[ovs-discuss] Doing port mirroring for KVM guests

2017-04-03 Thread C. L. Martinez 
Hi all,

 I have installed Openvswitch 2.5.2 in a RHEL 7.3 KVM host fully patched. I 
need to implement port mirroring for some kvm guests (not all). According to 
openvswitch's docs this can be done using the following command:

ovs-vsctl -- --id=@m create mirror name=tapmirror -- add bridge idsbr0 mirrors 
@m -- --id=@oneguest0 get port oneguest0 -- set mirror tapmirror 
select_src_port=@oneguest0 select_dst_port=@oneguest0 -- --id=@idsguest0 get 
port idsguest0 -- set mirror tapmirror output-port=@idsguest0

 where oneguest0 interface is the kvm guest virtual interface, idsguest0 is the 
interface where I will receive mirrored traffic and idsbr0 is the openvswitch 
bridge where idsguest0 is assigned.

 Is it correct this command?.

 Then, I have the following questions:

 a/ Is it possible to use full openvswitches switche as a src_port and dst_port 
(and output-port) instead of every virtual interface (oneguest0, oneguest1, 
etc.) that I want to monitor?

 b/ If "no" is the answer to question a/, do I need to execute previous command 
for every virtual interface that I need to monitor?

 c/ Do I need to create idsbr0 bridge before to launch previous command?

 d/ Last question, do I need to run the previous command every time that kvm 
host starts?

Many thanks for your attention.
 
-- 
Greetings,
C. L. Martinez
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] ovs-ofctl add-group with selection_method=hash, fields

2017-04-03 Thread Yi-Hung Wei 
From 'man ovs-ofctl', how about fields(ip_src, nw_proto, tcp_src).

-Yi-Hung

On Mon, Apr 3, 2017 at 11:53 AM, Ching Sun  wrote:
> Hi all,
>
>
>
> I tried add group with selection_method=hash and multiple fields, like the
> following:
>
>
>
> ovs-ofctl -O OpenFlow13 add-group br-int "group_id=1, type=select,
> selection_method=hash, fields=ip_src, nw_proto, tcp_src,
> bucket=actions=set_field:0x1->metadata, resubmit(,40),
> bucket=actions=set_field:0x2->metadata, resubmit(,40)"
>
>
>
> And got an error “ovs-ofctl: unknown keyword nw_proto”.  I thought nw_proto
> was the right keyword, can someone show me what are the right syntax to do
> this.
>
>
>
> Thanks,
>
> Ching
>
>
>
>
> ___
> discuss mailing list
> disc...@openvswitch.org
> https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
>
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] (no subject)

2017-04-03 Thread Sreekaanth Ganesan 
Hello,

Could someone please tell me the method to understand the high level
architecture of OVS source code?.Please let me know if any documentation as
such exists for the same

Thanks,
Sreekaanth Ganesan
___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] support for ct argument alg=ftp when running openvswitch with dpdk in userspace

2017-04-03 Thread Patrick Bergamin 

Hi,

It doesn't appear that openvswitch using dpdk and running in
userspace supports the ct argument alg=ftp.  I was wondering
if anyone is currently working on adding support for it? If not
has any thought been put into how it might be implemented.
Would it be done in a similar fashion to the iptables
implementation?

thanks,
Patrick

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

[ovs-discuss] ovs-ofctl add-group with selection_method=hash, fields

2017-04-03 Thread Ching Sun 
Hi all,

I tried add group with selection_method=hash and multiple fields, like the 
following:

ovs-ofctl -O OpenFlow13 add-group br-int "group_id=1, type=select, 
selection_method=hash, fields=ip_src, nw_proto, tcp_src, 
bucket=actions=set_field:0x1->metadata, resubmit(,40), 
bucket=actions=set_field:0x2->metadata, resubmit(,40)"

And got an error "ovs-ofctl: unknown keyword nw_proto".  I thought nw_proto was 
the right keyword, can someone show me what are the right syntax to do this.

Thanks,
Ching

___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss

Re: [ovs-discuss] support for ct argument alg=ftp when running openvswitch with dpdk in userspace

2017-04-03 Thread Darrell Ball 
I am working on it.

Thanks Darrell

On 4/3/17, 8:40 AM, "ovs-discuss-boun...@openvswitch.org on behalf of Patrick 
Bergamin"  wrote:

Hi,

It doesn't appear that openvswitch using dpdk and running in
userspace supports the ct argument alg=ftp.  I was wondering
if anyone is currently working on adding support for it? If not
has any thought been put into how it might be implemented.
Would it be done in a similar fashion to the iptables
implementation?

thanks,
Patrick

___
discuss mailing list
disc...@openvswitch.org

https://urldefense.proofpoint.com/v2/url?u=https-3A__mail.openvswitch.org_mailman_listinfo_ovs-2Ddiscuss=DwICAg=uilaK90D4TOVoH58JNXRgQ=BVhFA09CGX7JQ5Ih-uZnsw=awCdx3tZCZjfwldowypCei--fEtuX8vDqwW7jqZy6v4=EOu9Mg945e98o8VtN0T-5AVYe0SoR65oIbcP7lUTxTc=
 


___
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss