[ovs-discuss] question about mtu of vxlan port

Jiaojianbing jiaojianbing at huawei.com
Fri Aug 11 06:46:37 UTC 2017

  There is a question about mtu of vxlan port. In below scene, there are two node(compute or vm), and we send udp packets between two docker with nic’s(eth0) mtu setting to 1500.
Vxlan port’s mtu is 65485 setting in ovs code(we don’t change it). It works well that packet can be sent and receive to/from other docker.

But we add conntrack flow table in interface of one bridge, such as:
   ovs-ofctl  add-flow $1 "table=0,arp,action=resubmit(,1)"
   ovs-ofctl  add-flow $1 "table=0,ip,action=ct(commit,zone=1,table=1)"
   ovs-ofctl  add-flow $1 "table=1,actions=NORMAL"

1、    It is ok with packet length <= 1450 bytes;

2、    but when we send packet length > 1450 bytes, such as 2000 bytes, the packet will be dropped at
the vxlan port in the sending node.

3、    if we modi the mtu of vxlan port from 65485 to 1450, it works well when packet length >=1450.

First when send big udp packet(len>1450), it will be fragged when send from one docker.
when add conntrack flow table, udp packet(length>1450) will be deal with do_execute_actions in which “case OVS_ACTION_ATTR_CT” will be called. In this switch case, handle_fragments routine is called to
defrag udp frags. When packet comes to vxlan port, packet is aggregated to one packet with length >1450, then it is compared with mtu of vxlan port, it is less than 65485(mtu length of vxlan port)
so it does not frag and pass through to eth0 (mtu=1450), then in routine output_ip it return error code of -90.

When no conntrack flow table is added, big udp packet will not go through “case OVS_ACTION_ATTR_CT” in do_execute_actions, then defrag will not been done. So eack frags with lengh 1450, can go through vxlan port and eth0.

so my question is, why the mtu of vxlan port is set to 65485(so big!),  and can it be modified to 1450?

              [ Docker0]                                                                   [ Docker1]
                   |                                                                                        |
              [br_int]                                                                         [br_int]
                  |                                                                                         |
             [br_tunnel]                                                                   [br_tunnel]
                  |                                       |                                                |
             [vxlan port]                         |                                       [vxlan port]
                  |                                       |                                               |
             [eth0]    -   -    -  -  -  -  -    - |- -   -  -  -  -  -  -  -  - -- -- - [eth0]
                      node1                         |                         node 2

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20170811/597e41a8/attachment.html>

More information about the discuss mailing list