[Openstack] [Neutron] Flaw in flow rules
Hi, I am using vlan mode networking. There appears to be a flaw in my flow rules. To the best of my knowledge the in_port in the below output should have been 3(according to ovs-dpctl show). But it is 33. To my surprise however, my setup is working. Can any one explain to me how this can happen. root@mars:~# ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=522.826s, table=0, n_packets=263, n_bytes=39666, idle_age=429, priority=3,in_port=33,dl_vlan=100 actions=mod_vlan_vid:2,NORMAL cookie=0x0, duration=2567.744s, table=0, n_packets=920, n_bytes=197692, idle_age=0, priority=2,in_port=33 actions=drop cookie=0x0, duration=2568.669s, table=0, n_packets=384, n_bytes=37365, idle_age=429, priority=1 actions=NORMAL root@mars:~# ovs-ofctl dump-flows br-eth1 NXST_FLOW reply (xid=0x4): cookie=0x0, duration=525.124s, table=0, n_packets=384, n_bytes=37693, idle_age=431, priority=4,in_port=5,dl_vlan=2 actions=mod_vlan_vid:100,NORMAL cookie=0x0, duration=2569.882s, table=0, n_packets=6, n_bytes=468, idle_age=2559, priority=2,in_port=5 actions=drop cookie=0x0, duration=2570.721s, table=0, n_packets=12748, n_bytes=978934, idle_age=1, priority=1 actions=NORMAL root@mars:~# ovs-dpctl show system@ovs-system: lookups: hit:39891511 missed:7260493 lost:0 flows: 11 port 0: ovs-system (internal) port 1: br-int (internal) port 2: br-eth1 (internal) port 3: int-br-eth1 port 4: phy-br-eth1 port 5: eth1 port 6: tap4385c710-be root@mars:~# http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Neutron] Flaw in flow rules
Sure that helps. Any Idea whats the difference between this one and the one in dpctl show. Thank you, Ageeleshwar K From: Damon Wang [damon.dev...@gmail.com] Sent: Thursday, March 27, 2014 4:55 PM To: Ageeleshwar Kandavelu Cc: openstack@lists.openstack.org Subject: Re: [Openstack] [Neutron] Flaw in flow rules Hi, Use ovs-ofctl show br-int instead of ovs-dpctl show :-) Hope it helps Damon 2014-03-27 17:19 GMT+08:00 Ageeleshwar Kandavelu ageeleshwar.kandav...@csscorp.commailto:ageeleshwar.kandav...@csscorp.com: Hi, I am using vlan mode networking. There appears to be a flaw in my flow rules. To the best of my knowledge the in_port in the below output should have been 3(according to ovs-dpctl show). But it is 33. To my surprise however, my setup is working. Can any one explain to me how this can happen. root@mars:~# ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=522.826s, table=0, n_packets=263, n_bytes=39666, idle_age=429, priority=3,in_port=33,dl_vlan=100 actions=mod_vlan_vid:2,NORMAL cookie=0x0, duration=2567.744s, table=0, n_packets=920, n_bytes=197692, idle_age=0, priority=2,in_port=33 actions=drop cookie=0x0, duration=2568.669s, table=0, n_packets=384, n_bytes=37365, idle_age=429, priority=1 actions=NORMAL root@mars:~# ovs-ofctl dump-flows br-eth1 NXST_FLOW reply (xid=0x4): cookie=0x0, duration=525.124s, table=0, n_packets=384, n_bytes=37693, idle_age=431, priority=4,in_port=5,dl_vlan=2 actions=mod_vlan_vid:100,NORMAL cookie=0x0, duration=2569.882s, table=0, n_packets=6, n_bytes=468, idle_age=2559, priority=2,in_port=5 actions=drop cookie=0x0, duration=2570.721s, table=0, n_packets=12748, n_bytes=978934, idle_age=1, priority=1 actions=NORMAL root@mars:~# ovs-dpctl show system@ovs-system: lookups: hit:39891511 missed:7260493 lost:0 flows: 11 port 0: ovs-system (internal) port 1: br-int (internal) port 2: br-eth1 (internal) port 3: int-br-eth1 port 4: phy-br-eth1 port 5: eth1 port 6: tap4385c710-be root@mars:~# http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.orgmailto:openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Neutron] Flaw in flow rules
Hi, I just know that ovs-dpctl config datapaths and ovs-ofctl are openvswicth's OpenFlow implement. ovs-dpctl show maybe compatible with ovs-dpctl dump-flows? Regards, Damon 2014-03-27 21:02 GMT+08:00 Ageeleshwar Kandavelu ageeleshwar.kandav...@csscorp.com: Sure that helps. Any Idea whats the difference between this one and the one in dpctl show. Thank you, Ageeleshwar K -- *From:* Damon Wang [damon.dev...@gmail.com] *Sent:* Thursday, March 27, 2014 4:55 PM *To:* Ageeleshwar Kandavelu *Cc:* openstack@lists.openstack.org *Subject:* Re: [Openstack] [Neutron] Flaw in flow rules Hi, Use ovs-ofctl show br-int instead of ovs-dpctl show :-) Hope it helps Damon 2014-03-27 17:19 GMT+08:00 Ageeleshwar Kandavelu ageeleshwar.kandav...@csscorp.com: Hi, I am using vlan mode networking. There appears to be a flaw in my flow rules. To the best of my knowledge the in_port in the below output should have been 3(according to ovs-dpctl show). But it is 33. To my surprise however, my setup is working. Can any one explain to me how this can happen. root@mars:~# ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=522.826s, table=0, n_packets=263, n_bytes=39666, idle_age=429, priority=3*,in_port=33*,dl_vlan=100 actions=mod_vlan_vid:2,NORMAL cookie=0x0, duration=2567.744s, table=0, n_packets=920, n_bytes=197692, idle_age=0, priority=2*,in_port=33 *actions=drop cookie=0x0, duration=2568.669s, table=0, n_packets=384, n_bytes=37365, idle_age=429, priority=1 actions=NORMAL root@mars:~# ovs-ofctl dump-flows br-eth1 NXST_FLOW reply (xid=0x4): cookie=0x0, duration=525.124s, table=0, n_packets=384, n_bytes=37693, idle_age=431, priority=4,in_port=5,dl_vlan=2 actions=mod_vlan_vid:100,NORMAL cookie=0x0, duration=2569.882s, table=0, n_packets=6, n_bytes=468, idle_age=2559, priority=2,in_port=5 actions=drop cookie=0x0, duration=2570.721s, table=0, n_packets=12748, n_bytes=978934, idle_age=1, priority=1 actions=NORMAL root@mars:~# ovs-dpctl show system@ovs-system: lookups: hit:39891511 missed:7260493 lost:0 flows: 11 port 0: ovs-system (internal) port 1: br-int (internal) port 2: br-eth1 (internal) port 3: int-br-eth1 port 4: phy-br-eth1 port 5: eth1 port 6: tap4385c710-be root@mars:~# http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
Re: [Openstack] [Neutron] Flaw in flow rules
On Thursday 27 March 2014 21:36:43 Damon Wang wrote: Hi, I just know that ovs-dpctl config datapaths and ovs-ofctl are openvswicth's OpenFlow implement. ovs-dpctl show maybe compatible with ovs-dpctl dump-flows? I far as I know, ovs-dpctl should be used mainly for debugging purposes. From OVS's FAQ: Q: I hear OVS has a couple of kinds of flows. Can you tell me about them? A: Open vSwitch uses different kinds of flows for different purposes: - OpenFlow flows are the most important kind of flow. OpenFlow controllers use these flows to define a switch's policy. OpenFlow flows support wildcards, priorities, and multiple tables. When in-band control is in use, Open vSwitch sets up a few hidden flows, with priority higher than a controller or the user can configure, that are not visible via OpenFlow. (See the Controller section of the FAQ for more information about hidden flows.) - The Open vSwitch software switch implementation uses a second kind of flow internally. These flows, called datapath or kernel flows, do not support priorities and comprise only a single table, which makes them suitable for caching. (Like OpenFlow flows, datapath flows do support wildcarding, in Open vSwitch 1.11 and later.) OpenFlow flows and datapath flows also support different actions and number ports differently. Datapath flows are an implementation detail that is subject to change in future versions of Open vSwitch. Even with the current version of Open vSwitch, hardware switch implementations do not necessarily use this architecture. Regards, Damon 2014-03-27 21:02 GMT+08:00 Ageeleshwar Kandavelu ageeleshwar.kandav...@csscorp.com: Sure that helps. Any Idea whats the difference between this one and the one in dpctl show. Thank you, Ageeleshwar K -- *From:* Damon Wang [damon.dev...@gmail.com] *Sent:* Thursday, March 27, 2014 4:55 PM *To:* Ageeleshwar Kandavelu *Cc:* openstack@lists.openstack.org *Subject:* Re: [Openstack] [Neutron] Flaw in flow rules Hi, Use ovs-ofctl show br-int instead of ovs-dpctl show :-) Hope it helps Damon 2014-03-27 17:19 GMT+08:00 Ageeleshwar Kandavelu ageeleshwar.kandav...@csscorp.com: Hi, I am using vlan mode networking. There appears to be a flaw in my flow rules. To the best of my knowledge the in_port in the below output should have been 3(according to ovs-dpctl show). But it is 33. To my surprise however, my setup is working. Can any one explain to me how this can happen. root@mars:~# ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=522.826s, table=0, n_packets=263, n_bytes=39666, idle_age=429, priority=3*,in_port=33*,dl_vlan=100 actions=mod_vlan_vid:2,NORMAL cookie=0x0, duration=2567.744s, table=0, n_packets=920, n_bytes=197692, idle_age=0, priority=2*,in_port=33 *actions=drop cookie=0x0, duration=2568.669s, table=0, n_packets=384, n_bytes=37365, idle_age=429, priority=1 actions=NORMAL root@mars:~# ovs-ofctl dump-flows br-eth1 NXST_FLOW reply (xid=0x4): cookie=0x0, duration=525.124s, table=0, n_packets=384, n_bytes=37693, idle_age=431, priority=4,in_port=5,dl_vlan=2 actions=mod_vlan_vid:100,NORMAL cookie=0x0, duration=2569.882s, table=0, n_packets=6, n_bytes=468, idle_age=2559, priority=2,in_port=5 actions=drop cookie=0x0, duration=2570.721s, table=0, n_packets=12748, n_bytes=978934, idle_age=1, priority=1 actions=NORMAL root@mars:~# ovs-dpctl show system@ovs-system: lookups: hit:39891511 missed:7260493 lost:0 flows: 11 port 0: ovs-system (internal) port 1: br-int (internal) port 2: br-eth1 (internal) port 3: int-br-eth1 port 4: phy-br-eth1 port 5: eth1 port 6: tap4385c710-be root@mars:~# http://www.csscorp.com/common/email-disclaimer.php ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack http://www.csscorp.com/common/email-disclaimer.php -- Dmitry Guryanov ___ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack