On Thu, Dec 1, 2016 at 5:55 AM, Ben Pfaff <[email protected]> wrote: > > On Tue, Nov 01, 2016 at 02:39:28AM +0800, Hunt Xu wrote: > > At the very beginning I was just trying to modify packets ingressing from an > > access port, using "mod_vlan_vid" & "NORMAL" to change the VLAN vid, > > expecting > > them to be then switched to the ports which carries the dest VLAN. However, > > I failed. > > > > I used "ovs-appctl ofproto/trace" to debug, then got a "disallowed VLAN VID > > for this input port, dropping" message. This happens when I use > > "mod_vlan_vid" > > or "strip_vlan" before "normal", to change a packet's VLAN VID to a value > > other than the tag property of an access port, or to a value not specified > > in > > the trunks column of a trunk port. > > > > By navigating the source code I find that there is a check about VLAN VID > > when translating the NORMAL action, preventing packets with changed VLAN VID > > to be switched to new VLANs which the originated port doesn't carry. > > > > This puzzles me. It seems to me that if a packet's VLAN VID is changed > > before > > entering the "normal" processing, it should be considered as a packet on the > > new VLAN and switched to ports on that VLAN, instead of the current behavior > > of being dropped. Although the FAQ says the configuration of VLANs in the > > OpenvSwitch database only affects "normal switching", it is not clear that > > what is the behavior when we combine other OpenFlow actions with "NORMAL". > > > > I also find that there is a similar check when mirroring packets. Given that > > when working with OpenFlow, an access port can in fact receive/send packets > > with VLAN VID different from its tag, a trunk port can also receive/send > > packets with VLAN VID that it doesn't trunks, and VLAN can be selected when > > doing mirroring. Such a check seems to be redundant. It only prevents > > packets > > which are not handled by the "normal switching" from being mirrored. > > > > In this series, patch 1 removes the vlan check in the translation of the > > NORMAL action, when a packet's VLAN VID is supposed to be changed before > > entering the "normal switching", making packets whose VLAN VID are changed > > can > > be switched to the dest VLAN despite of the VLANs configuration of the > > originated port. Patch 2 removes the vlan check when mirroring packets. > > > > However, if the current behavior is considered correct by design, I am sorry > > for the misunderstanding and please ignore this series. > > Thank you for your contribution! > > OVS has always implemented "normal" to do switching in one particular > way, according to a particular philosophy of how VLANs, etc. should be > implemented. The philosophy that this series proposes may be equally > reasonable and valid, but it changes established behavior in > backward-incompatible ways. For that reason it would be likely to > surprise some of our users and break their setups, so it's hard to > imagine implementing it. > > I have a few specific comments on patch 1; I'll follow up there.
Thanks for your comments. It is true that this series is backward-incompatible. And as I've managed to avoid using the "normal" action to achieve my goal, I will drop this series. -- regards, hunt _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
