[ovs-discuss] Traffic loop problem, when a controller is setted

Ben Pfaff blp at nicira.com
Wed Mar 18 15:41:19 UTC 2015


On Tue, Mar 17, 2015 at 06:57:58PM +0100, MIGNINI FABIO wrote:
> I have noticed an unexpected generation of traffic loop using a very simple
> configuration of KVM and OVS.
> In particular the configuration that trigger the problem is the one listed
> below:
> 
>    +-----------------+
>    | Virtual machine |
>    +----+-------+----+
>         |       |
>  +------+-------+------+
>  |                     |
>  |     OVS Bridge      |
>  +---------------------+
> 
> The OVS Bridge has two ports that are connected to the virtual machine.
> Within the virtual machine there is a linux bridge that bridges both the
> vm's interfaces.
> I found the problem with two different configuration of the bridge:
> 	- setting an existing OF controller (OpenDaylight)
>         - setting a fake address for the OF controller (a not reachable IP
> address)
> 
> This is the output of the 'ovs-vsctl show' command (I provide here only the
> second configuration, as you can see the controller is not connected):
> 
> root at controller:~# ovs-vsctl show
> 82f530a0-269e-4eb4-b71a-dedc9f26ccd9
>     Bridge br-int
>         Controller "tcp:192.168.5.3:6633"
>         Port br-int
>             Interface br-int
>                 type: internal
>         Port "vnet1"
>             Interface "vnet1"
>         Port "vnet0"
>             Interface "vnet0"
>     ovs_version: "2.3.1"
> 
> The only flow in the OVS bridge "br-int" is a DROP flow, without any match
> (inserted manually before the starting of the virtual machine).
> This is the output of the 'ovs-ofctl dump-flows br-int' command:
> 
> root at controller:~# ovs-ofctl dump-flows br-int
> NXST_FLOW reply (xid=0x4):
>  cookie=0x0, duration=232.952s, table=0, n_packets=0, n_bytes=0,
> idle_age=232, priority=1 actions=drop
> 
> With this configuration I was expecting that all the traffic will be dropped
> by the OVS Bridge (as happens when no controller is setted).
> Instead a traffic loop is generated between the two ports in the bridge.
> It seems that the DROP flow rule is not working as expected.

One possibility is that you've got hidden flows due to the in-band
controller configuration.  Try "ovs-appctl bridge/dump-flows br-int" to
check for thtat.



More information about the discuss mailing list