[ovs-discuss] OVN DNS support questions

Numan Siddique numans at ovn.org
Tue Jun 9 18:24:46 UTC 2020


On Tue, Jun 9, 2020 at 11:49 PM John Lang <john.x.lang at oracle.com> wrote:

> Numan,
>
>
>
> Earlier I had send an e-mail with the following question that you
> responded to.  I maybe should have asked if the pipeline would redirect the
> DNS request to another DNS server to OVN.
>
>
>
> 1.       If OVN can’t answer a DNS request, does the pipeline forward it
> on the another DNS server?  How is that server address set?  Though the
> DHCP options?
>
>
>
> Yes. If OVN can't anwer it resumes the packet pipeline. So if there are
> any other DNS servers, they should get the packet.
>
> I was looking at the flows in my OVN setup configured for DNS, and I don’t
> see how the DNS request is redirected to a server external to OVN.
>
>
>
>   table=16(ls_in_dns_lookup   ), priority=100  , match=(udp.dst == 53),
> action=(reg0[4] = dns_lookup(); next;)
>
>   table=16(ls_in_dns_lookup   ), priority=0    , match=(1), action=(next;)
>
>   table=17(ls_in_dns_response ), priority=100  , match=(udp.dst == 53 &&
> reg0[4]), action=(eth.dst <-> eth.src; ip6.src <-> ip6.dst; udp.dst =
> udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)
>
>   table=17(ls_in_dns_response ), priority=100  , match=(udp.dst == 53 &&
> reg0[4]), action=(eth.dst <-> eth.src; ip4.src <-> ip4.dst; udp.dst =
> udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)
>
>   table=17(ls_in_dns_response ), priority=0    , match=(1), action=(next;)
>
>
>
> Based on these flows it looks like all udp.dst requests on port 53 are
> sent to dns_lookup.  If dns_lookup resolves the request it send the reply
> (either IPV4 or IPV6).  If not, it proceeds to table 18, and I think
> eventually the request gets dropped.  Is there some later flow I should be
> looking for that would redirect the request to another DNS server (or is
> there something I’m missing in dns_lookup that does the redirect)?  If so,
> how does OVN/OVS know the ip address of that server?
>

OVN is not aware of any external DNS servers if any. So if OVN can't
resolve the DNS, the packet resumes the pipeline
and is treated like any other packet. If the DNS server IP is to be routed
it will be routed. Let me know If I'm not clear.


Thanks
Numan


>
> John Lang
>
> w (303) 272-5457
>
> c (970) 231-3724
>
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200609/7d3627da/attachment.html>


More information about the discuss mailing list