Hi,
Your code seems to be correct and works correctly on my environment.
$ git diff
diff --git a/ryu/app/simple_switch_13.py b/ryu/app/simple_switch_13.py
index 3e7c598..d275ad6 100644
--- a/ryu/app/simple_switch_13.py
+++ b/ryu/app/simple_switch_13.py
@@ -48,6 +48,16 @@ class SimpleSwitch13(app_manager.RyuApp):
ofproto.OFPCML_NO_BUFFER)]
self.add_flow(datapath, 0, match, actions)
+ match = parser.OFPMatch(eth_type_nxm=0x0800, nw_ttl=0)
+ actions = []
+
+ self.add_flow(datapath, 10, match, actions)
+
+ match = parser.OFPMatch(eth_type_nxm=0x0800)
+ actions = [parser.OFPActionDecNwTtl()]
+
+ self.add_flow(datapath, 5, match, actions)
+
def add_flow(self, datapath, priority, match, actions, buffer_id=None):
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
diff --git a/ryu/ofproto/nicira_ext.py b/ryu/ofproto/nicira_ext.py
index e2fca47..7487b3b 100644
--- a/ryu/ofproto/nicira_ext.py
+++ b/ryu/ofproto/nicira_ext.py
@@ -435,6 +435,10 @@ ip_proto_nxm Integer 8bit IP protocol. Needed to
support Nicira
extensions that require the ip_proto to
be set. (i.e. tcp_flags_nxm)
tunnel_id_nxm Integer 64bit Tunnel identifier.
+nw_ttl Integer 8bit IP TTL or IPv6 hop limit value ttl
+ (between 0 and 255).
+ Requires setting fields:
+ eth_type_nxm = [0x0800 (IP)|0x86dd (IPv6)]
tun_ipv4_src IPv4 address Tunnel IPv4 source address.
tun_ipv4_dst IPv4 address Tunnel IPv4 destination address.
pkt_mark Integer 32bit Packet metadata mark.
@@ -484,6 +488,7 @@ oxm_types = [
oxm_fields.NiciraExtended0('eth_type_nxm', 3, type_desc.Int2),
oxm_fields.NiciraExtended0('ip_proto_nxm', 6, type_desc.Int1),
oxm_fields.NiciraExtended1('tunnel_id_nxm', 16, type_desc.Int8),
+ oxm_fields.NiciraExtended1('nw_ttl', 29, type_desc.Int1),
oxm_fields.NiciraExtended1('tun_ipv4_src', 31, type_desc.IPv4Addr),
oxm_fields.NiciraExtended1('tun_ipv4_dst', 32, type_desc.IPv4Addr),
oxm_fields.NiciraExtended1('pkt_mark', 33, type_desc.Int4),
$ sudo mn --controller remote
...(snip)
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=10.851s, table=0, n_packets=0, n_bytes=0, idle_age=10,
priority=10,ip,nw_ttl=0 actions=drop
cookie=0x0, duration=10.851s, table=0, n_packets=0, n_bytes=0, idle_age=10,
priority=5,ip actions=dec_ttl
cookie=0x0, duration=10.851s, table=0, n_packets=0, n_bytes=0, idle_age=10,
priority=0 actions=CONTROLLER:65535
Did you "re-install" Ryu after applying my patch?
If you have installed Ryu with git source, it is required to re-install Ryu as
following.
# After applying patch, at Ryu top directory
$ sudo python setup.py install
Thanks,
Iwase
On 2016年09月09日 16:04, Warsang wrote:
> Hello, thank you very much, I have applied the patch. I am now trying to
> install a rule on switch startup to match all ip packets and decrement ttl or
> drop all IP packets who have TTL=0
> Is this code correct? Because I only have these two rules on ovs startup when
> i dump flows:
>
> sudo ovs-ofctl dump-flows 0_0_1 -O OpenFlow14
> OFPST_FLOW reply (OF1.4) (xid=0x2):
> cookie=0x0, duration=18.703s, table=0, n_packets=10, n_bytes=600,
> priority=65535,dl_dst=01:80:c2:00:00:0e,dl_type=0x88cc
> actions=CONTROLLER:65535
> cookie=0x0, duration=18.705s, table=0, n_packets=2, n_bytes=140, priority=0
> actions=CONTROLLER:65535
>
> *_
> _*
>
> *_My code:_*
>
>
> @set_ev_cls(ofp_event.EventOFPSwitchFeatures, CONFIG_DISPATCHER)
> def switch_features_handler(self, ev):
> datapath = ev.msg.datapath
> ofproto = datapath.ofproto
> parser = datapath.ofproto_parser
>
> # install table-miss flow entry
> #
> # We specify NO BUFFER to max_len of the output action due to
> # OVS bug. At this moment, if we specify a lesser number, e.g.,
> # 128, OVS will send Packet-In with invalid buffer_id and
> # truncated packet data. In that case, we cannot output packets
> # correctly. The bug has been fixed in OVS v2.1.0.
> match = parser.OFPMatch()
> actions = [parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
> ofproto.OFPCML_NO_BUFFER)]
> self.add_flow(datapath, 0, match, actions)
> match = parser.OFPMatch(eth_type_nxm=0x0800,nw_ttl = 0)
> actions = []
> self.add_flow(datapath,10,match,actions)
> match = parser.OFPMatch(eth_type_nxm=0x0800)
> actions = [parser.OFPActionDecNwTtl()]
> self.add_flow(datapath,5,match,actions)
>
> Thank you in advance.
>
> On 09/08/16 17:37, Iwase Yusuke wrote:
>> Hi,
>>
>> How about using NXM "nw_ttl" match field to drop packets with TTL=0?
>> But, currently, Ryu does not support this filed,
>> please apply the following patch.
>>
>>
>> $ git diff
>> diff --git a/ryu/app/simple_switch_13.py b/ryu/app/simple_switch_13.py
>> index 3e7c598..baa732c 100644
>> --- a/ryu/app/simple_switch_13.py
>> +++ b/ryu/app/simple_switch_13.py
>> @@ -48,6 +48,10 @@ class SimpleSwitch13(app_manager.RyuApp):
>> ofproto.OFPCML_NO_BUFFER)]
>> self.add_flow(datapath, 0, match, actions)
>>
>> + match = parser.OFPMatch(eth_type_nxm=0x0800, nw_ttl=0)
>> + actions = [] # Drop
>> + self.add_flow(datapath, 1, match, actions)
>> +
>> def add_flow(self, datapath, priority, match, actions, buffer_id=None):
>> ofproto = datapath.ofproto
>> parser = datapath.ofproto_parser
>> diff --git a/ryu/ofproto/nicira_ext.py b/ryu/ofproto/nicira_ext.py
>> index e2fca47..7487b3b 100644
>> --- a/ryu/ofproto/nicira_ext.py
>> +++ b/ryu/ofproto/nicira_ext.py
>> @@ -435,6 +435,10 @@ ip_proto_nxm Integer 8bit IP protocol. Needed to
>> support Nicira
>> extensions that require the ip_proto to
>> be set. (i.e. tcp_flags_nxm)
>> tunnel_id_nxm Integer 64bit Tunnel identifier.
>> +nw_ttl Integer 8bit IP TTL or IPv6 hop limit value ttl
>> + (between 0 and 255).
>> + Requires setting fields:
>> + eth_type_nxm = [0x0800 (IP)|0x86dd (IPv6)]
>> tun_ipv4_src IPv4 address Tunnel IPv4 source address.
>> tun_ipv4_dst IPv4 address Tunnel IPv4 destination address.
>> pkt_mark Integer 32bit Packet metadata mark.
>> @@ -484,6 +488,7 @@ oxm_types = [
>> oxm_fields.NiciraExtended0('eth_type_nxm', 3, type_desc.Int2),
>> oxm_fields.NiciraExtended0('ip_proto_nxm', 6, type_desc.Int1),
>> oxm_fields.NiciraExtended1('tunnel_id_nxm', 16, type_desc.Int8),
>> + oxm_fields.NiciraExtended1('nw_ttl', 29, type_desc.Int1),
>> oxm_fields.NiciraExtended1('tun_ipv4_src', 31, type_desc.IPv4Addr),
>> oxm_fields.NiciraExtended1('tun_ipv4_dst', 32, type_desc.IPv4Addr),
>> oxm_fields.NiciraExtended1('pkt_mark', 33, type_desc.Int4),
>>
>>
>> e.g.)
>> $ sudo mn --controller remote
>> ...(snip)
>> mininet> sh ovs-ofctl dump-flows s1
>> NXST_FLOW reply (xid=0x4):
>> cookie=0x0, duration=4.616s, table=0, n_packets=0, n_bytes=0, idle_age=4,
>> priority=1,ip,nw_ttl=0 actions=drop
>> cookie=0x0, duration=4.616s, table=0, n_packets=4, n_bytes=280,
>> idle_age=36, priority=0 actions=CONTROLLER:65535
>>
>>
>> Thanks,
>> Iwase
>>
>>
>> On 2016年09月08日 13:29, Warsang wrote:
>>> Hello all,
>>>
>>> I am running a fat-tree topology. When I ping a host x with h1 it first
>>> send arp discovery with ff:ff:ff:ff:ff:ff as destination. Hence
>>> everytime a switch gets this packet it floods it. Having no TTL these
>>> packets are immortal. My question is the following. What is the proper
>>> way of getting rid of these packets? I thought of decrementing the TTL
>>> every time a packet hits a switch. However I can only drop the packet
>>> with TTL = 0 at my controller and I can't create an OpenFlow rule that
>>> matches all packets with TTL = 0 hence I lose performance having to send
>>> the packets to my controller everytime I want to drop them. What is the
>>> proper way to get rid of these packets?
>>>
>>> Thank you in advance.
>>>
>>> -Warsang
>>>
>>>
>>> ------------------------------------------------------------------------------
>>> _______________________________________________
>>> Ryu-devel mailing list
>>> [email protected]
>>> https://lists.sourceforge.net/lists/listinfo/ryu-devel
>>>
>
>
>
>
> ------------------------------------------------------------------------------
>
>
>
> _______________________________________________
> Ryu-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ryu-devel
>
------------------------------------------------------------------------------
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
