I have an issue with OVS VXLAN and using the local_ip option for the interface.
Some of the IP addresses have been changed in the email since I don't know
exactly who sees this.
What you did that make the problem appear.
Using a server with two interfaces with two default routes, I want to build a
VXLAN tunnel over each link to a destination switch. I am utilizing iptables
to mark and ip rules to re-direct the traffic for the second tunnel out the
correct interface. I have built the VXLAN tunnel in OVS trying to use the
"local_ip" option.
EXAMPLE:
sudo ovs-vsctl add-port ovs-br1 tun1 -- set Interface tun1 type=vxlan
options:remote_ip=172.17.253.1 options:key=testflow2
options:local_ip=172.16.253.16
What you expected to happen.
I expected the VXLAN tunnel to be sent using the specified source
IP address of 172.16.253.16 out the correct interface.
What actually happened.
The VXLAN tunnel exits the correct interface based on my routing
rules, however was formed utilizing the other interface's IP address
(172.16.252.108).
EXAMPLE:
08:24:42.779236 IP 172.16.252.108.57418 > 172.17.253.1.4789: VXLAN, flags [I]
(0x08), vni 0
LLDP, length 79
08:24:42.779437 IP 172.16.252.108.34566 > 172.17.253.1.4789: VXLAN, flags [I]
(0x08), vni 0
02:eb:86:0d:38:74 (oui Unknown) > Broadcast, ethertype Unknown (0x8942), length
93:
0x0000: 0207 0486 e5fb d3da 4204 0502 0000 000e ........B.......
0x0010: 0602 0078 fe12 a423 0501 4f4e 4f53 2044 ...x...#..ONOS.D
0x0020: 6973 636f 7665 7279 fe17 a423 0502 6f66 iscovery...#..of
0x0030: 3a30 3030 3038 3665 3566 6264 3364 6134 :000086e5fbd3da4
0x0040: 3208 0a75 6370 652d 7475 6e2d 3200 00 2..tun1..
The Open vSwitch version number (as output by ovs-vswitchd --version).
ovs-vswitchd (Open vSwitch) 2.5.2
Compiled Oct 17 2017 16:38:57
The kernel version on which Open vSwitch is running (from /proc/version) and
the distribution and version number of your OS (e.g. "Centos 5.0").
Linux version 4.4.0-87-generic (buildd@lcy01-31) (gcc version 5.4.0
20160609 (Ubuntu 5.4.0-6ubuntu1~16.04.4) ) #110-Ubuntu SMP Tue Jul 18 12:55:35
UTC 2017
The output of ovs-dpctl show.
system@ovs-system:
lookups: hit:191881 missed:5814 lost:0
flows: 4
masks: hit:471168 total:4 hit/pkt:2.38
port 0: ovs-system (internal)
port 1: ovs-br1 (internal)
port 2: vxlan_sys_4789 (vxlan)
port 3: ovs-lan (internal)
port 4: k8s-br (internal)
port 5: mirror-br (internal)
port 6: ens6
port 7: wan2 (internal)
Any other information that you think might be relevant.
Everything works fine when building with GRE instead of VXLAN, all the same
routing and firewall rules. The rules are not matching any protocol specific
parameters, just matching on destination IP address to mark the traffic.
Thank you,
Marcus Padgett
Sr Engineer - Service Architecture | Windstream
marcus.padg...@windstream.com<http://www.windstreambusiness.com/>
This email message and any attachments are for the sole use of the intended
recipient(s). Any unauthorized review, use, disclosure or distribution is
prohibited. If you are not the intended recipient, please contact the sender by
reply email and destroy all copies of the original message and any attachments.
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
