openstack
/
neutron
Code Issues Proposed changes
neutron/neutron
History
LIU Yulong 7c757ad337 Local mac direct flow for non-openflow firewall 
When there is no openflow firewall, aka the ovs agent security group
is disabled or Noop/HybridIptable, this patch will introduce a different
ingress pipeline for bridge ports which will avoid ingress flood:
(1) table=0,  in_port=patch_bridge,dl_vlan=physical_vlan action=mod_vlan:local_vlan,goto:60 (original)
(2) table=60, in_port=patch_bridge                       action=goto:61                     (new)
(3) table=61, dl_dst=local_port_mac,dl_vlan=local_vlan,  action=strip_vlan,output:<ofport>  (changes)

And changes the local ports pipeline:
(1) table=0,  in_port=local_ofport                       action=goto:25                  (original)
(2) table=25, in_port=local_ofport,dl_src=local_port_mac action=goto:60                  (original)
(3) table=60, in_port=local_ofport,dl_src=local_port_mac action=local_vlan->reg6,goto:61 (changes)
(4) table=61, dl_dst=local_port_mac,reg6=local_vlan,     action=output:<ofport>          (changes)

Closes-Bug: #1884708
Closes-Bug: #1881070
Related-Bug: #1732067
Related-Bug: #1866445
Related-Bug: #1883321

Change-Id: Iecf9cffaf02616342f1727ad7db85545d8adbec2
(cherry picked from commit 959d8b6d73)
 		2020-10-23 07:50:13 +00:00
..
agent windows: fix terminating processes 2020-10-09 09:41:00 +00:00
api [Security] fix allowed-address-pair 0.0.0.0/0 issue 2020-07-31 11:23:01 +00:00
cmd Add 'keepalived_use_no_track' config option 2020-08-25 07:58:35 +00:00
common Fix queries to retrieve allocations with network_segment_range 2020-04-30 11:00:41 +00:00
conf Add 'keepalived_use_no_track' config option 2020-08-25 07:58:35 +00:00
core_extensions remove neutron.common.exceptions 2019-02-01 14:35:00 -07:00
db Fix port can not be created with the sg of other project 2020-08-21 00:12:14 -04:00
debug Remove deprecated 'external_network_bridge' option 2019-03-09 22:07:38 +00:00
extensions Fix resource schemas and releated `get_sorts` test cases 2020-01-31 17:30:08 +00:00
hacking remove neutron.db.api references 2019-03-05 09:14:50 -07:00
ipam Allow first address in an IPv6 subnet as valid unicast 2019-05-22 14:13:31 +00:00
locale Imported Translations from Zanata 2020-01-10 09:16:24 +00:00
notifiers Add config option ``http_retries`` 2020-07-09 12:13:53 +02:00
objects Default (shared) network segment range is not mandatory 2020-05-04 14:02:23 +00:00
pecan_wsgi Set DB retry for quota_enforcement pecan_wsgi hook 2019-11-21 06:38:33 +00:00
plugins Local mac direct flow for non-openflow firewall 2020-10-23 07:50:13 +00:00
privileged Replace ctype.CDLL by ctypes.PyDLL in linux.ip_lib 2020-09-11 11:36:37 +02:00
quota Set DB retry for quota_enforcement pecan_wsgi hook 2019-11-21 06:38:33 +00:00
scheduler Fix pep8 E128 warnings in non-test code 2019-03-12 21:22:33 +00:00
server Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-19 07:58:54 +00:00
services Use dict .get() to avoid a KeyError in the segment plugin 2020-09-04 13:09:13 +00:00
tests Local mac direct flow for non-openflow firewall 2020-10-23 07:50:13 +00:00
__init__.py Fix incorrect usage of '# flake8: noqa' 2018-10-29 15:27:50 -04:00
_i18n.py Make code follow log translation guideline 2017-08-14 02:01:48 +00:00
auth.py
manager.py Avoid loading same service plugin more than once 2019-02-21 11:17:02 +01:00
neutron_plugin_base_v2.py Do not load default service plugins if core plugin is not DB based 2017-11-09 20:34:52 +00:00
opts.py No rpc_response_max_timeout in LB-agent 2020-06-22 05:51:34 +00:00
policy.py List SG rules which belongs to tenant's SG 2020-01-16 08:57:01 +00:00
service.py Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-19 07:58:54 +00:00
version.py
worker.py Change process name of neutron-server to match worker role 2019-03-01 14:18:09 -05:00
wsgi.py Re-use existing ProcessLauncher from wsgi in RPC workers 2020-02-19 07:58:54 +00:00