[ovs-discuss] Fw: Can OVS forward packets on the basis of IPV4 address

Ben Pfaff blp at ovn.org
Thu Jan 7 16:49:17 UTC 2016 

On Thu, Jan 07, 2016 at 01:05:49PM +0530, Prerna Pandit wrote:
> ----- Forwarded by Prerna Pandit/MUM/TCS on 07-01-2016 13:05 -----
> 
> From:   Prerna Pandit <prerna.pandit at tcs.com>
> To:     discuss at openvswitch.org
> Date:   07-01-2016 12:22
> Subject:        [ovs-discuss] Can OVS forward packets on the basis of IPV4 
> address
> Sent by:        "discuss" <discuss-bounces at openvswitch.org>
> 
> 
> 
> Hi All, 
> 
> We are facing a issue, while forwarding packets from OVS to an external 
> network. 
> 
> How we are doing it is as follows: 
> 
> Configuration on OVS (OVS IP : 172.26.194.120) 
> 
> ovs-ofctl add-flow br2 "priority=0,action=NORMAL" 
> ovs-ofctl add-flow br2 "priority=2,in_port=1,dl_type=0x0800,action=NORMAL" 
> 
> ovs-ofctl add-flow br2 
> "priority=3,dl_type=0x0800,nw_src=10.0.1.10,tun_src=172.26.192.128,tun_id=5001,action=output:1" 
> 
> 
> But the packets are not getting forwarded. 
> Do we need to give the MAC addresses only to make this work ? ( Becoz it 
> works when i give the MAC address of the two nodes.) 

This is similar to a question answered in the FAQ.

### Q: My bridge br0 has host 192.168.0.1 on port 1 and host 192.168.0.2
   on port 2.  I set up flows to forward only traffic destined to the
   other host and drop other traffic, like this:

      priority=5,in_port=1,ip,nw_dst=192.168.0.2,actions=2
      priority=5,in_port=2,ip,nw_dst=192.168.0.1,actions=1
      priority=0,actions=drop

   But it doesn't work--I don't get any connectivity when I do this.
   Why?

A: These flows drop the ARP packets that IP hosts use to establish IP
   connectivity over Ethernet.  To solve the problem, add flows to
   allow ARP to pass between the hosts:

      priority=5,in_port=1,arp,actions=2
      priority=5,in_port=2,arp,actions=1

   This issue can manifest other ways, too.  The following flows that
   match on Ethernet addresses instead of IP addresses will also drop
   ARP packets, because ARP requests are broadcast instead of being
   directed to a specific host:

      priority=5,in_port=1,dl_dst=54:00:00:00:00:02,actions=2
      priority=5,in_port=2,dl_dst=54:00:00:00:00:01,actions=1
      priority=0,actions=drop

   The solution already described above will also work in this case.
   It may be better to add flows to allow all multicast and broadcast
   traffic:

      priority=5,in_port=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00,actions=2
      priority=5,in_port=2,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00,actions=1

More information about the discuss mailing list