That's what I am interested in too. For example, I can write a wildcarded rule for a particular subnet say 192.168.2.* where * denotes a wildcarded field but I couldn't find a functionality to specify a particular range, say 192.168.2.1 to 192.168.2.100, as Masoud mentioned.
An example of such a rule will be something like, "If a packet received has an src_ip in the range mentioned above, forward it to port 2 of the switch (action.out_port = 2)". As far as I know Openflow specification 1.0, also don't talk about this. Am I missing here something? -- Usman xFlow Research On Wed, Aug 17, 2011 at 11:04 PM, Masoud Moshref Javadi < masood.moshre...@gmail.com> wrote: > No I want non-overlapping rules. Something like [0.0.0.0, 10.0.0.9], > 10.0.0.10, [10.0.0.10, 255.255.255.255]. > Having non-overlapping rules allows me to add/remove rules from a switch > without worrying about priorities (with removing a rule with high priority, > I need to remove rules with lower priority to keep the rule space semantic. > Low priority rules may have overlap with other rules in other dimensions and > this process repeats) > > > On 8/17/2011 10:43 AM, Justin Pettit wrote: > >> Wouldn't something along the lines of this accomplish that? >> >> priority=1001,nw_src=10.0.0.**10,action=drop >> >> priority=1000,nw_src=10.0.0.0/**24,action=normal<http://10.0.0.0/24,action=normal> >> >> --Justin >> >> >> On Aug 17, 2011, at 10:38 AM, Masoud Moshref Javadi wrote: >> >> Thank you for your answer. >>> Suppose that we have two rules: first, permits packet from 10.0.0.0/24and >>> the other denies packets from 10.0.0.10 (with higher priority). Is there >>> any way to partition this space efficiently into non-overlapping rules? >>> >>> On 8/17/2011 8:33 AM, Justin Pettit wrote: >>> >>>> There's support for IP address CIDR blocks. Currently, there is no way >>>> to specify groups of ports; see the thread titled "Port range masking" on >>>> this list from a couple of weeks ago on the subject: >>>> >>>> http://openvswitch.org/**pipermail/discuss/2011-August/** >>>> 005486.html<http://openvswitch.org/pipermail/discuss/2011-August/005486.html> >>>> >>>> If you have thoughts on the subject, please respond to that thread. >>>> >>>> --Justin >>>> >>>> >>>> On Aug 17, 2011, at 6:04 AM, Masoud Moshref Javadi wrote: >>>> >>>> Is there any support for arbitrary ranges for rules, for IP addresses >>>>> or port/protocol numbers. I mean something like 10.0.0.0 to 10.0.0.10. >>>>> If no, is there any plan for it? >>>>> ______________________________**_________________ >>>>> discuss mailing list >>>>> discuss@openvswitch.org >>>>> http://openvswitch.org/**mailman/listinfo/discuss<http://openvswitch.org/mailman/listinfo/discuss> >>>>> >>>> ______________________________**_________________ > discuss mailing list > discuss@openvswitch.org > http://openvswitch.org/**mailman/listinfo/discuss<http://openvswitch.org/mailman/listinfo/discuss> >
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
