[ovs-discuss] fail-mode secure behavior

David Erickson derickso at stanford.edu
Sun Nov 13 23:48:47 UTC 2011 

Aaron-
Its an artifact of the current inband behavior in OVS, see my discussion 
titled "ARP Behavior in XenServer Host" for more detail.  I have a patch 
that will limit ARP passthru to only the absolutely required IPs if 
interested.

-D

On 11/13/2011 3:46 PM, Aaron Rosen wrote:
> This is expected for inband because in order for the dp to connect to 
> the controller ARP must pass through?  (Though this IP address isn't 
> the one that it would actually use to talk to the controller though. )
>
> Just curious.
>
> Thanks,
> Aaron
>
> On Sun, Nov 13, 2011 at 3:59 PM, David Erickson <derickso at stanford.edu 
> <mailto:derickso at stanford.edu>> wrote:
>
>     Are you in inband mode? If so this is expected.
>
>     Sent from my HTC smartphone on the Now Network from Sprint!
>
>
>     ----- Reply message -----
>     From: "Aaron Rosen" <arosen at clemson.edu <mailto:arosen at clemson.edu>>
>     To: <discuss at openvswitch.org <mailto:discuss at openvswitch.org>>
>     Subject: [ovs-discuss] fail-mode secure behavior
>     Date: Sun, Nov 13, 2011 12:27 pm
>
>
>     Hello I had a quick question about the fail secure behavior.
>
>     I have created a dp0 and added eth3.1750 to it. Then I put
>      10.43.100.14  on dp0.
>
>     Now if I run ping -I dp0 10.43.100.34 , and run tcpdump on eth3 I
>     see my arp packets leaving the box even though I have dp0 set as
>     fail-secure.
>
>     Is this the expected behavior?
>
>     Thanks,
>
>     Aaron
>
>
>     Here is my setup:
>
>     root at geni1:/users/arosen# ovs-vsctl set-fail-mode dp0 secure
>
>      root at geni1:/users/arosen# ovs-dpctl show
>     system at dp0:
>     lookups: frags:0, hit:60, missed:402, lost:0
>     port 0: dp0 (internal)
>     port 1: eth3.1750
>     root at geni1:/users/arosen# ovs-vsctl list controller
>     _uuid               : 41c15d2e-dcdb-4a6b-9e3d-29dd0c0cf723
>     connection_mode     : []
>     controller_burst_limit: []
>     controller_rate_limit: []
>     external_ids        : {}
>     inactivity_probe    : []
>     is_connected        : false
>     local_gateway       : []
>     local_ip            : []
>     local_netmask       : []
>     max_backoff         : []
>     role                : other
>     status              : {last_error="Connection refused",
>     sec_since_disconnect="7", state=BACKOFF}
>     target              : "tcp:130.127.88.88:6633
>     <http://130.127.88.88:6633>"
>
>     root at geni1:/users/arosen# ifconfig
>     dp0       Link encap:Ethernet  HWaddr 00:15:17:d2:56:4a
>               inet addr:10.43.100.14  Bcast:10.43.100.255
>      Mask:255.255.255.0
>               inet6 addr: fe80::215:17ff:fed2:564a/64 Scope:Link
>               UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>               RX packets:2 errors:0 dropped:0 overruns:0 frame:0
>               TX packets:66 errors:0 dropped:0 overruns:0 carrier:0
>               collisions:0 txqueuelen:0
>               RX bytes:332 (332.0 B)  TX bytes:2988 (2.9 KB)
>
>     eth2      Link encap:Ethernet  HWaddr 00:15:17:d2:56:4b
>               inet addr:192.1.249.234  Bcast:192.1.249.255
>      Mask:255.255.255.224
>               inet6 addr: fe80::215:17ff:fed2:564b/64 Scope:Link
>               UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>               RX packets:2230487 errors:0 dropped:0 overruns:0 frame:0
>               TX packets:973028 errors:0 dropped:0 overruns:0 carrier:0
>               collisions:0 txqueuelen:1000
>               RX bytes:1216903682 (1.2 GB)  TX bytes:176351108 (176.3 MB)
>               Memory:df980000-df9a0000
>
>     eth3      Link encap:Ethernet  HWaddr 00:15:17:d2:56:4a
>               inet6 addr: fe80::215:17ff:fed2:564a/64 Scope:Link
>               UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>               RX packets:10458966 errors:0 dropped:0 overruns:0 frame:0
>               TX packets:31244431 errors:0 dropped:0 overruns:0 carrier:0
>               collisions:0 txqueuelen:1000
>               RX bytes:1330883990 (1.3 GB)  TX bytes:4289256380 (4.2 GB)
>               Memory:df9c0000-df9e0000
>
>     eth3.1750 Link encap:Ethernet  HWaddr 00:15:17:d2:56:4a
>               inet6 addr: fe80::215:17ff:fed2:564a/64 Scope:Link
>               UP BROADCAST RUNNING MULTICAST  MTU:1500  Metric:1
>               RX packets:5464625 errors:0 dropped:0 overruns:0 frame:0
>               TX packets:3165740 errors:0 dropped:0 overruns:0 carrier:0
>               collisions:0 txqueuelen:0
>               RX bytes:625569297 (625.5 MB)  TX bytes:4113326274 (4.1 GB)
>
>
>
>
>
>
>     -- 
>     Aaron O. Rosen
>     Masters Student - Network Communication
>     306B Fluor Daniel
>
>
>
>
>
> -- 
> Aaron O. Rosen
> Masters Student - Network Communication
> 306B Fluor Daniel
>
>

More information about the discuss mailing list