[ovs-discuss] icmp paket matching ip packet rule

Justin Pettit jpettit at nicira.com
Fri Apr 6 09:38:19 PDT 2012


[Adding back the discuss@ mailing list.]

If there are overlapping rules at the same priority, a switch is free to choose whichever one it wants.  In the example you gave, an ICMP (0,0) packet would match both rules, since it is both IP and has the correct ICMP type and code.  If you ran a ping, the echo requests and replies would only match the IP rule, since it has different ICMP types.  If you want your special ICMP packets to consistently match the right rule you need to raise its priority relative to the IP rule.

--Justin


On Apr 6, 2012, at 2:17 AM, selen jia wrote:

> That means during add-flow in flow table, rules can be added in any order,there is no defined way how rule is added to flow table.
> 
> On Fri, Apr 6, 2012 at 2:21 PM, Justin Pettit <jpettit at nicira.com> wrote:
> I think you need to disambiguate those rules by using a priority.  OpenFlow doesn't distinguish based on which rule is more specific, so switch behavior is undefined in those situations.
> 
> As described in the ovs-ofctl man page, you can use "check_overlap" to see whether this situation will occur at flow insertion time.  The controller may have a similar flag you can set.
> 
> --Justin
> 
> 
> On Apr 6, 2012, at 1:42 AM, selen jia wrote:
> 
> > hi,
> > im using openvswitch 1.2.2 and setting controller ptcp:6633
> >
> > now from controller i add following flows
> > 1. ovs-ofctl add-flow tcp:15.1.2.3 "ip actions=output:2"
> > 2. ovs-ofctl add-flow tcp: 15:1.2.3 "icmp icmp_type=0 icmp_code=0 actions=output:2"
> >
> > Now when i send packet with icmp type=0 and icmp code=0 ,
> > packet matches rule 1) with ip actions=2 and not with second rule  icmp icmp_type=0 and icmp_code=0
> >
> > although rule 2 was exact match rule for packet..
> >
> >
> > How ever when i add these two flows from switch ,packet matches icmp rule only.
> >
> > why is switch behaving this way with random rule insertion and matching? also rule insertion order is different form switch and controller?
> > _______________________________________________
> > discuss mailing list
> > discuss at openvswitch.org
> > http://openvswitch.org/mailman/listinfo/discuss
> 
> 



More information about the discuss mailing list