johscheuer
commented
7 years ago I discovered some other "strange" things too:
I cleaned up my complete setup:
root@node-3:~# tacker vnfd-list
root@node-3:~# tacker vnf-list
root@node-3:~# tacker sfc-list
root@node-3:~# tacker sfc-classifier-listbut there are still existing SFF + SF:
http localhost:8181/restconf/config/service-function-forwarder:service-function-forwarders/
{
"service-function-forwarders": {
"service-function-forwarder": [
{
"ip-mgmt-address": "192.168.0.3",
"name": "sff-192.168.0.3",
"service-function-dictionary": [
{
"name": "testVNF",
"sff-sf-data-plane-locator": {
"sf-dpl-name": "testVNF-dpl",
"sff-dpl-name": "vxgpe"
}
}
],
"service-function-forwarder-ovs:ovs-bridge": {
"bridge-name": "br-int"
},
"service-node": "",
"sff-data-plane-locator": [
{
"data-plane-locator": {
"ip": "192.168.0.3",
"port": 6633,
"transport": "service-locator:vxlan-gpe"
},
"name": "vxgpe",
"service-function-forwarder-ovs:ovs-options": {
"dst-port": "6633",
"exts": "gpe",
"key": "flow",
"nshc1": "flow",
"nshc2": "flow",
"nshc3": "flow",
"nshc4": "flow",
"nsi": "flow",
"nsp": "flow",
"remote-ip": "flow"
}
}
]
},
{
"ip-mgmt-address": "192.168.0.5",
"name": "sff-192.168.0.5",
"service-function-dictionary": [
{
"name": "testVNF",
"sff-sf-data-plane-locator": {
"sf-dpl-name": "testVNF-dpl",
"sff-dpl-name": "vxgpe"
}
}
],
"service-function-forwarder-ovs:ovs-bridge": {
"bridge-name": "br-int"
},
"service-node": "",
"sff-data-plane-locator": [
{
"data-plane-locator": {
"ip": "192.168.0.5",
"port": 6633,
"transport": "service-locator:vxlan-gpe"
},
"name": "vxgpe",
"service-function-forwarder-ovs:ovs-options": {
"dst-port": "6633",
"exts": "gpe",
"key": "flow",
"nshc1": "flow",
"nshc2": "flow",
"nshc3": "flow",
"nshc4": "flow",
"nsi": "flow",
"nsp": "flow",
"remote-ip": "flow"
}
}
]
}
]
}
}and
http localhost:8181/restconf/config/service-function:service-functions/
{
"service-functions": {
"service-function": [
{
"ip-mgmt-address": "11.0.0.5",
"name": "testVNF",
"nsh-aware": true,
"sf-data-plane-locator": [
{
"ip": "11.0.0.5",
"name": "testVNF-dpl",
"port": 6633,
"service-function-forwarder": "sff-192.168.0.3",
"service-function-ovs:ovs-port": {
"port-id": "tap7125d280-6a"
},
"transport": "service-locator:vxlan-gpe"
}
],
"type": "firewall"
}
]
}
}and
http localhost:8181/restconf/config/service-function-chain:service-function-chains/
{
"service-function-chains": {
"service-function-chain": [
{
"name": "testchain",
"sfc-service-function": [
{
"name": "testVNF",
"type": "firewall"
}
],
"symmetric": false
}
]
}
}and
http localhost:8181/restconf/config/service-function-path:service-function-paths/
{
"service-function-paths": {
"service-function-path": [
{
"name": "Path-testchain",
"symmetric": false,
"service-chain-name": "testchain"
}
]
}
}and the rules are still there:
cookie=0x1110010001170255, duration=4943.315s, table=11, n_packets=31, n_bytes=2334, tcp,reg0=0x1,tp_dst=80 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_NSH_C2[],push_nsh,load:0x1->NXM_NX_NSH_MDTYPE[],load:0x3->NXM_NX_NSH_NP[],load:0xc0a80003->NXM_NX_NSH_C1[],load:0x75->NXM_NX_NSP[0..23],load:0xff->NXM_NX_NSI[],load:0xc0a80003->NXM_NX_TUN_IPV4_DST[],load:0x75->NXM_NX_TUN_ID[0..31],output:6
cookie=0x1110010001170255, duration=4826.391s, table=11, n_packets=31, n_bytes=14719, tcp,reg0=0x1,tp_dst=22 actions=move:NXM_NX_TUN_ID[0..31]->NXM_NX_NSH_C2[],push_nsh,load:0x1->NXM_NX_NSH_MDTYPE[],load:0x3->NXM_NX_NSH_NP[],load:0xc0a80003->NXM_NX_NSH_C1[],load:0x75->NXM_NX_NSP[0..23],load:0xff->NXM_NX_NSI[],load:0xc0a80003->NXM_NX_TUN_IPV4_DST[],load:0x75->NXM_NX_TUN_ID[0..31],output:6
Hi,
I worked some time with OPNFV (Colorado 3.0) to try SFC. I'm using fuel to deploy my OPNFV bare-metal testbed with OpenDaylight, OVS and Tacker for SFC. One thing I noticed is that the IETF ACL rules are not delete if the corresponding classifier get's deleted:
but there are no classifiers anymore:
this results in OVS rules that shouldn't exists anymore: