I'm still learning OVS, but I'll take a stab: 1) Before the ping starts, an ARP request will be sent which will be broadcast. It won't match the destination MAC because the purpose of the ARP is to find out what the MAC is. Normally the VLAN would take care of broadcasting the packet out to all hosts on the VLAN, but I think your manual flows have effectively torn down the VLAN handling. To make this work you could try adding a flow that matches dest mac ff:ff:ff:ff:ff:ff and send the packets out to all ports. Be sure to strip the vlan tag as well before sending the packets out of the access ports (at least I think that's necessary).
2) Add strip_vlan to your first flow rule on your second switch. 3) Ping is a round-trip, so you need the reverse path as well. You need to tag vlan 100 or 200 in traffic going from S2 back to S1 as is appropriate for the host you're trying to reach. If you didn't want to make traffic work across VLANs you could just forward the packets as-is In this configuration having the VLANs configured on S1 just gets in your way. On Tue, Jun 24, 2014 at 12:08 PM, shruti rao <[email protected]> wrote: > Hi, > > I am new to Open vSwitch and am trying to create a VLAN with two switches > (s1, s2) having 2 hosts (s1 having red1 and blue1 and s2 having red2 and > blue2) each and no controller. My configuration is as mentioned below: > > mininet> net > s1 lo: s1-eth1:red1-eth0 s1-eth2:blue1-eth0 s1-eth3:s2-eth1 > s2 lo: s2-eth1:s1-eth3 s2-eth2:red2-eth0 s2-eth3:blue2-eth0 > blue1 blue1-eth0:s1-eth2 > blue2 blue2-eth0:s2-eth3 > red1 red1-eth0:s1-eth1 > red2 red2-eth0:s2-eth2 > > I have created VLAN by assigning tag ids as below > > mininet> sh ovs-vsctl show > de0d6311-08a0-4eba-aad8-d91ae2df8483 > Bridge "s1" > Controller "ptcp:6634" > fail_mode: secure > Port "s1-eth3" > trunks: [100, 200] > Interface "s1-eth3" > Port "s1-eth2" > tag: 200 > Interface "s1-eth2" > Port "s1" > Interface "s1" > type: internal > Port "s1-eth1" > tag: 100 > Interface "s1-eth1" > Bridge "s2" > Controller "ptcp:6635" > fail_mode: secure > Port "s2-eth1" > trunks: [100, 200] > Interface "s2-eth1" > Port "s2" > Interface "s2" > type: internal > Port "s2-eth3" > tag: 200 > Interface "s2-eth3" > Port "s2-eth2" > tag: 100 > Interface "s2-eth2" > mininet> sh ovs-ofctl show s1 > OFPT_FEATURES_REPLY (xid=0x2): dpid:0000000000000001 > n_tables:254, n_buffers:256 > capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP > actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST > SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE > 1(s1-eth1): addr:56:eb:cf:57:2c:f2 > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > 2(s1-eth2): addr:ae:1b:e0:f8:63:7e > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > 3(s1-eth3): addr:72:e7:6a:a3:cd:92 > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > LOCAL(s1): addr:ba:7c:3d:45:92:4c > config: 0 > state: 0 > speed: 0 Mbps now, 0 Mbps max > OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0 > mininet> sh ovs-ofctl show s2 > OFPT_FEATURES_REPLY (xid=0x2): dpid:0000000000000002 > n_tables:254, n_buffers:256 > capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP > actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST > SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE > 1(s2-eth1): addr:ae:84:0c:3d:74:42 > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > 2(s2-eth2): addr:ba:3b:f5:9d:47:01 > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > 3(s2-eth3): addr:52:45:27:b8:d5:96 > config: 0 > state: 0 > current: 10GB-FD COPPER > speed: 10000 Mbps now, 0 Mbps max > LOCAL(s2): addr:16:7f:2d:db:99:40 > config: 0 > state: 0 > speed: 0 Mbps now, 0 Mbps max > OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0 > > When I install flow rule giving *actions=normal* in s1 and s2, the > functionality works as expected. Red1 can ping Red2 but cannot reach Blue1 > and Blue2 and vice versa. > Then I am deleting these flow rules and am adding a flow rules based on > the MAC Address and it is not working. > > mininet> sh ovs-ofctl dump-flows s1 > NXST_FLOW reply (xid=0x4): > cookie=0x0, duration=160.318s, table=0, n_packets=0, n_bytes=0, > idle_age=160, actions=NORMAL > mininet> sh ovs-ofctl dump-flows s2 > NXST_FLOW reply (xid=0x4): > cookie=0x0, duration=50.296s, table=0, n_packets=0, n_bytes=0, > idle_age=50, in_port=1,dl_dst=ba:3b:f5:9d:47:01 actions=output:2 > cookie=0x0, duration=12.639s, table=0, n_packets=0, n_bytes=0, > idle_age=12, in_port=1,dl_dst=52:45:27:b8:d5:96 actions=strip_vlan,output:3 > mininet> red1 ping red2 > PING 10.0.0.4 (10.0.0.4) 56(84) bytes of data. > From 10.0.0.3 icmp_seq=1 Destination Host Unreachable > From 10.0.0.3 icmp_seq=2 Destination Host Unreachable > From 10.0.0.3 icmp_seq=3 Destination Host Unreachable > ^C > --- 10.0.0.4 ping statistics --- > 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4024ms > pipe 3 > mininet> red1 ping blue2 > PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data. > From 10.0.0.3 icmp_seq=1 Destination Host Unreachable > From 10.0.0.3 icmp_seq=2 Destination Host Unreachable > From 10.0.0.3 icmp_seq=3 Destination Host Unreachable > ^C > --- 10.0.0.2 ping statistics --- > 5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4000ms > pipe 3 > > Where am I going wrong while adding the flow rule? > > Is it possible to install a flow rule that would enable Red1 to > communicate with Blue2? > > Any help on this would really be appreciated. > > Thanks, > Shruti > > _______________________________________________ > discuss mailing list > [email protected] > http://openvswitch.org/mailman/listinfo/discuss > > -- Andrew Mann DivvyCloud Inc. www.divvycloud.com
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
