I have another problem. I have an openvswitch linked to another openvswitch by a gre tunnel. This tunnel belongs to the vlan 2. I have one Vm for each switch, each vm is attached to the switch by a port tagged 2.
Now, everything works fine until I add my eth0 port to these openvswitches. When I do that, the VMs can't communicate anymore even though they could, thanks to the tunnel gre which is a trunk port for the vlan 2. I think the problem is eth0 which is not a trunk port. Does this mean that, in order to achieve vlan isolation and still connect switches with gre tunnels, I need at least an external (ie. not connected to the openvswitch) network port? 2014-05-05 11:58 GMT+02:00 Pasquale Dir <[email protected]>: > Thank you so much, it worked. > > > 2014-05-01 18:13 GMT+02:00 Ben Pfaff <[email protected]>: > > On Wed, Apr 30, 2014 at 09:35:58PM +0200, Pasquale Dir wrote: >> > as long as no controller is associated to my openvswitch vlan tags >> assure >> > me vlan isolation. >> > >> > After setting the controller (floodlight in my case, but I also tried >> > opendaylight) vlan tags are just ignored. >> >> The FAQ says: >> >> Q: My OpenFlow controller doesn't see the VLANs that I expect. >> >> A: The configuration for VLANs in the Open vSwitch database (e.g. via >> ovs-vsctl) only affects traffic that goes through Open vSwitch's >> implementation of the OpenFlow "normal switching" action. By >> default, when Open vSwitch isn't connected to a controller and >> nothing has been manually configured in the flow table, all traffic >> goes through the "normal switching" action. But, if you set up >> OpenFlow flows on your own, through a controller or using ovs-ofctl >> or through other means, then you have to implement VLAN handling >> yourself. >> >> You can use "normal switching" as a component of your OpenFlow >> actions, e.g. by putting "normal" into the lists of actions on >> ovs-ofctl or by outputting to OFPP_NORMAL from an OpenFlow >> controller. In situations where this is not suitable, you can >> implement VLAN handling yourself, e.g.: >> >> - If a packet comes in on an access port, and the flow table >> needs to send it out on a trunk port, then the flow can add >> the appropriate VLAN tag with the "mod_vlan_vid" action. >> >> - If a packet comes in on a trunk port, and the flow table >> needs to send it out on an access port, then the flow can >> strip the VLAN tag with the "strip_vlan" action. >> > >
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
