As part of in-band control, OVS is expected to send DHCP server replies to the LOCAL port as well. In this case, OVS implicitly adds an additional action to output to the bridge’s LOCAL port after the ofproto translation for the packet is completed in the ofproto layer but before sending the actions to datapath for installation. However, the match criteria is unchanged and as a result all packets (not just DHCP server replies) are also sent to the LOCAL port. The fix is to add the IP protocol type (UDP), the UDP source and destination ports to the match criteria so that a specific datapath flow that matches only DHCP server replies is installed. As a result, only DHCP server reply packets will be sent to the LOCAL port.
Signed-off-by: Anju Thomas <[email protected]> --- ofproto/ofproto-dpif-xlate.c | 4 ++++ 1 file changed, 4 insertions(+) diff --git a/ofproto/ofproto-dpif-xlate.c b/ofproto/ofproto-dpif-xlate.c index ae8b999..04d69ed 100644 --- a/ofproto/ofproto-dpif-xlate.c +++ b/ofproto/ofproto-dpif-xlate.c @@ -7584,6 +7584,10 @@ xlate_actions(struct xlate_in *xin, struct xlate_out *xout) && xbridge->has_in_band && in_band_must_output_to_local_port(flow) && !actions_output_to_local_port(&ctx)) { + WC_MASK_FIELD(ctx.wc, nw_proto); + WC_MASK_FIELD(ctx.wc, tp_src); + WC_MASK_FIELD(ctx.wc, tp_dst); + WC_MASK_FIELD(ctx.wc, dl_type); compose_output_action(&ctx, OFPP_LOCAL, NULL, false, false); } -- 1.9.1 _______________________________________________ dev mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-dev
