Thank you... root@ashok-vb:/home/achippa/dispatcher# ovs-ofctl dump-flows br-int NXST_FLOW reply (xid=0x4): cookie=0x0, duration=176.280s, table=0, n_packets=0, n_bytes=0, idle_age=176, priority=9999,ip,nw_src=1.1.1.1,nw_dst=1.1.1.2 actions=drop
On Tue, Feb 3, 2015 at 8:37 AM, Ben Pfaff <b...@nicira.com> wrote: > On Tue, Feb 03, 2015 at 01:20:48AM -0800, Ashok Chippa wrote: > > I added a flow to table0, but the flow is not shown correctly... Is this > a > > bug? > > > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl del-flows > br-int > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl dump-flows > br-int > > NXST_FLOW reply (xid=0x4): > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl add-flow br-int > > table=0,priority=9999,nw_src=1.1.1.1,nw_dst=1.1.1.2,actions=DROP > > 2015-02-03T09:14:06Z|00001|ofp_util|INFO|normalization changed ofp_match, > > details: > > 2015-02-03T09:14:06Z|00002|ofp_util|INFO| pre: > nw_src=1.1.1.1,nw_dst=1.1.1.2 > > 2015-02-03T09:14:06Z|00003|ofp_util|INFO|post: > > root@ashok-vb:/home/achippa/openvswitch-2.3.0# ovs-ofctl dump-flows > br-int > > NXST_FLOW reply (xid=0x4): > > cookie=0x0, duration=8.642s, table=0, n_packets=0, n_bytes=0, > idle_age=8, > > priority=9999 actions=drop > > > > I ping 1.1.1.2 from 1.1.1.1 and the traffic passes through...!! What am I > > missing? > > Please read the FAQ. > > ### Q: I ran "ovs-ofctl add-flow br0 nw_dst=192.168.0.1,actions=drop" > but I got a funny message like this: > > ofp_util|INFO|normalization changed ofp_match, details: > ofp_util|INFO| pre: nw_dst=192.168.0.1 > ofp_util|INFO|post: > > and when I ran "ovs-ofctl dump-flows br0" I saw that my nw_dst > match had disappeared, so that the flow ends up matching every > packet. > > A: The term "normalization" in the log message means that a flow > cannot match on an L3 field without saying what L3 protocol is in > use. The "ovs-ofctl" command above didn't specify an L3 protocol, > so the L3 field match was dropped. > > In this case, the L3 protocol could be IP or ARP. A correct > command for each possibility is, respectively: > > ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop > > and > > ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop > > Similarly, a flow cannot match on an L4 field without saying what > L4 protocol is in use. For example, the flow match "tp_src=1234" > is, by itself, meaningless and will be ignored. Instead, to match > TCP source port 1234, write "tcp,tp_src=1234", or to match UDP > source port 1234, write "udp,tp_src=1234". >
_______________________________________________ discuss mailing list discuss@openvswitch.org http://openvswitch.org/mailman/listinfo/discuss
