On Thu, Sep 18, 2014 at 2:30 AM, Ben Pfaff <b...@nicira.com> wrote: > As it turns out, when output goes through a tunnel, the pkt_mark comes > from the tunnel configuration. Currently, OVS forces it to 1 for IPSEC > tunnel traffic and 0 for other tunnel traffic. This could be changed, > and it probably should, because it is surprising, but this is the first > that I've noticed this interaction. > > This explains why the marking did not take effect with vxlan tunnels. Thanks for the quick analysis Ben.
Couple of questions: - Is there any workaround possible till the fix is added to the baseline? - If not, any rough timelines on when we can expect the fix to be integrated into the baseline? Regards, Nirmal > On Wed, Sep 17, 2014 at 11:32:20AM -0700, Ben Pfaff wrote: > > OK, this may be a bug. I'll try to investigate soon. > > > > On Wed, Sep 17, 2014 at 11:53:16PM +0530, Nirmalanand Jebakumar wrote: > > > Hi Ben, > > > > > > The ovs-dpctl command output does not show any skb_mark being set for > the > > > datapath flow: > > > > > > # ovs-dpctl dump-flows > > > > skb_priority(0),in_port(4),eth(src=52:54:00:74:f9:41,dst=52:54:00:aa:93:9e),eth_type(0x0800),ipv4(src= > > > > 2.2.2.3/255.255.255.255,dst=2.2.2.2/255.255.255.255,proto=1/0xff,tos=0/0x3,ttl=64/0,frag=no/0xff > ),icmp(type=8,code=0), > > > packets:3499, bytes:342902, used:0.571s, > > > > actions:set(tunnel(tun_id=0xde,src=0.0.0.0,dst=1.1.1.128,tos=0x0,ttl=64,flags(df,key))),2 > > > > > > > > > Regards, > > > Nirmal > > > > > > On Wed, Sep 17, 2014 at 10:50 PM, Ben Pfaff <b...@nicira.com> wrote: > > > > > > > On Wed, Sep 17, 2014 at 05:12:20PM +0530, Nirmalanand Jebakumar > wrote: > > > > > In this link below, I read that pkt_mark is supported as a MATCH > field. > > > > > Does OVS support pkt_mark as a SET action? > > > > > > > > Yes. > > > > > > > > > The command I ran is > > > > > /usr/bin/ovs-ofctl add-flow -O Openflow13 br0 " > > > > > > hard_timeout=3600,idle_timeout=30,table=1,priority=10,cookie=2,in_port=3, > > > > > > > > > > dl_type=0x800,nw_dst=2.2.2.2,dl_dst=52:54:00:aa:93:9e,actions=set_tunnel:222, > > > > > set_field:1.1.1.128->tun_dst,set_field:222->pkt_mark,output:1" > > > > > > > > > > No errors were seen with the CLI and I see packet count getting > > > > incremented > > > > > for the flow in the dump-flows output: > > > > > cookie=2, duration=33.059s, table=1, n_packets=34, n_bytes=3332, > > > > > idle_timeout=30, hard_timeout=3600, > > > > > priority=10,ip,in_port=3,dl_dst=52:54:00:aa:93:9e,nw_dst=2.2.2.2 > > > > > actions=set_tunnel:0xde,load:0x1010180->NXM_NX_TUN_IPV4_DST[], > > > > > load:0xde->NXM_NX_PKT_MARK[],output:1 > > > > > > > > > > Later, set the ToS & CoS using iptables command: > > > > > iptables -I POSTROUTING -o eth1.1 -m mark --mark 222 -t mangle -j > TOS > > > > > --set-tos 104 > > > > > > > > > > iptables -I POSTROUTING -o eth1.1 -m mark --mark 222 -t mangle -j > > > > CLASSIFY > > > > > --set-class 0:2 > > > > > > > > > > But in the final packet, I do not notice any ToS/CoS values set? > > > > > > > > This is a situation where looking at the generated kernel datapath > flows > > > > would be helpful. In your above setup, please run "ovs-dpctl > > > > dump-flows" while packets are passing through the flow, and look for > > > > datapath flows that correspond to the OpenFlow flows above. Do the > > > > datapath flows show pkt_mark (or skb_mark) being set? > > > > > _______________________________________________ dev mailing list dev@openvswitch.org http://openvswitch.org/mailman/listinfo/dev
