On 1/25/24 10:42, Lim, Derrick via discuss wrote: > Hey all, > > Is there a way I can encapsulate a packet with VXLAN, and then resubmit > it through OVS again to run other flow actions based on this encapsulated > packet? > > Currently, I have a OVS-DPDK setup where in the final step, before a packet > leaves the host, the group action is used to pick between multiple physical > ports, and then rewrite the mac address (mod_dl_dst) to that of the > destination's, as well as apply the appropriate vlan tag (mod_vlan_vid). > > I would like the encapsulate action to take place before the step mentioned > above. I created a tunnel port (eg. vxlan0). But if I set the action to this > port, the packet basically leaves OVS and I can't resubmit it. > > In the userspace tunneling example, two bridges are used so that information > from the kernel can be used for routing and ARP resolution. Is there a way I > can populate these fields through various flow actions if I already know what > they should be without going through the kernel? Or is going through the > kernel > absolutely required to create the data structure for encapsulation?
The output to a tunnel is an 'output' action, i.e. the packet always leaves the bridge. And so, it requires routing after encapsulation in order to identify where it should go next. For routing we need IP addresses and a routing table. This information is normally synced from the kernel. You can add static routes via ovs-appctl ovs/route/add, but you still need IP addresses configured on bridges. Normally the problem of applying actions after encapsulation is solved by having a tunnel interface in one bridge (br-int) and the egress interfaces in the other bridge (br-phy). The br-phy should have an IP address from the tunnel subnet, so after encapsulation the packet is getting routed to br-phy. In br-phy the packet can be matched with OF rules and actions can be executed before sending it to the egress interface. Best regards, Ilya Maximets. _______________________________________________ discuss mailing list disc...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-discuss
