On Thu, Aug 20, 2015 at 1:32 PM, Jesse Gross <[email protected]> wrote:
> On Thu, Aug 20, 2015 at 8:20 AM, Sam Hague <[email protected]> wrote: > > Is it possible to send vxlan encapsulated packets to a bridge port and > keep > > the vxlan headers? > > It's not possible unless you don't terminate the tunnels, in which > case you can't match on anything in the header. > Is the only way to add vxlan headers by sending a packet out a vxlan port - whether the key/srcip/dstip are port or flow-based? Is there any way to "overload" the vm port such that if I sent a vxlan packet froma normal vxlan port on the bridge it could come back into the bridge and to that vm port such that the vm would terminate the tunnel? The use case is for the typical openstack setup where the VMs are ports hanging off the bridge and flows are added to simply push normal l2-l4 packets to the port. But I would like to terminate vxlan inside the VM itself but under this constraint that is was OpenStack that instantiated the VM in the way it typically does. So I could see adding some flows to send a vxlan packet out a port on the bridge, and somehow getting it to come back into the bridge and not have the header stripped. Typically those VM addresses are internal addresses which the host wouldn't know about so if I sent a vxlan out a bridge port, the network stack wouldn't send it back.
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
