[ovs-discuss] [ovs-dev] Problem with fake bridges

Daniele Milani dano1988 at hotmail.it
Fri May 11 15:28:56 UTC 2012


Thanks so much; one further question: I want my net to behave lake that:

- each VLAN should have a gateway;
- different VLANs must not communicate;
- VMs and Internet should communicate;

is it possible to do that with fake bridges?

Daniele

> Date: Thu, 10 May 2012 12:35:29 -0700
> From: blp at nicira.com
> To: dano1988 at hotmail.it
> CC: discuss at openvswitch.org; paolo.smiraglia at polito.it; roberto.sassu at polito.it
> Subject: Re: [ovs-dev] Problem with fake bridges
> 
> Daniele, you are being defeated by IP forwarding.  This flow shows an
> ICMP echo request coming in on vnet0 (port 3).  OVS forwards it to
> alpha-nic ("actions:1"):
> 
> > in_port(3),eth(src=52:94:00:02:c7:1e,dst=1a:a6:65:bb:f7:82),eth_type(0x0800),ipv4(src=192.168.1.206,dst=192.168.2.166,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0), packets:16, bytes:1568, used:0.520s, actions:1
> 
> The kernel sees that the packet is destined for 192.168.2.x and
> forwards it to beta-nic based on the following routing table entry:
> 
> > 192.168.2.0     0.0.0.0         255.255.255.0   U     0      0 0 beta-nic
> 
> OVS then gets a second shot at the packet when it is received on
> beta-nic (port 2).  It quite reasonably then forwards it to vnet1
> ("actions:4"):
> 
> > in_port(2),eth(src=02:b7:65:2b:e1:b6,dst=52:94:00:09:f7:1e),eth_type(0x0800),ipv4(src=192.168.1.206,dst=192.168.2.166,proto=1,tos=0,ttl=63,frag=no),icmp(type=0,code=0), packets:66, bytes:6468, used:0.052s, actions:4
 		 	   		  
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20120511/16d22bfa/attachment.html>


More information about the discuss mailing list