On Wed, Sep 25, 2013 at 01:28:33PM -0700, Justin Pettit wrote:
> Thanks for writing this up. I think the example may be clearer if
> you defined the flow in terms of IP addresses instead of MAC
> addresses, since those are typically the flows that are tripping
> people up.
OK, I buy that.
How about this:
--8<--------------------------cut here-------------------------->8--
From: Ben Pfaff <b...@nicira.com>
Date: Wed, 25 Sep 2013 15:55:38 -0700
Subject: [PATCH] FAQ: Explain why allowing only IP traffic breaks IP
connectivity.
Signed-off-by: Ben Pfaff <b...@nicira.com>
---
FAQ | 17 +++++++++++++++++
1 file changed, 17 insertions(+)
diff --git a/FAQ b/FAQ
index 5744d5a..d87f52a 100644
--- a/FAQ
+++ b/FAQ
@@ -1299,6 +1299,23 @@ A: Yes, OpenFlow requires a switch to ignore attempts to
send a packet
2,3,4,5,6,\
pop:NXM_OF_IN_PORT[]
+Q: My bridge br0 has host 192.168.0.1 on port 1 and host 192.168.0.2
+ on port 2. I set up flows to forward only traffic destined to the
+ other host and drop other traffic, like this:
+
+ priority=5,in_port=1,ip,nw_dst=192.168.0.2,actions=2
+ priority=5,in_port=2,ip,nw_dst=192.168.0.1,actions=1
+ priority=0,actions=drop
+
+ But it doesn't work--I don't get any connectivity when I do this.
+ Why?
+
+A: These flows drop the ARP packets that IP hosts use to establish IP
+ connectivity over Ethernet. To solve the problem, add flows to
+ allow ARP to pass between the hosts:
+
+ priority=5,in_port=1,arp,actions=2
+ priority=5,in_port=2,arp,actions=1
Contact
-------
--
1.7.10.4
_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev
