Re: [ovs-dev] [PATCH] FAQ: Explain why allowing only unicast traffic breaks IP connectivity.

Wed, 25 Sep 2013 16:17:12 -0700 

On Sep 25, 2013, at 3:56 PM, Ben Pfaff wrote:

> On Wed, Sep 25, 2013 at 01:28:33PM -0700, Justin Pettit wrote:
>> Thanks for writing this up.  I think the example may be clearer if
>> you defined the flow in terms of IP addresses instead of MAC
>> addresses, since those are typically the flows that are tripping
>> people up.
> 
> OK, I buy that.

How about keeping both variants? I mean the mac address example is also good
for some non ip stuff and could help in some cases.

> 
> How about this:
> 
> --8<--------------------------cut here-------------------------->8--
> 
> From: Ben Pfaff <b...@nicira.com>
> Date: Wed, 25 Sep 2013 15:55:38 -0700
> Subject: [PATCH] FAQ: Explain why allowing only IP traffic breaks IP
> connectivity.
> 
> Signed-off-by: Ben Pfaff <b...@nicira.com>
> ---
> FAQ |   17 +++++++++++++++++
> 1 file changed, 17 insertions(+)
> 
> diff --git a/FAQ b/FAQ
> index 5744d5a..d87f52a 100644
> --- a/FAQ
> +++ b/FAQ
> @@ -1299,6 +1299,23 @@ A: Yes, OpenFlow requires a switch to ignore attempts 
> to send a packet
>                                        2,3,4,5,6,\
>                                        pop:NXM_OF_IN_PORT[]
> 
> +Q: My bridge br0 has host 192.168.0.1 on port 1 and host 192.168.0.2
> +   on port 2.  I set up flows to forward only traffic destined to the
> +   other host and drop other traffic, like this:
> +
> +      priority=5,in_port=1,ip,nw_dst=192.168.0.2,actions=2
> +      priority=5,in_port=2,ip,nw_dst=192.168.0.1,actions=1
> +      priority=0,actions=drop
> +
> +   But it doesn't work--I don't get any connectivity when I do this.
> +   Why?
> +
> +A: These flows drop the ARP packets that IP hosts use to establish IP
> +   connectivity over Ethernet.  To solve the problem, add flows to
> +   allow ARP to pass between the hosts:
> +
> +      priority=5,in_port=1,arp,actions=2
> +      priority=5,in_port=2,arp,actions=1
> 
> Contact 
> -------
> -- 
> 1.7.10.4
> 
> _______________________________________________
> dev mailing list
> dev@openvswitch.org
> http://openvswitch.org/mailman/listinfo/dev

_______________________________________________
dev mailing list
dev@openvswitch.org
http://openvswitch.org/mailman/listinfo/dev

Reply via email to