openvswitch.rst - OpenGrok cross reference for /Linux-v5.10/Documentation/networking/openvswitch.rst

Lines Matching +full:packet +full:- +full:based
1 .. SPDX-License-Identifier: GPL-2.0
8 flow-level packet processing on selected network devices.  It can be
10 VLAN processing, network access control, flow-based network control,
16 table" that userspace populates with "flows" that map from keys based
17 on packet headers and metadata to sets of actions.  The most common
18 action forwards the packet to another vport; other actions are also
21 When a packet arrives on a vport, the kernel module processes it by
24 no match, it queues the packet to userspace for processing (as part of
26 packets of the same type entirely in-kernel).
30 ----------------------
42 kernel module passes a packet to userspace, it also passes along the
43 flow key that it parsed from the packet.  Userspace then extracts its
44 own notion of a flow key from the packet and compares it against the
45 kernel-provided version:
47     - If userspace's notion of the flow key for the packet matches the
50     - If the kernel's flow key includes more fields than the userspace
55       as long as it uses the kernel-provided flow key to do it.
57     - If the userspace flow key includes more fields than the
60       forward the packet manually, without setting up a flow in the
61       kernel.  This case is bad for performance because every packet
72 ---------------
75 attributes.  Some attributes represent packet metadata, defined as any
76 information about a packet that cannot be extracted from the packet
77 itself, e.g. the vport on which the packet was received.  Most
78 attributes, however, are extracted from headers within the packet,
84 them as comma-separated strings, with parentheses indicating arguments
86 corresponding to a TCP packet that arrived on vport 1::
98 --------------------------
107 of a incoming packet. Using wildcarded flow can improve the flow set up rate
131 responsibility of the user space program to ensure that any incoming packet
133 performs best-effort detection of overlapping wildcarded flows and may reject
138 -----------------------
151 ---------------------------------
165 This rule does have less-obvious consequences so it is worth working
169 packet.  The flow key for any packet with an 802.1Q header would look
177 definitions.  With this change, a TCP packet in VLAN 10 would have a
192 example, why 802.1Q support uses nested attributes.  A TCP packet in
205 --------------------------
209 simple Ethernet switch that forwards every packet.
217 For example, consider a packet that contains an IP header that
220 packet would include a tcp attribute with all-zero src and dst, like
225 As another example, consider a packet with an Ethernet type of 0x8100,
227 after the Ethernet type.  The flow key for this packet would include
228 an all-zero-bits vlan and an empty encap attribute, like this::
232 Unlike a TCP packet with source and destination ports 0, an
233 all-zero-bits VLAN TCI is not that rare, so the CFI bit (aka
240 -----------
244     - Duplicate attributes are not allowed at a given nesting level.
246     - Ordering of attributes is not significant.
248     - When the kernel sends a given flow key to userspace, it always