On Tue, Jul 01, 2014 at 11:22:10AM -0700, Ben Pfaff wrote:
> On Tue, Jul 01, 2014 at 03:13:20PM -0300, Flavio Leitner wrote:
> > On Tue, Jul 01, 2014 at 11:05:15AM -0700, Ben Pfaff wrote:
> > > On Tue, Jul 01, 2014 at 01:57:17PM -0400, Jason Thorpe wrote:
> > >
> > > > if I have a rule, nw_src=192.168.0.0/16 and a specific rule,
> > > > nw_src=192.168.0.1/32 and a packet comes from 192.168.0.1, which
> > > > rule will it match? the /16 or /32? I want to match the 192.168.0.1
> > > > packet even if I have both rules
> > >
> > > If a packet can match two rules, use priority to disambiguate.
> > > Otherwise the behavior is undefined.
> >
> > Isn't the more specific one first?
>
> No.
For some reason I though exact matches gets prioritized over wildcarded
ones. Anyway, priority needs to be used in any case as Ben says.
Additional info can be found in ovs-vsctl(8) man-page:
priority=value
The priority at which a wildcarded entry will match in compari‐
son to others. value is a number between 0 and 65535, inclu‐
sive. A higher value will match before a lower one. An exact-
match entry will always have priority over an entry containing
wildcards, so it has an implicit priority value of 65535. When
adding a flow, if the field is not specified, the flow's prior‐
ity will default to 32768.
OpenFlow leaves behavior undefined when two or more flows with
the same priority can match a single packet. Some users expect
``sensible'' behavior, such as more specific flows taking prece‐
dence over less specific flows, but OpenFlow does not specify
this and Open vSwitch does not implement it. Users should
therefore take care to use priorities to ensure the behavior
that they expect.
fbl
_______________________________________________
discuss mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/discuss
