[ovs-discuss] Mask MAC address in DataPath

Manu S. Keshava manu at chelsio.com
Thu Jun 30 03:56:37 UTC 2016


[root at rattletrap ~]# ovs-appctl bridge/dump-flows br0
duration=49682s, n_packets=0, n_bytes=0, priority=180008,tcp,nw_src=192.168.0.100,tp_src=6633,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180007,tcp,nw_dst=192.168.0.100,tp_dst=6633,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180006,arp,arp_spa=192.168.0.100,arp_op=1,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180005,arp,arp_tpa=192.168.0.100,arp_op=2,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180002,arp,dl_src=00:07:43:28:e4:40,arp_op=1,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180004,arp,dl_src=00:25:90:37:31:2b,arp_op=1,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180001,arp,dl_dst=00:07:43:28:e4:40,arp_op=2,actions=NORMAL
duration=49682s, n_packets=12010405, n_bytes=720624300, priority=180003,arp,dl_dst=00:25:90:37:31:2b,arp_op=2,actions=NORMAL
duration=49682s, n_packets=0, n_bytes=0, priority=180000,udp,in_port=LOCAL,dl_src=00:07:43:28:e4:40,tp_src=68,tp_dst=67,actions=NORMAL
duration=47360s, n_packets=40704522774, n_bytes=2442271366440, priority=50000,tcp,in_port=1,nw_src=10.2.2.66,nw_dst=10.2.2.56,actions=drop
table_id=254, duration=143317s, n_packets=0, n_bytes=0, priority=2,recirc_id=0,actions=drop
table_id=254, duration=143317s, n_packets=26060974, n_bytes=1563833158, priority=0,reg0=0x1,actions=controller(reason=no_match)
table_id=254, duration=143317s, n_packets=152708701, n_bytes=9162727450, priority=0,reg0=0x2,actions=drop
table_id=254, duration=143317s, n_packets=0, n_bytes=0, priority=0,reg0=0x3,actions=drop

[root at rattletrap ~]# ovs-appctl dpctl/dump-flows
recirc_id(0),in_port(2),eth(src=00:07:43:29:b3:f8,dst=00:07:43:28:e5:88),eth_type(0x0800),ipv4(src=10.2.2.66,dst=10.2.2.56,proto=6,frag=no), packets:40730430813, bytes:2443825848780, used:0.001s, actions:drop


[root at rattletrap ~]# ovs-ofctl dump-flows br0
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=47400.477s, table=0, n_packets=40737938418, n_bytes=2444276305080, idle_age=0, priority=50000,tcp,in_port=1,nw_src=10.2.2.66,nw_dst=10.2.2.56 actions=drop

-----Original Message-----
From: Justin Pettit [mailto:jpettit at ovn.org] 
Sent: Wednesday, June 29, 2016 9:29 PM
To: Manu S. Keshava <manu at chelsio.com>
Cc: discuss at openvswitch.org
Subject: Re: [ovs-discuss] Mask MAC address in DataPath

What's the output of that ova-appctl command when you place it in both modes?

--Justin


> On Jun 29, 2016, at 4:49 PM, Manu S. Keshava <manu at chelsio.com> wrote:
> 
> Hi Justin, that did not help. I tried with both "secure" and "standalone" but still MAC address is present in data-path.
> 
> -----Original Message-----
> From: Justin Pettit [mailto:jpettit at ovn.org] 
> Sent: Wednesday, June 29, 2016 6:07 PM
> To: Manu S. Keshava <manu at chelsio.com>
> Cc: discuss at openvswitch.org
> Subject: Re: [ovs-discuss] Mask MAC address in DataPath
> 
> 
>> On Jun 27, 2016, at 6:23 PM, Manu S. Keshava <manu at chelsio.com> wrote:
>> 
>> ofctl dump......
>> NXST_FLOW reply (xid=0x4):
>> cookie=0x0, duration=53.372s, table=0, n_packets=1059375, n_bytes=63562500, idle_age=0, priority=500,tcp,in_port=1 actions=output:2
>> 
>> Is there a way to avoid this MAC address been appended in the DATA-PATH? Or is something missing that is causing the MAC to be part of the data-path?
> 
> I suspect it's due to "hidden" flows related to fail-mode--in particular a flow that uses the "normal" action.  If you change the fail-mode to "secure" from "standalone", does it stop matching on those fields?  You can see those hidden flows with "ovs-appctl bridge/dump-flows <bridge>".
> 
> --Justin
> 
> 




More information about the discuss mailing list