[ovs-discuss] Does OpenvSwitch support modify the packet's IP address and then output this packet?

Ben Pfaff blp at ovn.org
Wed Jul 13 04:12:31 UTC 2016 

On Mon, Jul 11, 2016 at 09:41:36PM +0800, Shawn Lin wrote:
> I am trying to use OpenvSwitch to exchange the source IP address and the
> destination IP address of a packet, and then forward this packet out to a
> host.
> 
> I do this test in *Mininet(2.2.1) *and *OpenvSwitch(2.0.2)*, And below is
> the command:
> 
> Topology in Mininet is quite simple,
> *h1-s1-h2*
> 
> I use this command to add the flow.
> *mininet> sh ovs-ofctl add-flow s1
> dl_type=0x0800,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst=10.0.0.1,output:1
> -O OpenFlow13*
> 
> And then I could see the result when I show flows in the switch s1,
> 
> *mininet>* *sh ovs-ofctl dump-flows s1 -O OpenFlow13*
> OFPST_FLOW reply (OF1.3) (xid=0x2):
> 
> 
> 
> * cookie=0x0, duration=418.133s, table=0, n_packets=1813, n_bytes=2731190,
> ip,nw_dst=10.0.0.2
> actions=mod_dl_src:00:00:00:00:00:02,mod_dl_dst:00:00:00:00:00:01,mod_nw_src:10.0.0.2,mod_nw_dst:10.0.0.1,output:1
>      *
> * In my understanding, this flow would change the packets' src IP, dst IP,
> src Mac, dst Mac, and then forward it out port 1 which is s1-eth1.  *
> 
>  cookie=0x2b0000000000000f, duration=2982.739s, table=0, n_packets=1,
> n_bytes=42, priority=2,in_port=1 actions=output:2,CONTROLLER:65535
> 
> 
>  cookie=0x2b0000000000000e, duration=2982.739s, table=0, n_packets=1,
> n_bytes=42, priority=2,in_port=2 actions=output:1,CONTROLLER:65535
> 
> 
>  cookie=0x2b0000000000000f, duration=2986.774s, table=0, n_packets=0,
> n_bytes=0, priority=100,dl_type=0x88cc actions=CONTROLLER:65535
> 
> 
>  cookie=0x2b0000000000000f, duration=2986.774s, table=0, n_packets=0,
> n_bytes=0, priority=0 actions=drop
> 
> And then in terminal, I use tcpdump to catch the packets through s1-eth1,
> *tcpdump -i s1-eth1 -w result.pcap*
> 
> I scan all packets and find that these packets are all with *src IP
> 10.0.0.1, and dst IP 10.0.0.2.*
> At the same time, the *n_bytes* in flow shows that this flow has been hit.
> 
> So Am I doing some wrong configuration? Or which version of OVS support
> this feature? Any suggestions or comments are welcomed!

Every version of OVS ever released supports this feature.  Your flow
looks OK to me.  It's hard to guess what's going wrong.  You might want
to use "ovs-appctl ofproto/trace" or "ovs-dpctl dump-flows" to try to
peer deeper into what's going on.

More information about the discuss mailing list