GRE and tunnels are implemented in terms of ports, so if you send a packet received on a GRE port to a non-tunnel port, it strips the header.
On Mon, Oct 09, 2017 at 10:45:10PM +0200, Juraj Markotic wrote: > I will check on about GTP ongoing activities (I saw some actitvities on > providing capabilities to match on GTP-C/GTP-U packets). > maybe dumb question, but any pointer on how to remove GRE header (or VXLAN > for that matter) when switching packet from IN port to OUT port and switch > out only internal packet/payload ? > thanks, > jm > > > On Mon, Oct 9, 2017 at 10:13 PM, Ben Pfaff <[email protected]> wrote: > > > OVS doesn't support GTP yet, but I know that there's some ongoing work > > on it. > > > > GRE and VXLAN should be fine. > > > > If you need GTP support, maybe the best thing to do would be to help out > > the folks who are working on it. > > > > On Mon, Oct 09, 2017 at 09:35:42PM +0200, Juraj Markotic wrote: > > > Hello, > > > thanks for feedback. > > > I know OVS can truncate payload and that in can modify mac/IPs in header > > > (i.e. like doing NAT). > > > I also know OVS can deencapsulate GRE (of VXLAN) when packet is arriving > > on > > > tunnel OVS interface (done automatically). > > > But I was not aware that OVS can remove tunnel headers when switching > > > incoming GTP/GRE/VXLAN header and extract inside packet (with totally new > > > src/dst ip) and send it out. > > > Can you share some OVS cli example for such ? > > > we have network packet broker (NPB) with OVS, so if NPB is delivering > > > tunnel packets, it would be great if we could remove tunnel headers > > before > > > delivering it to the (monitoring) tool on outgoing port. > > > > > > thanks, > > > jm > > > > > > On Mon, Oct 9, 2017 at 6:31 PM, Ben Pfaff <[email protected]> wrote: > > > > > > > On Sun, Oct 08, 2017 at 11:19:17PM +0200, Juraj Markotic wrote: > > > > > we would need some functionality on manipulating packets when packet > > is > > > > > exiting outgoing OVS port. > > > > > I.e. some actions could be: change/anonymize mac/IPs for src/dst, or > > > > remove > > > > > some tunnel header (vxlan, gtp, gre), truncate the payload etc. > > > > > > > > OVS has actions for modifying headers and it can decapsulate tunnels > > and > > > > truncate payloads. > > > > > > > > > So, one option can be to write some code than can be attached to OVS > > to > > > > > packet exiting out port (i.e. some lua scripts for manipulation). > > > > > > > > Lua isn't needed. You can use OpenFlow. > > > > > > _______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
