No results found.
14 hands-on labs covering every aspect of OVN ACL processing: direction mapping, allow-related conntrack, drop ACLs with BLOCK hints, stateless ACLs, tiered evaluation, universal flows, port groups, reject actions, logging, and more.
I traced the full lifecycle of an OVN ACL — from the moment you type ovn-nbctl acl-add, through northd scanning, pipeline stage generation, conntrack commitment, all the way to the OpenFlow rules hitting your datapath. Here's everything I found along the way.