Re: [ovs-discuss] [ovn] MAC in table acl and lb
On Wed, Sep 23, 2020 at 7:51 AM Tony Liu wrote: > That MAC is also in table 19. > == > table=19(ls_in_l2_lkup ), priority=110 , match=(eth.dst == > 1a:d2:77:6e:42:98), action=(handle_svc_check(inport);) > == > > Thanks! > Tony > > -Original Message- > > From: Tony Liu > > Sent: Tuesday, September 22, 2020 7:19 PM > > To: ovs-discuss > > Subject: [ovn] MAC in table acl and lb > > > > Hi, > > > > When I look at a datapath ingress pipeline, = > > table=3 (ls_in_pre_acl ), priority=110 , match=(eth.dst == > > 1a:d2:77:6e:42:98), action=(next;) > > table=3 (ls_in_pre_acl ), priority=0, match=(1), > > action=(next;) > > table=4 (ls_in_pre_lb ), priority=110 , match=(eth.dst == > > 1a:d2:77:6e:42:98), action=(next;) > > table=4 (ls_in_pre_lb ), priority=110 , match=(nd || nd_rs || > > nd_ra || icmp4.type == 3 ||icmp6.type == 1 || (tcp && tcp.flags == 20)), > > action=(next;) > > table=4 (ls_in_pre_lb ), priority=0, match=(1), > > action=(next;) > > table=5 (ls_in_pre_stateful ), priority=100 , match=(reg0[0] == 1), > > action=(ct_next;) > > table=5 (ls_in_pre_stateful ), priority=0, match=(1), > > action=(next;) > > table=6 (ls_in_acl ), priority=34000, match=(eth.dst == > > 1a:d2:77:6e:42:98), action=(next;) > > table=6 (ls_in_acl ), priority=0, match=(1), > > action=(next;) > > table=7 (ls_in_qos_mark ), priority=0, match=(1), > > action=(next;) > > table=8 (ls_in_qos_meter), priority=0, match=(1), > > action=(next;) > > table=9 (ls_in_lb ), priority=0, match=(1), > > action=(next;) > > = > > What's that MAC 1a:d2:77:6e:42:98? What's it for in acl and lb tables? > > I can't find any port with that MAC. > > This datapath is for a LS that is created from OpenStack. > Hi Tony, This mac is used for service monitoring. ovn-northd generates this mac. You can see this by running - ovn-nbctl list NB_Global. Service monitoring is used by OVN octavia provider driver for health checks. Look into the NB table - Load_Balancer_Health_Check and SB table - Service_Monitor in the man pages for more details. You see the flows in acl and lb tables to basically skip the service monitor reply packets from being sent to conntrack. These packets will be sent to ovn-controller as packet-ins. [1] - https://www.ovn.org/support/dist-docs/ovn-nb.5.html [2] - https://www.ovn.org/support/dist-docs/ovn-sb.5.html Thanks Numan Thanks Numan > > > > Thanks! > > Tony > > ___ > discuss mailing list > disc...@openvswitch.org > https://mail.openvswitch.org/mailman/listinfo/ovs-discuss > > ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
Re: [ovs-discuss] [ovn] MAC in table acl and lb
That MAC is also in table 19. == table=19(ls_in_l2_lkup ), priority=110 , match=(eth.dst == 1a:d2:77:6e:42:98), action=(handle_svc_check(inport);) == Thanks! Tony > -Original Message- > From: Tony Liu > Sent: Tuesday, September 22, 2020 7:19 PM > To: ovs-discuss > Subject: [ovn] MAC in table acl and lb > > Hi, > > When I look at a datapath ingress pipeline, = > table=3 (ls_in_pre_acl ), priority=110 , match=(eth.dst == > 1a:d2:77:6e:42:98), action=(next;) > table=3 (ls_in_pre_acl ), priority=0, match=(1), > action=(next;) > table=4 (ls_in_pre_lb ), priority=110 , match=(eth.dst == > 1a:d2:77:6e:42:98), action=(next;) > table=4 (ls_in_pre_lb ), priority=110 , match=(nd || nd_rs || > nd_ra || icmp4.type == 3 ||icmp6.type == 1 || (tcp && tcp.flags == 20)), > action=(next;) > table=4 (ls_in_pre_lb ), priority=0, match=(1), > action=(next;) > table=5 (ls_in_pre_stateful ), priority=100 , match=(reg0[0] == 1), > action=(ct_next;) > table=5 (ls_in_pre_stateful ), priority=0, match=(1), > action=(next;) > table=6 (ls_in_acl ), priority=34000, match=(eth.dst == > 1a:d2:77:6e:42:98), action=(next;) > table=6 (ls_in_acl ), priority=0, match=(1), > action=(next;) > table=7 (ls_in_qos_mark ), priority=0, match=(1), > action=(next;) > table=8 (ls_in_qos_meter), priority=0, match=(1), > action=(next;) > table=9 (ls_in_lb ), priority=0, match=(1), > action=(next;) > = > What's that MAC 1a:d2:77:6e:42:98? What's it for in acl and lb tables? > I can't find any port with that MAC. > This datapath is for a LS that is created from OpenStack. > > Thanks! > Tony ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
[ovs-discuss] [ovn] MAC in table acl and lb
Hi, When I look at a datapath ingress pipeline, = table=3 (ls_in_pre_acl ), priority=110 , match=(eth.dst == 1a:d2:77:6e:42:98), action=(next;) table=3 (ls_in_pre_acl ), priority=0, match=(1), action=(next;) table=4 (ls_in_pre_lb ), priority=110 , match=(eth.dst == 1a:d2:77:6e:42:98), action=(next;) table=4 (ls_in_pre_lb ), priority=110 , match=(nd || nd_rs || nd_ra || icmp4.type == 3 ||icmp6.type == 1 || (tcp && tcp.flags == 20)), action=(next;) table=4 (ls_in_pre_lb ), priority=0, match=(1), action=(next;) table=5 (ls_in_pre_stateful ), priority=100 , match=(reg0[0] == 1), action=(ct_next;) table=5 (ls_in_pre_stateful ), priority=0, match=(1), action=(next;) table=6 (ls_in_acl ), priority=34000, match=(eth.dst == 1a:d2:77:6e:42:98), action=(next;) table=6 (ls_in_acl ), priority=0, match=(1), action=(next;) table=7 (ls_in_qos_mark ), priority=0, match=(1), action=(next;) table=8 (ls_in_qos_meter), priority=0, match=(1), action=(next;) table=9 (ls_in_lb ), priority=0, match=(1), action=(next;) = What's that MAC 1a:d2:77:6e:42:98? What's it for in acl and lb tables? I can't find any port with that MAC. This datapath is for a LS that is created from OpenStack. Thanks! Tony ___ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
