[ovs-discuss] Is conntrack support working?
Seth Robertson
srobertson+ovs at appcomsci.com
Fri Oct 23 00:21:37 UTC 2015
I see openvswitch conntrack support in the source code (master branch)
and discussed in various presentations, but any simple test I attempt
fails utterly as do the test cases in the openvswitch code.
I specifically just installed Fedora 23 in a VM and updated to the
latest RPMs which gave me a 4.3 kernel. I then compiled openvswitch.
The `make check` tests passed, but `make check-system-userspace`
skipped the conntrack tests (perhaps as expected?) and `make
check-kernel` failed those tests.
----------------------------------------------------------------------
./system-traffic.at:162: ovs-ofctl add-flows br0 flows.txt
--- /dev/null 2015-10-22 15:04:00.905000000 -0400
+++ /home/s/ovs/tests/system-kmod-testsuite.dir/at-groups/6/stderr 2015-10-22 16:07:56.517203730 -0400
@@ -0,0 +1,7 @@
+OFPT_ERROR (xid=0xc): OFPBMC_BAD_FIELD
+NXT_FLOW_MOD (xid=0xc):
+(***truncated to 64 bytes from 88***)
+00000000 01 04 00 58 00 00 00 0c-00 00 23 20 00 00 00 0d |...X......# ....|
+00000010 00 00 00 00 00 00 00 00-00 00 00 00 00 00 00 64 |...............d|
+00000020 ff ff ff ff ff ff 00 00-00 1d 00 00 00 00 00 00 |................|
+00000030 00 00 00 02 00 02 00 00-06 02 08 00 00 00 0c 01 |................|
./system-traffic.at:162: exit code was 1, expected 0
----------------------------------------------------------------------
This is using today's (2015-10-22) openvswitch git repo. I would be
perfectly happy to try another version.
But perhaps this is all a blind alley for me. My real goal is for
conntrack and the ftp helper (alg=) to help with NAT to translate the
payload PORT and PASV data containing NAT'd IP addresses. It isn't
clear whether this functionality is supported.
Thanks,
-Seth Robertson
More information about the discuss
mailing list