I did find the "*controller*" action in the manpage for ovs-ofctl command:
*controller*:*max_len*
Sends the packet to the OpenFlow controller as a ``packet
in'' message. If *max_len* is a number, then it specifies
the maximum number of bytes that should be sent. If
*max_len* is *ALL* or omitted, then the entire
packet is
sent.
Can someone please send a pointer as to the details of how the
controller receives this packet? over a socket?
Any example code would be greatly appreciated... thanks...
Also found the "*resubmit*" action for re-injecting the packet back
into the pipeline. So I got the
answers I was looking for.
One more question: Is there an API which allows the user space to get
a flow_id from ovs datapath? The use
case is for a firewall app, which upon receiving a policy/rule (from
its north-bound API) can pass the
necessary parameters to this API and receive a flow_id and use it to
store the rule. Simplifies the user app.
Thanks,
Ashok
On Wed, Dec 17, 2014 at 5:36 PM, Ashok Chippa <[email protected]> wrote:
>
> Including my previous questions:
>
>
> >
> > I am trying to takeover Table0 for Firewall function. Have couple of
> questions:
> >
> > 1) On a table-miss in Table0, I would like to punt the packet to user
> space, for DPI/FW processing.
> > There must be a way to punt the packet to user space? However, I do
> not see an action like PUNT_TO_CPU (or some such) in the
> > documentation (on a cursory review). How do I punt the packet to
> user space?
> >
> > 2) The Firewall installs a new flow (with action=drop or permit (go to
> the next table)). However,
> > I would like to re-inject the packet (the one that caused the table
> miss) back at the beginning of the pipeline. Is there a way to do this?
> > (RECIRC?)
> >
> > Appreciate your help.
> Any responses are appreciated. Checked the spec, and I do not see an
> action to punt the packet to controller. In section 5.12 of openflow-spec
> 1.3, I see the following actions: output, set-queue, drop, group,
> push-tag/pop-tag, set-field, change-ttl. I see no send-to-controller or
> some such to punt the packet to the controller. Is this not supported?!!!
> Please advice.
>
> Also, are there any plans to support command completion in ovs-vsctl,
> ovs-ofctl, ovs-appctl etc. ctl commands?
>
> Thanks,
> Ashok
>
>
>
>
>
> On Tue, Dec 16, 2014 at 4:43 PM, Ashok Chippa <[email protected]>
> wrote:
>>
>> Hi,
>>
>> I am trying to takeover Table0 for Firewall function. Have couple of
>> questions:
>>
>> 1) On a table-miss in Table0, I would like to punt the packet to user
>> space, for DPI/FW processing.
>> There must be a way to punt the packet to user space? However, I do
>> not see an action like PUNT_TO_CPU (or some such) in the documentation
>> (on a cursory review). How do I punt the packet to user space?
>>
>> 2) The Firewall installs a new flow (with action=drop or permit (go to
>> the next table)). However,
>> I would like to re-inject the packet (the one that caused the table
>> miss) back at the beginning of the pipeline. Is there a way to do this?
>> (RECIRC?)
>>
>> Appreciate your help.
>>
>> Ashok
>>
>
_______________________________________________
discuss mailing list
[email protected]
http://openvswitch.org/mailman/listinfo/discuss
