-
Notifications
You must be signed in to change notification settings - Fork 19
Encapsulation
For flows that are not in the session offload table, the switch must forward the packets with additional header information so that the application can apply its logic/policies based on the incoming and outgoing attributes of the session. In a firewall context, this is the mapping of ingress and egress to the zone policies that should be applied.
For the sessionOffload API the key parameters are the logical interface (port and vlan) and the physical interface in case of port only policies. The switch may also need to get information about the packet back for subsequent processing of the packet forwarded by the application and that is encoded in a hardware opaque key.
Logical interface naming varies by network operating system so a 32 bit logical interface ID is used and the discovery API's are used to map from user friendly strings to the interface IDs as needed.
GENEVE has been selected as the encapsulation to use for this.
The doc directory has additional details on the fields and how to set the GENEVE headers.