Hi Aswin I’ve just noticed that I don’t think the packet is ever actually making it through to OVS.
If I do a “ovs-dpctl dump-flows” then I see the immediate drop on ingress port 5. But if I extend that to “ovs-ofctl -O OpenFlow13 dump-flows br-int” the only entry I see is: cookie=0x8000003, duration=3823.308s, table=21, n_packets=0, n_bytes=0, priority=18,ip,metadata=0x30d40/0xfffffe,nw_dst=48.0.0.0/8 actions=group:150007 I’ve just checked the port names and “Port 5” is: name : "br-prov2-patch" ofport : 5 David From: Aswin Suryanarayanan [mailto:[email protected]] Sent: 20 July 2018 10:45 To: Lake D Mr (PG/R - Elec Electronic Eng) <[email protected]> Cc: odl netvirt dev <[email protected]>; [email protected]; Ge C Dr (Elec Electronic Eng) <[email protected]> Subject: Re: [netvirt-dev] VM as a router with ODL/OpenStack On Fri, Jul 20, 2018 at 1:02 PM, <[email protected]<mailto:[email protected]>> wrote: Hello I’m trying to use a VM as a router in an OpenStack + ODL installation. I have the VM set up with two internal addresses - 10.10.5.21 and 10.10.6.21. They are allocated floating public addresses of 10.201.81.21 and 10.201.82.21 respectively. I am using a TREx load generator which sources from 16.0.0.0/8<http://16.0.0.0/8> and sinks to 48.0.0.0/8<http://48.0.0.0/8>. I have added routes both ways on the routers between the floating and private addresses. I have read that I need to disable “port security” on the VM ports to allow IP spoofing - does this also include the router ports? Router ports have port security disabled by default , no need to do that explicitly. Also, when I start a test session generating traffic from 16.0.0.0 -> 48.0.0.0. I see a flow in OVS which matches but has an action of “drop.” Which table exactly is the packet dropped? How do I overcome this? Thanks in advance David Sent from my iPhone _______________________________________________ netvirt-dev mailing list [email protected]<mailto:[email protected]> https://lists.opendaylight.org/mailman/listinfo/netvirt-dev
_______________________________________________ Mailing list: http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack Post to : [email protected] Unsubscribe : http://lists.openstack.org/cgi-bin/mailman/listinfo/openstack
