[ovs-discuss] LISP Tunneling

Lori Jakab lojakab at cisco.com
Thu May 18 09:34:56 UTC 2017 

Hi Ashish,

I don't have a testbed now to play with this, but I'll try to answer
your questions from what I know off the top of my head.

On 5/17/17 3:52 PM, Ashish Kurian wrote:
> Dear OVS folks,
>
> I have some doubts regarding LISP tunneling. I have a setup where I am
> getting incoming LISP tunneled packets into my OVS. What I want to do
> is to check the inner IP destination address and based on that I need
> to forward the packets. Let us say that there are only two
> possibilities for inner IP addresses : 10.0.0.1 and 10.0.0.2.
>
> If the inner IP address is 10.0.0.1, then I want the packet to be
> forwarded to an interface (say eth1 and port number 1) without doing
> any change to the tunneled packet. If the inner IP address is
> 10.0.0.2, then I want the packet to be forwarded to the another
> interface (say eth2 and port number 2) with only the inner contents of
> the tunnel packets.
>
> I am thinking of the following flow entries to do the mentioned rules,
> but correct me if I am wrong.
>
> *       
>  table=0,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_dst=10:0:0:2,output:2*
>
>   * *         *Will this flow check for the inner destination IP of
>     the tunneled packet and put only the metadata in port eth2?
>

This rule will check for the outer address on the packet so that won't
help. I don't know if there is currently a way to look at the inner
header fields before the packet is decapsulated (probably not). But once
decapsulated, you loose the original outer header, which may or may not
be okay for you. what you could do is matching on offsets in the UDP
payload: the LISP header is fixed size, you can then match on the IP
version in the first byte after the LISP header, and the desired inner
IP address inside the IP header.

Maybe other have better ideas on how your requirements ca be fulfilled.

HTH,
-Lori

>           *table=0,dl_type=0x0800,action=NORMAL*
> *
> *
>
>   * *    *Will this flow take care of all other flows?
>
>
> PS : Sorry for the previous emails. That was a mistake.
>   
> Best Regards,
> Ashish Kurian
>
> Best Regards,
> Ashish Kurian
>
> On Wed, May 17, 2017 at 2:47 PM, Ashish Kurian <ashishbnv at gmail.com
> <mailto:ashishbnv at gmail.com>> wrote:
>
>     Dear OVS folks,
>
>     I have some doubts regarding LISP tunneling. I have a setup where
>     I am getting incoming LISP tunneled packets into my OVS. What I
>     want to do is to check the inner IP destination address and based
>     on that I need to forward the packets. Let us say that there are
>     only two possibilities of inner IP addresses : 10.0.0.1 and 10.0.0.2.
>
>     If the inner IP address is 10.0.0.1, then I want the packet to be
>     forwarded to an interface (say eth1 and port number 1) without
>     doing any change to the tunneled packet. If the inner IP address
>     is 10.0.0.2, then I want the packet to be forwarded to the another
>     interface (say eth2 and port number 2) with only the inner
>     contents of the tunnel packets.
>
>     I am thinking of the following flow entries to do the mentioned
>     rules, but correct me if I am wrong.
>     *
>     *
>     *table=0,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_dst=10:0:0:2,output:2*
>
>       
>     Best Regards,
>     Ashish Kurian
>
>     Best Regards,
>     Ashish Kurian
>
>     On Wed, May 17, 2017 at 2:46 PM, Ashish Kurian
>     <ashishbnv at gmail.com <mailto:ashishbnv at gmail.com>> wrote:
>
>         Dear OVS folks,
>
>         I have some doubts regarding LISP tunneling. I have a setup
>         where I am getting incoming LISP tunneled packets into my OVS.
>         What I want to do is to check the inner IP destination address
>         and based on that I need to forward the packets. Let us say
>         that there are only two possibilities of inner IP addresses :
>         10.0.0.1 and 10.0.0.2.
>
>         If the inner IP address is 10.0.0.1, then I want the packet to
>         be forwarded to an interface (say eth1 and port number 1)
>         without doing any change to the tunneled packet. If the inner
>         IP address is 10.0.0.2, then I want the packet to be forwarded
>         to the another interface (say eth2 and port number 2) with
>         only the inner contents of the tunnel packets.
>
>         I am thinking of the following flow entries to do the
>         mentioned rules, but correct me if I am wrong.
>
>         *table=0,dl_type=0x0800,nw_dst=10.0.0.2,actions=mod_dl_dst=10:0:0:2,output:2*
>
>           
>         Best Regards,
>         Ashish Kurian
>
>
>
>
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

More information about the discuss mailing list