00:13 <Sragdhara> Hi

00:13 <marym> Hi

14:59 <SrRaven> Maybe a question for #ansible (or the network automation group) instead, but anyone know why the openvswitch package is being discontinued by ansible?

16:15 <imaximets_> SrRaven, the discussion here says it's unmaintained: https://forum.ansible.com/t/6245 We're not maintaining it, and I don't know who the author is, so it is probably indeed unmaintained.

16:16 <marym> Hi everyone

16:18 <Sragdhara> Hi everyone, I had posted RFC on service insertion design couple of weeks back (https://mail.openvswitch.org/pipermail/ovs-dev/2024-October/417711.html) that adds capability to redirect traffic via a network functions (such as L7 firewall) based on ACL match condition, while ensuring statefulness and support for both VLAN and overlay. Can we spend

16:18 <Sragdhara> a few minutes discussing it?

16:19 <imaximets> Hi. It's time for the OVN weekly meeting, if I didn't mess up the time.

16:19 <marym> Hi

16:20 <imaximets> Mark is not here today, so I can host, I guess.

16:20 <marym> Can we go first?

16:20 <imaximets> From my side though I don't really have any updates related to OVN, been mostly busy on OVS side with the ipsec series.

16:20 <imaximets> marym, sure, go ahead!

16:21 <Sragdhara> So far Mark has responded describing the new flexible OVN pipeline architecture he is working on and how he thinks the service insertion can fit in there. Would be great if we can (a) discuss further on this aspect (2) any general feedback on the proposal.

16:22 <Sragdhara> In case my first msg was missed, posting again:

16:22 <Sragdhara> Hi everyone, I had posted RFC on service insertion design couple of weeks back (https://mail.openvswitch.org/pipermail/ovs-dev/2024-October/417711.html) that adds capability to redirect traffic via a network functions (such as L7 firewall) based on ACL match condition, while ensuring statefulness and support for both VLAN and overlay. Can we spend

16:22 <marym> imaximets Sragdhara and I are from Nutanix.

16:22 <Sragdhara> a few minutes discussing it?

16:23 <imaximets> Sragdhara, it feels like not a lot of people are here today... Might be the weird week where time moved in Europe but not yet in US...

16:23 <zhouhan> hi

16:23 <Sragdhara> Any thoughts on the proposal?

16:24 <imaximets> zhouhan, Hi, did you have a chance to look at the proposal linked above?

16:24 <zhouhan> not yet

16:24 <Sragdhara> Also, is there anyone here (since Mark is not present) who is working with Mark on the new architecture ?

16:24 <imaximets> It seems most of the people are either off or can't make it today.

16:25 <imaximets> Maybe Dumitru will join.

16:25 <dceara> I had a look at Mark's design document and Sragdhara's RFC but not in too much detail.

16:26 <dceara> It's probably best to discuss on the mailing list and if needed we could also set up a audio/video meeting to dig deeper into details. How does that sound?

16:26 <Sragdhara> Please let us know if there are any concerns with the design. We are working on the implementation and will send out a patch shortly.

16:26 <Sragdhara> It is rather involved. So an audio/video meeting would be great.

16:27 <dceara> OK, I suggest we take it to the mailing list and we can find a date & time that works for everyone interested

16:28 <Sragdhara> Okay, on the mailing list we would discuss on the time and date then. Thanks.

16:28 <zhouhan> Sragdhara: could you brief what's the relationship between Mark's design and yours?

16:29 <Sragdhara> Mark's design is (if I understand it correctly), making the pipeline processing flexible by creating data paths for various services, such as ACL, NAT.

16:30 <Sragdhara> Our design is for insertion of network functions in the logical switch pipeline, after the ACL processing.

16:31 <zhouhan> Sragdhara: thanks. I was under the impression that Mark's design would include support for network functions. But let's discuss in more detail later.

16:31 <Sragdhara> In his proposal he has an "external" datapath type and he thinks the network function insertion fits in there.

16:31 <dceara> I think part of Mark's proposal speaks of "hook services" too to allow to potentially hook network functions in the middle of the pipeline too.

16:33 <Sragdhara> His response to my email mentions "external" datapath as the fitting way.

16:33 <Sragdhara> His document mentioned hook service as something that is more into the future and not planned for now.

16:34 <imaximets> OK. Thanks for the context! I suppose, let's sync up on a list and find the time slot for the meeting. And we probably need Mark for this discussion anyway.

16:34 <zhouhan> Cool! It is great to see people have similar requirements before implementing and find good opportunity to collaborate :)

16:35 <dceara> +1

16:35 <imaximets> OK. dceara, zhouhan, do you have something to report for today?

16:35 <zhouhan> I am reviewing Ales's patch "Commit all traffic when there is stateful NAT/LB" and trying to test the performance impact of the extra CT recirc.

16:36 <zhouhan> that's it from me

16:36 <dceara> I don't have much, working on a bug fix for use-after-free in ovn-controller when mac binding/fdb aging is configured.

16:37 <dceara> Oh, and I posted a patch to update the documentation wrt how we use the submodule on stable branches.

16:37 <dceara> That's it from me, thanks!

16:37 <imaximets> Ack. Thanks you!

16:37 <imaximets> Anyone else here wants to share? Or maybe Sragdhara, marym you have some other topic to discuss?

16:38 <Sragdhara> We had mainly the service insertion topic to discuss from our end. Nothing else for today.

16:38 <imaximets> OK. Thanks!

16:38 <marym> imaximets Regarding Mark's proposal, he mentioned that the plan is to make it available in OVN-25.03. Are sopme patches out for review already?

16:39 <dceara> No patches out for review as far as I know.

16:39 <imaximets> marym, I think, Mark is working on the code, but he didn't post anything yet.

16:39 <marym> ok thank you.

16:39 <imaximets> OK. I guess, we can call it a meeting.

16:39 <imaximets> Thanks, everyone!

16:39 <marym> bye

16:39 <imaximets> Bye.

16:40 <zhouhan> bye

16:40 <dceara> Thanks, bye!

16:40 <Sragdhara> bye