Subject: Rare project developers
List archive
- From: mc36 <>
- To: Maria Del Carmen Misa Moreira <>
- Cc: "" <>
- Subject: Re: [rare-dev] Test 3: Layer 2 - Abstract from Layer 3
- Date: Sat, 19 Feb 2022 09:53:56 +0100
okk, so i did the code duplication with this commit:
https://github.com/mc36/freeRouter/commit/e832c62068a5f3dce0dc11e75ebd4c1150d05625
so from now, you'll be able to count the acl hits on the bridged interfaces
too...
if you're brave enough and would get involved, you can write the counter
reports
yourself, you can use the flowspec for a sample... otherwise frederic will do
it...
regards,
cs
On 2/18/22 19:24, mc36 wrote:
yesss... so this second example was sent to show you a bad example too....
to have pure layer2 bridging (and not a fake layer2 over the arp entries)
please use the two examples with the bridge acls:
http://sources.nop.hu/cfg/p4lang-acl11.tst
http://sources.nop.hu/cfg/p4lang-acl12.tst
these dont have addressing on the bvi resulting in layer2 propagated to the
dataplane...
regards,
cs
On 2/18/22 19:07, Maria Del Carmen Misa Moreira wrote:
Well in this examples under bvi1 there is a vrf and IPv4/6, there are fake
like in loopback11 and loopback22 in the previous test
int bvi1
vrf for v1
ipv4 addr 1.1.2.1 255.255.255.0
ipv6 addr 1234:2::1 ffff:ffff::
ipv6 ena
exit
On 18/02/2022 18:37 mc36 <> wrote:
please dont... if you configure a vrf and ip to the bvi
then it'll see that you're trying to do layer3 over local bridge ports
and will result at dataplane in routing entries and not layer2...
this one is an example of this specific behavior:
http://sources.nop.hu/cfg/p4lang-rout019.tst
regards,
cs
On 2/18/22 18:31, Maria Del Carmen Misa Moreira wrote:
Well vrf is need at least for the 'interface bvi1' that belongs to 'brigde
1', if I understand correctly
On 18/02/2022 18:18 mc36 <> wrote:
so to use the bridge, better nuke the vrf, isis, basically everything
completely...
On 2/18/22 18:16, Maria Del Carmen Misa Moreira wrote:
Hi Csaba,
Quick question: if I set on one interface the 'bridge-group' it make sense to have on the same interface ISIS or LLDP? I'm reading that both are Layer 2 protocols but ISIS will advertise the network that is reachable via that interface but if that interface is going to act as bridge maybe this is illogical.
On 18/02/2022 17:07 mc36 <> wrote:
hi,
okk for the monday...
regards,
cs
On 2/18/22 17:06, Maria Del Carmen Misa Moreira wrote:
Hi Csaba,
Okey thanks. I'm going to take a look to bridges and your examples.
We can talk on Monday morning, I'm free all the morning.
Mmm I see the point, we need to use DPDK but since P4 switch is connected to
other 2 Juniper routers we cannot use it... I think.
On 18/02/2022 16:57 mc36 <> wrote:
hi,
any time could work to disucc online...
to be layer2 transparent, we can do bridging, and we support acls on bridge
ports...
here are the tests covering these:
http://sources.nop.hu/cfg/p4lang-acl11.tst
http://sources.nop.hu/cfg/p4lang-acl12.tst
the bad news is that currently the tofino cannot report hit counters for
these without code replication...
we have an open ticket for that at intel connected academy, and they're
working on it...
the good news is that the dpdk code already reports the hit counters on
these...
regards,
cs
On 2/18/22 16:05, Maria Del Carmen Misa Moreira wrote:
Hi Csaba,
If you have 15 minutes I would like to explain to you the new test that I need to prepare for the next LHCONE meeting [next 29th of March]. Basically, the idea is to emulate the
connection between Tier1's and the P4 switch will need to be transparent at
Layer 3 but I think that this is probably not possible using this
policy-based routing... We need
something like 'Policy-based Switching' just using mac address and not IPs as the next-hops. One time you told me about bridges on freertr and maybe this could be a solution, let
me your thoughts :) you are the super expert here and my support
Cheers,
Carmen Misa
- Re: [rare-dev] Test 3: Layer 2 - Abstract from Layer 3, mc36, 02/19/2022
Archive powered by MHonArc 2.6.19.