Re: [ovs-discuss] surprising effects with exit v's drop

Fri, 03 Jul 2015 08:20:42 -0700 

On Thu, Jul 02, 2015 at 07:07:02AM +0000, O Mahony, Billy wrote:
> > From: Ben Pfaff [mailto:b...@nicira.com]
> > Sent: Wednesday, July 1, 2015 9:17 PM
> > To: O Mahony, Billy
> > Cc: discuss@openvswitch.org
> > Subject: Re: [ovs-discuss] surprising effects with exit v's drop
> > 
> > On Tue, Jun 30, 2015 at 02:46:59PM +0000, O Mahony, Billy wrote:
> > > I am getting very surprising (to me at least) effects with the
> > > following flows installed.
> > >
> > > I am seeing packets forwarded when I expect them to be dropped and
> > > dropped when I expect them to be forwarded.
> > 
> > I'm trying to interpret your report.  Is the following correct?
> > 
> >         * When "write_actions" adds an output action, and the pipeline
> >           ends with an "exit" action, no output actually occurs.
> > 
> >         * When "write_actions" adds an output action, and the pipeline
> >           ends with "drop", output does occur.
> 
> Hi Ben. Yes, exactly. 

The former is the current behavior of "exit".  I think it's the way that
"exit" has always behaved.  It's hard to say whether it's right or
wrong, since "exit" is an Open vSwitch extension that was introduced
before OVS added support for write_actions.  Do you have some kind of
particular interest in the behavior of "exit" in this case?

The latter makes sense, because "drop" does not say that a packet must
be dropped.  As the FAQ says:

### Q: How do I make a flow drop packets?

A: To drop a packet is to receive it without forwarding it.  OpenFlow
   explicitly specifies forwarding actions.  Thus, a flow with an
   empty set of actions does not forward packets anywhere, causing
   them to be dropped.  You can specify an empty set of actions with
   "actions=" on the ovs-ofctl command line.  For example:

       ovs-ofctl add-flow br0 priority=65535,actions=

   would cause every packet entering switch br0 to be dropped.

   You can write "drop" explicitly if you like.  The effect is the
   same.  Thus, the following command also causes every packet
   entering switch br0 to be dropped:

       ovs-ofctl add-flow br0 priority=65535,actions=drop

   "drop" is not an action, either in OpenFlow or Open vSwitch.
   Rather, it is only a way to say that there are no actions.

_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Reply via email to