<div dir="ltr"><div dir="ltr"><br></div><br><div class="gmail_quote"><div dir="ltr" class="gmail_attr">On Tue, Jun 9, 2020 at 11:49 PM John Lang <<a href="mailto:john.x.lang@oracle.com">john.x.lang@oracle.com</a>> wrote:<br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div lang="EN-US"><div class="gmail-m_2837967426429165787WordSection1"><p class="MsoNormal">Numan,<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Earlier I had send an e-mail with the following question that you responded to. I maybe should have asked if the pipeline would redirect the DNS request to another DNS server to OVN.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="gmail-m_2837967426429165787gmail-m-8743985617076697658gmail-m4188889267868020159msolistparagraph" style="margin-left:0.75in"><u></u><span>1.<span style="font:7pt "Times New Roman""> </span></span><u></u>If OVN can’t answer a DNS request, does the pipeline forward it on the another DNS server? How is that server address set? Though the DHCP options?<u></u><u></u></p><p class="MsoNormal" style="margin-left:0.25in"> <u></u><u></u></p><p class="MsoNormal" style="margin-left:0.25in">Yes. If OVN can't anwer it resumes the packet pipeline. So if there are any other DNS servers, they should get the packet.<u></u><u></u></p><p class="MsoNormal">I was looking at the flows in my OVN setup configured for DNS, and I don’t see how the DNS request is redirected to a server external to OVN.<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal" style="margin-left:0.5in"> table=16(ls_in_dns_lookup ), priority=100 , match=(udp.dst == 53), action=(reg0[4] = dns_lookup(); next;)<u></u><u></u></p><p class="MsoNormal" style="margin-left:0.5in"> table=16(ls_in_dns_lookup ), priority=0 , match=(1), action=(next;)<u></u><u></u></p><p class="MsoNormal" style="margin-left:0.5in"> table=17(ls_in_dns_response ), priority=100 , match=(udp.dst == 53 && reg0[4]), action=(eth.dst <-> eth.src; ip6.src <-> ip6.dst; udp.dst = udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)<u></u><u></u></p><p class="MsoNormal" style="margin-left:0.5in"> table=17(ls_in_dns_response ), priority=100 , match=(udp.dst == 53 && reg0[4]), action=(eth.dst <-> eth.src; ip4.src <-> ip4.dst; udp.dst = udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)<u></u><u></u></p><p class="MsoNormal" style="margin-left:0.5in"> table=17(ls_in_dns_response ), priority=0 , match=(1), action=(next;)<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">Based on these flows it looks like all udp.dst requests on port 53 are sent to dns_lookup. If dns_lookup resolves the request it send the reply (either IPV4 or IPV6). If not, it proceeds to table 18, and I think eventually the request gets dropped. Is there some later flow I should be looking for that would redirect the request to another DNS server (or is there something I’m missing in dns_lookup that does the redirect)? If so, how does OVN/OVS know the ip address of that server?</p></div></div></blockquote><div><br></div><div>OVN is not aware of any external DNS servers if any. So if OVN can't resolve the DNS, the packet resumes the pipeline</div><div>and is treated like any other packet. If the DNS server IP is to be routed it will be routed. Let me know If I'm not clear.</div><div><br></div><div><br></div><div>Thanks</div><div>Numan</div><div><br></div><blockquote class="gmail_quote" style="margin:0px 0px 0px 0.8ex;border-left:1px solid rgb(204,204,204);padding-left:1ex"><div lang="EN-US"><div class="gmail-m_2837967426429165787WordSection1"><p class="MsoNormal"><u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p><p class="MsoNormal">John Lang<u></u><u></u></p><p class="MsoNormal">w (303) 272-5457<u></u><u></u></p><p class="MsoNormal">c (970) 231-3724<u></u><u></u></p><p class="MsoNormal"><u></u> <u></u></p></div></div>_______________________________________________<br>
discuss mailing list<br>
<a href="mailto:discuss@openvswitch.org" target="_blank">discuss@openvswitch.org</a><br>
<a href="https://mail.openvswitch.org/mailman/listinfo/ovs-discuss" rel="noreferrer" target="_blank">https://mail.openvswitch.org/mailman/listinfo/ovs-discuss</a><br>
</blockquote></div></div>