I'm testing the fail-open mode. The document[ovs-vsctl] says "if the connection
to the controller fails, no new network connections can be set up. If the
connection to the controller stays down long enough, no packets can pass
through the switch at all."
I set a non-working controller to ovs0, and ovs goes to fail-open mode. But
some connections and packets are working like normal, even though no rules when
I "dump-flows ovs0"
I dump the hidden flows, and find a flow " duration=670s, n_packets=14763,
n_bytes=1374682, priority=15790320,actions=NORMAL"
I'm wondering why its behavior is not like its document? Should I configure
something?
suse-kvm-of13:/sdn-of1.3/openvswitch-trunk # ovs-vsctl show
055ce0da-8b2b-4f70-93e2-f6ba0ef2da16
Bridge "ovs0"
Controller "tcp:130.10.180.145:6633"
Port "vif-2.1"
Interface "vif-2.1"
Port "eth1"
tag: 20
Interface "eth1"
Port "vnet2"
Interface "vnet2"
Port "ovs0"
tag: 20
Interface "ovs0"
type: internal
Port "vnet1"
Interface "vnet1"
Port "vif-3.1"
Interface "vif-3.1"
(I tested to ping via ovs0 and tcpdump it, it works, but in fail-open it should
not.)
suse-kvm-of13:/sdn-of1.3/openvswitch-trunk # tcpdump -n -i eth1 host 129.9.21.76
tcpdump: WARNING: eth1: no IPv4 address assigned
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth1, link-type EN10MB (Ethernet), capture size 96 bytes
14:38:35.983621 IP 129.9.21.76 > 129.9.25.177: ICMP echo request, id 37199, seq
1, length 64
14:38:35.984743 arp who-has 129.9.21.76 tell 129.9.25.177
14:38:35.984954 arp reply 129.9.21.76 is-at 54:89:98:76:34:bd
14:38:35.985117 IP 129.9.25.177 > 129.9.21.76: ICMP echo reply, id 37199, seq
1, length 64
14:38:36.985381 IP 129.9.21.76 > 129.9.25.177: ICMP echo request, id 37199, seq
2, length 64
14:38:36.985601 IP 129.9.25.177 > 129.9.21.76: ICMP echo reply, id 37199, seq
2, length 64
suse-kvm-of13:/sdn-of1.3/openvswitch-trunk # o13 dump-flows ovs0
OFPST_FLOW reply (OF1.3) (xid=0x2):
suse-kvm-of13:/sdn-of1.3/openvswitch-trunk # ovs-dpctl dump-flows
skb_priority(0),in_port(3),eth(src=10:1b:54:99:63:40,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=129.9.25.177/255.255.255.255,tip=129.9.185.183/255.255.255.255,op=1/0xff,sha=10:1b:54:99:63:40/00:00:00:00:00:00,tha=00:00:00:00:00:00/00:00:00:00:00:00),
packets:1, bytes:60, used:0.724s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=28:6e:d4:f2:df:fc,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(src=0.0.0.0/0.0.0.0,dst=255.255.255.255/0.0.0.0,proto=17/0,tos=0x10/0,ttl=64/0,frag=no/0xff),
packets:0, bytes:0, used:never, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=00:25:9e:5c:89:41,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=129.9.2.159/255.255.255.255,tip=129.9.182.90/255.255.255.255,op=1/0xff,sha=00:25:9e:5c:89:41/00:00:00:00:00:00,tha=00:00:00:00:00:00/00:00:00:00:00:00),
packets:2, bytes:120, used:0.384s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=dc:d2:fc:20:55:57,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(src=0.0.0.0/0.0.0.0,dst=255.255.255.255/0.0.0.0,proto=17/0,tos=0x10/0,ttl=64/0,frag=no/0xff),
packets:1, bytes:342, used:2.240s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=e0:24:7f:97:35:fb,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0800),ipv4(src=0.0.0.0/0.0.0.0,dst=255.255.255.255/0.0.0.0,proto=17/0,tos=0x10/0,ttl=64/0,frag=no/0xff),
packets:1, bytes:342, used:2.928s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=10:1b:54:99:63:40,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=129.9.25.177/255.255.255.255,tip=129.9.184.237/255.255.255.255,op=1/0xff,sha=10:1b:54:99:63:40/00:00:00:00:00:00,tha=00:00:00:00:00:00/00:00:00:00:00:00),
packets:2, bytes:120, used:0.380s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=10:1b:54:99:63:40,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=129.9.25.177/255.255.255.255,tip=129.9.185.229/255.255.255.255,op=1/0xff,sha=10:1b:54:99:63:40/00:00:00:00:00:00,tha=00:00:00:00:00:00/00:00:00:00:00:00),
packets:0, bytes:0, used:never, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
skb_priority(0),in_port(3),eth(src=10:1b:54:99:63:40,dst=ff:ff:ff:ff:ff:ff),eth_type(0x0806),arp(sip=129.9.25.177/255.255.255.255,tip=129.9.184.230/255.255.255.255,op=1/0xff,sha=10:1b:54:99:63:40/00:00:00:00:00:00,tha=00:00:00:00:00:00/00:00:00:00:00:00),
packets:2, bytes:120, used:0.172s, actions:1,push_vlan(vid=20,pcp=0),2,5,6,4
...... a lot of flows
suse-kvm-of13:/sdn-of1.3/openvswitch-trunk # ovs-appctl bridge/dump-flows ovs0
duration=670s, n_packets=0, n_bytes=0,
priority=180000,udp,in_port=LOCAL,dl_src=54:89:98:76:34:bd,tp_src=68,tp_dst=67,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180006,arp,arp_spa=130.10.180.145,arp_op=1,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180003,arp,dl_dst=54:89:98:75:05:93,arp_op=2,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180001,arp,dl_dst=54:89:98:76:34:bd,arp_op=2,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180005,arp,arp_tpa=130.10.180.145,arp_op=2,actions=NORMAL
duration=670s, n_packets=14763, n_bytes=1374682,
priority=15790320,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180007,tcp,nw_dst=130.10.180.145,tp_dst=6633,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180008,tcp,nw_src=130.10.180.145,tp_src=6633,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180002,arp,dl_src=54:89:98:76:34:bd,arp_op=1,actions=NORMAL
duration=670s, n_packets=0, n_bytes=0,
priority=180004,arp,dl_src=54:89:98:75:05:93,arp_op=1,actions=NORMAL
table_id=254, duration=1256s, n_packets=0, n_bytes=0,
priority=0,reg0=0x3,actions=drop
table_id=254, duration=1256s, n_packets=823, n_bytes=78774,
priority=0,reg0=0x1,actions=controller(reason=no_match)
table_id=254, duration=1256s, n_packets=0, n_bytes=0,
priority=0,reg0=0x2,actions=drop
_______________________________________________
discuss mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/discuss
