Hi, I’m working off Justin Pettit’s ‘conntrack’ tree @ https://github.com/justinpettit/ovs/tree/conntrack, and can’t seem to get marks to work.
Here’s an example of a flow (FTP server)
===
ovs-ofctl add-flow br0
"table=3,cookie=0xb0b,priority=32000,ct_state=+new+trk,tcp,tp_dst=21
actions=ct(commit,alg=ftp,zone=2),resubmit(,4),set_field:9->ct_mark”
===
which I believe should set the conntrack mark to 9 on packets that meet the
match criteria
When I connect via FTP and use the conntrack command line, I see the flow, but
no sign of the mark:
===
# conntrack -E | grep 237
[NEW] tcp 6 120 SYN_SENT src=10.99.0.17 dst=10.11.10.237 sport=54154
dport=21 [UNREPLIED] src=10.11.10.237 dst=10.99.0.17 sport=21 dport=54154
zone=2 helper=ftp
===
My kernel is pretty vanilla, but marks definitely are seen when set via
iptables. Does it need to be patched to support marks coming from OVS?
thanks,
Ben
smime.p7s
Description: S/MIME cryptographic signature
_______________________________________________ discuss mailing list [email protected] http://openvswitch.org/mailman/listinfo/discuss
