[ovs-discuss] help in understanding drop rules which came with out setting any manual drop rule.
kevin parker
kevin.parker092 at gmail.com
Tue Jun 25 07:13:53 UTC 2013
Hi All,
How can drop rule come with out setting any drop rule manually.
using OVS 1.4.1
*dpctl dump-flows*
in_port(2),eth(src=00:26:0a:24:ae:00,dst=8e:fd:95:35:22:d1),eth_type(0x8100),vlan(vid=40,pcp=0),encap(eth_type(0x0800),ipv4(src=59.x.x.68,dst=11.x.x.41,proto=6,tos=0,ttl=59,frag=no),tcp(src=46583,dst=80)),
packets:0, bytes:0, used:never, *actions:drop*
in_port(2),eth(src=00:26:0a:24:ae:00,dst=8e:fd:95:35:22:d1),eth_type(0x8100),vlan(vid=40,pcp=0),encap(eth_type(0x0800),ipv4(src=11.x.x.214,dst=11.x.x.41,proto=6,tos=0,ttl=56,frag=no),tcp(src=33124,dst=443)),
packets:0, bytes:0, used:never, *actions:drop*
in_port(2),eth(src=00:26:0a:24:ae:00,dst=8e:fd:95:35:22:d1),eth_type(0x8100),vlan(vid=40,pcp=0),encap(eth_type(0x0800),ipv4(src=11.x.x.35,dst=11.x.x.41,proto=6,tos=0,ttl=56,frag=no),tcp(src=50363,dst=8080)),
packets:1, bytes:66, used:0.128s, *actions:drop*
No manuall drop rule has been set but on dpctl dump-flows there are
some drop rules,for vm in port 2 with ip 11.x.x.41
On what basis ovs determines what to block.
Expecting a reply,
Regards,
kev
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20130625/ef0676c4/attachment.html>
More information about the discuss
mailing list