On Wed, Apr 6, 2016 at 5:16 PM, Ryan Izard <riz...@g.clemson.edu> wrote:
> I have a very simple topology as follows:
>
> network----[Dell S4810]-24---link---1-[host w/OVS br0]-LOCAL
>
> The host with OVS has IP 192.168.1.3/24 with a route into the br0 (i.e.
> LOCAL) interface.
>

I don't really understand what this means.  What ports are on br0 and what
interfaces have IP addresses?


> We try to ping another host on the network from host 192.168.1.3, but the
> ping confuses our controller's MAC learning algorithm due to OVS
> mishandling ARP packets. Here are some observations:
>

Where are you issuing the ping from, the command line of the host with
OVS?  What do your local routing and arp tables look like?


> -- using OVS 2.3.1 and has been running stably since release until
> recently (no known changes)
>

Do ovs-vsctl commands hang?  I doubt it in your case, but we've had some
lockups on vswitchd that forced us to upgrade all the VTS hardware to 2.5.0.


> -- there is only 1 flow installed. It is a single, zero-priority,
> fully-wildcarded table-miss flow w/output=controller
>

Well, not really.. :-)  Try:

sudo ovs-appctl bridge/dump-flows br0

There's some special handling for ARP for in-band control that is set in
very-high-priority hidden flows in a late pipeline table.  Make sure you're
not hitting those flows.


> -- the Dell switch gets all the ARPs and sends them as packet-ins to our
> controller, so they are being forwarded by the OVS somehow
>

I still don't quite understand your topology graph, but sourcing packets
from a host connected to an OVS bridge that it is itself hosting can get
problematic without some namespacing.


> -- tried installing explicit
> priority=1,in_port=LOCAL,dl_type=0x806,actions=output:CONTROLLER flow; this
> does not match the ARP packets. They are still forwarded thru OVS
> -- there are no other routes on the host that could match the packets and
> circumvent OVS
>
> My inclination is that OVS is forwarding all ARP packets "under the table"
> and only sending L3+ and unknown ethertypes (LLDP perhaps?) to the
> controller.
>

All I can guess right now is that you're hitting the in-band ARP matches,
although I'm not sure why you've never had this problem before.  More
information about your topology and bridge configuration might reveal
something more useful.

--
Nick
_______________________________________________
discuss mailing list
discuss@openvswitch.org
http://openvswitch.org/mailman/listinfo/discuss

Reply via email to