[ovs-discuss] Prevent flows between tunnels
Jesse Gross
jesse at nicira.com
Fri Feb 8 17:23:18 UTC 2013
On Fri, Feb 8, 2013 at 9:02 AM, Roberto Sassu <roberto.sassu at polito.it> wrote:
> On 02/08/2013 05:49 PM, Jesse Gross wrote:
>>
>> On Fri, Feb 8, 2013 at 7:37 AM, Roberto Sassu <roberto.sassu at polito.it>
>> wrote:
>>>
>>> Hi everyone
>>>
>>> I'm wondering what is the best way to prevent that packets
>>> are forwarded between tunnels. The only flows allowed should
>>> be between VM backends, from VM backends to tunnels and
>>> from tunnels to VM backends.
>>
>>
>> You can write OpenFlow rules using a controller or ovs-ofctl to
>> control traffic between tunnel ports.
>>
>
> Hi Jesse
>
> yes, I was thinking about using ovs-ofctl but I did not get from
> the documentation if it possible to specify a rule that matches
> ports of the same type (GRE), so that I can prevent that packets
> coming from a tunnel are forwarded to all other tunnels.
You can't match on the type directly so you should match on the port
numbers instead.
More information about the discuss
mailing list