<div dir="ltr">I will check on about GTP ongoing activities (I saw some actitvities on providing capabilities to match on GTP-C/GTP-U packets).<div>maybe dumb question, but any pointer on how to remove GRE header (or VXLAN for that matter) when switching packet from IN port to OUT port and switch out only internal packet/payload ?</div><div>thanks,</div><div>jm</div><div><br></div></div><div class="gmail_extra"><br><div class="gmail_quote">On Mon, Oct 9, 2017 at 10:13 PM, Ben Pfaff <span dir="ltr"><<a href="mailto:blp@ovn.org" target="_blank">blp@ovn.org</a>></span> wrote:<br><blockquote class="gmail_quote" style="margin:0 0 0 .8ex;border-left:1px #ccc solid;padding-left:1ex">OVS doesn't support GTP yet, but I know that there's some ongoing work<br>
on it.<br>
<br>
GRE and VXLAN should be fine.<br>
<br>
If you need GTP support, maybe the best thing to do would be to help out<br>
the folks who are working on it.<br>
<div class="HOEnZb"><div class="h5"><br>
On Mon, Oct 09, 2017 at 09:35:42PM +0200, Juraj Markotic wrote:<br>
> Hello,<br>
> thanks for feedback.<br>
> I know OVS can truncate payload and that in can modify mac/IPs in header<br>
> (i.e. like doing NAT).<br>
> I also know OVS can deencapsulate GRE (of VXLAN) when packet is arriving on<br>
> tunnel OVS interface (done automatically).<br>
> But I was not aware that OVS can remove tunnel headers when switching<br>
> incoming GTP/GRE/VXLAN header and extract inside packet (with totally new<br>
> src/dst ip) and send it out.<br>
> Can you share some OVS cli example for such ?<br>
> we have network packet broker (NPB) with OVS, so if NPB is delivering<br>
> tunnel packets, it would be great if we could remove tunnel headers before<br>
> delivering it to the (monitoring) tool on outgoing port.<br>
><br>
> thanks,<br>
> jm<br>
><br>
> On Mon, Oct 9, 2017 at 6:31 PM, Ben Pfaff <<a href="mailto:blp@ovn.org">blp@ovn.org</a>> wrote:<br>
><br>
> > On Sun, Oct 08, 2017 at 11:19:17PM +0200, Juraj Markotic wrote:<br>
> > > we would need some functionality on manipulating packets when packet is<br>
> > > exiting outgoing OVS port.<br>
> > > I.e. some actions could be: change/anonymize mac/IPs for src/dst, or<br>
> > remove<br>
> > > some tunnel header (vxlan, gtp, gre), truncate the payload etc.<br>
> ><br>
> > OVS has actions for modifying headers and it can decapsulate tunnels and<br>
> > truncate payloads.<br>
> ><br>
> > > So, one option can be to write some code than can be attached to OVS to<br>
> > > packet exiting out port (i.e. some lua scripts for manipulation).<br>
> ><br>
> > Lua isn't needed. You can use OpenFlow.<br>
> ><br>
</div></div></blockquote></div><br></div>