[ovs-discuss] Traffic doesn't reach bridge for some destination ip

Louis Bailleul louis.bailleul at phangos.fr
Wed Mar 26 16:39:19 UTC 2014 

Hi,

I experience something odd behaviour with my openvswitch setup :

I have vms attached to my bridge that cannot send specific traffic to 
the bridge but I see the traffic outgoing the vnet:

Example with SMTP traffic from vm 172.22.0.8 to smtp server 172.21.0.4 :

tcpdump -n -i vnet6 port 25
tcpdump: WARNING: vnet6: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vnet6, link-type EN10MB (Ethernet), capture size 65535 bytes
17:13:49.688569 IP 172.22.0.8.46190 > 172.21.0.4.25: Flags [S], seq 
1625975395, win 14600, options [mss 1460,sackOK,TS val 476336 ecr 
0,nop,wscale 7], length 0
17:13:50.682044 IP 172.22.0.8.46190 > 172.21.0.4.25: Flags [S], seq 
1625975395, win 14600, options [mss 1460,sackOK,TS val 476586 ecr 
0,nop,wscale 7], length 0

tcpdump -n -i br0 port 25
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
^C
0 packets captured
0 packets received by filter
0 packets dropped by kernel


This is odd because some traffic type work fine and some don't ( I can 
ssh into the vm or wget from it without trouble)

And the weirdest thing is that it depends on the destination IP :

  tcpdump -n -i vnet6 port 25
tcpdump: WARNING: vnet6: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on vnet6, link-type EN10MB (Ethernet), capture size 65535 bytes
17:20:14.559714 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [S], seq 
322741068, win 14600, options [mss 1460,sackOK,TS val 572555 ecr 
0,nop,wscale 7], length 0
17:20:14.570220 IP 173.194.66.108.25 > 172.22.0.8.45917: Flags [S.], seq 
425419501, ack 322741069, win 42540, options [mss 1430,sackOK,TS val 
377827881 ecr 572555,nop,wscale 6], length 0
17:20:14.570444 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [.], ack 
1, win 115, options [nop,nop,TS val 572558 ecr 377827881], length 0
17:20:14.581834 IP 173.194.66.108.25 > 172.22.0.8.45917: Flags [P.], seq 
1:52, ack 1, win 665, options [nop,nop,TS val 377827893 ecr 572558], 
length 51
17:20:14.582072 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [.], ack 
52, win 115, options [nop,nop,TS val 572561 ecr 377827893], length 0

tcpdump -n -ni br0 port 25
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on br0, link-type EN10MB (Ethernet), capture size 65535 bytes
17:20:14.559796 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [S], seq 
322741068, win 14600, options [mss 1460,sackOK,TS val 572555 ecr 
0,nop,wscale 7], length 0
17:20:14.570150 IP 173.194.66.108.25 > 172.22.0.8.45917: Flags [S.], seq 
425419501, ack 322741069, win 42540, options [mss 1430,sackOK,TS val 
377827881 ecr 572555,nop,wscale 6], length 0
17:20:14.570452 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [.], ack 
1, win 115, options [nop,nop,TS val 572558 ecr 377827881], length 0
17:20:14.581826 IP 173.194.66.108.25 > 172.22.0.8.45917: Flags [P.], seq 
1:52, ack 1, win 665, options [nop,nop,TS val 377827893 ecr 572558], 
length 51
17:20:14.582080 IP 172.22.0.8.45917 > 173.194.66.108.25: Flags [.], ack 
52, win 115, options [nop,nop,TS val 572561 ecr 377827893], length 0


I looked into ovs-dpctl dump-flows br0 and I see this flow :

ovs-dpctl dump-flows br0 | grep "=25"
in_port(7),eth(src=52:54:09:b1:7a:bb,dst=52:54:00:96:9b:95),eth_type(0x0800),ipv4(src=172.22.0.8,dst=172.21.0.4,proto=6,tos=0x10,ttl=64,frag=no),tcp(src=46220,dst=25), 
packets:1, bytes:74, used:0.396s, actions:5

Do you have any idea on what can cause this or any way to investigate it 
further ?

I am using openvswitch 1.4.6 witch brcompat module on kernel 
3.2.0-57-generic

My configuration is :

ovs-vsctl show
75a82a0b-13e2-4110-b9f9-65ce3f3a50dc
     Bridge "br0"
         Port "br0"
             Interface "br0"
                 type: internal
         Port "vnet2"
             Interface "vnet2"
         Port "vnet3"
             Interface "vnet3"
         Port "vnet7"
             Interface "vnet7"
         Port "vnet6"
             Interface "vnet6"
         Port "vnet8"
             Interface "vnet8"
         Port "vnet1"
             Interface "vnet1"
         Port "vnet4"
             Interface "vnet4"
         Port "vnet0"
             Interface "vnet0"
         Port "vnet5"
             Interface "vnet5"
     ovs_version: "1.4.6"


Thanks
Louis Bailleul

More information about the discuss mailing list