[ovs-discuss] gre tunnel create problem

Justin Pettit jpettit at nicira.com
Sat Jun 9 23:22:14 UTC 2012


[Adding the list back to the thread.]

OVS's GRE implementation only supports Ethernet-over-GRE (protocol 0x6558), since it fits naturally with bridging.  I think for what you're suggesting, we'd need to support MPLS Unicast (0x8847) and Multicast (0x8448).  Our current design works well for the use-cases we've seen.  If you have a reasonable use-case and design, we'd certainly be open to discussing support for other protocols.

--Justin


On Jun 8, 2012, at 6:39 AM, ravi kerur wrote:

> There are use-cases when mpls packets are tunneled via gre/ipsec or
> other tunneling mechanism due to two mpls routers being adjacent via
> ip network and not adjacent via mpls network. In this case for e.g. if
> its GRE tunnel, then tunnel head-end/tail-end should handle those mpls
> packets by modifying protocol types in gre header during encapsulation
> and handling as a mpls packet after decapsulation.
> 
> 
> On Thu, Jun 7, 2012 at 12:14 AM, Justin Pettit <jpettit at nicira.com> wrote:
>> You shouldn't have to perform any actions on GRE tunnels.  You should just be able to treat it like a physical port.  The decapsulation on receive and encapsulation on send should be invisible to you.  They're simply logical ports.
>> 
>> --Justin
>> 
>> 
>> On Jun 6, 2012, at 7:17 PM, ravi kerur wrote:
>> 
>>> How did you control on the receive side i.e for a received gre packet
>>> if I have to apply some actions to it?
>>> 
>>> I can do it on transmit side but receive has been elusive so far.
>>> 
>>> On Tue, Jun 5, 2012 at 8:27 PM, faicker mo <faicker.mo at gmail.com> wrote:
>>>> Yes,I have only one flow in flow table, "action=normal".
>>>> But when the gre tunnel port becomes a data path《ovs-dpctl show》, we can use the ovs-ofctl to control the traffic. I did it. I can see the packets pass the flow table entry.
>>>> 
>>>> On 2012-6-6, at 上午11:07, ravi kerur wrote:
>>>> 
>>>>> I think probably you have single flow in the  flow table, you can
>>>>> check using ovs-ofctl dump-flows <bridge-name>.
>>>>> 
>>>>> This works well when all type of traffic are going through the tunnel
>>>>> interface. That's the case for me as well. However, when I want to
>>>>> split certain type of traffic to go through tunnel and other type via
>>>>> normal path I don't think it is possible to configure it that way in
>>>>> OVS?
>>>>> 
>>>>> 
>>>>> On Tue, Jun 5, 2012 at 7:18 PM, faicker mo <faicker.mo at gmail.com> wrote:
>>>>>> I am happy to share my configuration.
>>>>>> 2 hosts,
>>>>>> 192.168.1.100     eth0
>>>>>> 192.168.1.101 eth0
>>>>>> Each has a vm. We config the vm in the same subnet.
>>>>>> We shouldn't add the eth0 on bridge. The bridge likes this:
>>>>>> br0:  vnet0
>>>>>> add the gre tunnel on br0:
>>>>>> ovs-vsctl add-port br0 gre0 -- set interface gre0
>>>>>> type=gre options:local_ip=192.168.1.100 remote_ip=192.168.1.101
>>>>>> 
>>>>>> The gre0 port should exist in "ovs-dpctl show" and "ovs-vsctl show".
>>>>>> Do the similar thing on 192.168.1.100.
>>>>>> 
>>>>>> Now,you can ping from each vm.
>>>>>> 
>>>>>> 
>>>>>> On 2012-6-6, at 上午1:12, ravi kerur wrote:
>>>>>> 
>>>>>> Faicker,
>>>>>> 
>>>>>> Can you share your configuration with general public so everyone can
>>>>>> benefit from it. At least I am having similar issues and still not
>>>>>> working correctly. In your case have you setup flows using ovs-ofctl
>>>>>> to match certain tunnel parameters?
>>>>>> 
>>>>>> Thanks,
>>>>>> Ravi
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> From: discuss-bounces at openvswitch.org
>>>>>> 
>>>>>> [mailto:discuss-bounces at openvswitch.org] On Behalf Of faicker mo
>>>>>> 
>>>>>> Sent: Tuesday, June 05, 2012 6:49 AM
>>>>>> 
>>>>>> To: Ben Pfaff
>>>>>> 
>>>>>> Cc: discuss at openvswitch.org
>>>>>> 
>>>>>> Subject: Re: [ovs-discuss] gre tunnel create problem
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> I solved it.
>>>>>> 
>>>>>> 
>>>>>> I compile the 1.4.1 source files, and used the openvswitch.ko module to
>>>>>> 
>>>>>> replace the default kernel module in linux 3.3.7.
>>>>>> 
>>>>>> 
>>>>>> Now, it's OK. Only this command is enough:
>>>>>> 
>>>>>> 
>>>>>> ovs-vsctl add-port br0 gre0 -- set interface gre0 type=gre
>>>>>> 
>>>>>> options:remote_ip=192.168.1.101
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On 2012-6-4, at 下午6:59, faicker mo wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> I have to edit this  because the port is wrong. Sorry for my modifying the
>>>>>> 
>>>>>> log.
>>>>>> 
>>>>>> 
>>>>>> the port is netvm and linux creates a default port named gre0.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On 2012-6-4, at 下午6:54, faicker mo wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> I'm sorry, I have another question following this.
>>>>>> 
>>>>>> 
>>>>>> When I added the gre tunnel port on bridge, some errors occurred:
>>>>>> 
>>>>>> 
>>>>>> ---------------------------------
>>>>>> 
>>>>>> 
>>>>>> 56 Jun  4 18:33:42 archlinux ovs-vswitchd: 00062|dpif|WARN|system at br0:
>>>>>> 
>>>>>> failed to add gre0 as port: Invalid argument
>>>>>> 
>>>>>> 
>>>>>>  57 Jun  4 18:33:42 archlinux ovs-vswitchd: 00063|bridge|WARN|netvm port has
>>>>>> 
>>>>>> no interfaces, dropping
>>>>>> 
>>>>>> 
>>>>>>  58 Jun  4 18:33:42 archlinux ovs-vswitchd: 00064|bridge|INFO|destroyed port
>>>>>> 
>>>>>> netvm on bridge br0
>>>>>> 
>>>>>> 
>>>>>>  59 Jun  4 18:33:42 archlinux ovs-vswitchd: 00065|bridge|WARN|bridge br0:
>>>>>> 
>>>>>> using default bridge Ethernet address b6:8b:ef:f1:d6:41
>>>>>> 
>>>>>> 
>>>>>> --------------------------
>>>>>> 
>>>>>> 
>>>>>> Though the tunnel works. I found this because the tunnel port didn't appear
>>>>>> 
>>>>>> in the "ovs-dpctl show" result.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On 2012-6-2, at 上午5:17, Ben Pfaff wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> I was thinking that we should document it alongside each place where we
>>>>>> 
>>>>>> mention a feature.  For example, in ovs-vswitch.conf.db(5) we would
>>>>>> 
>>>>>> mention support for GRE in the same place that we describe GRE.
>>>>>> 
>>>>>> 
>>>>>> On Fri, Jun 01, 2012 at 02:15:56PM -0700, Justin Pettit wrote:
>>>>>> 
>>>>>> 
>>>>>> I was thinking the same thing.  Do you think we put it in the website
>>>>>> 
>>>>>> 
>>>>>> FAQ or a document in the repo?
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> --Justin
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On Jun 1, 2012, at 2:14 PM, Ben Pfaff wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> We need to document which features work with the upstream kernel module
>>>>>> 
>>>>>> 
>>>>>> and which only with the separate one.  So far I don't think we do that.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On Fri, Jun 01, 2012 at 09:34:05AM -0700, Justin Pettit wrote:
>>>>>> 
>>>>>> 
>>>>>> My guess is that you're both using the upstreamed OVS kernel module,
>>>>>> 
>>>>>> 
>>>>>> which does not have the built-in support for tunneling.  You can use
>>>>>> 
>>>>>> 
>>>>>> Linux's native GRE tunnels and just attach them as you would other
>>>>>> 
>>>>>> 
>>>>>> interfaces to OVS.  You'll lose the ability to dynamically set the key
>>>>>> 
>>>>>> 
>>>>>> and create tunnels through the database, though.  If you need that
>>>>>> 
>>>>>> 
>>>>>> functionality, you'll need to use the kernel module that comes with
>>>>>> 
>>>>>> 
>>>>>> our distribution.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> --Justin
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> On Jun 1, 2012, at 4:25 AM, Madko wrote:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> I have exactly the same problem on Fedora 17 (kernel 3.3.7),
>>>>>> 
>>>>>> https://bugzilla.redhat.com/show_bug.cgi?id=821159
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 2012/6/1 faicker mo <faicker.mo at gmail.com>
>>>>>> 
>>>>>> 
>>>>>> I create gre tunnel like this:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> ovs-vsctl add-port br0 gre0 -- set interface gre0 type=gre
>>>>>> 
>>>>>> options:remote_ip=192.168.1.101
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> But I found:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> ovs-vsctl show
>>>>>> 
>>>>>> 
>>>>>> 8a59928b-ebf3-44f9-85d4-80fdac32207f
>>>>>> 
>>>>>> 
>>>>>>   Bridge "br0"
>>>>>> 
>>>>>> 
>>>>>>       Port "br0"
>>>>>> 
>>>>>> 
>>>>>>           Interface "br0"
>>>>>> 
>>>>>> 
>>>>>>               type: internal
>>>>>> 
>>>>>> 
>>>>>>       Port "gre0"
>>>>>> 
>>>>>> 
>>>>>>           Interface "gre0"
>>>>>> 
>>>>>> 
>>>>>>               type: gre
>>>>>> 
>>>>>> 
>>>>>>               options: {remote_ip="192.168.1.101"}
>>>>>> 
>>>>>> 
>>>>>>       Port "vnet0"
>>>>>> 
>>>>>> 
>>>>>>           Interface "vnet0"
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> the /var/log/messages.log:
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 7040 Jun  1 19:03:02 archlinux ovs-vswitchd: 00062|bridge|INFO|created port
>>>>>> 
>>>>>> gre0 on bridge br0
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 7041 Jun  1 19:03:02 archlinux ovs-vswitchd: 00063|dpif|WARN|system at br0:
>>>>>> 
>>>>>> failed to add gre0 as port: Address family not supported by protocol
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 7042 Jun  1 19:03:02 archlinux ovs-vswitchd: 00064|bridge|WARN|gre0 port has
>>>>>> 
>>>>>> no interfaces, dropping
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 7043 Jun  1 19:03:02 archlinux ovs-vswitchd: 00065|bridge|INFO|destroyed
>>>>>> 
>>>>>> port gre0 on bridge br0
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 7044 Jun  1 19:03:02 archlinux ovs-vswitchd: 00066|bridge|WARN|bridge br0:
>>>>>> 
>>>>>> using default bridge Ethernet address b3:8b:ef:f1:d6:41
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> -------
>>>>>> 
>>>>>> 
>>>>>> I searched, and I unloaded the gre,ip_gre module, but the problem is the
>>>>>> 
>>>>>> same.
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> 
>>>>>> 
>>>>>> discuss mailing list
>>>>>> 
>>>>>> 
>>>>>> discuss at openvswitch.org
>>>>>> 
>>>>>> 
>>>>>> http://openvswitch.org/mailman/listinfo/discuss
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> --
>>>>>> 
>>>>>> 
>>>>>> Edouard Bourguignon
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> 
>>>>>> 
>>>>>> discuss mailing list
>>>>>> 
>>>>>> 
>>>>>> discuss at openvswitch.org
>>>>>> 
>>>>>> 
>>>>>> http://openvswitch.org/mailman/listinfo/discuss
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> 
>>>>>> 
>>>>>> discuss mailing list
>>>>>> 
>>>>>> 
>>>>>> discuss at openvswitch.org
>>>>>> 
>>>>>> 
>>>>>> http://openvswitch.org/mailman/listinfo/discuss
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> _______________________________________________
>>>>>> 
>>>>>> discuss mailing list
>>>>>> 
>>>>>> discuss at openvswitch.org
>>>>>> 
>>>>>> http://openvswitch.org/mailman/listinfo/discuss
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>>>> 
>>>> 
>>> _______________________________________________
>>> discuss mailing list
>>> discuss at openvswitch.org
>>> http://openvswitch.org/mailman/listinfo/discuss
>> 




More information about the discuss mailing list