Hi,
How about using NXM "nw_ttl" match field to drop packets with TTL=0?
But, currently, Ryu does not support this filed,
please apply the following patch.
$ git diff
diff --git a/ryu/app/simple_switch_13.py b/ryu/app/simple_switch_13.py
index 3e7c598..baa732c 100644
--- a/ryu/app/simple_switch_13.py
+++ b/ryu/app/simple_switch_13.py
@@ -48,6 +48,10 @@ class SimpleSwitch13(app_manager.RyuApp):
ofproto.OFPCML_NO_BUFFER)]
self.add_flow(datapath, 0, match, actions)
+ match = parser.OFPMatch(eth_type_nxm=0x0800, nw_ttl=0)
+ actions = [] # Drop
+ self.add_flow(datapath, 1, match, actions)
+
def add_flow(self, datapath, priority, match, actions, buffer_id=None):
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
diff --git a/ryu/ofproto/nicira_ext.py b/ryu/ofproto/nicira_ext.py
index e2fca47..7487b3b 100644
--- a/ryu/ofproto/nicira_ext.py
+++ b/ryu/ofproto/nicira_ext.py
@@ -435,6 +435,10 @@ ip_proto_nxm Integer 8bit IP protocol. Needed to
support Nicira
extensions that require the ip_proto to
be set. (i.e. tcp_flags_nxm)
tunnel_id_nxm Integer 64bit Tunnel identifier.
+nw_ttl Integer 8bit IP TTL or IPv6 hop limit value ttl
+ (between 0 and 255).
+ Requires setting fields:
+ eth_type_nxm = [0x0800 (IP)|0x86dd (IPv6)]
tun_ipv4_src IPv4 address Tunnel IPv4 source address.
tun_ipv4_dst IPv4 address Tunnel IPv4 destination address.
pkt_mark Integer 32bit Packet metadata mark.
@@ -484,6 +488,7 @@ oxm_types = [
oxm_fields.NiciraExtended0('eth_type_nxm', 3, type_desc.Int2),
oxm_fields.NiciraExtended0('ip_proto_nxm', 6, type_desc.Int1),
oxm_fields.NiciraExtended1('tunnel_id_nxm', 16, type_desc.Int8),
+ oxm_fields.NiciraExtended1('nw_ttl', 29, type_desc.Int1),
oxm_fields.NiciraExtended1('tun_ipv4_src', 31, type_desc.IPv4Addr),
oxm_fields.NiciraExtended1('tun_ipv4_dst', 32, type_desc.IPv4Addr),
oxm_fields.NiciraExtended1('pkt_mark', 33, type_desc.Int4),
e.g.)
$ sudo mn --controller remote
...(snip)
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=4.616s, table=0, n_packets=0, n_bytes=0, idle_age=4,
priority=1,ip,nw_ttl=0 actions=drop
cookie=0x0, duration=4.616s, table=0, n_packets=4, n_bytes=280, idle_age=36,
priority=0 actions=CONTROLLER:65535
Thanks,
Iwase
On 2016年09月08日 13:29, Warsang wrote:
> Hello all,
>
> I am running a fat-tree topology. When I ping a host x with h1 it first
> send arp discovery with ff:ff:ff:ff:ff:ff as destination. Hence
> everytime a switch gets this packet it floods it. Having no TTL these
> packets are immortal. My question is the following. What is the proper
> way of getting rid of these packets? I thought of decrementing the TTL
> every time a packet hits a switch. However I can only drop the packet
> with TTL = 0 at my controller and I can't create an OpenFlow rule that
> matches all packets with TTL = 0 hence I lose performance having to send
> the packets to my controller everytime I want to drop them. What is the
> proper way to get rid of these packets?
>
> Thank you in advance.
>
> -Warsang
>
>
> ------------------------------------------------------------------------------
> _______________________________________________
> Ryu-devel mailing list
> [email protected]
> https://lists.sourceforge.net/lists/listinfo/ryu-devel
>
------------------------------------------------------------------------------
_______________________________________________
Ryu-devel mailing list
[email protected]
https://lists.sourceforge.net/lists/listinfo/ryu-devel
