Hi Aswin I’ve just noticed that I don’t think the packet is ever actually making it through to OVS.
If I do a “ovs-dpctl dump-flows” then I see the immediate drop on ingress port 5. But if I extend that to “ovs-ofctl -O OpenFlow13 dump-flows br-int” the only entry I see is: cookie=0x8000003, duration=3823.308s, table=21, n_packets=0, n_bytes=0, priority=18,ip,metadata=0x30d40/0xfffffe,nw_dst=48.0.0.0/8 actions=group:150007 I’ve just checked the port names and “Port 5” is: name : "br-prov2-patch" ofport : 5 David From: Aswin Suryanarayanan [mailto:asury...@redhat.com] Sent: 20 July 2018 10:45 To: Lake D Mr (PG/R - Elec Electronic Eng) <d.l...@surrey.ac.uk> Cc: odl netvirt dev <netvirt-...@lists.opendaylight.org>; openstack@lists.openstack.org; Ge C Dr (Elec Electronic Eng) <c...@surrey.ac.uk> Subject: Re: [netvirt-dev] VM as a router with ODL/OpenStack On Fri, Jul 20, 2018 at 1:02 PM, <d.l...@surrey.ac.uk<mailto:d.l...@surrey.ac.uk>> wrote: Hello I’m trying to use a VM as a router in an OpenStack + ODL installation. I have the VM set up with two internal addresses - 10.10.5.21 and 10.10.6.21. They are allocated floating public addresses of 10.201.81.21 and 10.201.82.21 respectively. I am using a TREx load generator which sources from 16.0.0.0/8<http://16.0.0.0/8> and sinks to 48.0.0.0/8<http://48.0.0.0/8>. I have added routes both ways on the routers between the floating and private addresses. I have read that I need to disable “port security” on the VM ports to allow IP spoofing - does this also include the router ports? Router ports have port security disabled by default , no need to do that explicitly. Also, when I start a test session generating traffic from 16.0.0.0 -> 48.0.0.0. I see a flow in OVS which matches but has an action of “drop.” Which table exactly is the packet dropped? How do I overcome this? Thanks in advance David Sent from my iPhone _______________________________________________ netvirt-dev mailing list netvirt-...@lists.opendaylight.org<mailto:netvirt-...@lists.opendaylight.org> https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : openstack@lists.openstack.org Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
