neutron-sfc

Project scope:

• Expected deliverables - Mitaka release (coding underway)
• Planned extensions to neutron server:

• Service chaining APIs (port-chains)
• Classifier APIs (flow-classifier)
• OVS-service chain driver (implementing SCH , details below)

Chain Encapsulation:

Default encapsulation is MPLS , facilitating a proprietary “SCH” header (essentially each chain is given it’s own MPLS label). encapsulation is done within the integration bridge (so traffic to VM is stripped from any SCH encapsulation).

For tunneled ports , overlay protocol carries the ethernet + MPLS fields

Apparently SCH is chosen over NSH for the reason that NSH is not officially supported in OVS. planning to support other encapsulations (probably if/when officially supported in OVS)  

Architecture:

• New neutron-sfc plugin for neutron server. Common API for service chaining  and classifier , supporting driver manager to facilitate integration with external providers.
• neutron-sfc driver communicates with compute nodes’s OVS agent (replacing ML2) to configure flows
• Flow classifier extension to neutron (currently using OVS), supporting 5 tuples but API will be capable of more. this extension is planned to be a core feature.

APIs:

(CLI,Horizon)

Syntax:

neutron port-pair-create [-h]

        [--description <description>]

        --ingress <port-id>

        --egress <port-id>

        [--service-function-parameters <parameter>] PORT-PAIR-NAME

neutron port-pair-group-create [-h]

        [--description <description>]

        --port-pairs <port-pair-id> PORT-PAIR-GROUP-NAME

neutron flow-classifier-create [-h]

        [--description <description>]

        [--protocol <protocol>]

        [--ethertype <Ethertype>]

        [--source-port <Minimum source protocol port>:<Maximum source protocol port>]

        [--destination-port <Minimum destination protocol port>:<Maximum destination protocol port>]

        [--source-ip-prefix <Source IP prefix>]

        [--destination-ip-prefix <Destination IP prefix>]

        [--logical-source-port <Neutron source port>]

        [--logical-destination-port <Neutron destination port>]

        [--l7-parameters <L7 parameter>] FLOW-CLASSIFIER-NAME

neutron port-chain-create [-h]

        [--description <description>]

         --port-pair-group <port-pair-group-id>

        [--flow-classifier <classifier-id>]

        [--chain-parameters <chain-parameter>] PORT-CHAIN-NAME

Future plans (as presented by the team):

• integration with Tacker
• integration with other SDN controllers (ODL,ONOS,OVN)

Follow up:

• Tacker integration (what’s the right call-flow sequence when other drivers are supported in sfc-neutron , namely ODL-SFC)
• Need to discuss classifier API calls in Tacker-SFC (at the moment the plan is to use ODL-GBP data model , if I’m not wrong