Note: This bug is displayed in read-only format because the product is no longer active in Red Hat Bugzilla.
The FDP team is no longer accepting new bugs in Bugzilla. Please report your issues under FDP project in Jira. Thanks.

Bug 1830283

Summary: [OVN][RFE] Enhance port group support to allow matching on port group ID
Product: Red Hat Enterprise Linux Fast Datapath Reporter: Dumitru Ceara <dceara>
Component: OVNAssignee: OVN Team <ovnteam>
Status: CLOSED WONTFIX QA Contact: Jianlin Shi <jishi>
Severity: medium Docs Contact:
Priority: medium    
Version: FDP 20.CCC: ctrautma, mmichels
Target Milestone: ---Keywords: FutureFeature
Target Release: ---   
Hardware: Unspecified   
OS: Unspecified   
Whiteboard:
Fixed In Version: Doc Type: If docs needed, set a value
Doc Text:
Story Points: ---
Clone Of: Environment:
Last Closed: 2023-10-05 20:07:56 UTC Type: Bug
Regression: --- Mount Type: ---
Documentation: --- CRM:
Verified Versions: Category: ---
oVirt Team: --- RHEL 7.3 requirements from Atomic Host:
Cloudforms Team: --- Target Upstream Version:
Embargoed:

Description Dumitru Ceara 2020-05-01 13:34:57 UTC 
Description of problem:

Enhance OVN to support match expressions of the form "get_group_id(PG)" where PG is a PortGroup that has been configured with an additional (new) option "use_group_id_metadata".

Also add support for match expressions of the form "src_group_id".

get_group_id(PG): is a function that can be translated to an ID that maps to PG in the Southbound DB.

src_group_id is always populated in a register (in tunnel header as well when sending to remote), if the src port belongs to a group that has "use_group_id_metadata" = True.

This will allow CMSs to simplify their network policies and will also generate less openflow rules when used in ACLs such as:

match = "outport == @pg_B && src_group_id == get_group_id(pg_A)"
action = "allow"/"drop"/etc

Limitations:
A logical switch port can only be part of at most one Port_Group that has "use_group_id_metadata"=True.

Additional info:

https://mail.openvswitch.org/pipermail/ovs-discuss/2020-April/049888.html
https://mail.openvswitch.org/pipermail/ovs-discuss/2020-April/049932.html
Comment 1 Mark Michelson 2023-10-05 20:07:56 UTC 
I discussed this with Dumitru and we came to the conclusion this can be closed as WONTFIX.