On May 25, 2012, at 3:17 AM, Mabry Tyson wrote: > The "[0, openflow.OFPP_CONTROLLER]" indicates that the matching packets are > to be > sent to the controller, but only to a maximum length of 0. > > 0 should be replaced with the something like 128 to get enough of the packet > to do most things. (or set it to 1600 (depending on MTU) to grab the whole > packet).
Yes. This is a holdover from older versions of OpenFlow where 0 meant the whole packet instead of none of the packet. And by holdover I mean, "This has been broken since the days of OpenFlow 0.9 or so and nobody has ever bothered to push a fix." > [FYI, if you get the whole packet, I believe you will get buffer_id = -1] I don't think this is in the spec. I think it's up to the switch. > Ah... I just realized another bug in this code. The above Flow Mod rule > will cause every DNS answer packet to be kicked out to the controller. > However, in dnsspy, the packet is never sent back to the OF switch to be > delivered to its destination. No one will ever hear a UDP DNS response > through a switch running this. This is sort of by design -- there's actually nothing "good" to do here. Your options, as I see them: A) Don't install a flow Pro: Something else may install a flow which will cause the DNS packet to actually get forwarded. Con: You'll probably get truncated DNS at the controller, which would seem to be counter to the user's intentions from having run dnsspy in the first place. Note: This was at one point the way it worked in the repo, I believe. B) Install a flow to forward traffic Pro: DNS would be forwarded. Con: This is impossible. Note: You can't possibly know what flow to install from here. Is the user running pyswitch? sprouting? Something else entirely? Which port should it go out? Where is the DNS server? In short, dnsspy is a little toy example that a user would need to modify for it to do anything really useful (as a note, this has been done a number of times, e.g., as part of NOX-At-Home). It is also a toy illustration of the problem of component composability. Doing anything truly reasonable requires more infrastructure and/or an alternative approach like Frenetic. -- Murphy
