[ovs-discuss] OVS: not able to add conntack flow rules
Joe Stringer
joestringer at nicira.com
Mon Oct 26 16:51:50 UTC 2015
On 25 October 2015 at 21:45, Kenchappa, Ravindra
<ravindra.kenchappa at hpe.com> wrote:
> Hi,
>
> I have downloaded and installed OVS 2.4.90
> (https://github.com/justinpettit/ovs/tree/conntrack) and trying to add
> conntrack flows via ovs-ofctl. I am able to add few sample flows and I am
> getting errors when tried to added the following flow:
>
> raveek:~/devstack$ sudo ovs-ofctl add-flow br-int
> table=1,in_port=2,ct_state=+est,tcp,action=1
> OFPT_ERROR (xid=0x6): OFPBMC_BAD_FIELD
> NXT_FLOW_MOD (xid=0x6):
> (truncated to 64 bytes from 88)
> 00000000 01 04 00 58 00 00 00 06-00 00 23 20 00 00 00 0d |...X......# ....|
> 00000010 00 00 00 00 00 00 00 00-01 00 00 00 00 00 80 00 |................|
> 00000020 ff ff ff ff ff ff 00 00-00 1d 00 00 00 00 00 00 |................|
> 00000030 00 00 00 02 00 02 00 00-06 02 08 00 00 00 0c 01 |................|
>
> raveek:~/devstack$ sudo ovs-ofctl add-flow br-int
> table=20,in_port=2,ct_state=+trk+new,tcp,action=drop
> OFPT_ERROR (xid=0x6): OFPBMC_BAD_FIELD
> NXT_FLOW_MOD (xid=0x6):
> (truncated to 64 bytes from 80)
> 00000000 01 04 00 50 00 00 00 06-00 00 23 20 00 00 00 0d |...P......# ....|
> 00000010 00 00 00 00 00 00 00 00-14 00 00 00 00 00 80 00 |................|
> 00000020 ff ff ff ff ff ff 00 00-00 1d 00 00 00 00 00 00 |................|
> 00000030 00 00 00 02 00 02 00 00-06 02 08 00 00 00 0c 01 |................|
> raveek::~/devstack$
>
> Here is the flow table looks like.
>
> raveek:~/devstack$ sudo ovs-ofctl dump-flows br-int -Oopenflow13
> OFPST_FLOW reply (OF1.3) (xid=0x2):
> cookie=0x0, duration=98.291s, table=0, n_packets=0, n_bytes=0,
> dl_type=0x88cc actions=CONTROLLER:65535
> cookie=0x0, duration=28.391s, table=0, n_packets=0, n_bytes=0, arp
> actions=NORMAL
> cookie=0x0, duration=28.368s, table=0, n_packets=0, n_bytes=0,
> ct_state=-trk,tcp,in_port=1 actions=ct(commit,zone=9),output:2
> cookie=0x0, duration=28.346s, table=0, n_packets=0, n_bytes=0,
> ct_state=-trk,tcp,in_port=2 actions=ct(table=1,zone=9)
> cookie=0x0, duration=98.291s, table=0, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:20
> cookie=0x0, duration=28.410s, table=0, n_packets=0, n_bytes=0, priority=1
> actions=drop
> cookie=0x0, duration=98.288s, table=20, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:30
> cookie=0x0, duration=98.288s, table=30, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:40
> cookie=0x0, duration=98.288s, table=40, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:50
> cookie=0x0, duration=98.291s, table=50, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:60
> cookie=0x0, duration=98.288s, table=60, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:70
> cookie=0x0, duration=98.288s, table=70, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:80
> cookie=0x0, duration=98.289s, table=80, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:90
> cookie=0x0, duration=98.288s, table=90, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:100
> cookie=0x0, duration=98.288s, table=100, n_packets=0, n_bytes=0, priority=0
> actions=goto_table:110
> cookie=0x0, duration=98.291s, table=110, n_packets=0, n_bytes=0, priority=0
> actions=drop
>
> raveek::~/devstack$
>
> Could you please help me in identifying the problem?
There have been multiple questions like this recently on this
mailinglist, see those threads:
http://openvswitch.org/pipermail/discuss/2015-October/019201.html
http://openvswitch.org/pipermail/dev/2015-October/061629.html
More information about the discuss
mailing list