[ovs-discuss] Hosts can ping each other after removing flows....

Prasanna Yabaluri prasanna at yabaluri.com
Tue Aug 12 22:05:30 UTC 2014 

Gurucharan, Thanks for the follow up!

The issue was that floodlight has default forwarding property. After I
removed the behavior then default flow has been removed.

before...
user1 at devtest11:~$ sudo ovs-ofctl dump-flows mybridge3-rb
NXST_FLOW reply (xid=0x4):
 cookie=0x20000000000000, duration=35.794s, table=0, n_packets=44,
n_bytes=3256, idle_timeout=5, idle_age=0,
priority=0,in_port=3,vlan_tci=0x0000,dl_src=00:0e:d7:be:eb:40,dl_dst=d4:be:d9:52:15:b0
actions=output:2
 cookie=0x20000000000000, duration=35.791s, table=0, n_packets=36,
n_bytes=2664, idle_timeout=5, idle_age=0,
priority=0,in_port=2,vlan_tci=0x0000,dl_src=d4:be:d9:52:15:b0,dl_dst=00:0e:d7:be:eb:40
actions=output:3


after...

user1 at devtest11:~$ sudo ovs-ofctl dump-flows mybridge3-rb
NXST_FLOW reply (xid=0x4):
user1 at devtest11:~$


hosts cannot ping now...





On Mon, Aug 11, 2014 at 8:43 PM, Gurucharan Shetty <shettyg at nicira.com>
wrote:

> On Mon, Aug 11, 2014 at 3:56 PM, Prasanna Yabaluri
> <prasanna at yabaluri.com> wrote:
> > Thanks!
> >
> > Thinking this command will do a clean state of vswitch and remove any
> > configs by controller.....I tried sudo ovs-vsctl emer-reset ..did not
> work.
>     ovs-vsctl   emer-reset
>               Reset the configuration into a  clean  state.   It
>  deconfigures
>               OpenFlow  controllers,  OVSDB servers, and SSL, and deletes
> port
>               mirroring, fail_mode, NetFlow, sFlow, and  IPFIX
>  configuration.
>               This  command  also removes all other-config keys from all
> data‐
>               base records, except that other-config:hwaddr is preserved
> if it
>               is  present  in a Bridge record.  Other networking
> configuration
>               is left as-is.
>
> What does "ovs-ofctl dump-flows $bridgename" say after the above command?
> If it shows a "NORMAL" flow, it probably simply moved to a learning switch.
>
> >
> > So the concept of SDN does not allow to override the controller by
> directly
> > modifying the vSwitch?
> If you have hypervisor 'root' access, you can override. For e.g., you can
> 'ifconfig ethX down' where controller is reached via 'ethX'. And then
> delete flows or delete bridges etc.
>
>
>
> >
> >
> > On Mon, Aug 11, 2014 at 6:45 PM, Gurucharan Shetty <shettyg at nicira.com>
> > wrote:
> >>
> >> On Mon, Aug 11, 2014 at 3:39 PM, Prasanna Yabaluri
> >> <prasanna at yabaluri.com> wrote:
> >> > Thank you for the response! the hosts are still pinging
> >> >
> >> > user1 at devtest11:~$ sudo ovs-dpctl del-flows
> >> > user1 at devtest11:~$
> >> > user1 at devtest11:~$
> >> >>>>>>>>>>>>>>>not sure how are these flows getting installed...
> >> > user1 at devtest11:~$ sudo ovs-ofctl del-flows mybridge3-rb
> >> > user1 at devtest11:~$ sudo ovs-ofctl dump-flows mybridge3-rb
> >> If the above command is showing entries, it means that your controller
> >> is populating the flow table. I don't know any other explanation to
> >> it.
> >
> >
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20140812/890f1573/attachment-0002.html>

More information about the discuss mailing list