A Merry Christmas to all of you! We've discovered what we suspect is a bug, and are looking for thoughts, please!
Observed behaviour: - Continuous pings being sent from laptop to vm1 - vm2 is quiescent - Intermittently, the response to a ping from laptop is seen on vm2 Hypotheses: 1. as vm2 is quiescent, maybe the switch loses its MAC address, and it is disassociated with the relevant port on the switch. For some reason, packets are sent to it. 2. from time to time, OVS loses track of where to send the ping responses (the default gw), and therefore they end up being broadcast to all ports, which means that tcpdump picks them up on vm2. Details below. I've not yet had a chance to try to reproduce this behaviour, but we think that hypothesis 2 is more likely. As a short-term work-around, how about a rule directing all packets known _not_ to originate from one of the VMs to be sent by default to the port which is connected externally? -Mike. Here's the set-up: -------------------------- xenhost) eth0 -> xenbr0 -> dom0 eth1 -> xenbr1 -> vm's vm1) mac=00:16:3e:16:3e:16 IP=212.227.35.227 port=3 vm2) mac=00:16:3e:16:3e:18 IP=212.227.35.231 port=5 laptop) mac=? IP=172.17.17.223 Default_gw=00:00:0c:9f:f0:00 ---------------------------- Rules -------------------------- $ofctl dump-flows xenbr1: NXST_FLOW reply (xid=0x4): cookie=0x0, duration=836.613s, table_id=0, n_packets=14, n_bytes=588, priority=3,arp,in_port=3,dl_src=00:16:3e:16:3e:16,nw_src=212.227.35.227,arp_sha=00:16:3e:16:3e:16 actions=NORMAL cookie=0x0, duration=834.456s, table_id=0, n_packets=0, n_bytes=0, priority=3,arp,in_port=5,dl_src=00:16:3e:16:3e:18,nw_src=0.0.0.0,arp_sha=00:16:3e:16:3e:18 actions=NORMAL cookie=0x0, duration=834.464s, table_id=0, n_packets=17, n_bytes=714, priority=3,arp,in_port=5,dl_src=00:16:3e:16:3e:18,nw_src=212.227.35.231,arp_sha=00:16:3e:16:3e:18 actions=NORMAL cookie=0x0, duration=836.603s, table_id=0, n_packets=0, n_bytes=0, priority=3,arp,in_port=3,dl_src=00:16:3e:16:3e:16,nw_src=0.0.0.0,arp_sha=00:16:3e:16:3e:16 actions=NORMAL cookie=0x0, duration=836.623s, table_id=0, n_packets=0, n_bytes=0, priority=39500,udp,in_port=3,dl_src=00:16:3e:16:3e:16,dl_dst=ff:ff:ff:ff:ff:ff,tp_dst=67 actions=NORMAL cookie=0x0, duration=834.472s, table_id=0, n_packets=0, n_bytes=0, priority=39500,udp,in_port=5,dl_src=00:16:3e:16:3e:18,dl_dst=ff:ff:ff:ff:ff:ff,tp_dst=67 actions=NORMAL cookie=0x0, duration=834.449s, table_id=0, n_packets=1327, n_bytes=117198, priority=3,ip,in_port=5,dl_src=00:16:3e:16:3e:18,nw_src=212.227.35.231 actions=NORMAL cookie=0x0, duration=836.594s, table_id=0, n_packets=2703, n_bytes=335078, priority=3,ip,in_port=3,dl_src=00:16:3e:16:3e:16,nw_src=212.227.35.227 actions=NORMAL cookie=0x0, duration=834.434s, table_id=0, n_packets=282, n_bytes=27299, priority=1,in_port=5 actions=drop cookie=0x0, duration=834.441s, table_id=0, n_packets=6132, n_bytes=527511, priority=2,in_port=1 actions=NORMAL cookie=0x0, duration=836.576s, table_id=0, n_packets=204, n_bytes=22682, priority=1,in_port=3 actions=drop cookie=0x0, duration=1911257.572s, table_id=0, n_packets=4168683, n_bytes=406562795, priority=0 actions=NORMAL tcpdump output ----- tcpdump on vm1 shows traffic from vm2 (outgoing, icmp-replies while running an mtr from 172.17.17.223 to vm2(212.227.35.231) linuxtestvm1:~# tcpdump -nei eth0 "ether host not 00:16:3e:16:3e:16 and ether host not ff:ff:ff:ff:ff:ff and ether host not 33:33:00:00:00:66" 14:11:26.511267 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 134, length 44 14:11:27.516488 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 1670, length 44 14:11:28.520643 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 3206, length 44 14:11:29.525771 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 4742, length 44 14:11:30.530851 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 6278, length 44 14:11:31.535663 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 7814, length 44 14:11:32.541616 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 9350, length 44 14:11:33.547110 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 10886, length 44 14:11:34.551334 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 12422, length 44 14:11:35.558228 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 13958, length 44 14:11:36.561956 00:16:3e:16:3e:18 > 00:00:0c:9f:f0:00, ethertype IPv4 (0x0800), length 78: 212.227.35.231 > 172.17.17.223: ICMP echo reply, id 26121, seq 15494, length 44 _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
