Ping command use the icmp protocol, so try to add a flow to allow it. Best regards, Kris
在 2013-3-20,上午11:45,Ben Pfaff <b...@nicira.com> 写道: > On Wed, Mar 20, 2013 at 11:42:00AM +0800, Fang wrote: >> I use ovs-ofctl add some flows >> ovs-ofctl dump-flows br0 >> cookie=0xa, duration=10.597s, table=0, n_packets=127, n_bytes=11462, >> idle_age=0, priority=10 actions=drop >> cookie=0x0, duration=554.834s, table=0, n_packets=6774, n_bytes=818599, >> idle_age=11, priority=0 actions=NORMAL >> cookie=0xa, duration=4.88s, table=0, n_packets=1, n_bytes=54, idle_age=4, >> priority=20,ip,nw_src=192.168.0.232 actions=NORMAL >> I want only my host(IP:192.168.0.232)can ping outside,and vms on my host >> can't. >> but I find my host can't ping outside after I add the rules. >> Could you tell me why? > > Your rules drop all packets that are not IP packets from 192.168.0.232. > _______________________________________________ > discuss mailing list > discuss@openvswitch.org > http://openvswitch.org/mailman/listinfo/discuss _______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
