[ovs-discuss] Openvswitch is acting like a hub in my case?

O'Reilly, Darragh darragh.oreilly at hpe.com
Thu Dec 22 13:13:16 UTC 2016


What do these commands show?
ovs-vsctl show vmbr0
ovs-appctl fdb/show vmbr0
ovs-ofctl dump-flows vmbr0
ovs-appctl dpif/show


From: ovs-discuss-bounces at openvswitch.org [mailto:ovs-discuss-bounces at openvswitch.org] On Behalf Of sandermoors at telenet.be
Sent: 22 December 2016 12:12
To: ovs-discuss <ovs-discuss at openvswitch.org>
Subject: Re: [ovs-discuss] Openvswitch is acting like a hub in my case?


Just for testing I just disconnected the physical link to the network and it's still the same. So it's not my router or something else in the network causing this effect...

It looks like openvswitch is not learning the mac addresses correctly and assigning them to the right port or something. 

Please help me out. I'm kind of stuck now...



________________________________________
Van: sandermoors at telenet.be
Aan: "ovs-discuss" <ovs-discuss at openvswitch.org>
Verzonden: Donderdag 22 december 2016 12:26:52
Onderwerp: [ovs-discuss] Openvswitch is acting like a hub in my case?

Hi,

I have a proxmox+openvswitch installation and I have 3 VM's installed on in but VM3 is able to see traffic going from VM1 to VM2 while I think it shouldn't.
openvswitch is a switch, right? but in my case it seems to think it's a hub...

VM3 has nothing to do with VM1 or VM2 so it shouldn't be able to see the traffic as openvswitch should have learned the mac addresses of VM1+VM2 and send traffic to their ports only, isn't it?
In my case I'm able to do "tcpdump -XX -i eth0" inside VM3 and see traffic going from the IP of VM1 to the IP of VM2 which is a problem...

More details:

All VM's have a single public IP address. They are all configured to use network interface "vmbr0" which is openvswith configured like this in /etc/network/interfaces:

auto vmbr0
iface vmbr0 inet manual
    ovs_type OVSBridge
    ovs_ports eth0
eth0 is the physical interface connected to my switch.
The switch is configured as a trunk port so I can use vlans. Vlan 20 is for public internet access and is currently the only active vlan on the switch.
All VM's have vlan tag 20 set.

VM1 sends a lot of traffic to VM2 but none of these VM's have anything to do with VM3. But still, inside VM3 I can see all traffic when doing  "tcpdump -XX -i eth0" inside VM3.

I do not understand how this is possible. I thought a switch (and openvswitch is a switch, right?) will learn mac addresses and send traffic to the correct ports only?

Any help here would be much appreciated!

Thanks,
Sander


_______________________________________________
discuss mailing list
discuss at openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss


More information about the discuss mailing list