On Mon, Feb 22, 2021 at 05:45:41PM +0000, Brendan Doyle wrote: > If I try add a rule as follows: > ovs-ofctl add-flow br-ext > priority=1001,ip,in_port="patch-ln-ls_vcn",nw_proto=17,nw_dst=169.254.239.254,udp_dst=53,actions=mod_nw_dst:253.255.0.31,mod_udp_dst=30053,output:"bond0.3900" > > I get : > ovs-ofctl: unknown action mod_udp_dst > > > Yet OVS is quiet happy with: > > > ovs-ofctl add-flow br-ext > priority=1001,ip,in_port="patch-ln-ls_vcn",nw_proto=17,nw_dst=169.254.239.254,udp_dst=53,actions=mod_nw_dst:253.255.0.31,mod_tp_dst=30053,output:"bond0.3900" > > So how come I can use udp_dst to match, but have to use tp_dst to modify?
You might be under the misapprehension that "tp" stands for "tcp". It does not. It stands for "transport", i.e. the L4 protocol in use. Similarly, "nw" stands for "network" (L3) and the "dl" used elsewhere stands for "datalink" (L2). For matching, it makes some sense to be able to specify the transport protocol when matching the transport port, since then the nw_proto can be omitted (although I see you included it anyway). But there's no value in specifying the particular transport protocol for modifying it, since it doesn't normally make sense to modify a transport port without knowing the transport protocol. > And is the above the same as having: > > ovs-ofctl add-flow br-ext > priority=1001,ip,in_port="patch-ln-ls_vcn",nw_proto=17,nw_dst=169.254.239.254,tp_dst=53,actions=mod_nw_dst:253.255.0.31,mod_tp_dst=30053,output:"bond0.3900" Yes, since nw_proto=17 is still in there. Without it, OVS wouldn't know what transport protocol tp_dst=53 is supposed to match against. _______________________________________________ discuss mailing list [email protected] https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
