[ovs-discuss] How to achieve inbound rule using openflow?
Reid Price
reid at nicira.com
Fri Jul 13 01:19:00 UTC 2012
Hi Yimin,
The behavior you describe would emerge from the flows you choose to
utilize, and may not necessarily be a single modification. One way to
think about this is as a side effect of the flow table being processed a
single time. Since the matching only occurs on the packet entering
the switch (rather than leaving it), actions which filter based upon
in_port are usually trivial. There is no native correspondence for output
actions, though it often straightforward to do so. In this case, you are
relying upon the normal action for forwarding decisions, which spans
the entire bridge. This probably will not offer you enough granularity to
do what you desire, since AFAIK, you can't say
priority=100, tp_dst=80, action=NORMAL(all ports)
priority=50, action=NORMAL(all ports except port 3)
Hope this clarifies.
-Reid
On Thu, Jul 12, 2012 at 5:56 PM, YIMIN CHEN <ymchen.nbzj at gmail.com> wrote:
> Hi,
>
> I am experimenting with OVS 1.4.2, using openflow entries to control
> traffic b/w VMs. VM1 (11.1.1.4) and VM2 (11.1.1.5) connected to OVS
> via tap0 (openflow port 2) and tap1 (of port 3).
>
> I am a little confused about how to specify an inbound rule. How can I
> specify an openflow entry for VM2 saying allowing incoming pkts to VM2
> only allowed on tcp port 80, but not others?
> "in_port=3,tp_dst=80,action=normal" will work? To me, it sounds like
> saying "If VM2 send a pkt to port 80, allow it", instead of "if VM2
> receives a pkt to port 80, allow it". I am a little confused.
>
> Could anyone please clarify for me?
>
> Thanks!
> Yimin
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20120712/102217e8/attachment.html>
More information about the discuss
mailing list