Home
Contribute Contact Us Browse all meetings
Home Contribute Contact Us Browse all meetings
DASH / Behavioral Model WG / 20 Apr 2023
DASH / Behavioral Model WG / 20 Apr 2023
Previous Meeting Next Meeting
Add meeting Rate page Subscribe
youtube image
From YouTube: DASH Behavioral Model WG Apr 20 2023

Description

PR327 - Add Private Link Mapping
Service Tunnel is for VMs to access public resources via Internet; the overlay will have a public IP as the address
The service is exposed as public IP, but there might be different scenarios where we have the same service hidden behind NAT, which is where we need Private Link.
The transposition happens on a different table.
We re-use ST encoding

A

Coming to the dash behavioral model, meeting um I've gone ahead and started the recording it's April 20th today and then the last time we were here, we talked about uh PR I'll. Do the people get led into the meeting automatically I think they do um Christy you let people in or um Yusuf for me, yeah I can do that.

B

Yeah thanks.

A

Okay thanks, um so it looks like last time we talked about PR 358, the um PSI attribute Generations from annotations, and then we talked about 308 from Andy and maybe he'll join today and give us a little update or maybe Rush, McCann and or Chris, possibly, and then, if anyone wanted to present something else, just let me know I think possibly Marianne wanted to present something so um Marianna reshma did you want to go first.

C

um Mario can go first.

C

Marion, do you have a PR related to private link right yeah.

D

Possibly so this one's uh a bit easier to digest because all of the infrastructure was uh done together with the service tunnel and this one Builds on top of it um so yeah. Let me just open one link so here in the Sonic design.

D

Private link is already there described with the uh with the use cases and examples uh looking into v-net go down service down on private link. So there is an example configuration like, for instance,.

D

Over here yeah there, it is like there are new Fields uh for you and I added um and a new kind.

B

Of mapping.

D

For private link that also adds a few more uh fields for uh packet manipulation, but in general, uh to describe the difference between a private link and service tunnel is that service tunnel is meant for virtual machines to access uh public resource via public IQ or Internet routable IAP, or something like that, which means that in in the overly destination, you will already have a public IPS your desk address. So you don't really need to do any mapping because Services already exposed as a public IP.

D

But then there might be different scenarios where the same service somewhere else over the Internet. It still can be hidden behind net and it still can be exposed as a private IP. So that's what we have private link for, meaning that this service tunnel transformation happens on the uh on a different table. So, in contrast to service panel, private link is a.

D

Is an action of CA to p810, meaning we do all of the same things as we need twin and trouting, but at the end we do the translation according to service tunnel transformation. So we reuse service tunnel encoding uh for those purposes like again, controller will encode this metadata and the overlay and and then we will set other attributes for the underlay encapsulation, which will be mapping for uh or not the mapping, but the regular entrance translation which most common uh to um use case.

D

Our packet transport will go on the underly using a public IPS. So this isn't really um changed, so we will have overly diff provided sorry underly that provided overlay with the service tunnel, private link, encodings um yeah, uh oh actually, I, see one issue in here. This one is redundant but copy paste, but it's not used. If you would uh look at the implementation, but generally what we get we get uh underlay dip uh we get. Oh actually they are used.

D

So this is sorry I will I'll actually need to leave a comment in here because I asked uh friends about it. uh Overlay DMACC is unchanged and it is always.

A

And I.

D

Think he's out of office today.

A

In tomorrow,.

D

Yeah I mean I already asked him about it. Is it similar to Vietnam or uh where we set, like the other sides, uh Mac or it doesn't really matter so. uh The Assumption here is that um DMACC is uh unchanged.

D

So I will just pass the same value from the header, and this is always true. So these are the two operations done again. They are done uh on the ca to PA mapping. So there is a new action over here, um so this is just I. Don't know why this diff is showing it should have been from uh from service tunnel. It's the same thing: I will double check, but it's just extending encapsulation options to vxlan and NV GRE and support both uh so eni is extended, so the the other side of of the.

D

So this is kind of like a point to point connectivity. So uh there there is like a private link representation for the eni, so he and I will have its own. A private link, Source ID and pirate link underlay uh Source ID uh to be used.

C

Well,.

D

I have a question um so.

C

um The service could be public or private, and uh what tunnel uh overlay we need to use to Traverse. You know public uh IPS or private Cloud IPS. um All this is still uh you know. uh The number of uh the the same overlay IP address need to change our Mac need to change and all that information I thought that you know should be written Anyway by the controller based on the service that the VM is looking for in that flow.

C

So I'm wondering uh the Capa tables would be updated by the controller accordingly, based on what.

A

The destination.

C

Is ETC right so do we need any change as such other than the encapsulation change? Do we need to make a separate set of um uh you know variables here that you have PLC PL sip mask? Can we not uh overwrite the existing set suppose.

D

I mean like uh have these values for entry and not per eni.

C

It is today right up when I, however, it is defined. um The cipa mapping table should give that translation.

D

Yes, so underlying um so we we have two things: we have private link sip, which is overly Sip and we have underlays it. Probably I should rename it to all release. uh So underly sick today is for dpu or per clients per GPU. It's actually your web right. So when we do the uh encapsulation with a vxlan or energy tunnel, sip is only one value. So here uh we can probably clarify with friends it's no longer true for uh private link, it, oh and by the way service tunnel.

D

If you look at the service tunnel, it also has a way to specify underlay sip, which isn't true for v-net to v-net, where zip is always the same here it's for eni. So it's a different granularity.

C

Okay also, it has to go through the Transformations right transpositions when it goes into public domain.

C

Sure.

D

Yeah, so this is the diff um and uh regarding the floor request itself, there is one issue bounds and too much time on it, but um for some reason uh say tests fail.

D

uh So since I've added like if we would look over here that Emi data, we added those attributes right. um So this was what was that one right here uh set ini attributes uh these values and are later passed to the.

D

um Where are, they are later passed to the metadata um and they change a list of attributes uh of eni, but they are optional, although for some reason test fails, so I will look into that. That doesn't seem right because tests shouldn't say tests shouldn't fail if we add more uh more parameters to the action because they are optional, anyways right now, all of them are optional.

D

So I'll look into that. That's the only issue that is left uh with, like passing, pull request, uh CI checks uh other than that I have uh resolved all of the conflicts that were outstanding. So please leave comments. uh Hear anything else. You think is uh still needs to be updated.

A

Awesome.

A

Thank.

D

You yeah and once more thing there is a pull request. I will look into that today. Christina I, guess it's mostly for you. uh These uh bulk apis I will also bump that to the latest master and wanted for you to be merged. I. Think, oh.

A

Yeah yeah everything you were going to sink to Main and then notify.

D

Yeah.

A

Yeah cool, no problem, just let me know.

D

Okay,.

A

I will be online all day.

A

And um Chris or reshma did you know anything about um Andy's um attempt to uh compile for the dpdk backend there's.

B

Been no updates, so okay kind of on the semi-back burner I.

C

Don't know: okay, okay, um I did not get any update on this one. Okay,.

A

No problem, no problem I can check with him separately or I'm. Just control, z, um I can check with them separately or I can check in with them. Okay, um anyone else have anything for the day.

B

Workshop is next Monday and Tuesday and registration's already closed. So if, uh if you've signed up I hope to see you there in person, it's.

A

uh In Santa.

B

Clara.

A

Santa Clara, so you're going in person.

B

Yes, an actual 3D conference.

A

Awesome.

C

Yeah I'm sure, if I'll be there, if I'm there I will bring your quiz.

B

Yeah that'd be great yeah. It's on Intel campus, so.

A

Oh wow, fun, okay, cool, well, Marion! Thank you for presenting that um and if you guys don't have anything else, we can let go for the day. uh What do you think I guess I'm doing a seven second rule, John Bud Suresh, anything.

A

Mukesh.

B

All set here all.

A

Set: okay, all right.

B

Then I will see.

A

You all later, okay, thank you. Thank you. Marion hi, okay, have a good day. Thank you. Okay, bye-bye.