[ovs-discuss] Traffic loop problem, when a controller is setted
Ben Pfaff
blp at nicira.com
Wed Mar 18 15:41:19 UTC 2015
On Tue, Mar 17, 2015 at 06:57:58PM +0100, MIGNINI FABIO wrote:
> I have noticed an unexpected generation of traffic loop using a very simple
> configuration of KVM and OVS.
> In particular the configuration that trigger the problem is the one listed
> below:
>
> +-----------------+
> | Virtual machine |
> +----+-------+----+
> | |
> +------+-------+------+
> | |
> | OVS Bridge |
> +---------------------+
>
> The OVS Bridge has two ports that are connected to the virtual machine.
> Within the virtual machine there is a linux bridge that bridges both the
> vm's interfaces.
> I found the problem with two different configuration of the bridge:
> - setting an existing OF controller (OpenDaylight)
> - setting a fake address for the OF controller (a not reachable IP
> address)
>
> This is the output of the 'ovs-vsctl show' command (I provide here only the
> second configuration, as you can see the controller is not connected):
>
> root at controller:~# ovs-vsctl show
> 82f530a0-269e-4eb4-b71a-dedc9f26ccd9
> Bridge br-int
> Controller "tcp:192.168.5.3:6633"
> Port br-int
> Interface br-int
> type: internal
> Port "vnet1"
> Interface "vnet1"
> Port "vnet0"
> Interface "vnet0"
> ovs_version: "2.3.1"
>
> The only flow in the OVS bridge "br-int" is a DROP flow, without any match
> (inserted manually before the starting of the virtual machine).
> This is the output of the 'ovs-ofctl dump-flows br-int' command:
>
> root at controller:~# ovs-ofctl dump-flows br-int
> NXST_FLOW reply (xid=0x4):
> cookie=0x0, duration=232.952s, table=0, n_packets=0, n_bytes=0,
> idle_age=232, priority=1 actions=drop
>
> With this configuration I was expecting that all the traffic will be dropped
> by the OVS Bridge (as happens when no controller is setted).
> Instead a traffic loop is generated between the two ports in the bridge.
> It seems that the DROP flow rule is not working as expected.
One possibility is that you've got hidden flows due to the in-band
controller configuration. Try "ovs-appctl bridge/dump-flows br-int" to
check for thtat.
More information about the discuss
mailing list