On Wed, Sep 02, 2015 at 06:44:15AM -0700, Jesse Gross wrote: > On Tue, Sep 1, 2015 at 7:14 PM, Pravin Shelar <pshe...@nicira.com> wrote: > > On Tue, Sep 1, 2015 at 4:56 PM, Ben Pfaff <b...@nicira.com> wrote: > >> I think I've come across a bug in OVS native tunneling, or at any rate > >> an important difference between Linux kernel and OVS native tunneling. > >> In Linux kernel tunneling, a tunnel packet received by the kernel first > >> passes through the kernel IP stack. Among other things, the IP stack > >> drops packets that are not destined to the current host. It appears to > >> me that the native tunneling code doesn't have any similar check, > >> because I'm seeing it accept and packets flooded by the upstream switch > >> that are not destined to an IP address of the host. This means in > >> effect that the user of native tunneling must set "options:local_ip", > >> whereas a user of Linux kernel tunneling doesn't (and probably > >> shouldn't). > >> > > Right. Its bug. > > > >> I suspect that this behavior is unintentional; it isn't mentioned in > >> README-native-tunneling.md or (as far as I can tell) anywhere else. > >> > >> I noticed this while testing OVN. If you configure a few hypervisors > >> and send packets from only one of them, then the switch that connects > >> them will flood all the packets to all of the rest (since it hasn't yet > >> learned where they are). The result is that for N hypervisors, remote > >> VIFs get N-1 copies of the packets instead of just one. I'm appending a > >> patch that works around it, though I'd prefer to fix the tunneling code > >> rather than apply this patch. > >> > > We can fix it adding the local ip-address to tnl-port-map. > > I will send a patch. > > Presumably we also should use DMAC as well?
Good point! _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
