<div dir="ltr"><div><div>Hi Folks,</div><div><br></div><div>In my packstack setup, I am trying to see the usage of ovn-trace following [1] but I am not able to see the full logical flow for packet. <br></div><div><br></div><div>Two logical switches are connected to same router, instances are able to reach other without any issue but ovn-trace is not showing full logical flow of traffic. <br></div><div><br></div><div>Can anyone please help me to understand what I am doing wrong? <br></div><div><br></div><div>==> output of ovn-nbctl from controller node. <br></div><div><br></div>[root@controller ~(keystone_admin)]# ovn-nbctl show<br> switch 94c220f0-128e-4eef-ae4f-116a69458f11 (neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a)<br> port 3b58fa41-35b7-4374-8e41-fa0858f9f9dc<br> addresses: ["fa:16:3e:eb:3d:0a 10.10.11.5"]<br> port d83ce6c6-1289-4e8b-9e12-62a9b08b95da<br> addresses: ["router"]<br> switch 0d413d9c-7f23-4ace-9a8a-29817b3b33b5 (neutron-89113f8b-bc01-46b1-84fb-edd5d606879c)<br> port 6fe3cab5-5f84-44c8-90f2-64c21b489c62<br> addresses: ["fa:16:3e:fa:d6:d3 10.10.10.9"]<br> port 397c019e-9bc3-49d3-ac4c-4aeeb1b3ba3e<br> addresses: ["router"]<br> port 4c72cee2-35b7-4bcd-8c77-135a22d16df1<br> addresses: ["fa:16:3e:55:3f:be 10.10.10.4"]<br> port a6ee79a7-a6bc-4971-9fe0-d8424a31d2db<br> addresses: ["fa:16:3e:96:0a:6a 10.10.10.2"]<br> switch 1ec08997-0899-40d1-9b74-0a25ef476c00 (neutron-e411bbe8-e169-4268-b2bf-d5959d9d7260)<br> port provnet-e411bbe8-e169-4268-b2bf-d5959d9d7260<br> addresses: ["unknown"]<br> port b95e9ae7-5c91-4037-8d2c-660d4af00974<br> addresses: ["router"]<br> router 7418a4e7-abff-4af7-85f5-6eea2ede9bea (neutron-67dc2e78-e109-4dac-acce-b71b2c944dc1)<br> port lrp-b95e9ae7-5c91-4037-8d2c-660d4af00974<br> mac: "fa:16:3e:52:20:7c"<br> networks: ["<a href="http://192.168.122.50/24">192.168.122.50/24</a>"]<br> port lrp-d83ce6c6-1289-4e8b-9e12-62a9b08b95da<br> mac: "fa:16:3e:21:ff:7d"<br> networks: ["<a href="http://10.10.11.1/24">10.10.11.1/24</a>"]<br> port lrp-397c019e-9bc3-49d3-ac4c-4aeeb1b3ba3e<br> mac: "fa:16:3e:87:28:40"<br> networks: ["<a href="http://10.10.10.1/24">10.10.10.1/24</a>"]<br><br></div>==> Tracing the logical flow from 10.10.10.4 to 10.10.11.5<br><div><br>[root@controller ~(keystone_admin)]# ovn-trace neutron-89113f8b-bc01-46b1-84fb-edd5d606879c 'inport=="4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == fa:16:3e:55:3f:be && ip4.src == 10.10.10.4<br>&& eth.dst == fa:16:3e:eb:3d:0a && ip4.dst == 10.10.11.5 && ip.ttl == 32'<br># ip,reg14=0x3,vlan_tci=0x0000,dl_src=fa:16:3e:55:3f:be,dl_dst=fa:16:3e:eb:3d:0a,nw_src=10.10.10.4,nw_dst=10.10.11.5,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=32<br><br>ingress(dp="neutron-89113f8b-bc01-46b1-84fb-edd5d606879c", inport="4c72cee2-35b7-4bcd-8c77-135a22d16df1")<br>---------------------------------------------------------------------------------------------------------<br> 0. ls_in_port_sec_l2 (ovn-northd.c:2979): inport == "4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == {fa:16:3e:55:3f:be}, priority 50, uuid b6b8d57a<br> next;<br> 1. ls_in_port_sec_ip (ovn-northd.c:2113): inport == "4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == fa:16:3e:55:3f:be && ip4.src == {10.10.10.4}, priority 90, uuid ba02f466<br> next;<br> 3. ls_in_pre_acl (ovn-northd.c:2397): ip, priority 100, uuid 25d55e7b<br> reg0[0] = 1;<br> next;<br> 5. ls_in_pre_stateful (ovn-northd.c:2515): reg0[0] == 1, priority 100, uuid b84a160f<br> ct_next;<br> *** ct_* actions not implemented<br></div><div><br></div><div>==> Tracing the logical flow from 10.10.11.5 to 10.10.10.4.<br></div><div><br>[root@controller ~(keystone_admin)]# ovn-trace neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a 'inport=="3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src == fa:16:3e:eb:3d:0a && ip4.src == 10.10.11.5<br>&& eth.dst == fa:16:3e:55:3f:be && ip4.dst == 10.10.10.4 && ip.ttl == 32'<br># ip,reg14=0x1,vlan_tci=0x0000,dl_src=fa:16:3e:eb:3d:0a,dl_dst=fa:16:3e:55:3f:be,nw_src=10.10.11.5,nw_dst=10.10.10.4,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=32<br><br>ingress(dp="neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a", inport="3b58fa41-35b7-4374-8e41-fa0858f9f9dc")<br>---------------------------------------------------------------------------------------------------------<br> 0. ls_in_port_sec_l2 (ovn-northd.c:2979): inport == "3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src == {fa:16:3e:eb:3d:0a}, priority 50, uuid ca3ab484<br> next;<br> 1. ls_in_port_sec_ip (ovn-northd.c:2113): inport == "3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src == fa:16:3e:eb:3d:0a && ip4.src == {10.10.11.5}, priority 90, uuid 67889771<br> next;<br> 3. ls_in_pre_acl (ovn-northd.c:2397): ip, priority 100, uuid a9a53917<br> reg0[0] = 1;<br> next;<br> 5. ls_in_pre_stateful (ovn-northd.c:2515): reg0[0] == 1, priority 100, uuid 4355f077<br> ct_next;<br> *** ct_* actions not implemented<br><div><div><br></div><div><br></div><div><br></div><div>[1] <a href="https://blog.russellbryant.net/2016/11/11/ovn-logical-flows-and-ovn-trace/">https://blog.russellbryant.net/2016/11/11/ovn-logical-flows-and-ovn-trace/</a><br><br clear="all"><div><div class="gmail_signature"><div dir="ltr"><div>Thanks & Regards,</div>
<div>Vikrant Aggarwal</div><br><span></span><span></span></div></div></div>
</div></div></div></div>