[ovs-discuss] How to match the VLAN VID of frames tunneled to a VXLAN port?

Alan Kayahan hsykay at gmail.com
Sun Nov 4 04:37:05 UTC 2018


Thanks for the response Ben.
If I am understanding the document correctly, the packets coming in
from the host (classified as Flow1 on page 29) in Switch A are tagged
with VLAN100, then tunneled to O3 (SwitchB's IP address) with a VNI ID
50. So there is only 1 VLAN field and that is the inner (the VLAN
field of the frame encapsulated in the VXLAN tunnel), which I need to
match on.

Alan
On Sat, Nov 3, 2018 at 4:25 PM Ben Pfaff <blp at ovn.org> wrote:
>
> On Sat, Nov 03, 2018 at 06:45:08AM +0100, Alan Kayahan wrote:
> > Hello,
> >
> > I am trying to build a simplified version of the "sample L2
> > transparent network service chaining implementation" described in
> > section 6 of this document
> > https://www.opennetworking.org/wp-content/uploads/2014/10/L4-L7_Service_Function_Chaining_Solution_Architecture.pdf.
> >
> > My simplifications:
> > 1) 3 OVS bridges on 3 nodes
> > 2) Just a single flow and a single chain to steer without bypassing any service.
> > 3) No 5-tuple matching, just in_port
> > 4) VXLAN remoteIPs are hardcoded, key=flow, and attached as a port to the bridge
> >
> > Problem: Matching the VLAN field inbound to a VXLAN port doesn't work.
>
> Do you expect the VLAN field to match the inner or outer VLAN?  It will
> actually match the inner VLAN?


More information about the discuss mailing list