[ovs-discuss] [ovn] MAC in table acl and lb

Numan Siddique numans at ovn.org
Wed Sep 23 06:10:42 UTC 2020


On Wed, Sep 23, 2020 at 7:51 AM Tony Liu <tonyliu0592 at hotmail.com> wrote:

> That MAC is also in table 19.
> ==========================
>   table=19(ls_in_l2_lkup      ), priority=110  , match=(eth.dst ==
> 1a:d2:77:6e:42:98), action=(handle_svc_check(inport);)
> ==========================
>
> Thanks!
> Tony
> > -----Original Message-----
> > From: Tony Liu <tonyliu0592 at hotmail.com>
> > Sent: Tuesday, September 22, 2020 7:19 PM
> > To: ovs-discuss <ovs-discuss at openvswitch.org>
> > Subject: [ovn] MAC in table acl and lb
> >
> > Hi,
> >
> > When I look at a datapath ingress pipeline, =========================
> >   table=3 (ls_in_pre_acl      ), priority=110  , match=(eth.dst ==
> > 1a:d2:77:6e:42:98), action=(next;)
> >   table=3 (ls_in_pre_acl      ), priority=0    , match=(1),
> > action=(next;)
> >   table=4 (ls_in_pre_lb       ), priority=110  , match=(eth.dst ==
> > 1a:d2:77:6e:42:98), action=(next;)
> >   table=4 (ls_in_pre_lb       ), priority=110  , match=(nd || nd_rs ||
> > nd_ra || icmp4.type == 3 ||icmp6.type == 1 || (tcp && tcp.flags == 20)),
> > action=(next;)
> >   table=4 (ls_in_pre_lb       ), priority=0    , match=(1),
> > action=(next;)
> >   table=5 (ls_in_pre_stateful ), priority=100  , match=(reg0[0] == 1),
> > action=(ct_next;)
> >   table=5 (ls_in_pre_stateful ), priority=0    , match=(1),
> > action=(next;)
> >   table=6 (ls_in_acl          ), priority=34000, match=(eth.dst ==
> > 1a:d2:77:6e:42:98), action=(next;)
> >   table=6 (ls_in_acl          ), priority=0    , match=(1),
> > action=(next;)
> >   table=7 (ls_in_qos_mark     ), priority=0    , match=(1),
> > action=(next;)
> >   table=8 (ls_in_qos_meter    ), priority=0    , match=(1),
> > action=(next;)
> >   table=9 (ls_in_lb           ), priority=0    , match=(1),
> > action=(next;)
> > =========================
> > What's that MAC 1a:d2:77:6e:42:98? What's it for in acl and lb tables?
> > I can't find any port with that MAC.
> > This datapath is for a LS that is created from OpenStack.
>


Hi Tony,

This mac is used for service monitoring. ovn-northd generates this mac. You
can see this by running - ovn-nbctl list NB_Global.

Service monitoring is used by OVN octavia provider driver for health checks.

Look into the NB table - Load_Balancer_Health_Check and SB table
- Service_Monitor in the man pages for more details.

You see the flows in acl and lb tables to basically skip the service
monitor reply packets  from being sent to conntrack.
These packets will be sent to ovn-controller as packet-ins.

[1] - https://www.ovn.org/support/dist-docs/ovn-nb.5.html
[2] - https://www.ovn.org/support/dist-docs/ovn-sb.5.html

Thanks
Numan

Thanks
Numan



> >
> > Thanks!
> > Tony
>
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://mail.openvswitch.org/pipermail/ovs-discuss/attachments/20200923/81a7d216/attachment-0001.html>


More information about the discuss mailing list