Details
-
Bug
-
Status: Resolved
-
Resolution: Done
-
None
-
None
-
None
-
Operating System: All
Platform: All
-
4411
-
High
Description
In OVSDB project, for custom security groups, user can include a rule covering port range and this require to add flows with port MASK which is not supported in OF 1.3 and above (as per specification). On OVS there is Nicira extension which support port range and we can add flows with port MASK. This will prevent us from adding individual rule for every port in the range.
At present we do not have this extension support in openflowplugin.
Here is snippet from https://github.com/openvswitch/ovs/blob/branch-2.3/include/openflow/nicira-ext.h#L1469
/* The source or destination port in the TCP header.
*
- Prereqs:
- NXM_OF_ETH_TYPE must be either 0x0800 or 0x86dd.
- NXM_OF_IP_PROTO must match 6 exactly.
* - Format: 16-bit integer in network byte order.
* - Masking: Fully maskable, in Open vSwitch 1.6 and later. Not maskable, in
- earlier versions. */
#define NXM_OF_TCP_SRC NXM_HEADER (0x0000, 9, 2)
#define NXM_OF_TCP_SRC_W NXM_HEADER_W(0x0000, 9, 2)
#define NXM_OF_TCP_DST NXM_HEADER (0x0000, 10, 2)
#define NXM_OF_TCP_DST_W NXM_HEADER_W(0x0000, 10, 2)
/* The source or destination port in the UDP header.
*
- Prereqs:
- NXM_OF_ETH_TYPE must match either 0x0800 or 0x86dd.
- NXM_OF_IP_PROTO must match 17 exactly.
* - Format: 16-bit integer in network byte order.
* - Masking: Fully maskable, in Open vSwitch 1.6 and later. Not maskable, in
- earlier versions. */
#define NXM_OF_UDP_SRC NXM_HEADER (0x0000, 11, 2)
#define NXM_OF_UDP_SRC_W NXM_HEADER_W(0x0000, 11, 2)
#define NXM_OF_UDP_DST NXM_HEADER (0x0000, 12, 2)
#define NXM_OF_UDP_DST_W NXM_HEADER_W(0x0000, 12, 2)