Hi Ben, We looked a bit closer at this problem, and turns out the packet header size we were getting back from Ryu wasn't what we were expecting. We're now calculating this correctly ourselves (instead of relying on Ryu) which removes the need for disabling the IP header length check in the tutorial (I've send another patch towards d...@openvswitch.org that does this).
As for being able to inject payload into ofproto/trace generated packets I think this would be quite useful for folks like us. We are looking at moving our test suite to using ofproto/trace to generate packets (instead of scapy) for throwing at test scenarios because it's considerably more lightweight and we are already using openvswitch as the core of our test suite. Brad On 9 January 2018 at 05:51, Ben Pfaff <b...@ovn.org> wrote: > [dropping OP, who probably doesn't care] > > On Sat, Jan 06, 2018 at 12:07:09PM +1300, Brad Cowie wrote: > > What happened is that in faucet 1.6.12 we added a bunch of new packet > > handling sanity checks to help improve security of faucet's packet > > handling. Packets made by ofproto/trace -generate will have a zero-length > > payload which trips some of our sanity checks which will cause us to drop > > the packet. > > If OVS generated a packet with some nonzero size payload, would that fix > the problem? It's easy for us to change the details, we would just add > some code to flow_compose_l4() in lib/flow.c to put some L7 data into > the UDP packet. > > I suspect that changing the tutorial from using UDP to TCP might also > work around the issue? After all, TCP packets with empty payloads are > pretty common, at least (off the top of my head) if they have SYN or FIN > or RST attached. >
_______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
