[ovs-discuss] Openvswitch: Rules matching ports behaving strangely - Rules translation problem?
jpettit at nicira.com
Mon Oct 19 17:12:26 PDT 2009
Thanks for the report, Andreas. This does seem odd. I'll try to
reproduce it locally.
I can answer this part, though:
> root at loadgen134:~# ovs-dpctl dump-flows br_out
> port0001:vlan65535 mac00:1b:21:10:8c:7e->00:16:3e:76:4f:93 type0800
> proto1 ip192.168.10.1->192.168.10.2 port0->0, packets:125, bytes:
> used:0.708s, actions:0,2,5,4,3
> port0002:vlan65535 mac00:16:3e:76:4f:93->00:1b:21:10:8c:7e type0800
> proto1 ip192.168.10.2->192.168.10.1 port8->0, packets:125, bytes:
> used:0.708s, actions:0,1,5,4,3
> I am confused by the port0->0 and port8->0 in these listings -- my dp
> does not have a port 8?!
The vswitch process caches out "exploded" wildcard entries in the
datapath for performance. While these flows should have been limited
to ports 1, 2, and 4, the flows themselves are not unexpected, since
you allow traffic between these ports. You can see that the IP
protocol type is 1, which is ICMP. These are just flow related to
ping traffic, ("port" 8 is an echo request and "port" 0 is an echo
reply). This overloading of the transport ports for ICMP is part of
the OpenFlow specification. Does this all make sense?
More information about the discuss