Thanks Ben. I was using the wrong port. I added a flow-rule that changes the MAC address to the MAC of the nexthop and pushed it on the interface that connects this VM to the destination that i am trying to ping.
I see that packets are hitting this flow-rule, but the ICMP packets are NOT going out. root@akabra:~# ovs-dpctl dump-flows skb_priority(0),tunnel(tun_id=0x258,src=52.27.111.115,dst=172.31.1.48,tos=0x0,ttl=53,flags(key)),in_port(4),skb_mark(0),eth(src=5e:21:e8:f3:44:6a,dst=06:45:1a:d2:1c:ed),eth_type(0x0800),ipv4(src= 8.8.8.1/0.0.0.0,dst=200.83.17.91/255.255.255.255,proto=1/0,tos=0/0,ttl=64/0,frag=no/0xff), packets:348, bytes:34104, used:0.048s, actions:set(eth(src=5e:21:e8:f3:44:6a,dst=06:28:ae:10:f9:8a)),1 The above flow rule is generated for the packets arriving on the GRE tunnel. I see the following dump on my OVS bridge port: 17:11:00.408665 IP 52.27.111.115 > 172.31.1.48: GREv0, key=0x258, length 106: IP 8.8.8.1 > 202.83.17.191: ICMP echo request, id 23417, seq 650, length 64 0x0000: 0645 1ad2 1ced 0628 ae10 f98a 0800 4500 0x0010: 007e ff03 4000 352f f56f 341b 6f73 ac1f 0x0020: 0130 2000 6558 0000 0258 0645 1ad2 1ced 0x0030: 5e21 e8f3 446a 0800 4500 0054 b797 4000 [clipped] 17:11:00.408665 IP 8.8.8.1 > 202.83.17.191: ICMP echo request, id 23417, seq 650, length 64 0x0000: 0628 ae10 f98a 5e21 e8f3 446a 0800 4500 0x0010: 0054 b797 4000 4001 96f6 0808 0801 ca53 0x0020: 11bf 0800 ef22 5b79 028a 2a37 a955 0000 [clipped] So my flow-rule is working. The destination MAC is being replaced, but the ping is not working. QUESTION: Can i assume that since tcpdump shows the 2nd output on the OVS bridge port, the packet is actually sent out from the OVS bridge port? Let me see what is going wrong here now! Thanks, Abhishek On Fri, Jul 17, 2015 at 10:22 PM, Ben Pfaff <[email protected]> wrote: > On Fri, Jul 17, 2015 at 10:19:46PM +0530, Abhishek Verma wrote: > > Hi Ben, > > > > I understand its exasperating for you and other veterans to respond to > > questions like forwarding not working, etc. However, i did enough > googling > > and i really couldnt, and am still unable to, figure out the real > problem. > > > > I am trying to see why the L3 packet is not going out and i see this: > > > > I am constantly sending the ping traffic. As a result of that, i see the > > following flow in the dataplane being created. > > > > root@ip-172-31-1-48:~# ovs-dpctl dump-flows > > > skb_priority(0),tunnel(tun_id=0x258,src=52.27.111.115,dst=172.31.1.48,tos=0x0,ttl=53,flags(key)),in_port(4),skb_mark(0),eth(src=5e:21:e8:f3:44:6a,dst=06:45:1a:d2:1c:ed),eth_type(0x0800),ipv4(src= > > > 8.8.8.1/0.0.0.0,dst=202.83.17.191/0.0.0.0,proto=1/0,tos=0/0,ttl=64/0,frag=no/0xff > ), > > packets:1351, bytes:132398, used:0.340s, actions:1 > > > > Based on this flow i created a flow-rule which i expect the packet to > > always hit: > > > > root@ip-172-31-1-48:~# ovs-ofctl dump-flows ion1 > > NXST_FLOW reply (xid=0x4): > > cookie=0x0, duration=26573.649s, table=0, n_packets=34881, > > n_bytes=4025577, idle_age=0, priority=0 actions=NORMAL > > cookie=0x0, duration=338.021s, table=0, n_packets=0, n_bytes=0, > > idle_age=338, priority=500,ip,in_port=4,nw_dst=202.83.17.191 > > actions=output:2 > > > > However, for some reason i dont see my packets hitting the rule that i > have > > created. > > > > This is strange since i created this based on the flow that was created > in > > the kernel. > > Did you use the correct userspace port number, i.e. one from "ovs-ofctl > show ion1"? >
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
