[ovs-dev] Can openvswitch vxlan tunnel support vtep ip in different subnet?

Jesse Gross jesse at nicira.com
Wed Apr 8 16:18:18 UTC 2015


I would try checking for correctness at each point in the path. Look
for iptables rules, ovs-appctl dpif/dump-flows on the tunnel bridge to
see what traffic is doing if it makes it there, check ovs-vswitchd
logs, dmesg, etc.

I would also removing local_ip from the tunnels as well since it makes
the matching criteria more restrictive.

On Tue, Apr 7, 2015 at 4:33 PM, 马啸 <cumtb_maxiao at 163.com> wrote:
> Thank you for your reply.
>
> The topology as:
> tap1(192.168.10.2)--br-int--br-tun(vxlan-0a0b1840 19/5 local_ip=10.10.24.69,
> remote_ip=10.11.24.64)==========(vxlan-0a0a1845 3/8  local_ip=10.11.24.64,
> remote_ip=10.10.24.69)br-tun--br-int--tap2 (192.168.10.1)
>
> I ping from 192.168.10.1 to 192.168.10.2.
> So the arp request packet for 192.168.10.2 will be encapsulated in VxLAN
> UDP。
> And indeed in the peer the arp encapsulated in VxLAN can be captured.
>
> ================================== ===========
> Outer Src IP is 10.11.24.64 Outer Dst IP is 10.10.24.69  Inner is ARP
> Request
>
> 13:49:35.715812 10:0e:7e:ee:e3:e8 > ec:f4:bb:d3:93:12, ethertype IPv4
> (0x0800), length 92: (tos 0x0, ttl 61, id 41358, offset 0, flags [DF], proto
> UDP (17), length 78)
>     10.11.24.64.43309 > 10.10.24.69.4789: [no cksum] VXLAN, flags [I]
> (0x08), vni 103
> fa:16:3e:0a:79:03 > Broadcast, ethertype ARP (0x0806), length 42: Ethernet
> (len 6), IPv4 (len 4), Request who-has 192.168.10.2 tell 192.168.10.1,
> length 28
> =========================================
>
> And in the br-tun one flow bellow exists, of which the in_port is
> vxlan-0a0b1840:
>  cookie=0x0, duration=22604.209s, table=0, n_packets=0, n_bytes=0,
> idle_age=22604, priority=1,in_port=19 actions=resubmit(,4)
>
> So I think the packet captured should match the flow, but the n_packets not
> be increased.
>
>
> The VxLAN UDP can be captured , so I think 10.10.24.69 and 10.11.24.64 can
> be reached from each other.
>
> Can you give me more help? Thanks!
>
>
>
>
>
> At 2015-04-07 23:39:06, "Jesse Gross" <jesse at nicira.com> wrote:
>>On Tue, Apr 7, 2015 at 6:56 AM, 马啸 <cumtb_maxiao at 163.com> wrote:
>>> Hi,all
>>>
>>>
>>> I know in normal vxlan support,vteps can be in different subnets.
>>> But when I config the vxlan tunnel of openvswitch with the local ip and
>>> the remote ip in different subnets,
>>> I find the flow can not be matched.
>>
>>Yes, it should work.
>>
>>I don't understand what you are doing since the captures don't really
>>match your description. However, I would check your IP addresses, make
>>sure that you can ping across the underlay network, check firewall
>>rules, etc.
>
>
>



More information about the dev mailing list