[ovs-discuss] question about the OVS-OFCTL

[Ben Pfaff]

On Mon, Nov 11, 2013 at 09:14:54PM -0800, terryxing wrote:
> 1.  I am wondering that what the OVS is running like without connection any
> controller ? Because I thought it is just a layer 2 switch.  

Yes, that's right.

> but when I run a openflow controller talking to it.(I tried pox and
> floodlight) From a internal VM, I can only talk to the VM on the same
> logical network, but not outside. The vm can not ping 8.8.8.8, or I
> can not reach the VM from outside bying using the floating IP. But
> they all worked when I did not run the openflow controller.  I know
> traffic that has something to do with outside need a router. But that
> router is running on the network node but not compute node.  Thus, I
> thought that running layer 2 switch on compute node should be
> sufficient for instance communication internally or externally.

POX and floodlight have lots of functionality.  Presumably you will get
different behavior depending on how you configure them.  (I don't know
how to configure either of them.)

> 2. can "ovs-ofctl" realize this ?

Be aware that ovs-ofctl is just a simple, short-lived controller.

> I want to forward the packet to the port it should go, just like what OVS
> is doing, and then can I use the CLI to modify the des_IP to the IDS's IP
> and then output to
> a port ? if so, which port I should output the packet with new modified
> des_ip ?
> 
> I do not want to disturb the how OVS originally work for forwarding the
> packet, but just want to modified the destination ip and let the OVS
> forward the new modified packet as it did before.
> 
> Is that feasible ?

You can use the "normal" action to forward the packet as OVS ordinarily
would do, and then "mod_nw_dst" to set the destination IP.  You will
have to figure out the right port yourself; I cannot guess what it is.