[ovs-discuss] CDP (cisco discovery protocol) packets being dropped by OVS

Ben Pfaff blp at nicira.com
Tue Mar 31 15:28:47 UTC 2015 

ARP and DHCP requests are not affected by forward-bpdu (they are not
considered BPDUs).  ARP and DHCP treatment would go through the normal
paths in the flow table.

ARPs should not have a destination MAC of 00:00:00:00:00:00; they are
normally broadcast or unicast.

On Tue, Mar 31, 2015 at 07:23:45AM +0000, Graham, Mark wrote:
> Does disabling "forward-bpdu" also explain why ARP and DHCP request are not captured, or is this more to do with the dst MAC being 00:00:00:00:00:00 for ARP and source IP addressing being 0.0.0.0 for DHCP?
> 
> -----Original Message-----
> From: discuss [mailto:discuss-bounces at openvswitch.org] On Behalf Of Ben Pfaff
> Sent: 30 March 2015 17:43
> To: Field, Brian
> Cc: discuss at openvswitch.org
> Subject: Re: [ovs-discuss] CDP (cisco discovery protocol) packets being dropped by OVS
> 
> On Sun, Mar 29, 2015 at 01:44:58PM +0000, Field, Brian wrote:
> > I’ve noticed the CDP frames are being dropped by OVS:
> > 
> > 
> > # ovs-dpctl dump-flows
> > 
> > skb_priority(0),in_port(2),eth(src=52:54:00:d7:50:8e,dst=01:00:0c:cc:c
> > c:cc),eth_type(0/0xffff), packets:0, bytes:0, used:never, actions:drop
> > 
> > 
> > 
> > In http://benpfaff.org/~blp/ovs-fields.pdf, it mentions “OpenFlow and Open vSwitch only support LLC headers with DSAP and SSAP 0xaa and control byte 0x03, which indicate that a SNAP header follows the LLC header. In turn, OpenFlow and Open vSwitch only support a SNAP header with organization 0x000000."
> > 
> > 
> > CDP frames use LLC/SNAP encapsulation with an organization code of (0xc).  So it would appear this is why CDP frames are being dropped by OVS.
> 
> No.  I expect it's because forward-bpdu is disabled.  Please see
> ovs-vswitchd.conf.db(5) for details.
> 
> > Is the limitation to only support LLC/SNAP with org values of 0x0 a limitation imposed on OVS because OpenFlow doesn’t support or… ?
> 
> It is true that OpenFlow does not support this, but the reason is primarily that no one has found this important enough to implement.
> 
> For CDP, for example, you can alternatively match on the destination Ethernet address, which is 01:00:0c:cc:cc:cc for CDP.
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
> 
> -- 
> 
> In the official 2014 government assessment of our research the following 12 areas were found to have world-leading research: Allied Health Professions; Architecture & Built Environment; Art & Design; Business & Management Studies; Communication, Cultural & Media Studies; English Language & Literature; Geography & Environmental Studies; History; Law; Music, Drama & Dance; Psychology; and Social Work & Social Policy.
> 
> This e-mail and any attachments are intended for the above named 
> recipient(s)only and may be privileged. If they have come to you in 
> error you must take no action based on them, nor must you copy or show 
> them to anyone please reply to this e-mail to highlight the error and 
> then immediately delete the e-mail from your system. Any opinions 
> expressed are solely those of the author and do not necessarily 
> represent the views or opinions of Anglia Ruskin University.
> Although measures have been taken to ensure that this e-mail and attachments are 
> free from any virus we advise that, in keeping with good computing 
> practice, the recipient should ensure they are actually virus free. 
> Please note that this message has been sent over public networks which 
> may not be a 100% secure communications

More information about the discuss mailing list