Yuliang,
> If I want to run a VNF chain (e.g., FW, NAT, IDS, VPN gateway...), what is
> the normal way of running them with VPP? Do we run each VNF in a VM/container
> and use VPP as a software switch, or run each VNF as a node in the VPP graph?
> If it is the latter case, is there any open source code online for these VNF
> (say, IDS or VPN) that can be plugged into VPP?
"How long is a piece of string?" Seems to be the current best answer. ;-)
On one end of the spectrum a "VNF" is just a feature (a graph node) in VPP. On
the other end you have a set of isolated VNFs running in VMs, containers or
uni-kernels. These VNFs can be built with VPP or something else. Then you can
also use VPP as a vRouter / vSwitch to tie it all together.
If you like to have most of your machine resources tied up in overhead running
Linux kernels and swapping packets between themselves. Aka a nation of hair
dressers, then you might prefer one approach over another. :-)
Joking aside, what problem are you trying to solve?
Do you need to tie features from different projects/vendors together or can you
implement what you need in VPP?
Best regards,
Ole
signature.asc
Description: Message signed with OpenPGP
___
vpp-dev mailing list
vpp-dev@lists.fd.io
https://lists.fd.io/mailman/listinfo/vpp-dev
