[ovs-dev] [OVS Conntrack] ct_state flags lead to OFPT_ERRORs

Joe Stringer joestringer at nicira.com
Mon Oct 26 16:48:07 UTC 2015


On 25 October 2015 at 19:10, Ashwin Paranjpe <ashwin1985 at gmail.com> wrote:
> Hi Joe
>
> I just tried this on a fresh Ubuntu 14 LTS VM with a > 3.9.0 kernel. I still
> see the same errors:
>>>
>>> root at ubuntu-14-lts:/home/vm/install/ovs-conntrack# ovs-ofctl add-flow
>>> br-int "table=1, in_port=2, tcp, ct_state=+est+trk, actions=output:1"
>>>
>>> OFPT_ERROR (xid=0x6): OFPBMC_BAD_FIELD
>>>
>>> NXT_FLOW_MOD (xid=0x6):
>>>
>>> (***truncated to 64 bytes from 88***)
>>>
>>> 00000000  01 04 00 58 00 00 00 06-00 00 23 20 00 00 00 0d |...X......#
>>> ....|
>>>
>>> 00000010  00 00 00 00 00 00 00 00-01 00 00 00 00 00 80 00
>>> |................|
>>>
>>> 00000020  ff ff ff ff ff ff 00 00-00 1d 00 00 00 00 00 00
>>> |................|
>>>
>>> 00000030  00 00 00 02 00 02 00 00-06 02 08 00 00 00 0c 01
>>> |................|
>>>
>>> root at ubuntu-14-lts:/home/vm/install/ovs-conntrack# uname -r
>>>
>>> 3.19.0-25-generic
>
>
> I also see the following vswitchd logs:
>>>
>>> 2015-10-26T01:50:17.458Z|00009|ofproto_dpif|INFO|system at ovs-system: MPLS
>>> label stack length probed as 1
>>>
>>> 2015-10-26T01:50:17.458Z|00010|ofproto_dpif|INFO|system at ovs-system:
>>> datapath does not support masked set action feature.
>>>
>>> 2015-10-26T01:50:17.458Z|00011|ofproto_dpif|INFO|system at ovs-system:
>>> Datapath does not support unique flow ids
>>>
>>> 2015-10-26T01:50:17.458Z|00012|ofproto_dpif|INFO|system at ovs-system:
>>> Datapath does not support ct_state
>>>
>>> 2015-10-26T01:50:17.458Z|00013|ofproto_dpif|INFO|system at ovs-system:
>>> Datapath does not support ct_zone
>>>
>>> 2015-10-26T01:50:17.458Z|00014|ofproto_dpif|INFO|system at ovs-system:
>>> Datapath does not support ct_mark
>>>
>>> 2015-10-26T01:50:17.458Z|00015|ofproto_dpif|INFO|system at ovs-system:
>>> Datapath does not support ct_label
>
>
> Going back to your suggestion:
>>
>> It looks like your OVS kernel module doesn't support connection
>> tracking. In this case, ovs-ofctl reports back a BAD_FIELD error.
>>
>> If you want to use this feature at the moment, you need to get the
>> latest "net" development kernel and use the OVS kernel module from
>> there.
>
>
> I compiled OVS from the latest OVS conntrack branch, and the openvswitch
> kernel module is also from datapath/linux directory after the build. I have
> used one of the latest kernels available (3.19.0-25-generic which is > 3.9.0
> per the requirements specified in the code). If you could please elaborate
> and provide a link to the exact kernel you're referring to, I'd really
> appreciate that.

To be more precise about how to run this, there are two paths: Run the
latest code from the latest 4.3 kernel development tree, or build the
conntrack branch against your existing >=3.9 kernel. The conntrack
branch is work in progress and it has not been tested on each kernel
from 3.9 upwards, so there may be unforeseen issues with those
kernels. I'm actively working on this and intend to submit it to the
OVS master branch when it's more stable.

The "net" tree is here:
https://git.kernel.org/cgit/linux/kernel/git/davem/net.git

Looking at the feature support that your OVS log is printing, it looks
like it is using the stock Linux-3.19 openvswitch module, not the
version that you compiled in the OVS tree. You may need to install the
modules ("make modules_install") or even just manually insmod the
specific *.ko files from your compilation directory.



More information about the dev mailing list