HPE Community
Software Defined Networking
1752793 Members
6064 Online
108789 Solutions
New Discussion

OpenFlow VLAN matching/actions support on HP 2920 and HPE 3800

 
AmoVanB
New Member

‎02-16-2019 01:59 AM

‎02-16-2019 01:59 AM

OpenFlow VLAN matching/actions support on HP 2920 and HPE 3800

Hello,

I have an HP 2920 switch running firmware version WB.16.08.0001 and an HPE 3800 (J9576A) switch running firmware version KA.16.04.0016.

Both switches are configured with a single aggregate instance (I don't want anything else than OpenFlow traffic in the DP):

openflow
  controller-id 1 ip ${CONTROLLER_IP} controller-interface oobm
  instance aggregate
    controller-id 1
    max-backoff-interval 15
    enable
    exit
  enable
  exit

All my tests are done with data entering port 1 and port 2 being monitored, a controller (Ryu) is attached on the management port (OOBM).

I have two problems.

1. Table miss

Without any rules in the table, HPE 3800 still forwards data to the second port, while HP 2920 doesn't. The output for both switches for the show openflow resources command is shown below. This might explain why the HPE 3800 switch forwards traffic (6 "default"? rules), but how can these be removed in order to obtain the same behavior as on the HP 2920?

HPE 3800:

Resource usage in Policy Enforcement Engine

               |   Rules   |  Rules Used
         Ports | Available | ACL | QoS | IDM |  VT | Mirr | PBR |  OF  | Other |
 --------------+-----------+-----+-----+-----+-----+------+-----+------+-------|
 1-24,49-50    |      8170 |   0 |   0 |   0 |   0 |    0 |   0 |    6 |     0 |
 25-48,51-52   |      8170 |   0 |   0 |   0 |   0 |    0 |   0 |    6 |     0 |

 
HP 2920:

Resource usage in Policy Enforcement Engine

               |   Rules   |  Rules Used
         Ports | Available | ACL | QoS | IDM |  OF  | Other |
 --------------+-----------+-----+-----+-----+------+-------|
 1-24          |      2032 |   0 |   0 |   0 |    0 |     0 |

 

2. VLAN support

In default configuration, both switches refuse rules with VLAN matching or actions.

For the HP 2920, adding all VLANs tagged to all ports (vlan 2-2000 tagged all) solves the problem and the switches properly matches on VLAN fields and applies VLAN actions. Everything is here fine.

For the HPE 3800, adding all VLANs tagged to all ports does not help. While the switch then accept rules, it does not match them (packet count of rules stay at 0). The ugly thing is that the switch still forward the packets because of this table miss behavior explained here above. This applies to any situation where the incoming packet has a VLAN header (matching on this header fails, modifying this header (without matching on it) fails, removing this header fails). However, pushing a VLAN tag on a packet incoming without any VLAN header is successfully done.

Is there any way for the HPE 3800 to also support VLANs? Even for the HP 2920, is it really necessary to add all VLANs tagged to all ports? That seems a weird requirement for the "aggregate" mode, which seems to mean that anything is anyway OpenFlow traffic, whatever its VLAN. Besides, adding all VLANs tagged to all ports takes a non-negligible amount of time (minutes).

Thanks for your help,
Amaury

0 Kudos
The opinions expressed above are the personal opinions of the authors, not of Hewlett Packard Enterprise. By using this site, you accept the Terms of Use and Rules of Participation.