@ -168,10 +168,6 @@ put_encapsulation(enum mf_field_id mff_ovn_geneve,
>          put_load(datapath->tunnel_key, MFF_TUN_ID, 0, 24, ofpacts);
>          put_load(outport, mff_ovn_geneve, 0, 32, ofpacts);
>          put_move(MFF_LOG_INPORT, 0, mff_ovn_geneve, 16, 15, ofpacts);
> -    } else if (tun->type == STT) {
> -        put_load(datapath->tunnel_key | ((uint64_t) outport << 24),
> -                 MFF_TUN_ID, 0, 64, ofpacts);
> -        put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID, 40, 15, ofpacts);
>      } else if (tun->type == VXLAN) {
>          uint64_t vni = datapath->tunnel_key;
>          if (!is_ramp_switch) {
> @@ -194,10 +190,6 @@ put_decapsulation(enum mf_field_id mff_ovn_geneve,
>          put_move(MFF_TUN_ID, 0,  MFF_LOG_DATAPATH, 0, 24, ofpacts);
>          put_move(mff_ovn_geneve, 16, MFF_LOG_INPORT, 0, 15, ofpacts);
>          put_move(mff_ovn_geneve, 0, MFF_LOG_OUTPORT, 0, 16, ofpacts);
> -    } else if (tun->type == STT) {
> -        put_move(MFF_TUN_ID, 40, MFF_LOG_INPORT,   0, 15, ofpacts);
> -        put_move(MFF_TUN_ID, 24, MFF_LOG_OUTPORT,  0, 16, ofpacts);
> -        put_move(MFF_TUN_ID,  0, MFF_LOG_DATAPATH, 0, 24, ofpacts);
>      } else if (tun->type == VXLAN) {
>          /* Add flows for non-VTEP tunnels. Split VNI into two 12-bit
>           * sections and use them for datapath and outport IDs. */
> @@ -218,10 +210,6 @@ put_remote_chassis_flood_encap(struct ofpbuf *ofpacts,
>          put_move(MFF_LOG_DATAPATH, 0,  MFF_TUN_ID, 0, 24, ofpacts);
>          put_load(0, mff_ovn_geneve, 0, 32, ofpacts);
>          put_move(MFF_LOG_INPORT, 0, mff_ovn_geneve, 16, 15, ofpacts);
> -    } else if (type == STT) {
> -        put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID, 40, 15, ofpacts);
> -        put_load(0, MFF_TUN_ID, 24, 16, ofpacts);
> -        put_move(MFF_LOG_DATAPATH,  0, MFF_TUN_ID, 0, 24, ofpacts);
>      } else if (type == VXLAN) {
>          put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID,  12, 12, ofpacts);
>          put_move(MFF_LOG_DATAPATH, 0, MFF_TUN_ID, 0, 12, ofpacts);
> @@ -245,9 +233,6 @@ match_set_chassis_flood_outport(struct match *match,
>          memset(&mask.tun_metadata[mf_ovn_geneve->n_bytes - 2], 0xff, 2);
>
>          tun_metadata_set_match(mf_ovn_geneve, &value, &mask, match, NULL);
> -    } else if (type == STT) {
> -        /* Outport occupies bits 24-39. */
> -        match_set_tun_id_masked(match, 0, htonll(UINT64_C(0xffff) << 24));
>      }
>  }
>
> @@ -1471,8 +1456,6 @@ get_tunnel_overhead(struct chassis_tunnel const *tun)
>      enum chassis_tunnel_type type = tun->type;
>      if (type == GENEVE) {
>          overhead += GENEVE_TUNNEL_OVERHEAD;
> -    } else if (type == STT) {
> -        overhead += STT_TUNNEL_OVERHEAD;
>      } else if (type == VXLAN) {
>          overhead += VXLAN_TUNNEL_OVERHEAD;
>      } else {
> @@ -2696,8 +2679,8 @@ physical_run(struct physical_ctx *p_ctx,
>       * Process packets that arrive from a remote hypervisor (by matching
>       * on tunnel in_port). */
>
> -    /* Add flows for Geneve, STT and VXLAN encapsulations.  Geneve and STT
> -     * encapsulations have metadata about the ingress and egress logical
> ports.
> +    /* Add flows for Geneve and VXLAN encapsulations.  Geneve
> encapsulations
> +     * have metadata about the ingress and egress logical ports.
>       * VXLAN encapsulations have metadata about the egress logical port
> only.
>       * We set MFF_LOG_DATAPATH, MFF_LOG_INPORT, and MFF_LOG_OUTPORT from
> the
>       * tunnel key data where possible, then resubmit to table 40 to handle
> diff --git a/include/ovn/logical-fields.h b/include/ovn/logical-fields.h
> index 196ac9dd8..3f636dc0c 100644
> --- a/include/ovn/logical-fields.h
> +++ b/include/ovn/logical-fields.h
> @@ -106,7 +106,7 @@ enum mff_log_flags {
>
>      /* Indicate that a packet was received from a ramp switch to
> compensate for
>       * the lack of egress port information available in ramp switch
> -     * encapsulation.  Egress port information is available for Geneve,
> STT and
> +     * encapsulation.  Egress port information is available for Geneve and
>       * regular VXLAN tunnel types. */
>      MLF_RCV_FROM_RAMP = (1 << MLF_RCV_FROM_RAMP_BIT),
>
> diff --git a/lib/ovn-util.c b/lib/ovn-util.c
> index c65b36bb5..05877350a 100644
> --- a/lib/ovn-util.c
> +++ b/lib/ovn-util.c
> @@ -913,8 +913,6 @@ get_tunnel_type(const char *name)
>  {
>      if (!strcmp(name, "geneve")) {
>          return GENEVE;
> -    } else if (!strcmp(name, "stt")) {
> -        return STT;
>      } else if (!strcmp(name, "vxlan")) {
>          return VXLAN;
>      }
> diff --git a/lib/ovn-util.h b/lib/ovn-util.h
> index ce8cc0568..f7f82c365 100644
> --- a/lib/ovn-util.h
> +++ b/lib/ovn-util.h
> @@ -35,7 +35,6 @@
>  #define ETHERNET_OVERHEAD (ETH_HEADER_LEN + ETH_CRC_LENGTH)
>
>  #define GENEVE_TUNNEL_OVERHEAD 38
> -#define STT_TUNNEL_OVERHEAD 18
>  #define VXLAN_TUNNEL_OVERHEAD 30
>
>  struct eth_addr;
> @@ -336,9 +335,7 @@ hash_add_in6_addr(uint32_t hash, const struct in6_addr
> *addr)
>  /* Must be a bit-field ordered from most-preferred (higher number) to
>   * least-preferred (lower number). */
>  enum chassis_tunnel_type {
> -    GENEVE = 1 << 2,
> -    STT    = 1 << 1,  /* NOTE: STT support is deprecated and will be
> removed
> -                       *       in an upcoming release. */
> +    GENEVE = 1 << 1,
>      VXLAN  = 1 << 0
>  };
>
> diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
> index d45248af4..7b598b203 100644
> --- a/ovn-architecture.7.xml
> +++ b/ovn-architecture.7.xml
> @@ -1204,7 +1204,7 @@
>        </p>
>
>        <p>
> -        Geneve and STT tunnels pass this field as part of the tunnel key.
> +        Geneve tunnels pass this field as part of the tunnel key.
>          Ramp switch VXLAN tunnels do not explicitly carry a logical input
> port,
>          but since they are used to communicate with gateways that from
> OVN's
>          perspective consist of only a single logical port, so that OVN
> can set
> @@ -1228,7 +1228,7 @@
>        </p>
>
>        <p>
> -        Geneve, STT and regular VXLAN tunnels pass this field as part of
> the
> +        Geneve and regular VXLAN tunnels pass this field as part of the
>          tunnel key. Ramp switch VXLAN tunnels do not transmit the logical
>          output port field, and since they do not carry a logical output
> port
>          field in the tunnel key, when a packet is received from ramp
> switch
> @@ -2813,7 +2813,7 @@
>    <p>
>      When VXLAN is enabled on any hypervisor in a cluster, datapath and
> egress
>      port identifier ranges are reduced to 12-bits.  This is done because
> only
> -    STT and Geneve provide the large space for metadata (over 32 bits per
> +    Geneve provides the large space for metadata (over 32 bits per
>      packet).  The mode with reduced ranges is called <code>VXLAN
> mode</code>.
>      To accommodate for VXLAN, 24 bits available are split as follows:
>    </p>
> @@ -2868,14 +2868,13 @@
>    </p>
>    <ul>
>      <li>
> -      STT and Geneve use randomized UDP or TCP source ports that allows
> -      efficient distribution among multiple paths in environments that
> use ECMP
> +      Geneve uses randomized UDP or TCP source ports that allows efficient
> +      distribution among multiple paths in environments that use ECMP
>        in their underlay.
>      </li>
>
>      <li>
> -      NICs are available to offload STT and Geneve encapsulation and
> -      decapsulation.
> +      NICs are available to offload Geneve encapsulation and
> decapsulation.
>      </li>
>    </ul>
>
> @@ -2899,23 +2898,8 @@
>    </diagram>
>
>    <p>
> -    Support for STT encapsulation is deprecated.  While using STT on
> setups
> -    that didn't migrate to Geneve yet, OVN encodes all three pieces of
> logical
> -    metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB:
> -  </p>
> -
> -  <diagram>
> -    <header name="">
> -      <bits name="reserved" above="9" below="0" width=".5"/>
> -      <bits name="ingress port" above="15" width=".75"/>
> -      <bits name="egress port" above="16" width=".75"/>
> -      <bits name="datapath" above="24" width="1.25"/>
> -    </header>
> -  </diagram>
> -
> -  <p>
> -    For connecting to gateways, in addition to Geneve and STT, OVN
> supports
> -    VXLAN, because only VXLAN support is common on top-of-rack (ToR)
> switches.
> +    For connecting to gateways, in addition to Geneve, OVN supports VXLAN,
> +    because VXLAN-only support is common on top-of-rack (ToR) switches.
>      Currently, gateways have a feature set that matches the capabilities
> as
>      defined by the VTEP schema, so fewer bits of metadata are necessary.
> In
>      the future, gateways that do not support encapsulations with large
> amounts
> diff --git a/ovn-ic-sb.ovsschema b/ovn-ic-sb.ovsschema
> index 097d6f370..0269b3b75 100644
> --- a/ovn-ic-sb.ovsschema
> +++ b/ovn-ic-sb.ovsschema
> @@ -1,7 +1,7 @@
>  {
>      "name": "OVN_IC_Southbound",
> -    "version": "1.3.0",
> -    "cksum": "3496599919 7088",
> +    "version": "2.3.0",
> +    "cksum": "1259594626 7081",
>      "tables": {
>          "IC_SB_Global": {
>              "columns": {
> @@ -47,7 +47,7 @@
>              "columns": {
>                  "type": {"type": {"key": {
>                             "type": "string",
> -                           "enum": ["set", ["geneve", "stt", "vxlan"]]}}},
> +                           "enum": ["set", ["geneve", "vxlan"]]}}},
>                  "options": {"type": {"key": "string",
>                                       "value": "string",
>                                       "min": 0,
> diff --git a/ovn-ic-sb.xml b/ovn-ic-sb.xml
> index 46c77a814..63848088a 100644
> --- a/ovn-ic-sb.xml
> +++ b/ovn-ic-sb.xml
> @@ -275,8 +275,8 @@
>
>        <column name="tunnel_key">
>          <p>
> -          A number that represents the logical port in the key (e.g. STT
> key or
> -          Geneve TLV) field carried within tunnel protocol packets.  The
> key
> +          A number that represents the logical port in the key (e.g.
> Geneve
> +          TLV) field carried within tunnel protocol packets.  The key
>            can be generated by any <code>ovn-ic</code> but the same key is
>            shared by all availability zones so that the packets can go
> through
>            the datapath pipelines of different availability zones.
> diff --git a/ovn-nb.xml b/ovn-nb.xml
> index ff5f2f249..307aed38b 100644
> --- a/ovn-nb.xml
> +++ b/ovn-nb.xml
> @@ -391,7 +391,7 @@
>          northd will run in a <code>VXLAN mode</code>. See man
>          ovn-architecture(7) <code>Tunnel Encapsulations</code> paragraph
> for
>          more details.  In case VXLAN encaps are needed on chassis only to
> -        support HW VTEP functionality and main encap type is GENEVE or
> STT, set
> +        support HW VTEP functionality and main encap type is GENEVE, set
>          this option to <code>false</code> to use default
>          non-<code>VXLAN mode</code> tunnel IDs allocation logic.
>          Please consider when OVN is running in
> <code>OVN-interconnect</code>
> diff --git a/ovn-sb.ovsschema b/ovn-sb.ovsschema
> index c6058f42c..77c7d95b9 100644
> --- a/ovn-sb.ovsschema
> +++ b/ovn-sb.ovsschema
> @@ -1,7 +1,7 @@
>  {
>      "name": "OVN_Southbound",
> -    "version": "20.41.0",
> -    "cksum": "2343742948 34719",
> +    "version": "21.41.0",
> +    "cksum": "38144040 34712",
>      "tables": {
>          "SB_Global": {
>              "columns": {
> @@ -64,7 +64,7 @@
>              "columns": {
>                  "type": {"type": {"key": {
>                             "type": "string",
> -                           "enum": ["set", ["geneve", "stt", "vxlan"]]}}},
> +                           "enum": ["set", ["geneve", "vxlan"]]}}},
>                  "options": {"type": {"key": "string",
>                                       "value": "string",
>                                       "min": 0,
> diff --git a/ovn-sb.xml b/ovn-sb.xml
> index 39acb81a4..bbb3c7b13 100644
> --- a/ovn-sb.xml
> +++ b/ovn-sb.xml
> @@ -478,9 +478,8 @@
>
>      <column name="type">
>        The encapsulation to use to transmit packets to this chassis.
> -      Hypervisors and gateways must use one of: <code>geneve</code>,
> -      <code>vxlan</code>, or <code>stt</code>.  <code>stt</code> is
> -      deprecated.
> +      Hypervisors and gateways must use <code>geneve</code> or
> +      <code>vxlan</code>.
>      </column>
>
>      <column name="options">
> @@ -539,8 +538,7 @@
>
>      <column name="options" key="dst_port" type='{"type": "integer"}'>
>        <p>
> -        If set, overrides the UDP (for <code>geneve</code> and
> -        <code>vxlan</code>) or TCP (for <code>stt</code>) destination
> port.
> +        If set, overrides the UDP destination port.
>        </p>
>      </column>
>
> @@ -3431,8 +3429,8 @@ tcp.flags = RST;
>
>        <column name="tunnel_key">
>          <p>
> -          A number that represents the logical port in the key (e.g. STT
> key or
> -          Geneve TLV) field carried within tunnel protocol packets.
> +          A number that represents the logical port in the key (e.g.
> Geneve
> +          TLV) field carried within tunnel protocol packets.
>          </p>
>
>          <p>
> diff --git a/ovs b/ovs
> index bb0593334..7f4ee4395 160000
> --- a/ovs
> +++ b/ovs
> @@ -1 +1 @@
> -Subproject commit bb059333496a9b48d6d798b6b32108c9f2720479
> +Subproject commit 7f4ee4395637e906563c71f4112b809fed4f3968
> diff --git a/tests/ovn-controller.at b/tests/ovn-controller.at
> index 2ebf879f1..fdd574c20 100644
> --- a/tests/ovn-controller.at
> +++ b/tests/ovn-controller.at
> @@ -339,6 +339,7 @@ check_tunnel_property () {
>
>  # create "empty" chassis. vxlan is used here as a stub
>  check ovn-sbctl chassis-add fakechassis vxlan 192.168.0.2
> +OVS_WAIT_UNTIL([check_tunnel_property type vxlan])
>
>  # See if we switch to Geneve as the first choice when it is available
>  # With multi-VTEP support we support tunnels with different IPs to the
> @@ -351,15 +352,6 @@ check ovn-sbctl chassis-add fakechassis vxlan
> 192.168.0.2
>  encap_uuid=$(ovn-sbctl add chassis fakechassis encaps @encap --
> --id=@encap create encap type=geneve ip="192.168.0.2")
>  OVS_WAIT_UNTIL([check_tunnel_property type geneve])
>
> -# change geneve to stt and check that tun interface was deleted and there
> is
> -# no stt encap on the second chassis, only vxlan
> -check ovn-sbctl set encap ${encap_uuid} type=stt
> -OVS_WAIT_WHILE([check_tunnel_property type stt])
> -OVS_WAIT_UNTIL([check_tunnel_property type vxlan])
> -
> -# change back to geneve
> -check ovn-sbctl set encap ${encap_uuid} type=geneve
> -
>  # Check that changes within an encap row are propagated
>  check ovn-sbctl set encap ${encap_uuid} ip=192.168.0.2
>  OVS_WAIT_UNTIL([check_tunnel_property options:remote_ip
> "\"192.168.0.2\""])
> diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
> index e62ae3a35..bf360dfba 100644
> --- a/tests/ovn-ic.at
> +++ b/tests/ovn-ic.at
> @@ -423,10 +423,10 @@ ovs-vsctl set open .
> external-ids:ovn-is-interconn=true
>  OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep "192.168.0.1"])
>  ovs-vsctl set open . external_ids:ovn-encap-ip=192.168.0.2
>  OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep "192.168.0.2"])
> -ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt"
> -OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt])
> +ovs-vsctl set open . external_ids:ovn-encap-type="geneve,vxlan"
> +OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep vxlan])
>
> -OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"])
> +OVN_CLEANUP_SBOX([gw2])
>  OVN_CLEANUP_IC([az1], [az2])
>
>  AT_CLEANUP
> diff --git a/tests/ovn-sbctl.at b/tests/ovn-sbctl.at
> index 9bb3993f5..c1ec79dc4 100644
> --- a/tests/ovn-sbctl.at
> +++ b/tests/ovn-sbctl.at
> @@ -76,12 +76,11 @@ AT_CHECK([ovn-sbctl -f csv -d bare --no-headings
> --columns ip,type list encap |
>  1.2.3.4,geneve
>  ])
>
> -AT_CHECK([ovn-sbctl chassis-add ch1 stt,geneve,vxlan 1.2.3.5])
> +AT_CHECK([ovn-sbctl chassis-add ch1 geneve,vxlan 1.2.3.5])
>  AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list
> encap | sort],
>           [0], [dnl
>  1.2.3.4,geneve
>  1.2.3.5,geneve
> -1.2.3.5,stt
>  1.2.3.5,vxlan
>  ])
>
> @@ -89,7 +88,6 @@ AT_CHECK([ovn-sbctl chassis-del ch0])
>  AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list
> encap | sort],
>           [0], [dnl
>  1.2.3.5,geneve
> -1.2.3.5,stt
>  1.2.3.5,vxlan
>  ])
>
> @@ -101,7 +99,6 @@ check_row_count Chassis_Private 1
>  AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list
> encap | sort],
>           [0], [dnl
>  1.2.3.5,geneve
> -1.2.3.5,stt
>  1.2.3.5,vxlan
>  2.3.4.5,geneve
>  ])
> @@ -110,7 +107,6 @@ AT_CHECK([ovn-sbctl chassis-del ch2])
>  AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list
> encap | sort],
>           [0], [dnl
>  1.2.3.5,geneve
> -1.2.3.5,stt
>  1.2.3.5,vxlan
>  ])
>  check_row_count Chassis_Private 0
> @@ -126,13 +122,13 @@ OVN_SBCTL_TEST([ovn_sbctl_commands], [ovn-sbctl], [
>  AT_CHECK([ovn-nbctl ls-add br-test])
>  AT_CHECK([ovn-nbctl lsp-add br-test vif0])
>  AT_CHECK([ovn-nbctl lsp-set-addresses vif0 f0:ab:cd:ef:01:02])
> -AT_CHECK([ovn-sbctl chassis-add ch0 stt 1.2.3.5])
> +AT_CHECK([ovn-sbctl chassis-add ch0 geneve 1.2.3.5])
>  AT_CHECK([ovn-nbctl --wait=sb sync])
>  AT_CHECK([ovn-sbctl lsp-bind vif0 ch0])
>
>  AT_CHECK([ovn-sbctl show], [0], [dnl
>  Chassis ch0
> -    Encap stt
> +    Encap geneve
>          ip: "1.2.3.5"
>          options: {csum="true"}
>      Port_Binding vif0
> @@ -145,7 +141,7 @@ AT_CHECK([ovn-sbctl lsp-bind vif1 ch0])
>
>  AT_CHECK([ovn-sbctl show | sed 's/vif[[0-9]]/vif/'], [0], [dnl
>  Chassis ch0
> -    Encap stt
> +    Encap geneve
>          ip: "1.2.3.5"
>          options: {csum="true"}
>      Port_Binding vif
> @@ -158,7 +154,7 @@ AT_CHECK([ovn-nbctl --wait=sb sync])
>
>  AT_CHECK([ovn-sbctl show], [0], [dnl
>  Chassis ch0
> -    Encap stt
> +    Encap geneve
>          ip: "1.2.3.5"
>          options: {csum="true"}
>      Port_Binding vif0
> diff --git a/tests/ovn.at b/tests/ovn.at
> index afde2576f..7d97cd810 100644
> --- a/tests/ovn.at
> +++ b/tests/ovn.at
> @@ -16515,7 +16515,6 @@ m4_define([MULTICHASSIS_PATH_MTU_DISCOVERY_TEST],
>     AT_CLEANUP
>     ])])
>
> -# NOTE(ihar) no STT variants because it's not supported by upstream
> kernels
>  MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv4], [geneve], [1424])
>  MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv6], [geneve], [1404])
>  MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv4], [vxlan], [1432])
> diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at
> index 0eebed815..41a8b7914 100644
> --- a/tests/system-kmod-macros.at
> +++ b/tests/system-kmod-macros.at
> @@ -18,7 +18,7 @@ m4_define([_ADD_BR], [[add-br $1 -- set Bridge $1
> protocols=OpenFlow10,OpenFlow1
>  m4_define([OVS_TRAFFIC_VSWITCHD_START],
>    [AT_CHECK([modprobe openvswitch])
>     on_exit 'modprobe -r openvswitch'
> -   m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_lisp],
> [vport_stt], [vport_vxlan]],
> +   m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_vxlan]],
>                [modprobe -q mod || echo "Module mod not loaded."
>                 on_exit 'modprobe -q -r mod'
>                ])
> --
> 2.49.0
>
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
>
>
Looks good to me, thanks.
Acked-by: Ales Musil <amusil@redhat.com>
Dumitru Ceara April 3, 2025, 12:21 p.m. UTC | #2 
On 4/3/25 10:26 AM, Ales Musil wrote:
> On Mon, Mar 31, 2025 at 4:07 PM Ilya Maximets <i.maximets@ovn.org> wrote:
> 
>> STT encapsulation type was deprecated in OVN 25.03 and is no longer
>> supported in OVS since commit:
>>
>>   19b89416203f ("tunnels: Remove support for deprecated STT and LISP.")
>>
>> Remove support in OVN as well.
>>
>> OVS submodule is moved beyond the corresponding commit because we must
>> have the flake8 fix for the F824 check, otherwise CI will fail.
>>
>> Note: This commit makes backward incompatible change in the Southbound
>> DB schema by removing support for 'stt' from the encapsulation type
>> column.  Users must migrate to other encapsulation types before
>> attempting upgrade to the future OVN 25.09.  Corresponding warning is
>> added to the NEWS file.
>>
>> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
>> ---

Hi Ilya, Ales,

> Looks good to me, thanks.
> Acked-by: Ales Musil <amusil@redhat.com>
> 

Thanks!  Applied to main with a minor change to the schema version:

diff --git a/ovn-ic-sb.ovsschema b/ovn-ic-sb.ovsschema
index 0269b3b759..459c3833e8 100644
--- a/ovn-ic-sb.ovsschema
+++ b/ovn-ic-sb.ovsschema
@@ -1,7 +1,7 @@
 {
     "name": "OVN_IC_Southbound",
-    "version": "2.3.0",
-    "cksum": "1259594626 7081",
+    "version": "2.0.0",
+    "cksum": "197748428 7081",
     "tables": {
         "IC_SB_Global": {
             "columns": {
diff --git a/ovn-sb.ovsschema b/ovn-sb.ovsschema
index 77c7d95b91..d7cfeaa8fb 100644
--- a/ovn-sb.ovsschema
+++ b/ovn-sb.ovsschema
@@ -1,7 +1,7 @@
 {
     "name": "OVN_Southbound",
-    "version": "21.41.0",
-    "cksum": "38144040 34712",
+    "version": "21.0.0",
+    "cksum": "4028932437 34711",
     "tables": {
         "SB_Global": {
             "columns": {

According to ovsdb.7.rst we need to: "Whenever we change the database
schema in a non-backward compatible way (e.g. when we delete a column or
a table), we increment <x> and set <y> and <z> to 0.".

Regards,
Dumitru
Ilya Maximets April 3, 2025, 12:24 p.m. UTC | #3 
On 4/3/25 2:21 PM, Dumitru Ceara wrote:
> On 4/3/25 10:26 AM, Ales Musil wrote:
>> On Mon, Mar 31, 2025 at 4:07 PM Ilya Maximets <i.maximets@ovn.org> wrote:
>>
>>> STT encapsulation type was deprecated in OVN 25.03 and is no longer
>>> supported in OVS since commit:
>>>
>>>   19b89416203f ("tunnels: Remove support for deprecated STT and LISP.")
>>>
>>> Remove support in OVN as well.
>>>
>>> OVS submodule is moved beyond the corresponding commit because we must
>>> have the flake8 fix for the F824 check, otherwise CI will fail.
>>>
>>> Note: This commit makes backward incompatible change in the Southbound
>>> DB schema by removing support for 'stt' from the encapsulation type
>>> column.  Users must migrate to other encapsulation types before
>>> attempting upgrade to the future OVN 25.09.  Corresponding warning is
>>> added to the NEWS file.
>>>
>>> Signed-off-by: Ilya Maximets <i.maximets@ovn.org>
>>> ---
> 
> Hi Ilya, Ales,
> 
>> Looks good to me, thanks.
>> Acked-by: Ales Musil <amusil@redhat.com>
>>
> 
> Thanks!  Applied to main with a minor change to the schema version:
> 
> diff --git a/ovn-ic-sb.ovsschema b/ovn-ic-sb.ovsschema
> index 0269b3b759..459c3833e8 100644
> --- a/ovn-ic-sb.ovsschema
> +++ b/ovn-ic-sb.ovsschema
> @@ -1,7 +1,7 @@
>  {
>      "name": "OVN_IC_Southbound",
> -    "version": "2.3.0",
> -    "cksum": "1259594626 7081",
> +    "version": "2.0.0",
> +    "cksum": "197748428 7081",
>      "tables": {
>          "IC_SB_Global": {
>              "columns": {
> diff --git a/ovn-sb.ovsschema b/ovn-sb.ovsschema
> index 77c7d95b91..d7cfeaa8fb 100644
> --- a/ovn-sb.ovsschema
> +++ b/ovn-sb.ovsschema
> @@ -1,7 +1,7 @@
>  {
>      "name": "OVN_Southbound",
> -    "version": "21.41.0",
> -    "cksum": "38144040 34712",
> +    "version": "21.0.0",
> +    "cksum": "4028932437 34711",
>      "tables": {
>          "SB_Global": {
>              "columns": {
> 
> According to ovsdb.7.rst we need to: "Whenever we change the database
> schema in a non-backward compatible way (e.g. when we delete a column or
> a table), we increment <x> and set <y> and <z> to 0.".

Oops.  Yeah, I increased the x, but somehow missed re-setting the y.
Thanks!

Best regards, Ilya Maximets.
diff mbox series

Patch

diff --git a/Documentation/faq/general.rst b/Documentation/faq/general.rst
index 63f5c4cbe..c2386e7ad 100644
--- a/Documentation/faq/general.rst
+++ b/Documentation/faq/general.rst
@@ -49,7 +49,7 @@  Q: How can I try OVN?
     various Linux distributions are available on many platforms, including:
     Debian, Ubuntu, Fedora.
 
-Q: Why does OVN use STT and Geneve instead of VLANs or VXLAN (or GRE)?
+Q: Why does OVN use Geneve instead of VLANs or VXLAN (or GRE)?
 
     A: OVN implements a fairly sophisticated packet processing pipeline in
     "logical datapaths" that can implement switching or routing functionality.
@@ -77,20 +77,16 @@  Q: Why does OVN use STT and Geneve instead of VLANs or VXLAN (or GRE)?
     metadata must pass across the physical network:
 
     * Logical datapath ID, a 24-bit identifier.  In Geneve, OVN uses the VNI to
-      hold the logical datapath ID; in STT, OVN uses 24 bits of STT's 64-bit
-      context ID.
+      hold the logical datapath ID.
 
     * Logical ingress port, a 15-bit identifier.  In Geneve, OVN uses an option
-      to hold the logical ingress port; in STT, 15 bits of the context ID.
+      to hold the logical ingress port.
 
     * Logical egress port, a 16-bit identifier.  In Geneve, OVN uses an option
-      to hold the logical egress port; in STT, 16 bits of the context ID.
+      to hold the logical egress port.
 
     See ``ovn-architecture(7)``, under "Tunnel Encapsulations", for details.
 
-    Note: Support for STT tunnels is deprecated and will be removed in OVN
-    25.09 release.
-
     Together, these metadata require 24 + 15 + 16 = 55 bits.  GRE provides 32
     bits, VXLAN provides 24, and VLAN only provides 12.  Most notably, if
     logical egress pipelines do not match on the logical ingress port, thereby
diff --git a/Documentation/howto/docker.rst b/Documentation/howto/docker.rst
index 15bf07c94..1ada1fa2c 100644
--- a/Documentation/howto/docker.rst
+++ b/Documentation/howto/docker.rst
@@ -117,13 +117,10 @@  The "overlay" mode
 
    ``$ENCAP_TYPE``
      is the type of tunnel that you would like to use for overlay networking.
-     The options are ``geneve`` or ``stt``. Your kernel must have support for
-     your chosen ``$ENCAP_TYPE``. Both ``geneve`` and ``stt`` are part of the
-     Open vSwitch kernel module that is compiled from this repo. If you use the
-     Open vSwitch kernel module from upstream Linux, you will need a minimum
-     kernel version of 3.18 for ``geneve``. There is no ``stt`` support in
-     upstream Linux. You can verify whether you have the support in your kernel
-     as follows::
+     The options are ``geneve`` or ``vxlan``. Your kernel must have support for
+     your chosen ``$ENCAP_TYPE``.  You will need a minimum Linux kernel version
+     of 3.18 for ``geneve``.  You can verify whether you have the support in
+     your kernel as follows::
 
          $ lsmod | grep $ENCAP_TYPE
 
diff --git a/Documentation/howto/firewalld.rst b/Documentation/howto/firewalld.rst
index 27faebeea..9487d1074 100644
--- a/Documentation/howto/firewalld.rst
+++ b/Documentation/howto/firewalld.rst
@@ -91,7 +91,7 @@  time the firewalld service restarts.
 The ovn-host-firewall-service only opens port 6081. This is because the
 default protocol for OVN tunnels is geneve. If you are using a different
 encapsulation protocol, you will need to modify the XML service file to open
-the appropriate port(s). For VXLAN, open port 4789. For STT, open port 7471.
+the appropriate port(s). For VXLAN, open port 4789.
 
 Recommendations
 ---------------
diff --git a/Documentation/topics/high-availability.rst b/Documentation/topics/high-availability.rst
index e85a1cd04..56c1b03e9 100644
--- a/Documentation/topics/high-availability.rst
+++ b/Documentation/topics/high-availability.rst
@@ -77,7 +77,7 @@  Basic Architecture
 
 In an OVN deployment, the set of hypervisors and network elements operating
 under the guidance of ovn-northd are in what's called "logical space".  These
-servers use VXLAN, STT, or Geneve to communicate, oblivious to the details of
+servers use VXLAN or Geneve to communicate, oblivious to the details of
 the underlying physical network.  When these systems need to communicate with
 legacy networks, traffic must be routed through a Gateway which translates from
 OVN controlled tunnel traffic, to raw physical network traffic.
diff --git a/Documentation/tutorials/ovn-openstack.rst b/Documentation/tutorials/ovn-openstack.rst
index 557d6284f..93341d58c 100644
--- a/Documentation/tutorials/ovn-openstack.rst
+++ b/Documentation/tutorials/ovn-openstack.rst
@@ -1946,7 +1946,7 @@  explore some of these directions:
 
 * Adding more than one hypervisor ("compute node", in OpenStack
   parlance).  OVN connects compute nodes by tunneling packets with the
-  STT or Geneve protocols.  OVN scales to 1000 compute nodes or more,
+  Geneve protocol.  OVN scales to 1000 compute nodes or more,
   but two compute nodes demonstrate the principle.  All of the tools
   and techniques we demonstrated also work with multiple compute
   nodes.
diff --git a/NEWS b/NEWS
index 656176d20..edb3ded0d 100644
--- a/NEWS
+++ b/NEWS
@@ -1,5 +1,11 @@ 
 Post v25.03.0
 -------------
+   - STT tunnels are no longer supported in ovn-encap-type.
+     ** WARNING ** Existing setups must be fully reconfigured to use Geneve
+     or VxLAN before upgrading.  To avoid potential database conversion issues
+     all OVN databases should be manually compacted after the reconfiguration.
+     For instructions see:
+       https://docs.openvswitch.org/en/latest/ref/ovsdb.7/#compacting-databases
    - Added support for "ovn-cleanup-on-exit" config option in Open_vSwitch
      external-ids, this option allows to specify if ovn-controller should
      perform cleanup when exiting. The "--restart" exit always has priority
diff --git a/controller/chassis.c b/controller/chassis.c
index aa5980d92..c28a26a97 100644
--- a/controller/chassis.c
+++ b/controller/chassis.c
@@ -253,8 +253,6 @@  chassis_parse_ovs_encap_type(const char *encap_type,
 
         if (!tun_type) {
             VLOG_INFO_RL(&rl, "Unknown tunnel type: %s", type);
-        } else if (tun_type == STT) {
-            VLOG_WARN_RL(&rl, "STT encapsulation type is deprecated");
         }
     }
 }
diff --git a/controller/local_data.c b/controller/local_data.c
index 5383f49cf..9c6974ce7 100644
--- a/controller/local_data.c
+++ b/controller/local_data.c
@@ -482,8 +482,6 @@  local_nonvif_data_run(const struct ovsrec_bridge *br_int,
                 enum chassis_tunnel_type tunnel_type;
                 if (!strcmp(iface_rec->type, "geneve")) {
                     tunnel_type = GENEVE;
-                } else if (!strcmp(iface_rec->type, "stt")) {
-                    tunnel_type = STT;
                 } else if (!strcmp(iface_rec->type, "vxlan")) {
                     tunnel_type = VXLAN;
                 } else {
@@ -527,8 +525,7 @@  local_nonvif_data_handle_ovs_iface_changes(
     OVSREC_INTERFACE_TABLE_FOR_EACH_TRACKED (iface_rec, iface_table) {
         if (!strcmp(iface_rec->type, "geneve") ||
             !strcmp(iface_rec->type, "patch") ||
-            !strcmp(iface_rec->type, "vxlan") ||
-            !strcmp(iface_rec->type, "stt")) {
+            !strcmp(iface_rec->type, "vxlan")) {
             return false;
         }
     }
diff --git a/controller/ovn-controller.8.xml b/controller/ovn-controller.8.xml
index 31f790875..ca4df9148 100644
--- a/controller/ovn-controller.8.xml
+++ b/controller/ovn-controller.8.xml
@@ -166,11 +166,7 @@ 
 
         <p>
           Supported tunnel types for connecting hypervisors and gateways
-          are <code>geneve</code>, <code>vxlan</code>, and <code>stt</code>.
-        </p>
-
-        <p>
-          <code>stt</code> tunnel type is deprecated.
+          are <code>geneve</code> and <code>vxlan</code>.
         </p>
 
         <p>
diff --git a/controller/physical.c b/controller/physical.c
index a28dfd9ae..ee184ed23 100644
--- a/controller/physical.c
+++ b/controller/physical.c
@@ -168,10 +168,6 @@  put_encapsulation(enum mf_field_id mff_ovn_geneve,
         put_load(datapath->tunnel_key, MFF_TUN_ID, 0, 24, ofpacts);
         put_load(outport, mff_ovn_geneve, 0, 32, ofpacts);
         put_move(MFF_LOG_INPORT, 0, mff_ovn_geneve, 16, 15, ofpacts);
-    } else if (tun->type == STT) {
-        put_load(datapath->tunnel_key | ((uint64_t) outport << 24),
-                 MFF_TUN_ID, 0, 64, ofpacts);
-        put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID, 40, 15, ofpacts);
     } else if (tun->type == VXLAN) {
         uint64_t vni = datapath->tunnel_key;
         if (!is_ramp_switch) {
@@ -194,10 +190,6 @@  put_decapsulation(enum mf_field_id mff_ovn_geneve,
         put_move(MFF_TUN_ID, 0,  MFF_LOG_DATAPATH, 0, 24, ofpacts);
         put_move(mff_ovn_geneve, 16, MFF_LOG_INPORT, 0, 15, ofpacts);
         put_move(mff_ovn_geneve, 0, MFF_LOG_OUTPORT, 0, 16, ofpacts);
-    } else if (tun->type == STT) {
-        put_move(MFF_TUN_ID, 40, MFF_LOG_INPORT,   0, 15, ofpacts);
-        put_move(MFF_TUN_ID, 24, MFF_LOG_OUTPORT,  0, 16, ofpacts);
-        put_move(MFF_TUN_ID,  0, MFF_LOG_DATAPATH, 0, 24, ofpacts);
     } else if (tun->type == VXLAN) {
         /* Add flows for non-VTEP tunnels. Split VNI into two 12-bit
          * sections and use them for datapath and outport IDs. */
@@ -218,10 +210,6 @@  put_remote_chassis_flood_encap(struct ofpbuf *ofpacts,
         put_move(MFF_LOG_DATAPATH, 0,  MFF_TUN_ID, 0, 24, ofpacts);
         put_load(0, mff_ovn_geneve, 0, 32, ofpacts);
         put_move(MFF_LOG_INPORT, 0, mff_ovn_geneve, 16, 15, ofpacts);
-    } else if (type == STT) {
-        put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID, 40, 15, ofpacts);
-        put_load(0, MFF_TUN_ID, 24, 16, ofpacts);
-        put_move(MFF_LOG_DATAPATH,  0, MFF_TUN_ID, 0, 24, ofpacts);
     } else if (type == VXLAN) {
         put_move(MFF_LOG_INPORT, 0, MFF_TUN_ID,  12, 12, ofpacts);
         put_move(MFF_LOG_DATAPATH, 0, MFF_TUN_ID, 0, 12, ofpacts);
@@ -245,9 +233,6 @@  match_set_chassis_flood_outport(struct match *match,
         memset(&mask.tun_metadata[mf_ovn_geneve->n_bytes - 2], 0xff, 2);
 
         tun_metadata_set_match(mf_ovn_geneve, &value, &mask, match, NULL);
-    } else if (type == STT) {
-        /* Outport occupies bits 24-39. */
-        match_set_tun_id_masked(match, 0, htonll(UINT64_C(0xffff) << 24));
     }
 }
 
@@ -1471,8 +1456,6 @@  get_tunnel_overhead(struct chassis_tunnel const *tun)
     enum chassis_tunnel_type type = tun->type;
     if (type == GENEVE) {
         overhead += GENEVE_TUNNEL_OVERHEAD;
-    } else if (type == STT) {
-        overhead += STT_TUNNEL_OVERHEAD;
     } else if (type == VXLAN) {
         overhead += VXLAN_TUNNEL_OVERHEAD;
     } else {
@@ -2696,8 +2679,8 @@  physical_run(struct physical_ctx *p_ctx,
      * Process packets that arrive from a remote hypervisor (by matching
      * on tunnel in_port). */
 
-    /* Add flows for Geneve, STT and VXLAN encapsulations.  Geneve and STT
-     * encapsulations have metadata about the ingress and egress logical ports.
+    /* Add flows for Geneve and VXLAN encapsulations.  Geneve encapsulations
+     * have metadata about the ingress and egress logical ports.
      * VXLAN encapsulations have metadata about the egress logical port only.
      * We set MFF_LOG_DATAPATH, MFF_LOG_INPORT, and MFF_LOG_OUTPORT from the
      * tunnel key data where possible, then resubmit to table 40 to handle
diff --git a/include/ovn/logical-fields.h b/include/ovn/logical-fields.h
index 196ac9dd8..3f636dc0c 100644
--- a/include/ovn/logical-fields.h
+++ b/include/ovn/logical-fields.h
@@ -106,7 +106,7 @@  enum mff_log_flags {
 
     /* Indicate that a packet was received from a ramp switch to compensate for
      * the lack of egress port information available in ramp switch
-     * encapsulation.  Egress port information is available for Geneve, STT and
+     * encapsulation.  Egress port information is available for Geneve and
      * regular VXLAN tunnel types. */
     MLF_RCV_FROM_RAMP = (1 << MLF_RCV_FROM_RAMP_BIT),
 
diff --git a/lib/ovn-util.c b/lib/ovn-util.c
index c65b36bb5..05877350a 100644
--- a/lib/ovn-util.c
+++ b/lib/ovn-util.c
@@ -913,8 +913,6 @@  get_tunnel_type(const char *name)
 {
     if (!strcmp(name, "geneve")) {
         return GENEVE;
-    } else if (!strcmp(name, "stt")) {
-        return STT;
     } else if (!strcmp(name, "vxlan")) {
         return VXLAN;
     }
diff --git a/lib/ovn-util.h b/lib/ovn-util.h
index ce8cc0568..f7f82c365 100644
--- a/lib/ovn-util.h
+++ b/lib/ovn-util.h
@@ -35,7 +35,6 @@ 
 #define ETHERNET_OVERHEAD (ETH_HEADER_LEN + ETH_CRC_LENGTH)
 
 #define GENEVE_TUNNEL_OVERHEAD 38
-#define STT_TUNNEL_OVERHEAD 18
 #define VXLAN_TUNNEL_OVERHEAD 30
 
 struct eth_addr;
@@ -336,9 +335,7 @@  hash_add_in6_addr(uint32_t hash, const struct in6_addr *addr)
 /* Must be a bit-field ordered from most-preferred (higher number) to
  * least-preferred (lower number). */
 enum chassis_tunnel_type {
-    GENEVE = 1 << 2,
-    STT    = 1 << 1,  /* NOTE: STT support is deprecated and will be removed
-                       *       in an upcoming release. */
+    GENEVE = 1 << 1,
     VXLAN  = 1 << 0
 };
 
diff --git a/ovn-architecture.7.xml b/ovn-architecture.7.xml
index d45248af4..7b598b203 100644
--- a/ovn-architecture.7.xml
+++ b/ovn-architecture.7.xml
@@ -1204,7 +1204,7 @@ 
       </p>
 
       <p>
-        Geneve and STT tunnels pass this field as part of the tunnel key.
+        Geneve tunnels pass this field as part of the tunnel key.
         Ramp switch VXLAN tunnels do not explicitly carry a logical input port,
         but since they are used to communicate with gateways that from OVN's
         perspective consist of only a single logical port, so that OVN can set
@@ -1228,7 +1228,7 @@ 
       </p>
 
       <p>
-        Geneve, STT and regular VXLAN tunnels pass this field as part of the
+        Geneve and regular VXLAN tunnels pass this field as part of the
         tunnel key. Ramp switch VXLAN tunnels do not transmit the logical
         output port field, and since they do not carry a logical output port
         field in the tunnel key, when a packet is received from ramp switch
@@ -2813,7 +2813,7 @@ 
   <p>
     When VXLAN is enabled on any hypervisor in a cluster, datapath and egress
     port identifier ranges are reduced to 12-bits.  This is done because only
-    STT and Geneve provide the large space for metadata (over 32 bits per
+    Geneve provides the large space for metadata (over 32 bits per
     packet).  The mode with reduced ranges is called <code>VXLAN mode</code>.
     To accommodate for VXLAN, 24 bits available are split as follows:
   </p>
@@ -2868,14 +2868,13 @@ 
   </p>
   <ul>
     <li>
-      STT and Geneve use randomized UDP or TCP source ports that allows
-      efficient distribution among multiple paths in environments that use ECMP
+      Geneve uses randomized UDP or TCP source ports that allows efficient
+      distribution among multiple paths in environments that use ECMP
       in their underlay.
     </li>
 
     <li>
-      NICs are available to offload STT and Geneve encapsulation and
-      decapsulation.
+      NICs are available to offload Geneve encapsulation and decapsulation.
     </li>
   </ul>
 
@@ -2899,23 +2898,8 @@ 
   </diagram>
 
   <p>
-    Support for STT encapsulation is deprecated.  While using STT on setups
-    that didn't migrate to Geneve yet, OVN encodes all three pieces of logical
-    metadata in the STT 64-bit tunnel ID as follows, from MSB to LSB:
-  </p>
-
-  <diagram>
-    <header name="">
-      <bits name="reserved" above="9" below="0" width=".5"/>
-      <bits name="ingress port" above="15" width=".75"/>
-      <bits name="egress port" above="16" width=".75"/>
-      <bits name="datapath" above="24" width="1.25"/>
-    </header>
-  </diagram>
-
-  <p>
-    For connecting to gateways, in addition to Geneve and STT, OVN supports
-    VXLAN, because only VXLAN support is common on top-of-rack (ToR) switches.
+    For connecting to gateways, in addition to Geneve, OVN supports VXLAN,
+    because VXLAN-only support is common on top-of-rack (ToR) switches.
     Currently, gateways have a feature set that matches the capabilities as
     defined by the VTEP schema, so fewer bits of metadata are necessary.  In
     the future, gateways that do not support encapsulations with large amounts
diff --git a/ovn-ic-sb.ovsschema b/ovn-ic-sb.ovsschema
index 097d6f370..0269b3b75 100644
--- a/ovn-ic-sb.ovsschema
+++ b/ovn-ic-sb.ovsschema
@@ -1,7 +1,7 @@ 
 {
     "name": "OVN_IC_Southbound",
-    "version": "1.3.0",
-    "cksum": "3496599919 7088",
+    "version": "2.3.0",
+    "cksum": "1259594626 7081",
     "tables": {
         "IC_SB_Global": {
             "columns": {
@@ -47,7 +47,7 @@ 
             "columns": {
                 "type": {"type": {"key": {
                            "type": "string",
-                           "enum": ["set", ["geneve", "stt", "vxlan"]]}}},
+                           "enum": ["set", ["geneve", "vxlan"]]}}},
                 "options": {"type": {"key": "string",
                                      "value": "string",
                                      "min": 0,
diff --git a/ovn-ic-sb.xml b/ovn-ic-sb.xml
index 46c77a814..63848088a 100644
--- a/ovn-ic-sb.xml
+++ b/ovn-ic-sb.xml
@@ -275,8 +275,8 @@ 
 
       <column name="tunnel_key">
         <p>
-          A number that represents the logical port in the key (e.g. STT key or
-          Geneve TLV) field carried within tunnel protocol packets.  The key
+          A number that represents the logical port in the key (e.g. Geneve
+          TLV) field carried within tunnel protocol packets.  The key
           can be generated by any <code>ovn-ic</code> but the same key is
           shared by all availability zones so that the packets can go through
           the datapath pipelines of different availability zones.
diff --git a/ovn-nb.xml b/ovn-nb.xml
index ff5f2f249..307aed38b 100644
--- a/ovn-nb.xml
+++ b/ovn-nb.xml
@@ -391,7 +391,7 @@ 
         northd will run in a <code>VXLAN mode</code>. See man
         ovn-architecture(7) <code>Tunnel Encapsulations</code> paragraph for
         more details.  In case VXLAN encaps are needed on chassis only to
-        support HW VTEP functionality and main encap type is GENEVE or STT, set
+        support HW VTEP functionality and main encap type is GENEVE, set
         this option to <code>false</code> to use default
         non-<code>VXLAN mode</code> tunnel IDs allocation logic.
         Please consider when OVN is running in <code>OVN-interconnect</code>
diff --git a/ovn-sb.ovsschema b/ovn-sb.ovsschema
index c6058f42c..77c7d95b9 100644
--- a/ovn-sb.ovsschema
+++ b/ovn-sb.ovsschema
@@ -1,7 +1,7 @@ 
 {
     "name": "OVN_Southbound",
-    "version": "20.41.0",
-    "cksum": "2343742948 34719",
+    "version": "21.41.0",
+    "cksum": "38144040 34712",
     "tables": {
         "SB_Global": {
             "columns": {
@@ -64,7 +64,7 @@ 
             "columns": {
                 "type": {"type": {"key": {
                            "type": "string",
-                           "enum": ["set", ["geneve", "stt", "vxlan"]]}}},
+                           "enum": ["set", ["geneve", "vxlan"]]}}},
                 "options": {"type": {"key": "string",
                                      "value": "string",
                                      "min": 0,
diff --git a/ovn-sb.xml b/ovn-sb.xml
index 39acb81a4..bbb3c7b13 100644
--- a/ovn-sb.xml
+++ b/ovn-sb.xml
@@ -478,9 +478,8 @@ 
 
     <column name="type">
       The encapsulation to use to transmit packets to this chassis.
-      Hypervisors and gateways must use one of: <code>geneve</code>,
-      <code>vxlan</code>, or <code>stt</code>.  <code>stt</code> is
-      deprecated.
+      Hypervisors and gateways must use <code>geneve</code> or
+      <code>vxlan</code>.
     </column>
 
     <column name="options">
@@ -539,8 +538,7 @@ 
 
     <column name="options" key="dst_port" type='{"type": "integer"}'>
       <p>
-        If set, overrides the UDP (for <code>geneve</code> and
-        <code>vxlan</code>) or TCP (for <code>stt</code>) destination port.
+        If set, overrides the UDP destination port.
       </p>
     </column>
 
@@ -3431,8 +3429,8 @@  tcp.flags = RST;
 
       <column name="tunnel_key">
         <p>
-          A number that represents the logical port in the key (e.g. STT key or
-          Geneve TLV) field carried within tunnel protocol packets.
+          A number that represents the logical port in the key (e.g. Geneve
+          TLV) field carried within tunnel protocol packets.
         </p>
 
         <p>
diff --git a/ovs b/ovs
index bb0593334..7f4ee4395 160000
--- a/ovs
+++ b/ovs
@@ -1 +1 @@ 
-Subproject commit bb059333496a9b48d6d798b6b32108c9f2720479
+Subproject commit 7f4ee4395637e906563c71f4112b809fed4f3968
diff --git a/tests/ovn-controller.at b/tests/ovn-controller.at
index 2ebf879f1..fdd574c20 100644
--- a/tests/ovn-controller.at
+++ b/tests/ovn-controller.at
@@ -339,6 +339,7 @@  check_tunnel_property () {
 
 # create "empty" chassis. vxlan is used here as a stub
 check ovn-sbctl chassis-add fakechassis vxlan 192.168.0.2
+OVS_WAIT_UNTIL([check_tunnel_property type vxlan])
 
 # See if we switch to Geneve as the first choice when it is available
 # With multi-VTEP support we support tunnels with different IPs to the
@@ -351,15 +352,6 @@  check ovn-sbctl chassis-add fakechassis vxlan 192.168.0.2
 encap_uuid=$(ovn-sbctl add chassis fakechassis encaps @encap -- --id=@encap create encap type=geneve ip="192.168.0.2")
 OVS_WAIT_UNTIL([check_tunnel_property type geneve])
 
-# change geneve to stt and check that tun interface was deleted and there is
-# no stt encap on the second chassis, only vxlan
-check ovn-sbctl set encap ${encap_uuid} type=stt
-OVS_WAIT_WHILE([check_tunnel_property type stt])
-OVS_WAIT_UNTIL([check_tunnel_property type vxlan])
-
-# change back to geneve
-check ovn-sbctl set encap ${encap_uuid} type=geneve
-
 # Check that changes within an encap row are propagated
 check ovn-sbctl set encap ${encap_uuid} ip=192.168.0.2
 OVS_WAIT_UNTIL([check_tunnel_property options:remote_ip "\"192.168.0.2\""])
diff --git a/tests/ovn-ic.at b/tests/ovn-ic.at
index e62ae3a35..bf360dfba 100644
--- a/tests/ovn-ic.at
+++ b/tests/ovn-ic.at
@@ -423,10 +423,10 @@  ovs-vsctl set open . external-ids:ovn-is-interconn=true
 OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep "192.168.0.1"])
 ovs-vsctl set open . external_ids:ovn-encap-ip=192.168.0.2
 OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep "192.168.0.2"])
-ovs-vsctl set open . external_ids:ovn-encap-type="geneve,stt"
-OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep stt])
+ovs-vsctl set open . external_ids:ovn-encap-type="geneve,vxlan"
+OVS_WAIT_UNTIL([ovn_as az2 ovn-sbctl show | grep vxlan])
 
-OVN_CLEANUP_SBOX([gw2], ["/STT encapsulation type is deprecated/d"])
+OVN_CLEANUP_SBOX([gw2])
 OVN_CLEANUP_IC([az1], [az2])
 
 AT_CLEANUP
diff --git a/tests/ovn-sbctl.at b/tests/ovn-sbctl.at
index 9bb3993f5..c1ec79dc4 100644
--- a/tests/ovn-sbctl.at
+++ b/tests/ovn-sbctl.at
@@ -76,12 +76,11 @@  AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list encap |
 1.2.3.4,geneve
 ])
 
-AT_CHECK([ovn-sbctl chassis-add ch1 stt,geneve,vxlan 1.2.3.5])
+AT_CHECK([ovn-sbctl chassis-add ch1 geneve,vxlan 1.2.3.5])
 AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list encap | sort],
          [0], [dnl
 1.2.3.4,geneve
 1.2.3.5,geneve
-1.2.3.5,stt
 1.2.3.5,vxlan
 ])
 
@@ -89,7 +88,6 @@  AT_CHECK([ovn-sbctl chassis-del ch0])
 AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list encap | sort],
          [0], [dnl
 1.2.3.5,geneve
-1.2.3.5,stt
 1.2.3.5,vxlan
 ])
 
@@ -101,7 +99,6 @@  check_row_count Chassis_Private 1
 AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list encap | sort],
          [0], [dnl
 1.2.3.5,geneve
-1.2.3.5,stt
 1.2.3.5,vxlan
 2.3.4.5,geneve
 ])
@@ -110,7 +107,6 @@  AT_CHECK([ovn-sbctl chassis-del ch2])
 AT_CHECK([ovn-sbctl -f csv -d bare --no-headings --columns ip,type list encap | sort],
          [0], [dnl
 1.2.3.5,geneve
-1.2.3.5,stt
 1.2.3.5,vxlan
 ])
 check_row_count Chassis_Private 0
@@ -126,13 +122,13 @@  OVN_SBCTL_TEST([ovn_sbctl_commands], [ovn-sbctl], [
 AT_CHECK([ovn-nbctl ls-add br-test])
 AT_CHECK([ovn-nbctl lsp-add br-test vif0])
 AT_CHECK([ovn-nbctl lsp-set-addresses vif0 f0:ab:cd:ef:01:02])
-AT_CHECK([ovn-sbctl chassis-add ch0 stt 1.2.3.5])
+AT_CHECK([ovn-sbctl chassis-add ch0 geneve 1.2.3.5])
 AT_CHECK([ovn-nbctl --wait=sb sync])
 AT_CHECK([ovn-sbctl lsp-bind vif0 ch0])
 
 AT_CHECK([ovn-sbctl show], [0], [dnl
 Chassis ch0
-    Encap stt
+    Encap geneve
         ip: "1.2.3.5"
         options: {csum="true"}
     Port_Binding vif0
@@ -145,7 +141,7 @@  AT_CHECK([ovn-sbctl lsp-bind vif1 ch0])
 
 AT_CHECK([ovn-sbctl show | sed 's/vif[[0-9]]/vif/'], [0], [dnl
 Chassis ch0
-    Encap stt
+    Encap geneve
         ip: "1.2.3.5"
         options: {csum="true"}
     Port_Binding vif
@@ -158,7 +154,7 @@  AT_CHECK([ovn-nbctl --wait=sb sync])
 
 AT_CHECK([ovn-sbctl show], [0], [dnl
 Chassis ch0
-    Encap stt
+    Encap geneve
         ip: "1.2.3.5"
         options: {csum="true"}
     Port_Binding vif0
diff --git a/tests/ovn.at b/tests/ovn.at
index afde2576f..7d97cd810 100644
--- a/tests/ovn.at
+++ b/tests/ovn.at
@@ -16515,7 +16515,6 @@  m4_define([MULTICHASSIS_PATH_MTU_DISCOVERY_TEST],
    AT_CLEANUP
    ])])
 
-# NOTE(ihar) no STT variants because it's not supported by upstream kernels
 MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv4], [geneve], [1424])
 MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv6], [geneve], [1404])
 MULTICHASSIS_PATH_MTU_DISCOVERY_TEST([ipv4], [vxlan], [1432])
diff --git a/tests/system-kmod-macros.at b/tests/system-kmod-macros.at
index 0eebed815..41a8b7914 100644
--- a/tests/system-kmod-macros.at
+++ b/tests/system-kmod-macros.at
@@ -18,7 +18,7 @@  m4_define([_ADD_BR], [[add-br $1 -- set Bridge $1 protocols=OpenFlow10,OpenFlow1
 m4_define([OVS_TRAFFIC_VSWITCHD_START],
   [AT_CHECK([modprobe openvswitch])
    on_exit 'modprobe -r openvswitch'
-   m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_lisp], [vport_stt], [vport_vxlan]],
+   m4_foreach([mod], [[vport_geneve], [vport_gre], [vport_vxlan]],
               [modprobe -q mod || echo "Module mod not loaded."
                on_exit 'modprobe -q -r mod'
               ])