[ovs-discuss] ovn-trace not showing full logical flow
Ben Pfaff
blp at ovn.org
Sun Sep 17 16:57:53 UTC 2017
On Sun, Sep 17, 2017 at 05:03:19PM +0530, Vikrant Aggarwal wrote:
> 0. ls_in_port_sec_l2 (ovn-northd.c:2979): inport ==
> "4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == {fa:16:3e:55:3f:be},
> priority 50, uuid b6b8d57a
> next;
> 1. ls_in_port_sec_ip (ovn-northd.c:2113): inport ==
> "4c72cee2-35b7-4bcd-8c77-135a22d16df1" && eth.src == fa:16:3e:55:3f:be &&
> ip4.src == {10.10.10.4}, priority 90, uuid ba02f466
> next;
> 3. ls_in_pre_acl (ovn-northd.c:2397): ip, priority 100, uuid 25d55e7b
> reg0[0] = 1;
> next;
> 5. ls_in_pre_stateful (ovn-northd.c:2515): reg0[0] == 1, priority 100,
> uuid b84a160f
> ct_next;
> *** ct_* actions not implemented
ovn-trace in Open vSwitch 2.7 doesn't support the ct_* actions, which
means that tracing through a distributed firewall tends to end up this
way.
ovn-trace in Open vSwitch 2.8 does support these actions, so you'll see
more success there.
More information about the discuss
mailing list