[ovs-discuss] ovn-trace not showing full logical flow

Vikrant Aggarwal ervikrant06 at gmail.com
Sun Sep 17 11:33:19 UTC 2017


Hi Folks,

In my packstack setup, I am trying to see the usage of ovn-trace following
[1] but I am not able to see the full logical flow  for packet.

Two logical switches are connected to same router, instances are able to
reach other without any issue but ovn-trace is not showing full logical
flow of traffic.

Can anyone please help me to understand what I am doing wrong?

==> output of ovn-nbctl from controller node.

[root at controller ~(keystone_admin)]# ovn-nbctl show
    switch 94c220f0-128e-4eef-ae4f-116a69458f11
(neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a)
        port 3b58fa41-35b7-4374-8e41-fa0858f9f9dc
            addresses: ["fa:16:3e:eb:3d:0a 10.10.11.5"]
        port d83ce6c6-1289-4e8b-9e12-62a9b08b95da
            addresses: ["router"]
    switch 0d413d9c-7f23-4ace-9a8a-29817b3b33b5
(neutron-89113f8b-bc01-46b1-84fb-edd5d606879c)
        port 6fe3cab5-5f84-44c8-90f2-64c21b489c62
            addresses: ["fa:16:3e:fa:d6:d3 10.10.10.9"]
        port 397c019e-9bc3-49d3-ac4c-4aeeb1b3ba3e
            addresses: ["router"]
        port 4c72cee2-35b7-4bcd-8c77-135a22d16df1
            addresses: ["fa:16:3e:55:3f:be 10.10.10.4"]
        port a6ee79a7-a6bc-4971-9fe0-d8424a31d2db
            addresses: ["fa:16:3e:96:0a:6a 10.10.10.2"]
    switch 1ec08997-0899-40d1-9b74-0a25ef476c00
(neutron-e411bbe8-e169-4268-b2bf-d5959d9d7260)
        port provnet-e411bbe8-e169-4268-b2bf-d5959d9d7260
            addresses: ["unknown"]
        port b95e9ae7-5c91-4037-8d2c-660d4af00974
            addresses: ["router"]
    router 7418a4e7-abff-4af7-85f5-6eea2ede9bea
(neutron-67dc2e78-e109-4dac-acce-b71b2c944dc1)
        port lrp-b95e9ae7-5c91-4037-8d2c-660d4af00974
            mac: "fa:16:3e:52:20:7c"
            networks: ["192.168.122.50/24"]
        port lrp-d83ce6c6-1289-4e8b-9e12-62a9b08b95da
            mac: "fa:16:3e:21:ff:7d"
            networks: ["10.10.11.1/24"]
        port lrp-397c019e-9bc3-49d3-ac4c-4aeeb1b3ba3e
            mac: "fa:16:3e:87:28:40"
            networks: ["10.10.10.1/24"]

==> Tracing the logical flow from 10.10.10.4 to 10.10.11.5

[root at controller ~(keystone_admin)]# ovn-trace
neutron-89113f8b-bc01-46b1-84fb-edd5d606879c
'inport=="4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src ==
fa:16:3e:55:3f:be && ip4.src == 10.10.10.4
&& eth.dst == fa:16:3e:eb:3d:0a && ip4.dst == 10.10.11.5 && ip.ttl == 32'
#
ip,reg14=0x3,vlan_tci=0x0000,dl_src=fa:16:3e:55:3f:be,dl_dst=fa:16:3e:eb:3d:0a,nw_src=10.10.10.4,nw_dst=10.10.11.5,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=32

ingress(dp="neutron-89113f8b-bc01-46b1-84fb-edd5d606879c",
inport="4c72cee2-35b7-4bcd-8c77-135a22d16df1")
---------------------------------------------------------------------------------------------------------
 0. ls_in_port_sec_l2 (ovn-northd.c:2979): inport ==
"4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == {fa:16:3e:55:3f:be},
priority 50, uuid b6b8d57a
    next;
 1. ls_in_port_sec_ip (ovn-northd.c:2113): inport ==
"4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == fa:16:3e:55:3f:be &&
ip4.src == {10.10.10.4}, priority 90, uuid ba02f466
    next;
 3. ls_in_pre_acl (ovn-northd.c:2397): ip, priority 100, uuid 25d55e7b
    reg0[0] = 1;
    next;
 5. ls_in_pre_stateful (ovn-northd.c:2515): reg0[0] == 1, priority 100,
uuid b84a160f
    ct_next;
    *** ct_* actions not implemented

==> Tracing the logical flow from 10.10.11.5 to 10.10.10.4.

[root at controller ~(keystone_admin)]# ovn-trace
neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a
'inport=="3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src ==
fa:16:3e:eb:3d:0a && ip4.src == 10.10.11.5
&& eth.dst == fa:16:3e:55:3f:be && ip4.dst == 10.10.10.4 && ip.ttl == 32'
#
ip,reg14=0x1,vlan_tci=0x0000,dl_src=fa:16:3e:eb:3d:0a,dl_dst=fa:16:3e:55:3f:be,nw_src=10.10.11.5,nw_dst=10.10.10.4,nw_proto=0,nw_tos=0,nw_ecn=0,nw_ttl=32

ingress(dp="neutron-8d16abbf-835d-4ec7-97a1-eef02d84563a",
inport="3b58fa41-35b7-4374-8e41-fa0858f9f9dc")
---------------------------------------------------------------------------------------------------------
 0. ls_in_port_sec_l2 (ovn-northd.c:2979): inport ==
"3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src == {fa:16:3e:eb:3d:0a},
priority 50, uuid ca3ab484
    next;
 1. ls_in_port_sec_ip (ovn-northd.c:2113): inport ==
"3b58fa41-35b7-4374-8e41-fa0858f9f9dc" && eth.src == fa:16:3e:eb:3d:0a &&
ip4.src == {10.10.11.5}, priority 90, uuid 67889771
    next;
 3. ls_in_pre_acl (ovn-northd.c:2397): ip, priority 100, uuid a9a53917
    reg0[0] = 1;
    next;
 5. ls_in_pre_stateful (ovn-northd.c:2515): reg0[0] == 1, priority 100,
uuid 4355f077
    ct_next;
    *** ct_* actions not implemented



[1]
https://blog.russellbryant.net/2016/11/11/ovn-logical-flows-and-ovn-trace/

Thanks & Regards,
Vikrant Aggarwal
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20170917/e4d1825a/attachment.html>


More information about the discuss mailing list