Hi,
These are the rules i wrote to create a flow. These rules doesn't make any
sense but for my testing purpose it creates the flow for each connection.
ovs-vsctl add-br br0
ovs-vsctl add-port br0 eth0 -- set interface eth0 ofport=1
ovs-vsctl add-port br0 eth1 -- set interface eth1 ofport=2
ifconfig eth0 up
ifconfig eth1 up
ovs-ofctl mod-port br0 br0 noflood
ovs-ofctl del-flows br0
#table 0, redirect the traffic to right tables.
ovs-ofctl add-flow br0 "table=0,
priority=10,in_port=1,tcp,actions=resubmit(,10)"
ovs-ofctl add-flow br0 "table=0, priority=1,arp,actions=normal"
#table 2,learns the flow from the packet and adds the flow to TABLE 10.
next time this packet is seen, will directly hit that learned flow
ovs-ofctl add-flow br0 \
"table=2,priority=10,in_port=1,tcp,actions=learn(table=10,
priority=10, hard_timeout=60000, \
eth_type=0x800, nw_proto=6, \
NXM_OF_ETH_SRC[]=NXM_OF_ETH_SRC[], \
NXM_OF_ETH_DST[]=NXM_OF_ETH_DST[], \
NXM_OF_IP_DST[]=NXM_OF_IP_DST[],
NXM_OF_IP_SRC[]=NXM_OF_IP_SRC[],\
NXM_OF_TCP_DST[]=NXM_OF_TCP_DST[],
NXM_OF_TCP_SRC[]=NXM_OF_TCP_SRC[], \
output:NXM_NX_REG2[]),\
resubmit(,10)"
##Add a low priority action to redirect to table 2. Here lerned actions are
processed first. if no learned flows are present, will hit this
#flow to redirect to table 2, which will learn the flow and add to table 10
ovs-ofctl add-flow br0 "table=10,
priority=1,in_port=1,tcp,actions=load:2->NXM_NX_REG2[],resubmit(,2)"
ovs-ofctl add-flow br0 "table=0, in_port=2, tcp, action=1"
When i am testing with above configured rules i found some mismatch between
dpctl dump-flows and ofctl dump-flows. For some connections dpctl
dump-flows showing action as a drop but ofctl dump-flows showing action as
forward to port 2. I am assuming beacuse of the drop action, we are seeing
very low connection rate with OVS.
Here is difference:
dpctl dump-flows:
*recirc_id(0),in_port(2),eth(src=00:01:00:00:01:00,dst=00:01:0a:00:01:00),eth_type(0x0800),ipv4(src=1.0.0.1,dst=1.10.0.1,proto=6,frag=no),tcp(src=13824,dst=80),
packets:1, bytes:70, used:0.172s, flags:S, actions:drop*
recirc_id(0),in_port(2),eth(src=00:01:00:00:01:00,dst=00:01:0a:00:01:00),eth_type(0x0800),ipv4(src=1.0.0.1,dst=1.10.0.1,proto=6,frag=no),tcp(src=9988,dst=80),
packets:5, bytes:531, used:9.772s, flags:SFP., actions:3
recirc_id(0),in_port(2),eth(src=00:01:00:00:01:00,dst=00:01:0a:00:01:00),eth_type(0x0800),ipv4(src=1.0.0.1,dst=1.10.0.1,proto=6,frag=no),tcp(src=10321,dst=80),
packets:6, bytes:601, used:6.764s, flags:SFP., actions:3
ofctl dump-flows:
*cookie=0x0, duration=46.951s, table=10, n_packets=7, n_bytes=671,
hard_timeout=60000, idle_age=46,
priority=10,tcp,dl_src=00:01:00:00:01:00,dl_dst=00:01:0a:00:01:00,nw_src=1.0.0.1,nw_dst=1.10.0.1,tp_src=13824,tp_dst=80
actions=output:2*
cookie=0x0, duration=46.951s, table=10, n_packets=7, n_bytes=671,
hard_timeout=60000, idle_age=46,
priority=10,tcp,dl_src=00:01:00:00:01:00,dl_dst=00:01:0a:00:01:00,nw_src=1.0.0.1,nw_dst=1.10.0.1,tp_src=14280,tp_dst=80
actions=output:2
cookie=0x0, duration=46.951s, table=10, n_packets=7, n_bytes=671,
hard_timeout=60000, idle_age=46,
priority=10,tcp,dl_src=00:01:00:00:01:00,dl_dst=00:01:0a:00:01:00,nw_src=1.0.0.1,nw_dst=1.10.0.1,tp_src=15087,tp_dst=80
actions=output:2
In above highlighted dumps,
*for same tuple action is different.*
*Is it a bug in OVS or something with my rules?*
Sateesh
On Tue, Apr 4, 2017 at 3:33 PM, satish kondapalli <[email protected]>
wrote:
> Hi,
>
> I have ixia setup with two ports and ports are connected to two 10G Nic
> cards. On server, NIC interfaces are added to ovs bridge.
>
> In Ixia setup, configured http client on first port and second port runs
> http server. With this setup, i can simulate multiple http concurrent
> connections.
>
> Can some one provide open flow rules such that for every http client
> request ovs (ovs receives on first NIC interface) should add one flow based
> on tuple and forward the packet to port two.(I don't want forward the
> packet based on mac learning).
>
>
> Sateesh
>
_______________________________________________
discuss mailing list
[email protected]
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
