[openstack-dev] [neutron][sfc] Is there a bug in networking-sfc?

张广明 gmzhang76 at gmail.com
Thu Apr 28 08:13:10 UTC 2016 

Hi Cathy and other guys
     I am a beginner that use networking-sfc. I create a port-chain-list
that want to steer a flow that is  from public-net to private-net  to SF
node.  The DVR is enable in my test environment.
The test result is the flow was steered from destination node  to SF node
and return to the destination  node rightly, but the flow was match the
classify rule again,so the flow can not to be send to
the destination VM.
      In networking-sfc agent code . there is a
function update_src_node_flow_rules  that create a normal flow to handle
this case. But in networking-sfc ovs dirver code,
_update_src_node_flowrules  can't
call ask_agent_to_update_src_node_flow_rules to notify agent to
exec update_src_node_flow_rules. The reason is  the function
 _get_portchain_src_node_flowrule return None. In  function
_get_portchain_src_node_flowrule , the check
that was marked red is not right in this  case.


def _get_portchain_src_node_flowrule(self, node,
                                         add_fc_ids=None, del_fc_ids=None):
        try:
            add_fc_rt = []
            del_fc_rt = []

            if add_fc_ids:
                for fc in self._get_fcs_by_ids(add_fc_ids):
                    if not fc.get('logical_source_port', None):
                        add_fc_rt.append(fc)

            if del_fc_ids:
                for fc in self._get_fcs_by_ids(del_fc_ids):
                    if not fc.get('logical_source_port', None):
                        del_fc_rt.append(fc)

            if not add_fc_rt and not del_fc_rt:
                return None

            return self._build_portchain_flowrule_body_without_port(
                node, add_fc_rt, del_fc_rt)
        except Exception as e:
            LOG.exception(e)
            LOG.error(_LE("_get_portchain_src_node_flowrule failed"))


      Is it a bug or my configure is wrong?



root at rg1-com01 ~]# neutron  flow-classifier-show
 4542a747-b205-41ff-970c-1ea11fa956fc
+----------------------------+--------------------------------------+
| Field                      | Value                                |
+----------------------------+--------------------------------------+
| description                |                                      |
| destination_ip_prefix      | 192.168.1.0/24                       |
| destination_port_range_max |                                      |
| destination_port_range_min |                                      |
| ethertype                  | IPv4                                 |
| id                         | 4542a747-b205-41ff-970c-1ea11fa956fc |
| l7_parameters              | {}                                   |
| logical_destination_port   |                                      |
| logical_source_port        | f18895cf-6c4b-495a-8bd5-e8f12ae86541 |
| name                       | FC-F3                                |
| protocol                   |                                      |
| source_ip_prefix           | 192.168.200.0/24                     |
| source_port_range_max      |                                      |
| source_port_range_min      |                                      |
| tenant_id                  | 02e5a953a113479388103c585f5b5ae1     |
+----------------------------+--------------------------------------+

the original flow  is 192.168.200.2 to 192.168.200.202 floatingip(
192.168.1.202  private ip)
logical_source_port      is  fg-xxx interface in namespace fip.

Thanks
Jim
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack-dev/attachments/20160428/c4530635/attachment.html>

More information about the OpenStack-dev mailing list