[ovs-discuss] OVS

Ammu ammukeerthu at gmail.com
Fri Mar 22 13:59:13 UTC 2019


Hello,

As suggested, I tried the same with *openvswitch-2.10.1-3.el7.x86_64.rpm*.
Kernel details: *Linux 3.10.0-514.el7.x86_64*

I still see the DF bit set in the outer IP layer of the tunnelled packets.
(Be it either in GRE/VxLAN configuration)

Herewith, I am attaching the OVS configuration that I have made.

And, I have attached a sample packet captured for both vxlan and gre
tunnelling.

-
Keerthana



On Thu, Mar 21, 2019 at 7:40 PM Ammu <ammukeerthu at gmail.com> wrote:

> Hi Greg,
>
> As I am doing unwell today, I didn't try it with the latest version.
>
> I will do it tomorrow and update you on that.
>
> Thank you!
>
> -
> Keerthana
>
> On Thu, Mar 21, 2019 at 4:31 AM Gregory Rose <gvrose8192 at gmail.com> wrote:
>
>>
>> On 3/19/2019 6:25 PM, Ben Pfaff wrote:
>> > On Tue, Mar 19, 2019 at 05:19:42PM +0530, Ammu wrote:
>> >>
>> https://stackoverflow.com/questions/55223517/allow-df-not-to-be-set-on-gre-vxlan-tunnels
>> > That question reads:
>> >
>> >      I have created a bridge with a tunnel interface(be it either
>> >      vxlan/gre) and an internal interface. When incoming packets get
>> >      encapsulated with either vxlan/gre tunnel header, I don't want the
>> >      DF bit set on the outer IP layer of tunnelled packet.
>> >
>> >      Despite setting df_default tunnel option to False while creating
>> the
>> >      tunnel interface, I get the DF bit set on the outer IP layer of the
>> >      tunnelled packet.
>> >
>> > Glancing through the userspace and datapath code in the tree, it looks
>> > to me like the DF setting propagates through the whole stack, so I'm
>> > surprised there's a bug.  Perhaps Greg can take a look at some point, if
>> > he has time.
>>
>> I'll review the code but as you've pointed out, the code bases used are
>> very old.  I'd suggest 2.10 at least since
>> that's when we did a total review and upgrade of gre tunneling code to
>> support erspan as well.  A lot has
>> changed since 2.9.0
>>
>> Thanks,
>>
>> - Greg
>>
>> >
>> > We probably need to know what version of OVS you're using, what version
>> > of the kernel you're running, and whether you're using the Linux kernel
>> > built-in version of the OVS kernel module or the one that is shipped
>> > with OVS itself.
>>
>>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20190322/f3c9789f/attachment-0001.html>
-------------- next part --------------
Configuration for GRE:
======================
Bridge ovs1
	Port "iface1"
		Interface "iface1"
			type: internal
	Port "vtun1"
		Interface "vtun1"
			type: gre
			options: {df_default=False, key="10", remote_ip="192.168.70.170"}
	Port ovs1
		Interface ovs1
			type: internal
ovs_version: "2.10.1"


Configuration for VxLAN:
======================
Bridge ovs1
	Port "iface1"
		Interface "iface1"
			type: internal
	Port "vtun1"
		Interface "vtun1"
			type: vxlan
			options: {df_default=False, key="10", remote_ip="192.168.70.170"}
	Port ovs1
		Interface ovs1
			type: internal
ovs_version: "2.10.1"
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sample-vxlan.pcap
Type: application/octet-stream
Size: 9054 bytes
Desc: not available
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20190322/f3c9789f/attachment-0002.obj>
-------------- next part --------------
A non-text attachment was scrubbed...
Name: sample-gre.pcap
Type: application/octet-stream
Size: 9046 bytes
Desc: not available
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20190322/f3c9789f/attachment-0003.obj>


More information about the discuss mailing list