On Fri, Jul 20, 2012 at 09:27:00AM +0800, YIMIN CHEN wrote: > I have a question about using action=NORMAL to do L2 switching. I just > realize if I use NORMAL to do switching with vlan, say, with VM connected > in access mode, I can no longer use dl_vlan to check vlan id in the packet, > as when pkt exits from NORMAL action, it does not have a vlan tag with > access mode. > > In this case, if I have two VMs of same IP in two vlans, and I want to > limit traffic to port 80 of one of them. I can not think of a way to write > a flow entry to achieve this: > > dl_vlan=1, nw_dst=10.0.0.1,tp_dst=80,actions=NORMAL. > > Here dl_vlan=1 is not valid, as vlan id is not in the pkt. > > Is my understanding correct? Basically if I have vlans, I can't really > create flow entries based on L3, if I use NORMAL for L2?
Did you read the FAQ? Q: My OpenFlow controller doesn't see the VLANs that I expect. A: The configuration for VLANs in the Open vSwitch database (e.g. via ovs-vsctl) only affects traffic that goes through Open vSwitch's implementation of the OpenFlow "normal switching" action. By default, when Open vSwitch isn't connected to a controller and nothing has been manually configured in the flow table, all traffic goes through the "normal switching" action. But, if you set up OpenFlow flows on your own, through a controller or using ovs-ofctl or through other means, then you have to implement VLAN handling yourself. You can use "normal switching" as a component of your OpenFlow actions, e.g. by putting "normal" into the lists of actions on ovs-ofctl or by outputting to OFPP_NORMAL from an OpenFlow controller. This will only be suitable for some situations, though. _______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
