[ovs-discuss] Openvswitch: Rules matching ports behaving strangely - Rules translation problem?

Andreas Wundsam andi at net.t-labs.tu-berlin.de
Tue Oct 20 01:22:21 UTC 2009 

Hi,
Hi,

Justin Pettit schrieb:
> Our emails crossed, so it looks like you got a bit more clarification on
> this.  However, I'd like to point out that the ICMP type overload the
> transport port, not the physical port.  The confusion lies in that the
> output lists two different attributes with the name "port".  

Jupp, understood. That's what I meant to say. Thanks for the
clarification, though.

>  The ping traffic you're showing appears to be traveling
> between ports 1 and 2.  If you generated traffic from the VM with
> vif10.2, then I would expect you to see an entry dropping it in the
> datapath.

Well, the funny thing is that sometimes, my pings from the VM on vif10.2
*do* get through, even though they should not (see attachment, for
better readability of those long lines). This may due to the same
translation problem of wildcard rules to fastpath dpctl rules, I think.

Some thought about what may be unusual in my setup:

 - I have tagged VLAN interfaces managed by the "normal" vconfig and
802.1q module on the system (not on this bridge/switch instance though,
but other switches/dps have eth1.X interfaces)

 - the frontend virtual NICs  inside of the DomUs at vif4.2 and vif10.2
have the same MAC address and the same IP address. However, that should
not hurt, because  my forwarding rules are strictly by physical inport,
and in no case both vif4.2 and vif10.2 will be active at the same time.

 - I am running vswitchd, brcompatd, and openflowd with following
configuration:
/usr/local/sbin/ovs-vswitchd --pidfile --detach -vANY:syslog:EMER
/etc/ovs-vswitchd.conf
/usr/local/sbin/ovs-brcompatd --pidfile --detach -vANY:syslog:EMER
/etc/ovs-vswitchd.conf
ovs-openflowd --out-of-band --datapath-id 000000000003 --fail=closed dp4
--listen=ptcp: tcp:172.16.0.10

Best,
Andi


Best,

Andi






-- 
Andreas Wundsam
Technische Universität Berlin, Deutsche Telekom Laboratories
FG INET, Research Group Anja Feldmann

address: Sekr. TEL 16, FG INET, Ernst-Reuter-Platz 7, 10587 Berlin
e-mail: andi at net.t-labs.tu-berlin.de
web: http://www.net.t-labs.tu-berlin.de/people/andi.shtml

More information about the discuss mailing list