Hi,
We met a ovs mirror problem with v3.0.3 and the latest master, while v2.17.1
works well. Any input will be appreciated. Thanks in advance.
See the following configuration and tests. Test 1 is going to mirror all pkts
of an interface but only gets from egress direction. Test 2 is going to mirror
pkts in ingress direction but gets nothing.
The built-in mirror related selftest are all passed.
1164. ofproto-dpif - mirroring, select_all (ofproto-dpif.at:5185): ok
(0m0.031s 0m0.058s)
1165. ofproto-dpif - mirroring, select_src (ofproto-dpif.at:5216): ok
(0m0.035s 0m0.054s)
1166. ofproto-dpif - mirroring, OFPP_NONE ingress port (ofproto-dpif.at:5245):
ok (0m0.033s 0m0.046s)
1167. ofproto-dpif - mirroring, select_dst (ofproto-dpif.at:5267): ok
(0m0.043s 0m0.047s)
1168. ofproto-dpif - mirroring, select_vlan (ofproto-dpif.at:5298): ok
(0m0.038s 0m0.059s)
1169. ofproto-dpif - mirroring, output_port (ofproto-dpif.at:5334): ok
(0m0.042s 0m0.047s)
1170. ofproto-dpif - mirroring, output_vlan (ofproto-dpif.at:5364): ok
(0m0.045s 0m0.064s)
1171. ofproto-dpif - multiple VLAN output mirrors (ofproto-dpif.at:5401): ok
(0m0.039s 0m0.047s)
1172. ofproto-dpif - mirroring with recirculation (ofproto-dpif.at:5430): ok
(0m0.037s 0m0.055s)
1173. ofproto-dpif - mirroring, select_all with snaplen (ofproto-dpif.at:5456):
ok (0m0.035s 0m0.055s)
1174. ofproto-dpif - mirroring, select_all with snaplen and reset snaplen
(ofproto-dpif.at:5486): ok (0m0.043s 0m0.063s)
1175. ofproto-dpif - mirroring, select_src with snaplen (ofproto-dpif.at:5526):
ok (0m0.033s 0m0.058s)
1176. ofproto-dpif - mirroring, OFPP_NONE ingress port with snaplen
(ofproto-dpif.at:5555): ok (0m0.041s 0m0.040s)
1177. ofproto-dpif - mirroring, select_dst with snaplen (ofproto-dpif.at:5576):
ok (0m0.034s 0m0.055s)
1178. ofproto-dpif - mirroring, select_vlan with snaplen
(ofproto-dpif.at:5606): ok (0m0.036s 0m0.062s)
1179. ofproto-dpif - mirroring, output_port with snaplen
(ofproto-dpif.at:5641): ok (0m0.043s 0m0.046s)
1180. ofproto-dpif - mirroring, output_vlan with snaplen
(ofproto-dpif.at:5671): ok (0m0.037s 0m0.057s)
1181. ofproto-dpif - multiple VLAN output mirrors with snaplen
(ofproto-dpif.at:5699): ok (0m0.043s 0m0.037s)
1202. ofproto-dpif - continuation - mirroring - OpenFlow10
(ofproto-dpif.at:6055): ok (0m0.251s 0m0.346s)
1203. ofproto-dpif - continuation - mirroring - OpenFlow13
(ofproto-dpif.at:6055): ok (0m0.247s 0m0.346s)
1) Configuration
ovs-vsctl add-br br0
ifconfig br0 10.0.11.1 up netmask 255.255.255.0
ip route add 10.0.11.0/24 via 10.0.11.1 dev br0
modprobe dummy numdummies=1
ip link set up dummy0
ovs-vsctl add-port br0 dummy0
ovs-vsctl clear Bridge br0 mirrors
cat >> /tmp/ovs_dnsmasq.conf <<-EOF
interface=br0
dhcp-range=br0,10.0.11.10,10.0.11.100
EOF
pkill dnsmasq
dnsmasq --conf-file=/tmp/ovs_dnsmasq.conf -l /tmp/dnsmasq.leases -p 0
virsh create vm1.xml --console
virsh create vm2.xml --console
Start a vm and find its IP is 10.0.11.20
/usr/bin/qemu-system-x86_64 \
-name guest=guest1,debug-threads=on \
-S \
-object
'{"qom-type":"secret","id":"masterKey0","format":"raw","file":"/var/lib/libvirt/qemu/domain-1-guest1/master-key.aes"}'
\
-machine pc-i440fx-7.2,usb=off,dump-guest-core=off,memory-backend=pc.ram \
-accel kvm \
-cpu qemu64 \
-m 500 \
-object '{"qom-type":"memory-backend-ram","id":"pc.ram","size":524288000}' \
-overcommit mem-lock=off \
-smp 1,sockets=1,cores=1,threads=1 \
-uuid 88530cf1-5b49-4b09-a88d-36535b5637d0 \
-display none \
-no-user-config \
-nodefaults \
-chardev socket,id=charmonitor,fd=38,server=on,wait=off \
-mon chardev=charmonitor,id=monitor,mode=control \
-rtc base=utc \
-no-shutdown \
-no-acpi \
-boot strict=on \
-kernel /exports/guest1/kernel \
-append 'console=ttyS0 root=/dev/vda rw ip=dhcp' \
-device '{"driver":"piix3-usb-uhci","id":"usb","bus":"pci.0","addr":"0x1.0x2"}'
\
-blockdev
'{"driver":"file","filename":"/exports/guest1/wrlinux-image-std-qemux86-64.ext4","node-name":"libvirt-2-storage","auto-read-only":true,"discard":"unmap"}'
\
-blockdev
'{"node-name":"libvirt-2-format","read-only":false,"driver":"raw","file":"libvirt-2-storage"}'
\
-device
'{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x2","drive":"libvirt-2-format","id":"virtio-disk0","bootindex":1}'
\
-blockdev
'{"driver":"file","filename":"/exports/guest1/test.img","node-name":"libvirt-1-storage","auto-read-only":true,"discard":"unmap"}'
\
-blockdev
'{"node-name":"libvirt-1-format","read-only":false,"driver":"raw","file":"libvirt-1-storage"}'
\
-device
'{"driver":"virtio-blk-pci","bus":"pci.0","addr":"0x4","drive":"libvirt-1-format","id":"virtio-disk1"}'
\
-netdev tap,fd=39,id=hostnet0,vhost=on,vhostfd=41 \
-device
'{"driver":"virtio-net-pci","netdev":"hostnet0","id":"net0","mac":"52:54:00:4f:5d:ec","bus":"pci.0","addr":"0x3"}'
\
-chardev pty,id=charserial0 \
-device
'{"driver":"isa-serial","chardev":"charserial0","id":"serial0","index":0}' \
-audiodev '{"id":"audio1","driver":"none"}' \
-device
'{"driver":"virtio-balloon-pci","id":"balloon0","bus":"pci.0","addr":"0x5"}' \
-sandbox off \
-msg timestamp=on
root@intel-x86-64:~# ovs-vsctl show
998cd873-eb9d-45d8-81a9-3ef4ba66224e
Bridge br0
Port br0
Interface br0
type: internal
Port vnet0
Interface vnet0
Port dummy0
Interface dummy0
ovs_version: "3.1.90"
ovs-vsctl list port dummy0 | head -1 | awk '{print $3}'
da38d32c-1026-49c8-bb11-c177a9f32bdc
2) Test 1:
ovs-vsctl clear Bridge br0 mirrors
ovs-vsctl -- --id=@m create mirror name=mirror0 -- add bridge br0 mirrors @m
ovs-vsctl set mirror mirror0 output_port=da38d32c-1026-49c8-bb11-c177a9f32bdc
ovs-vsctl set mirror mirror0 select_all=1
ovs-vsctl list mirror
_uuid : 137ea1fa-30fb-4183-a5b3-b95cb67f1454
external_ids : {}
name : mirror0
output_port : da38d32c-1026-49c8-bb11-c177a9f32bdc
output_vlan : []
select_all : true
select_dst_port : []
select_src_port : []
select_vlan : []
snaplen : []
statistics : {tx_bytes=1064, tx_packets=12}
tcpdump -ni dummy0 -v > 1.log &
tcpdump -ni vnet0 -v > 2.log &
ping 10.0.11.20 -c 10
pkill tcpdump
cat 1.log // Only traffic from br0 to guest OS can be seen.
08:46:14.814714 IP (tos 0x0, ttl 64, id 44748, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 2, length 64
08:46:15.838717 IP (tos 0x0, ttl 64, id 45250, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 3, length 64
08:46:16.862731 IP (tos 0x0, ttl 64, id 45252, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 4, length 64
08:46:17.886733 IP (tos 0x0, ttl 64, id 45291, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 5, length 64
08:46:18.910738 IP (tos 0x0, ttl 64, id 45738, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 6, length 64
08:46:19.934734 IP (tos 0x0, ttl 64, id 46667, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 7, length 64
08:46:20.958757 IP (tos 0x0, ttl 64, id 47353, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 8, length 64
08:46:21.982735 IP (tos 0x0, ttl 64, id 48085, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 9, length 64
cat 2.log // All traffic through vnet0
08:46:14.814720 IP (tos 0x0, ttl 64, id 44748, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 2, length 64
08:46:14.814931 IP (tos 0x0, ttl 64, id 28904, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 2, length 64
08:46:15.838721 IP (tos 0x0, ttl 64, id 45250, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 3, length 64
08:46:15.838859 IP (tos 0x0, ttl 64, id 28933, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 3, length 64
08:46:16.862737 IP (tos 0x0, ttl 64, id 45252, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 4, length 64
08:46:16.862970 IP (tos 0x0, ttl 64, id 29016, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 4, length 64
08:46:17.667320 IP (tos 0x0, ttl 64, id 61820, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.43133 > 1.1.1.1.53: 20718+ A? time3.google.com. (34)
08:46:17.667334 IP (tos 0x0, ttl 64, id 61821, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.43133 > 1.1.1.1.53: 3049+ AAAA? time3.google.com. (34)
08:46:17.886740 IP (tos 0x0, ttl 64, id 45291, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 5, length 64
08:46:17.887031 IP (tos 0x0, ttl 64, id 30017, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 5, length 64
08:46:18.910746 IP (tos 0x0, ttl 64, id 45738, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 6, length 64
08:46:18.911034 IP (tos 0x0, ttl 64, id 30021, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 6, length 64
08:46:19.934741 IP (tos 0x0, ttl 64, id 46667, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 7, length 64
08:46:19.935028 IP (tos 0x0, ttl 64, id 30603, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 7, length 64
08:46:20.958765 IP (tos 0x0, ttl 64, id 47353, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 8, length 64
08:46:20.959046 IP (tos 0x0, ttl 64, id 31590, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 8, length 64
08:46:21.982741 IP (tos 0x0, ttl 64, id 48085, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 2, seq 9, length 64
08:46:21.983031 IP (tos 0x0, ttl 64, id 32157, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 2, seq 9, length 64
08:46:22.667971 IP (tos 0x0, ttl 64, id 10418, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.36216 > 8.8.8.8.53: 20718+ A? time3.google.com. (34)
08:46:22.667984 IP (tos 0x0, ttl 64, id 10419, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.36216 > 8.8.8.8.53: 3049+ AAAA? time3.google.com. (34)
3) Test 2:
ovs-vsctl clear Bridge br0 mirrors
ovs-vsctl -- --id=@m create mirror name=mirror0 -- add bridge br0 mirrors @m
ovs-vsctl set mirror mirror0 output_port=da38d32c-1026-49c8-bb11-c177a9f32bdc
ovs-vsctl set mirror mirror0 select_all=0
ovs-vsctl set mirror mirror0 select_src_port=vnet0
ovs-vsctl list mirror
tcpdump -ni dummy0 -v > 1.log &
tcpdump -ni vnet0 -v > 2.log &
ping 10.0.11.20 -c 10
pkill tcpdump
cat 1.log // Nothing
cat 2.log // All traffic through vnet0
08:55:25.726710 IP (tos 0x0, ttl 64, id 11542, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 2, length 64
08:55:25.726939 IP (tos 0x0, ttl 64, id 2029, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 2, length 64
08:55:26.750743 IP (tos 0x0, ttl 64, id 12067, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 3, length 64
08:55:26.750885 IP (tos 0x0, ttl 64, id 2376, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 3, length 64
08:55:27.774750 IP (tos 0x0, ttl 64, id 12759, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 4, length 64
08:55:27.774996 IP (tos 0x0, ttl 64, id 2611, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 4, length 64
08:55:28.798748 IP (tos 0x0, ttl 64, id 13474, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 5, length 64
08:55:28.799027 IP (tos 0x0, ttl 64, id 3616, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 5, length 64
08:55:29.217957 IP (tos 0x0, ttl 64, id 61301, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.51577 > 8.8.8.8.53: 33981+ A? time1.google.com. (34)
08:55:29.217971 IP (tos 0x0, ttl 64, id 61302, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.51577 > 8.8.8.8.53: 30649+ AAAA? time1.google.com. (34)
08:55:29.822742 IP (tos 0x0, ttl 64, id 13820, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 6, length 64
08:55:29.823085 IP (tos 0x0, ttl 64, id 3900, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 6, length 64
08:55:30.014928 ARP, Ethernet (len 6), IPv4 (len 4), Request who-has 10.0.11.20
tell 10.0.11.1, length 28
08:55:30.015218 ARP, Ethernet (len 6), IPv4 (len 4), Reply 10.0.11.20 is-at
52:54:00:4f:5d:ec, length 28
08:55:30.846701 IP (tos 0x0, ttl 64, id 14515, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 7, length 64
08:55:30.846879 IP (tos 0x0, ttl 64, id 4847, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 7, length 64
08:55:31.870749 IP (tos 0x0, ttl 64, id 14700, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 8, length 64
08:55:31.871053 IP (tos 0x0, ttl 64, id 5206, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 8, length 64
08:55:32.221253 IP (tos 0x0, ttl 64, id 2451, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.32838 > 1.0.0.1.53: 33981+ A? time1.google.com. (34)
08:55:32.221267 IP (tos 0x0, ttl 64, id 2452, offset 0, flags [DF], proto UDP
(17), length 62)
10.0.11.20.32838 > 1.0.0.1.53: 30649+ AAAA? time1.google.com. (34)
08:55:32.894747 IP (tos 0x0, ttl 64, id 14887, offset 0, flags [DF], proto ICMP
(1), length 84)
10.0.11.1 > 10.0.11.20: ICMP echo request, id 4, seq 9, length 64
08:55:32.895042 IP (tos 0x0, ttl 64, id 5554, offset 0, flags [none], proto
ICMP (1), length 84)
10.0.11.20 > 10.0.11.1: ICMP echo reply, id 4, seq 9, length 64
Regards,
Zhe
_______________________________________________
discuss mailing list
disc...@openvswitch.org
https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
