[ovs-dev] Bug#714080: openvswitch-datapath-dkms: packet don't pass in postrouting iptables table

Mehdi Abaakouk sileht at sileht.net
Tue Jun 25 13:27:16 UTC 2013

Package: openvswitch-datapath-dkms
Version: 1.4.2+git20120612-9
Severity: normal

Dear Maintainer,

The issue occur in a particular configuration:

* a openvswitch bridge with a ip set on the bridge
* a tap network interface with a ip configured inside a namespace
* and some iptables rules (ie: NAT) set inside this namespace

In this configuration all packets won't pass in the postrouting iptables table,
all packets exit the namespace and go the ovs bridge with a incorrect source
ip, the NAT won't work anymore.

This configuration is a classic one generated by a openstack setup.

I have made some test with the 1.9.0 version of openswitch and the issue is
fixed in recent version.

And I have found the upstream fix and tested it, it works fine:



-- System Information:
Debian Release: 7.0
  APT prefers stable
  APT policy: (500, 'stable')
Architecture: amd64 (x86_64)
Foreign Architectures: i386

Kernel: Linux 3.2.0-4-amd64 (SMP w/8 CPU cores)
Locale: LANG=fr_FR.UTF-8, LC_CTYPE=fr_FR.UTF-8 (charmap=UTF-8)
Shell: /bin/sh linked to /bin/dash

Versions of packages openvswitch-datapath-dkms depends on:
ii  dkms
ii  libc6-dev  2.13-38
ii  make       3.81-8.2

openvswitch-datapath-dkms recommends no packages.

openvswitch-datapath-dkms suggests no packages.

-- no debconf information

More information about the dev mailing list