[prev in list] [next in list] [prev in thread] [next in thread]
List: openvswitch-discuss
Subject: [ovs-discuss] how to enable vlan?
From: blp () nicira ! com (Ben Pfaff)
Date: 2012-07-27 4:54:44
Message-ID: 20120727045444.GC28864 () nicira ! com
[Download RAW message or body]
Here's what I'm proposing for the FAQ to answer your question:
Q: My OpenFlow controller doesn't see the VLANs that I expect.
A: The configuration for VLANs in the Open vSwitch database (e.g. via
ovs-vsctl) only affects traffic that goes through Open vSwitch's
implementation of the OpenFlow "normal switching" action. By
default, when Open vSwitch isn't connected to a controller and
nothing has been manually configured in the flow table, all traffic
goes through the "normal switching" action. But, if you set up
OpenFlow flows on your own, through a controller or using ovs-ofctl
or through other means, then you have to implement VLAN handling
yourself.
You can use "normal switching" as a component of your OpenFlow
actions, e.g. by putting "normal" into the lists of actions on
ovs-ofctl or by outputting to OFPP_NORMAL from an OpenFlow
controller. This will only be suitable for some situations,
though.
Q: I configured ports on a bridge as access ports with different VLAN
tags, like this:
ovs-vsctl add-br br0
ovs-vsctl set-controller br0 tcp:192.168.0.10:6633
ovs-vsctl add-port br0 eth0
ovs-vsctl add-port br0 tap0 tag=9
ovs-vsctl add-port br0 tap1 tag=10
but the VMs running behind tap0 and tap1 can still communicate,
that is, they are not isolated from each other even though they are
on different VLANs.
A: Do you have a controller configured on br0 (as the commands above
do)? If so, then this is a variant on the previous question, "My
OpenFlow controller doesn't see the VLANs that I expect," and you
can refer to the answer there for more information.
On Fri, Jul 27, 2012 at 01:41:29PM +0900, ??? wrote:
> Hi all
>
> I have a problem to ask you to resolve my problem.
>
> On my ubuntu 12.04 desktop, I set up ovs and 3 vms.
> And I made ports and interfaces as below:
>
> *$ ovs-vsctl show
> c535b99d-d61c-46bd-b55c-8d7e6764de6a
> Bridge br-int
> Controller "tcp:70.5.30.88:6633"
> is_connected: true
> Port "tap1"
> Interface "tap1"
> Port "tap2"
> Interface "tap2"
> Port "tap0"
> Interface "tap0"
> Port "eth0"
> Interface "eth0"
> Port br-int
> Interface br-int
> type: internal
> Bridge "virbr0"
> Port "vnet0"
> Interface "vnet0"
> Port "virbr0"
> Interface "virbr0"
> type: internal
> ovs_version: "1.4.0+build0"*
> *
> *
> *
> *
>
> I can check all vns can communicate each other with ping cmd.
>
> And now I want to enable vlans to seperate vms into 2 group.
> So I set as below:
> *$ ovs-vsctl set port tap0 tag=1*
> *$ ovs-vsctl set port tap1 tag=2*
> *$ ovs-vsctl set port tap2 tag=1*
> *
> *
> As you can guess, I want to group vm1(tap0) and vm3(tap2).
> And new bride interfaces can be shown as below:
>
> *c535b99d-d61c-46bd-b55c-8d7e6764de6a
> Bridge br-int
> Controller "tcp:70.5.30.88:6633"
> is_connected: true
> Port "tap1"
> tag: 1
> Interface "tap1"
> Port "tap2"
> tag: 2
> Interface "tap2"
> Port "tap0"
> tag: 1
> Interface "tap0"
> Port "eth0"
> Interface "eth0"
> Port br-int
> Interface br-int
> type: internal
> Bridge "virbr0"
> Port "vnet0"
> Interface "vnet0"
> Port "virbr0"
> Interface "virbr0"
> type: internal
> ovs_version: "1.4.0+build0"*
> *
> *
> *
> *
> But my vms are not separated! they can ping each other!
> *How can I engage my vlan setting?*
> *
> *
> *Please tell me the way to resolve my problem. *
> *Thanks. *
>
> --
> ===================================
> Stay Hungry Stay Foolish
>
> Joseph Park
> ===================================
> _______________________________________________
> discuss mailing list
> discuss at openvswitch.org
> http://openvswitch.org/mailman/listinfo/discuss
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic