On Tue, Dec 2, 2014 at 6:20 PM, Sadia Bashir
<11msccssbas...@seecs.edu.pk> wrote:
> Hi everyone,
>
> I am working with ovs 2.3.0, mininet 2.1.0, all set-up at ubuntu 14.04. I
> created mininet topology as given below:
>
> s1 = self.addSwitch('s1')
> s2 = self.addSwitch('s2')
> s3 = self.addSwitch('s3')
>
> h1 = self.addHost('h1')
> h2 = self.addHost('h2')
> h3 = self.addHost('h3')
> h4 = self.addHost('h4')
> self.addLink(h1, s1)
> self.addLink(h2, s1)
> self.addLink(h3, s2)
> self.addLink(h4, s2)
> self.addLink(s1, s3)
> self.addLink(s2, s3)
>
> and configured two vxlan tunnels on s1 and and s2 with the following
> commands:
> ovs-vsctl add-port s1 tun0 -- set interface tun0 type=vxlan
> options:remote_ip=193.168.10.11 options:key=111
> options:local_ip=193.168.10.10
> ovs-vsctl add-port s2 tun1 -- set interface tun1 type=vxlan
> options:remote_ip=193.168.10.10 options:key=111
> options:local_ip=193.168.10.11
>
> ovs-vsctl add-port s1 tun2 -- set interface tun2 type=vxlan
> options:remote_ip=172.168.10.11 options:key=222
> options:local_ip=172.168.10.10
> ovs-vsctl add-port s2 tun3 -- set interface tun3 type=vxlan
> options:remote_ip=172.168.10.10 options:key=222
> options:local_ip=172.168.10.11
>
> But when I ping h4 from h1, they do ping each other. According to my
> knowledge of multi-tenant data centers and network virtualization, hosts
> configured at different tunnels should not ping each other.
>
> Does ovs ensure isolation? If yes, then how? OR Do I need to ensure this
> isolation in controller manually?
The tunnel key only applies to the tunnel. In this case, you bridged
together two tunnels so there is no longer any isolation. You need to
either put the tunnels in separate bridges or write flows to separate
the tunnels.
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss
