Layer 3 forwarding in OVS

[Tejas Parab]

Hello,

I need help regarding OVS ofctl configuration. I'm trying to add a flow for specific switches in my topology, but I'm not able to ping host devices. I've attached my topology to this post. I cannot ping if I'm using layer 3 references for OVS such as nw_src and nw_dst. I was able to ping if I use normal forwarding without using layer 3 or layer 4. I want to send packets from server to client. 

Route - sever-ovs(2)-ovs(1)-client.

dump flows for ovs-2:

             

 NXST_FLOW reply (xid=0x4):

 cookie=0x0, duration=482.792s, table=0, n_packets=0, n_bytes=0, idle_age=482, priority=800,ip,nw_src=10.10.1.1,nw_dst=10.10.1.16 actions=output:1

 cookie=0x0, duration=492.770s, table=0, n_packets=0, n_bytes=0, idle_age=492, priority=800,ip,nw_src=10.10.1.16,nw_dst=10.10.1.1 actions=output:3

dump flows for ovs-1:

NXST_FLOW reply (xid=0x4):

 cookie=0x0, duration=687.943s, table=0, n_packets=0, n_bytes=0, idle_age=687, priority=800,ip,nw_src=10.10.1.1,nw_dst=10.10.1.16 actions=output:4

 cookie=0x0, duration=671.266s, table=0, n_packets=0, n_bytes=0, idle_age=671, priority=800,ip,nw_src=10.10.1.16,nw_dst=10.10.1.1 actions=output:2

I can ping successfully if I use  dl_type as ARP, So why can't I use IP??? 

Assigned IP addresses

Client : 10.10.1.1/24

Server: 10.10.1.16/24 

[Vic THOMAS]

Dear Tejas,

If I understand your question correctly, you are unable to ping the client node from the server.   Looking at the OVS flows in your email, it appears you have set the switches to forward IP packets but you have not set set up flows to forward ICMP packets.  Ping uses ICMP echo/reply messages and these need to be forwarded by your switches.

Best wishes,

< Vic

---

From: geni-...@googlegroups.com <geni-...@googlegroups.com> on behalf of Tejas Parab <tpa...@gmail.com>
Sent: Sunday, June 18, 2017 4:58:26 PM
To: GENI Users
Subject: [geni-users] Layer 3 forwarding in OVS

 

--
GENI Users is a community supported mailing list, so please help by responding to questions you know the answer to.
 
If this is your first time posting a question to this list, please review http://groups.geni.net/geni/wiki/GENIExperimenter/CommunityMailingList
---
You received this message because you are subscribed to the Google Groups "GENI Users" group.
To unsubscribe from this group and stop receiving emails from it, send an email to geni-users+...@googlegroups.com.
For more options, visit https://groups.google.com/d/optout.

[Nicholas Bastin]

On Sun, Jun 18, 2017 at 5:58 PM, Tejas Parab <tpa...@gmail.com> wrote:

I need help regarding OVS ofctl configuration. I'm trying to add a flow for specific switches in my topology, but I'm not able to ping host devices. I've attached my topology to this post. I cannot ping if I'm using layer 3 references for OVS such as nw_src and nw_dst. I was able to ping if I use normal forwarding without using layer 3 or layer 4. I want to send packets from server to client. 

The problem is that while you have set up your switches to forward IP flows, that's pretty unusual, and so the hosts don't know you're doing it.  The hosts expect that their packets will be forwarded at layer 2 (ethernet), not based on the IP information in them.  As a result, when a host wants to send an IP packet to another host, it sends an ARP packet first in order to learn the MAC address associated with the required IP destination.  If the host cannot learn that MAC address, it will not send the packet, even if your switch is capable of forwarding it.

You need to add flows to your switches to forward ARP requests and replies, which will allow the hosts to learn the MAC addresses of each other, and thus send packets.  Once your hosts learn the MACs of their neighbors, you'll be able to forward any IPv4 packet between them (including ICMP).

--

Nick