Hi all, Looking at Netflow logs (ovs is my flow generator), the flow of packets seems a bit strange, so I was curious for any feedback...
My basic setup is Eth1 is Northbound unnumbered Interface Eth0 is southbound unnumbered Interface Vlan1 is northbound numbered (trunk on eth1 but no tagging) Vlan254 is southbound numbered (trunk on eth0 w/ tagging) They're all part of br0 Basic IPTables NAT is on packets leaving eth1 Packets flow like this based on netflow - this is one packet, two flow records Inbound packet from internet to eth1 generates flow, input interface eth1, output interface vlan1 Then Next flow is input interface vlan254, output interface eth0 So, when it goes to forward south, it does it with an input vlan of 254-basically from a flow perspectives, it looks like traffic from the Internet is sourced locally the same as local VLan254 traffic. I would have thought it would simply be the entire packet captured as a single flow, input interface vlan1 or eth1 and output interface vlan254. I haven't looked at what a Cisco or Juniper switch would do, but I assume it'd be a single flow also. Thanks for any advice or perspective.
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
