[ovs-discuss] Static CAM table

Tom Gajewski tom.gajewski at paperspace.com
Tue Oct 18 00:38:08 UTC 2016


Ben, you had asked about my flow table. I've tried this with a
completely clear table and not -- same behavior. There has to be some
logic I'm missing here. Back story is that I'm trying to compensate
for the inability to populate local mac-table with this flow as I want
to run ports in 'no-flood' mode. I just tried with a clear flow table
and even flood enabled but once I set this:

 cookie=0x0, duration=260.750s, table=0, n_packets=81, n_bytes=8054,
idle_age=0, dl_dst=so:me:ma:cc actions=output:13

The weird thing is I actually see this flow working in tcpdump.
Meaning, without the above a flow and without a mac-table entry for
so:me:ma:cc the vif/port is dead silent. Once I add the above flow
tcpdump looks correct -- heck, I even see the incoming ICMP packet
inside the VM but the ping never completes, it never makes its way
back all I see is one way ICMP echo requests. So am I being stupid
here do I need another flow to facilitate the return? (mac-table still
doesn't have an entry when I observe ICMP request within VM).

On Mon, Oct 17, 2016 at 11:50 AM, Tom Gajewski
<tom.gajewski at paperspace.com> wrote:
> There has to be something inherently wrong with that flow since once I
> enter it, the machine behind port 13 cannot get out anywhere -- and no
> traffic can reach it, even once there is an actual entry in the
> mac-table. So I'm effectively breaking all traffic to port 13 and MAC
> so:me:ma:cc. Can someone point me at a properly constructed flow to
> accomplish this?
>
> On Mon, Oct 17, 2016 at 11:01 AM, Ben Pfaff <blp at ovn.org> wrote:
>> I would generally expect that to work.
>>
>> Maybe you should show us more of your flow table.
>>
>> On Mon, Oct 17, 2016 at 10:14:16AM -0700, Tom Gajewski wrote:
>>> My bad, that was obviously suppose to include the MAC in question. So
>>> one more time, in an attempt to set a static MAC table entry:
>>>
>>> Table entry:
>>>
>>> 13   744  so:me:ma:cc
>>>
>>> Flow:
>>>
>>> ovs-ofctl add-flow mybridge dl_dst=so:me:ma:cc,actions=output:13
>>>
>>> I guess what I'm asking is, what should a static flow that says "MAC
>>> so:me:ma:cc lives on port 13" look like? Again, goal is to have a
>>> static table entry like behavior accomplished with this flow.
>>>
>>> Cheers,
>>>
>>> --Tom
>>>
>>> On Mon, Oct 17, 2016 at 9:12 AM, Ben Pfaff <blp at ovn.org> wrote:
>>> > On Mon, Oct 17, 2016 at 02:45:06AM -0700, Tom Gajewski wrote:
>>> >> Hi all,
>>> >>
>>> >> It is my understanding that one cannot modify the cam (well I guess in
>>> >> openvswitch land the mac table ;] ) directly. As I'm trying to set up
>>> >> static entries. Do I need to use flows to accomplish this, is there no
>>> >> other way to just modify this table??
>>> >>
>>> >> As for flows, I did try to add some copying an outdated entry from the
>>> >> mac table that read
>>> >>
>>> >> 13   744  so:me:ma:cc
>>> >>
>>> >> like this -->
>>> >>
>>> >> ovs-ofctl add-flow mybridge dl_dst=,actions=output:13
>>> >>
>>> >> but that just seemed to do nothing, in fact in breaks connectivity to
>>> >> that destination completely even if that MAC is in the table. So if I
>>> >> do have to use flows to do this could someone tell me where I'm being
>>> >> stupid?
>>> >
>>> > There's no direct way to modify the MAC-learning table.
>>> >
>>> > I don't know a reason why the flow that you've showed us would cause
>>> > such big problems.  The command does omit the MAC address, but that
>>> > would only cause an error from ovs-ofctl, so I guess that the actual
>>> > command included the MAC.
>>> >
>>> > Maybe you should show us more of your flow table.



More information about the discuss mailing list