[ovs-discuss] OVN DNS support questions

John Lang john.x.lang at oracle.com
Tue Jun 9 20:00:46 UTC 2020


Thanks Numan, that makes more sense.  I got the impression no special routing was needed.

 

John Lang

w (303) 272-5457

c (970) 231-3724

 

From: Numan Siddique <numans at ovn.org> 
Sent: Tuesday, June 9, 2020 12:25 PM
To: John Lang <john.x.lang at oracle.com>
Cc: ovs-discuss <ovs-discuss at openvswitch.org>
Subject: Re: [ovs-discuss] OVN DNS support questions

 

 

 

On Tue, Jun 9, 2020 at 11:49 PM John Lang <HYPERLINK "mailto:john.x.lang at oracle.com"john.x.lang at oracle.com> wrote:

Numan,

 

Earlier I had send an e-mail with the following question that you responded to.  I maybe should have asked if the pipeline would redirect the DNS request to another DNS server to OVN.

 

1.       If OVN can’t answer a DNS request, does the pipeline forward it on the another DNS server?  How is that server address set?  Though the DHCP options?

 

Yes. If OVN can't anwer it resumes the packet pipeline. So if there are any other DNS servers, they should get the packet.

I was looking at the flows in my OVN setup configured for DNS, and I don’t see how the DNS request is redirected to a server external to OVN.

 

  table=16(ls_in_dns_lookup   ), priority=100  , match=(udp.dst == 53), action=(reg0[4] = dns_lookup(); next;)

  table=16(ls_in_dns_lookup   ), priority=0    , match=(1), action=(next;)

  table=17(ls_in_dns_response ), priority=100  , match=(udp.dst == 53 && reg0[4]), action=(eth.dst <-> eth.src; ip6.src <-> ip6.dst; udp.dst = udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)

  table=17(ls_in_dns_response ), priority=100  , match=(udp.dst == 53 && reg0[4]), action=(eth.dst <-> eth.src; ip4.src <-> ip4.dst; udp.dst = udp.src; udp.src = 53; outport = inport; flags.loopback = 1; output;)

  table=17(ls_in_dns_response ), priority=0    , match=(1), action=(next;)

 

Based on these flows it looks like all udp.dst requests on port 53 are sent to dns_lookup.  If dns_lookup resolves the request it send the reply (either IPV4 or IPV6).  If not, it proceeds to table 18, and I think eventually the request gets dropped.  Is there some later flow I should be looking for that would redirect the request to another DNS server (or is there something I’m missing in dns_lookup that does the redirect)?  If so, how does OVN/OVS know the ip address of that server?

 

OVN is not aware of any external DNS servers if any. So if OVN can't resolve the DNS, the packet resumes the pipeline

and is treated like any other packet. If the DNS server IP is to be routed it will be routed. Let me know If I'm not clear.

 

 

Thanks

Numan

 

 

John Lang

w (303) 272-5457

c (970) 231-3724

 

_______________________________________________
discuss mailing list
HYPERLINK "mailto:discuss at openvswitch.org"discuss at openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200609/9d1b45c9/attachment-0001.html>


More information about the discuss mailing list