[ovs-discuss] Small 802.1q-prepended packets not getting through to VM
Ben Pfaff
blp at ovn.org
Tue Jun 4 20:27:03 UTC 2019
On Wed, May 29, 2019 at 07:04:48PM +0200, Steinar H. Gunderson wrote:
> I have an appliance VM (Cisco vWLC) in libvirt/KVM, connected to an Open
> vSwitch bridge through a virtio NIC. For untagged packets, this works fine.
> However, the appliance also has a VLAN (I've numbered it 50), tagged using
> 802.1q. I've attached this to an EoGRE tunnel (tag=50, access port) to
> a remote Linux machine (not running Open vSwitch) to reach out to it.
>
> The VM can _send_ packets on this VLAN just fine, and also receive large
> packets. However, packets under 60 bytes, such as ARP packets, don't appear
> to reach the VM at all. If I attach an OVS internal port, I can see them just
> fine on tcpdump, but crucially, they don't have any Ethernet padding, so they
> are below the allowed minimum size. (The packets _from_ the VM have Ethernet
> padding just fine.)
>
> I get the same result by trying to talk to the VM on the OVS internal port;
> ARP packets and small ping packets (ping -s 13 and below, ie. 59 bytes or
> less) don't appear to go through to the VM, but larger packets (ping -s 14
> and above) work just fine. However, the OVS internal port can reach the EoGRE
> host just fine, on all packet sizes.
>
> Is there anything I can do about this? It appears to just be a bug to me.
> I'm running Debian buster (kernel 4.19.0-5-amd64, Open vSwitch 2.10.1);
> earlier, I've been running Debian stretch (kernel 4.9.0, Open vSwitch 2.6.2)
> with no difference in behavior.
This is certainly super weird. OVS certainly passes ARP packets fine in
all normal situations.
This is probably something inside the kernel. You might use "ovs-dpctl
dump-flows" to verify that the OVS kernel module is actually trying to
output the packets that are not getting through. If it is, you might
also use the various network device statistics counters to try to figure
out where the packets are getting dropped. A last resort might be to
add some printks() to the openvswitch.ko kernel module.
More information about the discuss
mailing list