[ovs-discuss] When a controller is plugged in vlans stop working: normal?

Pasquale Dir phate867 at gmail.com
Mon May 5 16:27:09 UTC 2014 

I have another problem.
I have an openvswitch linked to another openvswitch by a gre tunnel. This
tunnel belongs to the vlan 2. I have one Vm for each switch, each vm is
attached to the switch by a port tagged 2.

Now, everything works fine until I add my eth0 port to these openvswitches.
When I do that, the VMs can't communicate anymore even though they could,
thanks to the tunnel gre which is a trunk port for the vlan 2.

I think the problem is eth0 which is not a trunk port.

Does this mean that, in order to achieve vlan isolation and still connect
switches with gre tunnels, I need at least an external (ie. not connected
to the openvswitch) network port?


2014-05-05 11:58 GMT+02:00 Pasquale Dir <phate867 at gmail.com>:

> Thank you so much, it worked.
>
>
> 2014-05-01 18:13 GMT+02:00 Ben Pfaff <blp at nicira.com>:
>
> On Wed, Apr 30, 2014 at 09:35:58PM +0200, Pasquale Dir wrote:
>> > as long as no controller is associated to my openvswitch vlan tags
>> assure
>> > me vlan isolation.
>> >
>> > After setting the controller (floodlight in my case, but I also tried
>> > opendaylight) vlan tags are just ignored.
>>
>> The FAQ says:
>>
>> Q: My OpenFlow controller doesn't see the VLANs that I expect.
>>
>> A: The configuration for VLANs in the Open vSwitch database (e.g. via
>>    ovs-vsctl) only affects traffic that goes through Open vSwitch's
>>    implementation of the OpenFlow "normal switching" action.  By
>>    default, when Open vSwitch isn't connected to a controller and
>>    nothing has been manually configured in the flow table, all traffic
>>    goes through the "normal switching" action.  But, if you set up
>>    OpenFlow flows on your own, through a controller or using ovs-ofctl
>>    or through other means, then you have to implement VLAN handling
>>    yourself.
>>
>>    You can use "normal switching" as a component of your OpenFlow
>>    actions, e.g. by putting "normal" into the lists of actions on
>>    ovs-ofctl or by outputting to OFPP_NORMAL from an OpenFlow
>>    controller.  In situations where this is not suitable, you can
>>    implement VLAN handling yourself, e.g.:
>>
>>        - If a packet comes in on an access port, and the flow table
>>          needs to send it out on a trunk port, then the flow can add
>>          the appropriate VLAN tag with the "mod_vlan_vid" action.
>>
>>        - If a packet comes in on a trunk port, and the flow table
>>          needs to send it out on an access port, then the flow can
>>          strip the VLAN tag with the "strip_vlan" action.
>>
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/discuss/attachments/20140505/e2d03fa3/attachment-0001.html>

More information about the discuss mailing list