{"id":21810157,"url":"https://github.com/yunionio/sdnagent","last_synced_at":"2025-04-13T22:02:14.213Z","repository":{"id":33286570,"uuid":"149069464","full_name":"yunionio/sdnagent","owner":"yunionio","description":"Cloudpods SDN Agent for Network Virtualization","archived":false,"fork":false,"pushed_at":"2024-04-24T03:31:24.000Z","size":26622,"stargazers_count":13,"open_issues_count":2,"forks_count":16,"subscribers_count":8,"default_branch":"master","last_synced_at":"2024-04-24T07:34:13.179Z","etag":null,"topics":["cloudpods","openflow","ovn","ovs","sdn"],"latest_commit_sha":null,"homepage":"","language":"Go","has_issues":false,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"apache-2.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/yunionio.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2018-09-17T04:37:53.000Z","updated_at":"2024-05-30T03:18:05.397Z","dependencies_parsed_at":"2023-02-10T13:46:15.292Z","dependency_job_id":"d66e3891-02c9-4e98-b5f1-ae1384c9a5a5","html_url":"https://github.com/yunionio/sdnagent","commit_stats":{"total_commits":247,"total_committers":9,"mean_commits":"27.444444444444443","dds":"0.35627530364372473","last_synced_commit":"2537e215200497392bdd8393b287216c798565cd"},"previous_names":[],"tags_count":885,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yunionio%2Fsdnagent","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yunionio%2Fsdnagent/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yunionio%2Fsdnagent/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/yunionio%2Fsdnagent/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/yunionio","download_url":"https://codeload.github.com/yunionio/sdnagent/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":226757263,"owners_count":17677094,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cloudpods","openflow","ovn","ovs","sdn"],"created_at":"2024-11-27T13:32:54.827Z","updated_at":"2024-11-27T13:32:55.448Z","avatar_url":"https://github.com/yunionio.png","language":"Go","funding_links":[],"categories":[],"sub_categories":[],"readme":"# todo\n\n6. failsafe trigger\n7. more usable cmdline\n\n\tadd-flow br1 cookie=0x99,priority=99,\u003cmactch\u003e,actions=\n\n8. lock yunioncloud/pkg/log in Gopkg.toml\n10. ping check on startup\n21. encode who in cookie\n22. intranet, external net\n23. config file\n24. vlan and ct zone allocation\n26. match field, order by Name()\n27. ovsdb port external_id\n29. hostconfig with ct zone management, collision with ovn-controller?\n31. check availability of conntrack\n25. cgo libopenvswitch\n33. maybe, robustness, add logic to detect ct() , ct_state arguments order\n\n34. TODO redirect broadcast ip traffic to sec_IN\n36. do we need to kill existing connection when new secrule applies\n\t- delete zone conntrack entries\n37. conntrack entry timeout setting\n\n# Test\n\nPrepare dummy desc directory\n\n- br0 in namespaces as physical hosts\n- veth in namespace as virtual hosts\n\nvirtual hosts with single nic on the same host or different hosts\n\n - 2 on the same hosts\n - 2 on different hosts\n\nvirtual host with 2 nics enslaved to the same br0\n\n - 1 with 2 nics on different networks\n - 1 with the above as gateway in one of the network\n - 1 with the above as gateway in the other network\n\n32. test ftp rel\n20. regrestion test\n38. nat for testing purposes\n\ntraffic control test\n\n - server start\n - server stop\n - server change bandwidth\n - zero bandwidth: no limit: api forbids this\n - qdisc statistics no reset on normal running\n - qdisc automatic restore after manual delete, change\n\n\t\tsudo tc qdisc delete dev vnet2-197 root\n\t\tsudo tc qdisc replace dev vnet2-197 root handle 1: tbf rate 100Kbit burst 100b latency 10ms\n\n - initial noqueue\n - initial with ingress\n - initial pfifo_fast\n - minimize erruption on restart\n\n# plan: stateless flavour\n\n- PRO: More efficient\n- PRO: More straightforward, less error-prone\n- CON: Bob can DoS Alice with invalid TCP traffic\n\n`in:\u003cACTION\u003e any`\n\n\tdl_dst=\u003cMAC_VM\u003e,ip[,nw_src=\u003cNET\u003e] \u003cACTION\u003e\n\n`out:\u003cACTION\u003e any`\n\n\tdl_src=\u003cMAC_VM\u003e,ip[,nw_dst=\u003cNET\u003e] \u003cACTION\u003e\n\n`in:\u003cACTION\u003e tcp`\n\n\tdl_dst=\u003cMAC_VM\u003e,tcp,tcpflags=+syn-ack[,tp_dst=\u003cPORT\u003e][,nw_src=\u003cNET\u003e] \u003cACTION\u003e\n\tdl_dst=\u003cMAC_VM\u003e,tcp[,tp_dst=\u003cPORT\u003e][,nw_src=\u003cNET\u003e] accept\n\tdl_src=\u003cMAC_VM\u003e,tcp[,tp_src=\u003cPORT\u003e][,nw_dst=\u003cNET\u003e] accept\n\n`out:\u003cACTION\u003e tcp`\n\n\tdl_src=\u003cMAC_VM\u003e,tcp,tcpflags=+syn-ack[,tp_dst=\u003cPORT\u003e][,nw_dst=\u003cNET\u003e] \u003cACTION\u003e\n\tdl_dst=\u003cMAC_VM\u003e,tcp[,tp_src=\u003cPORT\u003e][,nw_src=\u003cNET\u003e] accept\n\tdl_src=\u003cMAC_VM\u003e,tcp[,tp_dst=\u003cPORT\u003e][,nw_dst=\u003cNET\u003e] accept\n\n`in:\u003cACTION\u003e udp`\n\n\tdl_dst=\u003cMAC_VM\u003e.udp[,tp_dst=\u003cPORT\u003e][,nw_src=\u003cNET\u003e] \u003cACTION\u003e\n\tdl_src=\u003cMAC_VM\u003e.udp[,tp_src=\u003cPORT\u003e][,nw_dst=\u003cNET\u003e] \u003cACTION\u003e\n\n`out:\u003cACTION\u003e udp`\n\n\tdl_src=\u003cMAC_VM\u003e.udp[,tp_dst=\u003cPORT\u003e][,nw_dst=\u003cNET\u003e] \u003cACTION\u003e\n\tdl_dst=\u003cMAC_VM\u003e.udp[,tp_src=\u003cPORT\u003e][,nw_src=\u003cNET\u003e] \u003cACTION\u003e\n\n`in:\u003cACTION\u003e icmp`\n\n\tdl_dst=\u003cMAC_VM\u003e,icmp[,nw_src=\u003cNET\u003e] \u003cACTION\u003e\n\n`out:\u003cACTION\u003e icmp`\n\n\tdl_src=\u003cMAC_VM\u003e,icmp[,nw_dst=\u003cNET\u003e] \u003cACTION\u003e\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyunionio%2Fsdnagent","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fyunionio%2Fsdnagent","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fyunionio%2Fsdnagent/lists"}