Hi folks, At the very beginning I was just trying to modify packets ingressing from an access port, using "mod_vlan_vid" & "NORMAL" to change the VLAN vid, expecting them to be then switched to the ports which carries the dest VLAN. However, I failed.
I used "ovs-appctl ofproto/trace" to debug, then got a "disallowed VLAN VID for this input port, dropping" message. This happens when I use "mod_vlan_vid" or "strip_vlan" before "normal", to change a packet's VLAN VID to a value other than the tag property of an access port, or to a value not specified in the trunks column of a trunk port. By navigating the source code I find that there is a check about VLAN VID when translating the NORMAL action, preventing packets with changed VLAN VID to be switched to new VLANs which the originated port doesn't carry. This puzzles me. It seems to me that if a packet's VLAN VID is changed before entering the "normal" processing, it should be considered as a packet on the new VLAN and switched to ports on that VLAN, instead of the current behavior of being dropped. Although the FAQ says the configuration of VLANs in the OpenvSwitch database only affects "normal switching", it is not clear that what is the behavior when we combine other OpenFlow actions with "NORMAL". I also find that there is a similar check when mirroring packets. Given that when working with OpenFlow, an access port can in fact receive/send packets with VLAN VID different from its tag, a trunk port can also receive/send packets with VLAN VID that it doesn't trunks, and VLAN can be selected when doing mirroring. Such a check seems to be redundant. It only prevents packets which are not handled by the "normal switching" from being mirrored. In this series, patch 1 removes the vlan check in the translation of the NORMAL action, when a packet's VLAN VID is supposed to be changed before entering the "normal switching", making packets whose VLAN VID are changed can be switched to the dest VLAN despite of the VLANs configuration of the originated port. Patch 2 removes the vlan check when mirroring packets. However, if the current behavior is considered correct by design, I am sorry for the misunderstanding and please ignore this series. Hunt Xu (2): ofproto-dpif-xlate: don't check vlan in normal action if vid changed ofproto-dpif-xlate: remove vlan checking when mirroring packets ofproto/ofproto-dpif-xlate.c | 55 ++++++++------- tests/ofproto-dpif.at | 161 +++++++++++++++++++++++++++++++++++++++++++ 2 files changed, 193 insertions(+), 23 deletions(-) -- 2.10.2 _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
