Hi Ben, thanks for your review.
Conntrack have no problem with localnet port, but the pipline hase problem
in the follow circumstance
------ vlan ----
|ovs1|---------- |ovs2|
------ -----
| |
vm1 vm2
net1 10.0.0.0/24 has vm1 with ip 10.0.0.10, net2 10.0.0.0/24 has vm2 with
ip 20.0.0.10. net1 and net2 link to same route. net1 and net2 have
localnet ports as inport/outport when packet forwarded between ovs1 and
ovs2.
when vm1 ping vm2, by the route forward, the out port of icmp request is
localnet port of net2 in ovs1. And in reverse, ovs1 will use localnet port
of net1 as inport of icmp reply from vm2.
The request and reply is not the same localnet port in ovs. Because of
different localnet port with different zone id, when localnet port use ct,
the ct state can not change to established.
So the icmp relpy will be dropped because of the error ct state.
Ben Pfaff <b...@ovn.org>
2017/06/01 07:42
收件人: wang.qia...@zte.com.cn,
抄送: d...@openvswitch.org, zhou.huij...@zte.com.cn,
xu.r...@zte.com.cn
主题: [spam可疑邮件]Re: [ovs-dev] [PATCH] ovn-northd: Fix ping
failure of vlan networks.
On Mon, May 22, 2017 at 07:39:22PM +0800, wang.qia...@zte.com.cn wrote:
> There are two computer node, each have one vm. And the two vms in
> indifferent vlan networks. The ping between the vms is not success.
>
> The reason is that, acl of to-localnet port or from-localnet port is
> signed to contrack. So the pair of icmp request and reply have different
> zone id in one ovs node. This makes the ct state not correct.
>
> This patch do the modification that localnet port do not use ct.
>
> Signed-off-by: wangqianyu <wang.qia...@zte.com.cn>
This patch was word-wrapped, but I was able to deal with that.
I don't exactly understand the problem. Does conntrack not work at all
with packets that go to/from localnet ports? Or does it have something
to do with VLAN tags?
Please document the new flows in ovn-northd.8.xml.
Also, checkpatch reported the following:
ERROR: Improper whitespace around control block
#17 FILE: b/ovn/northd/ovn-northd.c:1355:
if(!strcmp(nbsp->type, "localnet")) {
ERROR: Improper whitespace around control block
#28 FILE: b/ovn/northd/ovn-northd.c:2637:
if(od->localnet_port) {
WARNING: Line length is >79-characters long
#32 FILE: b/ovn/northd/ovn-northd.c:2641:
ds_put_format(&match_in, "ip && inport == %s",
od->localnet_port->json_key);
WARNING: Line length is >79-characters long
#33 FILE: b/ovn/northd/ovn-northd.c:2642:
ds_put_format(&match_out, "ip && outport == %s",
od->localnet_port->json_key);
Thanks a lot for working on OVN!
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
