[Openstack] [netvirt-dev] VM as a router with ODL/OpenStack

d.lake at surrey.ac.uk d.lake at surrey.ac.uk
Fri Jul 20 09:57:59 UTC 2018 

Hi Aswin

From a “ovs-dpctl dump-flows” I see this:

recirc_id(0),in_port(5),eth(src=a0:36:9f:f6:f9:98,dst=fa:16:3e:f1:8e:3d),eth_type(0x0800),ipv4(src=16.0.0.0/240.0.0.0,dst=48.0.0.0/255.0.0.0,frag=no), packets:1438, bytes:105356, used:0.005s, flags:S, actions:drop


The src MAC address is the traffic generator.   The dst is the MAC address of the floating IP.

David

From: Aswin Suryanarayanan [mailto:asuryana at redhat.com]
Sent: 20 July 2018 10:45
To: Lake D Mr (PG/R - Elec Electronic Eng) <d.lake at surrey.ac.uk>
Cc: odl netvirt dev <netvirt-dev at lists.opendaylight.org>; openstack at lists.openstack.org; Ge C Dr (Elec Electronic Eng) <c.ge at surrey.ac.uk>
Subject: Re: [netvirt-dev] VM as a router with ODL/OpenStack



On Fri, Jul 20, 2018 at 1:02 PM, <d.lake at surrey.ac.uk<mailto:d.lake at surrey.ac.uk>> wrote:
Hello

I’m trying to use a VM as a router in an OpenStack + ODL installation.

I have the VM set up with two internal addresses - 10.10.5.21 and 10.10.6.21.   They are allocated floating public addresses of 10.201.81.21 and 10.201.82.21 respectively.

I am using a TREx load generator which sources from 16.0.0.0/8<http://16.0.0.0/8> and sinks to 48.0.0.0/8<http://48.0.0.0/8>.

I have added routes both ways on the routers between the floating and private addresses.

I have read that I need to disable “port security” on the VM ports to allow IP spoofing - does this also include the router ports?

Router ports have port security disabled by default , no need to do that explicitly.

Also, when I start a test session generating traffic from 16.0.0.0 -> 48.0.0.0. I see a flow in OVS which matches but has an action of “drop.”

Which table exactly is the packet dropped?

How do I overcome this?

Thanks in advance

David

Sent from my iPhone

_______________________________________________
netvirt-dev mailing list
netvirt-dev at lists.opendaylight.org<mailto:netvirt-dev at lists.opendaylight.org>
https://lists.opendaylight.org/mailman/listinfo/netvirt-dev

-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.openstack.org/pipermail/openstack/attachments/20180720/5a37a2c4/attachment.html>

More information about the Openstack mailing list