[ovs-discuss] Question on reflexive GRE tunnel keys

Benjamin Eggerstedt benjamin.eggerstedt at gmail.com
Mon Jul 30 11:53:09 UTC 2018


Hi,

I sent this message a month ago and did some further reading. Am I
right that I'll not get anywhere with "automatic flows" for the return
path but will need some OpenFlow controller that sets up the correct
path?
My issue is that the GRE key is not going to be predictable, otherwise
the task would be simpler. Issue is that e.g. the DHCP OFFER coming
from the DHCP server for the client, won't leave the OVS (which
received it) as the outgoing GRE packet has key 0x0 (and not the
previous incoming GRE key).

Thanks,
Regards,
Benny

On Sun, Jun 24, 2018 at 9:40 PM, Benjamin Eggerstedt
<benjamin.eggerstedt at gmail.com> wrote:
> Hi,
>
> I've tried to wrap my head around a L2GRE tunneling topic, but I can't find
> a way to make it working the way I'd need. I hope that here somebody has an
> idea.
>
> Client -> Wireless AP -> L2GRE Tunnel (src: 192.168.10.16, dst:
> 192.168.20.100, key: dynamic / unpredictable) -> Debian VM (Strech with OVS
> v2.6.2) or Ubuntu (18.10 with OVS v2.9.0). I want OVS to decapsulate the
> tunnel (which it already does well) and bridge this into a certain port
> (which it also does). On the way back, my issue starts as the DHCP OFFER
> (from the network) doesn't get back to the client, as in OVS the set-tunnel
> GRE key doesn't use the previous one 0xfa332b, but 0x00 instead.
>
> Both VMs/OVS versions show the same behaviour, thus I have to believe that
> the issue is with me and my limited knowledge on OVS and not with a bug on
> OVS side or whatever.
>
> Here is my configuration / setup:
>
> root at ubuntuovs:~# ip -d addr
> 1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group
> default qlen 1000
>     link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity 0
> numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
>     inet 127.0.0.1/8 scope host lo
>        valid_lft forever preferred_lft forever
>     inet6 ::1/128 scope host
>        valid_lft forever preferred_lft forever
> 2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP
> group default qlen 1000
>     link/ether 52:54:00:fd:c8:10 brd ff:ff:ff:ff:ff:ff promiscuity 0
> numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
>     inet 192.168.2.147/24 brd 192.168.2.255 scope global dynamic ens3
>        valid_lft 2919sec preferred_lft 2919sec
>     inet6 fe80::5054:ff:fefd:c810/64 scope link
>        valid_lft forever preferred_lft forever
> 3: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel master
> ovs-system state UP group default qlen 1000
>     link/ether 52:54:00:10:71:96 brd ff:ff:ff:ff:ff:ff promiscuity 1
>     openvswitch_slave numtxqueues 1 numrxqueues 1 gso_max_size 65536
> gso_max_segs 65535
>     inet6 fe80::5054:ff:fe10:7196/64 scope link
>        valid_lft forever preferred_lft forever
> 4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group
> default qlen 1000
>     link/ether b2:81:87:78:ca:3a brd ff:ff:ff:ff:ff:ff promiscuity 1
>     openvswitch numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs
> 65535
> 5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
> UNKNOWN group default qlen 1000
>     link/ether 4e:0d:1e:fe:59:43 brd ff:ff:ff:ff:ff:ff promiscuity 1
>     openvswitch numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs
> 65535
>     inet 192.168.20.100/24 scope global br0
>        valid_lft forever preferred_lft forever
>     inet6 fe80::4c0d:1eff:fefe:5943/64 scope link
>        valid_lft forever preferred_lft forever
> 6: gre0 at NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
>     link/gre 0.0.0.0 brd 0.0.0.0 promiscuity 0
>     gre remote any local any ttl inherit nopmtudisc numtxqueues 1
> numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
> 7: gretap0 at NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN group
> default qlen 1000
>     link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff promiscuity 0
>     gretap remote any local any ttl inherit nopmtudisc numtxqueues 1
> numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
> 8: erspan0 at NONE: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN group
> default qlen 1000
>     link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff promiscuity 0
>     erspan remote any local any ttl inherit nopmtudisc numtxqueues 1
> numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
> 9: gre_sys at NONE: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc fq_codel
> master ovs-system state UNKNOWN group default qlen 1000
>     link/ether 82:ac:e2:c7:f1:bf brd ff:ff:ff:ff:ff:ff promiscuity 1
>     gretap external
>     openvswitch_slave numtxqueues 1 numrxqueues 1 gso_max_size 65536
> gso_max_segs 65535
>     inet6 fe80::80ac:e2ff:fec7:f1bf/64 scope link
>        valid_lft forever preferred_lft forever
>
> root at ubuntuovs:~# ovs-vsctl show
> 8016debe-8d86-43b5-84b6-0de5528c6a6a
>     Bridge "br0"
>         Port "br0"
>             Interface "br0"
>                 type: internal
>         Port "ens4"
>             Interface "ens4"
>         Port "ap1101"
>             Interface "ap1101"
>                 type: gre
>                 options: {key=flow, local_ip="192.168.20.100",
> remote_ip="192.168.10.16"}
>     ovs_version: "2.9.0"
>
> root at ubuntuovs:~# ovs-dpctl dump-flows
> recirc_id(0),in_port(2),eth(src=2c:fa:a2:9d:96:6c,dst=01:80:c2:00:00:00),eth_type(0/0xffff),
> packets:84, bytes:5040, used:1.116s, actions:drop
> recirc_id(0),in_port(2),eth(src=e8:e7:32:3f:de:e6,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(tos=0/0x3,frag=no),
> packets:1, bytes:342, used:0.853s,
> actions:1,set(tunnel(tun_id=0x0,src=192.168.20.100,dst=192.168.10.16,ttl=64,flags(df|key))),3
> recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=01:00:5e:00:00:fb),eth_type(0x0800),ipv4(frag=no),
> packets:0, bytes:0, used:never, actions:1,2
> recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=0.0.0.0,tip=169.254.68.7,op=1/0xff),
> packets:2, bytes:84, used:7.962s, actions:1,2
> recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=01:00:5e:00:00:16),eth_type(0x0800),ipv4(frag=no),
> packets:3, bytes:162, used:6.939s, actions:1,2
> recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(frag=no),
> packets:17, bytes:2581, used:0.791s, actions:1,2
> recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=169.254.68.7,tip=169.254.68.7,op=1/0xff),
> packets:0, bytes:0, used:never, actions:1,2
>
> root at ubuntuovs:~# ovs-ofctl -v dump-ports br0
> 2018-06-24T19:24:21Z|00001|stream_unix|DBG|/var/run/openvswitch/br0:
> connection failed (No such file or directory)
> 2018-06-24T19:24:21Z|00002|ofctl|DBG|connecting to
> unix:/var/run/openvswitch/br0.mgmt
> 2018-06-24T19:24:21Z|00003|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
> bucket (128 nodes, 64 buckets)
> 2018-06-24T19:24:21Z|00004|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
> bucket (256 nodes, 128 buckets)
> 2018-06-24T19:24:21Z|00005|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
> bucket (512 nodes, 256 buckets)
> 2018-06-24T19:24:21Z|00006|hmap|DBG|../lib/ofp-msgs.c:1143: 8 nodes in
> bucket (512 nodes, 256 buckets)
> 2018-06-24T19:24:21Z|00007|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
> bucket (512 nodes, 256 buckets)
> 2018-06-24T19:24:21Z|00008|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
> bucket (512 nodes, 256 buckets)
> 2018-06-24T19:24:21Z|00009|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
> bucket (1024 nodes, 512 buckets)
> 2018-06-24T19:24:21Z|00010|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
> bucket (1024 nodes, 512 buckets)
> 2018-06-24T19:24:21Z|00011|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
> bucket (1024 nodes, 512 buckets)
> 2018-06-24T19:24:21Z|00012|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
> bucket (1024 nodes, 512 buckets)
> 2018-06-24T19:24:21Z|00013|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> sent (Success): OFPT_HELLO (xid=0x1):
>  version bitmap: 0x01
> 2018-06-24T19:24:21Z|00014|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> received: OFPT_HELLO (OF1.4) (xid=0x7):
>  version bitmap: 0x01, 0x02, 0x03, 0x04, 0x05
> 2018-06-24T19:24:21Z|00015|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> negotiated OpenFlow version 0x01 (we support version 0x01, peer supports
> version 0x05 and earlier)
> 2018-06-24T19:24:21Z|00016|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> sent (Success): OFPST_PORT request (xid=0x2): port_no=ANY
> 2018-06-24T19:24:21Z|00017|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> received: OFPST_PORT reply (xid=0x2): 3 ports
>   port LOCAL: rx pkts=235, bytes=56312, drop=0, errs=0, frame=0, over=0,
> crc=0
>            tx pkts=14, bytes=1076, drop=0, errs=0, coll=0
>   port  1: rx pkts=742, bytes=44598, drop=0, errs=0, frame=0, over=0, crc=0
>            tx pkts=208, bytes=47988, drop=0, errs=0, coll=0
>   port  2: rx pkts=180, bytes=45836, drop=?, errs=?, frame=?, over=?, crc=?
>            tx pkts=69, bytes=14842, drop=?, errs=?, coll=?
> 2018-06-24T19:24:21Z|00018|ofctl|DBG|connecting to
> unix:/var/run/openvswitch/br0.mgmt
> 2018-06-24T19:24:21Z|00019|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> sent (Success): OFPT_HELLO (xid=0x3):
>  version bitmap: 0x01
> 2018-06-24T19:24:21Z|00020|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> received: OFPT_HELLO (OF1.4) (xid=0x8):
>  version bitmap: 0x01, 0x02, 0x03, 0x04, 0x05
> 2018-06-24T19:24:21Z|00021|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> negotiated OpenFlow version 0x01 (we support version 0x01, peer supports
> version 0x05 and earlier)
> 2018-06-24T19:24:21Z|00022|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> sent (Success): OFPT_FEATURES_REQUEST (xid=0x4):
> 2018-06-24T19:24:21Z|00023|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
> received: OFPT_FEATURES_REPLY (xid=0x4): dpid:00004e0d1efe5943
> n_tables:254, n_buffers:0
> capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
> actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src
> mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
>  1(ens4): addr:52:54:00:10:71:96
>      config:     0
>      state:      0
>      current:    100MB-FD AUTO_NEG
>      advertised: 10MB-HD 10MB-FD 100MB-HD 100MB-FD COPPER AUTO_NEG
> AUTO_PAUSE
>      supported:  10MB-HD 10MB-FD 100MB-HD 100MB-FD COPPER AUTO_NEG
>      speed: 100 Mbps now, 100 Mbps max
>  2(ap1101): addr:a2:d2:0b:10:2d:56
>      config:     0
>      state:      0
>      speed: 0 Mbps now, 0 Mbps max
>  LOCAL(br0): addr:4e:0d:1e:fe:59:43
>      config:     0
>      state:      0
>      speed: 0 Mbps now, 0 Mbps max
> OFPST_PORT reply (xid=0x2): 3 ports
>   port LOCAL: rx pkts=235, bytes=56312, drop=0, errs=0, frame=0, over=0,
> crc=0
>            tx pkts=14, bytes=1076, drop=0, errs=0, coll=0
>   port  ens4: rx pkts=742, bytes=44598, drop=0, errs=0, frame=0, over=0,
> crc=0
>            tx pkts=208, bytes=47988, drop=0, errs=0, coll=0
>   port  ap1101: rx pkts=180, bytes=45836, drop=?, errs=?, frame=?, over=?,
> crc=?
>            tx pkts=69, bytes=14842, drop=?, errs=?, coll=?
>
> Thanks,
> Regards,
> Benny
>


More information about the discuss mailing list