[ovs-discuss] Fwd: Question on reflexive GRE tunnel keys

Benjamin Eggerstedt benjamin.eggerstedt at gmail.com
Sun Jun 24 19:45:00 UTC 2018


Hi,

I've tried to wrap my head around a L2GRE tunneling topic, but I can't
find a way to make it working the way I'd need. I hope that here
somebody has an idea.

Client -> Wireless AP -> L2GRE Tunnel (src: 192.168.10.16, dst:
192.168.20.100, key: dynamic / unpredictable) -> Debian VM (Strech
with OVS v2.6.2) or Ubuntu (18.10 with OVS v2.9.0). I want OVS to
decapsulate the tunnel (which it already does well) and bridge this
into a certain port (which it also does). On the way back, my issue
starts as the DHCP OFFER (from the network) doesn't get back to the
client, as in OVS the set-tunnel GRE key doesn't use the previous one
0xfa332b, but 0x00 instead.

Both VMs/OVS versions show the same behaviour, thus I have to believe
that the issue is with me and my limited knowledge on OVS and not with
a bug on OVS side or whatever.

Here is my configuration / setup:

root at ubuntuovs:~# ip -d addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN
group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00 promiscuity
0 numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host
       valid_lft forever preferred_lft forever
2: ens3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
state UP group default qlen 1000
    link/ether 52:54:00:fd:c8:10 brd ff:ff:ff:ff:ff:ff promiscuity 0
numtxqueues 1 numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
    inet 192.168.2.147/24 brd 192.168.2.255 scope global dynamic ens3
       valid_lft 2919sec preferred_lft 2919sec
    inet6 fe80::5054:ff:fefd:c810/64 scope link
       valid_lft forever preferred_lft forever
3: ens4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel
master ovs-system state UP group default qlen 1000
    link/ether 52:54:00:10:71:96 brd ff:ff:ff:ff:ff:ff promiscuity 1
    openvswitch_slave numtxqueues 1 numrxqueues 1 gso_max_size 65536
gso_max_segs 65535
    inet6 fe80::5054:ff:fe10:7196/64 scope link
       valid_lft forever preferred_lft forever
4: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN
group default qlen 1000
    link/ether b2:81:87:78:ca:3a brd ff:ff:ff:ff:ff:ff promiscuity 1
    openvswitch numtxqueues 1 numrxqueues 1 gso_max_size 65536
gso_max_segs 65535
5: br0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state
UNKNOWN group default qlen 1000
    link/ether 4e:0d:1e:fe:59:43 brd ff:ff:ff:ff:ff:ff promiscuity 1
    openvswitch numtxqueues 1 numrxqueues 1 gso_max_size 65536
gso_max_segs 65535
    inet 192.168.20.100/24 scope global br0
       valid_lft forever preferred_lft forever
    inet6 fe80::4c0d:1eff:fefe:5943/64 scope link
       valid_lft forever preferred_lft forever
6: gre0 at NONE: <NOARP> mtu 1476 qdisc noop state DOWN group default qlen 1000
    link/gre 0.0.0.0 brd 0.0.0.0 promiscuity 0
    gre remote any local any ttl inherit nopmtudisc numtxqueues 1
numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
7: gretap0 at NONE: <BROADCAST,MULTICAST> mtu 1462 qdisc noop state DOWN
group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff promiscuity 0
    gretap remote any local any ttl inherit nopmtudisc numtxqueues 1
numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
8: erspan0 at NONE: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN
group default qlen 1000
    link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff promiscuity 0
    erspan remote any local any ttl inherit nopmtudisc numtxqueues 1
numrxqueues 1 gso_max_size 65536 gso_max_segs 65535
9: gre_sys at NONE: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc
fq_codel master ovs-system state UNKNOWN group default qlen 1000
    link/ether 82:ac:e2:c7:f1:bf brd ff:ff:ff:ff:ff:ff promiscuity 1
    gretap external
    openvswitch_slave numtxqueues 1 numrxqueues 1 gso_max_size 65536
gso_max_segs 65535
    inet6 fe80::80ac:e2ff:fec7:f1bf/64 scope link
       valid_lft forever preferred_lft forever

root at ubuntuovs:~# ovs-vsctl show
8016debe-8d86-43b5-84b6-0de5528c6a6a
    Bridge "br0"
        Port "br0"
            Interface "br0"
                type: internal
        Port "ens4"
            Interface "ens4"
        Port "ap1101"
            Interface "ap1101"
                type: gre
                options: {key=flow, local_ip="192.168.20.100",
remote_ip="192.168.10.16"}
    ovs_version: "2.9.0"

root at ubuntuovs:~# ovs-dpctl dump-flows
recirc_id(0),in_port(2),eth(src=2c:fa:a2:9d:96:6c,dst=01:80:c2:00:00:00),eth_type(0/0xffff),
packets:84, bytes:5040, used:1.116s, actions:drop
recirc_id(0),in_port(2),eth(src=e8:e7:32:3f:de:e6,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(tos=0/0x3,frag=no),
packets:1, bytes:342, used:0.853s,
actions:1,set(tunnel(tun_id=0x0,src=192.168.20.100,dst=192.168.10.16,ttl=64,flags(df|key))),3
recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=01:00:5e:00:00:fb),eth_type(0x0800),ipv4(frag=no),
packets:0, bytes:0, used:never, actions:1,2
recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=0.0.0.0,tip=169.254.68.7,op=1/0xff),
packets:2, bytes:84, used:7.962s, actions:1,2
recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=01:00:5e:00:00:16),eth_type(0x0800),ipv4(frag=no),
packets:3, bytes:162, used:6.939s, actions:1,2
recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(frag=no),
packets:17, bytes:2581, used:0.791s, actions:1,2
recirc_id(0),tunnel(tun_id=0xfa332b,src=192.168.10.16,dst=192.168.20.100,flags(-df-csum+key)),in_port(3),eth(src=48:e2:44:21:ff:2b,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=169.254.68.7,tip=169.254.68.7,op=1/0xff),
packets:0, bytes:0, used:never, actions:1,2

root at ubuntuovs:~# ovs-ofctl -v dump-ports br0
2018-06-24T19:24:21Z|00001|stream_unix|DBG|/var/run/openvswitch/br0:
connection failed (No such file or directory)
2018-06-24T19:24:21Z|00002|ofctl|DBG|connecting to
unix:/var/run/openvswitch/br0.mgmt
2018-06-24T19:24:21Z|00003|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
bucket (128 nodes, 64 buckets)
2018-06-24T19:24:21Z|00004|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
bucket (256 nodes, 128 buckets)
2018-06-24T19:24:21Z|00005|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
bucket (512 nodes, 256 buckets)
2018-06-24T19:24:21Z|00006|hmap|DBG|../lib/ofp-msgs.c:1143: 8 nodes in
bucket (512 nodes, 256 buckets)
2018-06-24T19:24:21Z|00007|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
bucket (512 nodes, 256 buckets)
2018-06-24T19:24:21Z|00008|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
bucket (512 nodes, 256 buckets)
2018-06-24T19:24:21Z|00009|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
bucket (1024 nodes, 512 buckets)
2018-06-24T19:24:21Z|00010|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
bucket (1024 nodes, 512 buckets)
2018-06-24T19:24:21Z|00011|hmap|DBG|../lib/ofp-msgs.c:1143: 6 nodes in
bucket (1024 nodes, 512 buckets)
2018-06-24T19:24:21Z|00012|hmap|DBG|../lib/ofp-msgs.c:1143: 7 nodes in
bucket (1024 nodes, 512 buckets)
2018-06-24T19:24:21Z|00013|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
sent (Success): OFPT_HELLO (xid=0x1):
 version bitmap: 0x01
2018-06-24T19:24:21Z|00014|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
received: OFPT_HELLO (OF1.4) (xid=0x7):
 version bitmap: 0x01, 0x02, 0x03, 0x04, 0x05
2018-06-24T19:24:21Z|00015|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
negotiated OpenFlow version 0x01 (we support version 0x01, peer
supports version 0x05 and earlier)
2018-06-24T19:24:21Z|00016|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
sent (Success): OFPST_PORT request (xid=0x2): port_no=ANY
2018-06-24T19:24:21Z|00017|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
received: OFPST_PORT reply (xid=0x2): 3 ports
  port LOCAL: rx pkts=235, bytes=56312, drop=0, errs=0, frame=0, over=0, crc=0
           tx pkts=14, bytes=1076, drop=0, errs=0, coll=0
  port  1: rx pkts=742, bytes=44598, drop=0, errs=0, frame=0, over=0, crc=0
           tx pkts=208, bytes=47988, drop=0, errs=0, coll=0
  port  2: rx pkts=180, bytes=45836, drop=?, errs=?, frame=?, over=?, crc=?
           tx pkts=69, bytes=14842, drop=?, errs=?, coll=?
2018-06-24T19:24:21Z|00018|ofctl|DBG|connecting to
unix:/var/run/openvswitch/br0.mgmt
2018-06-24T19:24:21Z|00019|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
sent (Success): OFPT_HELLO (xid=0x3):
 version bitmap: 0x01
2018-06-24T19:24:21Z|00020|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
received: OFPT_HELLO (OF1.4) (xid=0x8):
 version bitmap: 0x01, 0x02, 0x03, 0x04, 0x05
2018-06-24T19:24:21Z|00021|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
negotiated OpenFlow version 0x01 (we support version 0x01, peer
supports version 0x05 and earlier)
2018-06-24T19:24:21Z|00022|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
sent (Success): OFPT_FEATURES_REQUEST (xid=0x4):
2018-06-24T19:24:21Z|00023|vconn|DBG|unix:/var/run/openvswitch/br0.mgmt:
received: OFPT_FEATURES_REPLY (xid=0x4): dpid:00004e0d1efe5943
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan
mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src
mod_tp_dst
 1(ens4): addr:52:54:00:10:71:96
     config:     0
     state:      0
     current:    100MB-FD AUTO_NEG
     advertised: 10MB-HD 10MB-FD 100MB-HD 100MB-FD COPPER AUTO_NEG AUTO_PAUSE
     supported:  10MB-HD 10MB-FD 100MB-HD 100MB-FD COPPER AUTO_NEG
     speed: 100 Mbps now, 100 Mbps max
 2(ap1101): addr:a2:d2:0b:10:2d:56
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 LOCAL(br0): addr:4e:0d:1e:fe:59:43
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
OFPST_PORT reply (xid=0x2): 3 ports
  port LOCAL: rx pkts=235, bytes=56312, drop=0, errs=0, frame=0, over=0, crc=0
           tx pkts=14, bytes=1076, drop=0, errs=0, coll=0
  port  ens4: rx pkts=742, bytes=44598, drop=0, errs=0, frame=0, over=0, crc=0
           tx pkts=208, bytes=47988, drop=0, errs=0, coll=0
  port  ap1101: rx pkts=180, bytes=45836, drop=?, errs=?, frame=?, over=?, crc=?
           tx pkts=69, bytes=14842, drop=?, errs=?, coll=?

Thanks,
Regards,
Benny


More information about the discuss mailing list