Yuliang, > If I want to run a VNF chain (e.g., FW, NAT, IDS, VPN gateway...), what is > the normal way of running them with VPP? Do we run each VNF in a VM/container > and use VPP as a software switch, or run each VNF as a node in the VPP graph? > If it is the latter case, is there any open source code online for these VNF > (say, IDS or VPN) that can be plugged into VPP?
"How long is a piece of string?" Seems to be the current best answer. ;-) On one end of the spectrum a "VNF" is just a feature (a graph node) in VPP. On the other end you have a set of isolated VNFs running in VMs, containers or uni-kernels. These VNFs can be built with VPP or something else. Then you can also use VPP as a vRouter / vSwitch to tie it all together. If you like to have most of your machine resources tied up in overhead running Linux kernels and swapping packets between themselves. Aka a nation of hair dressers, then you might prefer one approach over another. :-) Joking aside, what problem are you trying to solve? Do you need to tie features from different projects/vendors together or can you implement what you need in VPP? Best regards, Ole
signature.asc
Description: Message signed with OpenPGP
_______________________________________________ vpp-dev mailing list vpp-dev@lists.fd.io https://lists.fd.io/mailman/listinfo/vpp-dev
