Nicolas Bouliane via dev <ovs-dev@openvswitch.org> writes:
> Hi,
>
> I'm manually inserting an entry with the conntrack tool.
>
> # conntrack -I -d 10.36.96.56 -s 10.36.96.12 -p tcp --sport 80 --dport 80
> --state ESTABLISHED --status A
> SSURED -t 300 --zone 5
> conntrack v1.4.4 (conntrack-tools): 1 flow entries have been created.
>
> # conntrack -L
> tcp 6 295 ESTABLISHED src=10.36.96.12 dst=10.36.96.56 sport=80
> dport=80 [UNREPLIED] src=10.36.96.56 dst=10.36.96.12 sport=80 dport=80
> [ASSURED] mark=0 zone=5 use=1
> conntrack v1.4.4 (conntrack-tools): 1 flow entries have been shown.
>
> But when I use dump-conntrack I see nothing:
>
> # ovs-appctl dpctl/dump-conntrack
> #
I don't see that in my setup.
01:18:38 aconole@dhcp-25 {(c4d4c37e4...)} ~/git/dpdk$ sudo ovs-appctl
dpctl/dump-conntrack | grep zone
tcp,orig=(src=10.36.96.12,dst=10.36.96.56,sport=80,dport=80),reply=(src=10.36.96.56,dst=10.36.96.12,sport=80,dport=80),zone=5,protoinfo=(state=ESTABLISHED)
Can you try:
# ovs-appctl dpctl/dump-conntrack system@ovs-system zone=5
and see if you see the connection you've inserted is visible?
> - Does OVS use the same datastructure as the one used by the conntrack tool
> ? (I would presume so since all that is abstracted behind netlink?)
Yes.
> - What distinguishes an entry used by the datapath or not ?
Nothing.
> - When I use ofproto/trace and hit flows that use the connection tracking:
> ct(), does an actual lookup is made even though I'm just tracing ? or it's
> just simulated.
If I remember correctly, the ofproto trace command needs to be primed
with the expected next state information. But it's been a while since I
looked at it.
> thanks !
> Nick
> _______________________________________________
> dev mailing list
> d...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-dev
_______________________________________________
dev mailing list
d...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-dev
