[ovs-discuss] Strange flows in bridge/dump-flows

Ali Volkan Atli Volkan.Atli at argela.com.tr
Fri Nov 18 06:41:54 UTC 2016 

Hi Ben

When there is not any flow in OvS flow-table, if b8:af:67:84:90:d7 mac address sends an ARP request, OvS floods the ARP request all ports except incoming port using xlate_normal_flood(). Also if there is a loop between ports, it causes an ARP storm. How can I prevent this problem?

- Volkan

#8  0x0000000000618b9b in output_normal (ctx=0x7fff85ff7270, out_xbundle=0x16ac1a0, vlan=0) at ofproto/ofproto-dpif-xlate.c:1896
#9  0x0000000000619bc8 in xlate_normal_flood (ctx=0x7fff85ff7270, in_xbundle=0x16ac610, vlan=0) at ofproto/ofproto-dpif-xlate.c:2247
#10 0x000000000061a80d in xlate_normal (ctx=0x7fff85ff7270) at ofproto/ofproto-dpif-xlate.c:2454
#11 0x000000000061f2eb in xlate_output_action (ctx=0x7fff85ff7270, port=65530, max_len=0, may_packet_in=true) at ofproto/ofproto-dpif-xlate.c:3920
#12 0x0000000000620f0b in do_xlate_actions (ofpacts=0x16b5fd8, ofpacts_len=16, ctx=0x7fff85ff7270) at ofproto/ofproto-dpif-xlate.c:4727
#13 0x00000000006234e3 in xlate_actions (xin=0x7fff85ff8290, xout=0x7fff85ff8870) at ofproto/ofproto-dpif-xlate.c:5571

$ ovs-appctl bridge/dump-flows br0
...
duration=14s, n_packets=0, n_bytes=0, priority=180004,arp,dl_src=b8:af:67:84:90:d7,arp_op=1,actions=NORMAL
duration=14s, n_packets=0, n_bytes=0, priority=180003,arp,dl_dst=b8:af:67:84:90:d7,arp_op=2,actions=NORMAL
...

$ ovs-ofctl dump-flows br0
NXST_FLOW reply (xid=0x4):


________________________________________
From: Ben Pfaff [blp at ovn.org]
Sent: Friday, November 18, 2016 2:49 AM
To: Ali Volkan Atli
Cc: discuss at openvswitch.org
Subject: Re: [ovs-discuss] Strange flows in bridge/dump-flows

ovs-vswitchd(8) says:

       bridge/dump-flows bridge
              Lists  all  flows  in bridge, including those normally hidden to
              commands such as ovs-ofctl dump-flows.  Flows set up  by  mecha‐
              nisms  such as in-band control and fail-open are hidden from the
              controller since it is not allowed to modify or override them.


On Thu, Nov 17, 2016 at 03:42:48PM +0000, Ali Volkan Atli wrote:
>
> When I connect my (ryu) controller to OvS (with DPDK) while all data-ports are down, I always see the strange flows in bridge/dump-flows below. Then when b8:af:67:84:90:d7 tries to send an arp packet, OvS floods it. Could someone please explain why (or who) adds these flows into OvS? Thanks in advance..
>
> - Volkan
>
> ovs-appctl bridge/dump-flows br0
>
> duration=12s, n_packets=0, n_bytes=0, priority=180008,tcp,nw_src=192.168.3.17,tp_src=6633,actions=NORMAL
> duration=12s, n_packets=0, n_bytes=0, priority=180007,tcp,nw_dst=192.168.3.17,tp_dst=6633,actions=NORMAL
> duration=12s, n_packets=0, n_bytes=0, priority=180006,arp,arp_spa=192.168.3.17,arp_op=1,actions=NORMAL
> duration=12s, n_packets=0, n_bytes=0, priority=180005,arp,arp_tpa=192.168.3.17,arp_op=2,actions=NORMAL
> duration=12s, n_packets=0, n_bytes=0, priority=180004,arp,dl_src=b8:af:67:84:90:d7,arp_op=1,actions=NORMAL
> duration=10s, n_packets=0, n_bytes=0, priority=180002,arp,dl_src=00:1b:21:84:d1:a0,arp_op=1,actions=NORMAL
> duration=12s, n_packets=0, n_bytes=0, priority=180003,arp,dl_dst=b8:af:67:84:90:d7,arp_op=2,actions=NORMAL
> duration=10s, n_packets=0, n_bytes=0, priority=180001,arp,dl_dst=00:1b:21:84:d1:a0,arp_op=2,actions=NORMAL
> duration=10s, n_packets=0, n_bytes=0, priority=180000,udp,in_port=LOCAL,dl_src=00:1b:21:84:d1:a0,tp_src=68,tp_dst=67,actions=NORMAL
> table_id=254, duration=12s, n_packets=0, n_bytes=0, priority=2,recirc_id=0,actions=drop
> table_id=254, duration=12s, n_packets=0, n_bytes=0, priority=0,reg0=0x1,actions=controller(reason=)
> table_id=254, duration=12s, n_packets=0, n_bytes=0, priority=0,reg0=0x2,actions=drop
> table_id=254, duration=12s, n_packets=0, n_bytes=0, priority=0,reg0=0x3,actions=drop
>
> argela at anah:~/loop_workspace/ovs-master$ ovs-ofctl dump-flows br0
> NXST_FLOW reply (xid=0x4):
>
> Configuration steps are below.
>
> pkill -9 ovs
> rm -rf /usr/local/var/run/openvswitch
> rm -rf /usr/local/etc/openvswitch/
> rm -f /usr/local/etc/openvswitch/conf.db
> mkdir -p /usr/local/etc/openvswitch
> mkdir -p /usr/local/var/run/openvswitch
> ovsdb-tool create /usr/local/etc/openvswitch/conf.db /usr/local/share/openvswitch/vswitch.ovsschema
> ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --pidfile --detach
> ovs-vsctl --no-wait init
> ovs-vsctl --no-wait set Open_vSwitch . other_config:dpdk-init=true
> ovs-vswitchd unix:/usr/local/var/run/openvswitch/db.sock --pidfile
>
> ovs-vsctl add-br br0 -- set bridge br0 datapath_type=netdev
> ovs-vsctl set-controller br0 tcp:192.168.3.17:6633
>
> ovs-vsctl add-port br0 dpdk0 -- set Interface dpdk0 type=dpdk
> ovs-vsctl add-port br0 dpdk1 -- set Interface dpdk1 type=dpdk
> ovs-vsctl add-port br0 dpdk2 -- set Interface dpdk2 type=dpdk
> ovs-vsctl add-port br0 dpdk3 -- set Interface dpdk3 type=dpdk
> ovs-vsctl add-port br0 dpdk4 -- set Interface dpdk4 type=dpdk
> ovs-vsctl add-port br0 dpdk5 -- set Interface dpdk5 type=dpdk
> ovs-vsctl add-port br0 dpdk6 -- set Interface dpdk6 type=dpdk
> ovs-vsctl add-port br0 dpdk7 -- set Interface dpdk7 type=dpdk
> ovs-vsctl add-port br0 dpdk8 -- set Interface dpdk8 type=dpdk
> ovs-vsctl add-port br0 dpdk9 -- set Interface dpdk9 type=dpdk
> ovs-vsctl add-port br0 dpdk10 -- set Interface dpdk10 type=dpdk
> ovs-vsctl add-port br0 dpdk11 -- set Interface dpdk11 type=dpdk
> ovs-vsctl add-port br0 dpdk12 -- set Interface dpdk12 type=dpdk
> ovs-vsctl add-port br0 dpdk13 -- set Interface dpdk13 type=dpdk
> ovs-vsctl add-port br0 dpdk14 -- set Interface dpdk14 type=dpdk
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

More information about the discuss mailing list