Thanks Justin and Ben Ok - so I can use ofctl to do that . To my understanding - I need a flow with higher priority for SYN pkt for every TCP connection between server A and Client B to output the packet to out-port x and y (where y is connected to the SYN collector) I addition I need the 'regular' flow for this TCP connection to output only to port x - correct ? Can you send an example ofctl configuration for that ? Best Regards avi
> -----Original Message----- > From: Justin Pettit [mailto:jpet...@ovn.org] > Sent: Thursday, 25 May, 2017 9:07 PM > To: Ben Pfaff > Cc: Avi Cohen (A); ovs-discuss@openvswitch.org > Subject: Re: [ovs-discuss] SYN packet mirroring > > > > On May 25, 2017, at 10:44 AM, Ben Pfaff <b...@ovn.org> wrote: > > > > On Thu, May 25, 2017 at 10:26:29AM -0700, Justin Pettit wrote: > >> > >>> On May 25, 2017, at 2:10 AM, Avi Cohen (A) <avi.co...@huawei.com> > wrote: > >>> > >>> Hi All, > >>> I need to capture all received SYN packets from all interfaces and to > mirror/output to a specific interface in addition to the operational interface > that these packets should be forwarded. > >>> Can I do it with a single dpctl add-flow cli command ? and not modify > >>> the > 'operational' flows that are used to normally connect TCP clients to TCP > servers > ? > >> > >> No, if you run ovs-vswitchd, it will be confused when flows are added with > ovs-dpctl, and delete them. Also, I don't think that would work, since the > kernel > module will only apply actions from a single flow, so you'll either send the > SYN > packet to your collector or forward it appropriately, but not both. > >> > >> You should be able to construct what you want pretty easily with ovs-ofctl > flows, though. > > > > Avi might be talking about "dpctl" from the OpenFlow reference > > implementation, which (confusingly) uses OpenFlow. > > Yeah, I wasn't sure if he was abbreviating or not. If that is what he's > talking > about, he's not using OVS, of course. > > --Justin > _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss