[ovs-discuss] another bug?

Ashok Chippa a.n.chippa at gmail.com
Wed Feb 4 01:19:08 UTC 2015


Thank you...

root at ashok-vb:/home/achippa/dispatcher# ovs-ofctl dump-flows br-int
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=176.280s, table=0, n_packets=0, n_bytes=0,
idle_age=176, priority=9999,ip,nw_src=1.1.1.1,nw_dst=1.1.1.2 actions=drop


On Tue, Feb 3, 2015 at 8:37 AM, Ben Pfaff <blp at nicira.com> wrote:

> On Tue, Feb 03, 2015 at 01:20:48AM -0800, Ashok Chippa wrote:
> > I added a flow to table0, but the flow is not shown correctly... Is this
> a
> > bug?
> >
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl del-flows
> br-int
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl dump-flows
> br-int
> > NXST_FLOW reply (xid=0x4):
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0#
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0#
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0#
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl add-flow br-int
> > table=0,priority=9999,nw_src=1.1.1.1,nw_dst=1.1.1.2,actions=DROP
> > 2015-02-03T09:14:06Z|00001|ofp_util|INFO|normalization changed ofp_match,
> > details:
> > 2015-02-03T09:14:06Z|00002|ofp_util|INFO| pre:
> nw_src=1.1.1.1,nw_dst=1.1.1.2
> > 2015-02-03T09:14:06Z|00003|ofp_util|INFO|post:
> > root at ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl dump-flows
> br-int
> > NXST_FLOW reply (xid=0x4):
> >  cookie=0x0, duration=8.642s, table=0, n_packets=0, n_bytes=0,
> idle_age=8,
> > priority=9999 actions=drop
> >
> > I ping 1.1.1.2 from 1.1.1.1 and the traffic passes through...!! What am I
> > missing?
>
> Please read the FAQ.
>
> ### Q: I ran "ovs-ofctl add-flow br0 nw_dst=192.168.0.1,actions=drop"
>    but I got a funny message like this:
>
>        ofp_util|INFO|normalization changed ofp_match, details:
>        ofp_util|INFO| pre: nw_dst=192.168.0.1
>        ofp_util|INFO|post:
>
>    and when I ran "ovs-ofctl dump-flows br0" I saw that my nw_dst
>    match had disappeared, so that the flow ends up matching every
>    packet.
>
> A: The term "normalization" in the log message means that a flow
>    cannot match on an L3 field without saying what L3 protocol is in
>    use.  The "ovs-ofctl" command above didn't specify an L3 protocol,
>    so the L3 field match was dropped.
>
>    In this case, the L3 protocol could be IP or ARP.  A correct
>    command for each possibility is, respectively:
>
>        ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop
>
>    and
>
>        ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop
>
>    Similarly, a flow cannot match on an L4 field without saying what
>    L4 protocol is in use.  For example, the flow match "tp_src=1234"
>    is, by itself, meaningless and will be ignored.  Instead, to match
>    TCP source port 1234, write "tcp,tp_src=1234", or to match UDP
>    source port 1234, write "udp,tp_src=1234".
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://openvswitch.org/pipermail/ovs-discuss/attachments/20150203/6acfaa6b/attachment-0002.html>


More information about the discuss mailing list