[prev in list] [next in list] [prev in thread] [next in thread] 

List:       openvswitch-discuss
Subject:    [ovs-discuss] unexpected datapath
From:       george.shuklin () gmail ! com (George Shuklin)
Date:       2012-10-24 20:44:53
Message-ID: 50885345.60702 () gmail ! com
[Download RAW message or body]

Thank you for reply.

Unfortunately that staff happens be in product environment with > 
200Mb/s outgoing trafic from virtual machines (XCP 1.1 with upgrade to 
ovs1.4.3), so tcpdump is kinda impossible.

Some data on configuration:
no flow controller, some rules (antispoofing) are applied during vm 
start (small patch to /etc/xenxsource/scripts/vif)

I've checked it on few hosts, here staticstics:

* That message appears on every host we've upgrade to ovs1.4.3
* It shows only for in_port=1 (physical eth, attached to bridge, ixgb 1G 
network with vlans)
* It shows only gateway address
* source ip is has no designation (VM is on other host)

I think this somehow related to mac learning on uplink switch...

Here our rules to restrict ip/mac spoofing (ipv6 do not protected - was 
not supported in ovs1, patch is still not upgaded):

restrict_ipv4 ()
{
     p_bridge=`ovs-vsctl br-to-parent $bridge`
     #applying acl for specified port and ipv4 address
     logger -t scripts-vif "VIF uuid=$vif device=$dev ovs_port=$port 
bridge=$p_bridge/$bridge restricted to use IPv4 $IP only with mac $mac 
address."
     $ofctl add-flow $p_bridge "in_port=$port priority=39000 
dl_type=0x0800 nw_src=$IP dl_src=$mac idle_timeout=0 action=normal"
     $ofctl add-flow $p_bridge "in_port=$port priority=38500 
dl_type=0x0806  dl_src=$mac nw_src=$IP idle_timeout=0 action=normal"
     $ofctl add-flow $p_bridge "in_port=$port priority=38250 
dl_type=0x86DD  dl_src=$mac idle_timeout=0 action=normal"
     $ofctl add-flow $p_bridge "in_port=$port priority=38000 
idle_timeout=0 action=drop"

}



On 24.10.2012 20:08, Ben Pfaff wrote:
> Hmm.  Yesterday I looked over all of the datapath commits since version
> 1.4.3 and didn't see any bugfixes, not applied to branch-1.4, that would
> account for this particular message.  That means that this may be a
> problem that we aren't yet aware of.
> 
> Unfortunately, this particular class of issue is difficult to debug.
> One approach that is likely to succeed, if you are willing to try it, is
> to do a "tcpdump" of traffic on your physical interface to a file in the
> background.  Then, the first time afterward that you notice such a
> message in your log, stop the tcpdump and use "tcpdump -r<file>  -n
> -vvve" with an appropriate filter to print only the traffic that is part
> of the same TCP connection as the one mentioned in the log message, and
> post that output (along with the log message).
> 
> If you're willing to do that work (and I realize it's a bit of trouble)
> there's a much better chance that we can figure out the problem.
> 
> On Tue, Oct 23, 2012 at 06:31:42AM +0400, George Shuklin wrote:
> > That happens in freshly installed ovs 1.4.3 :
> > 
> > ovs-ofctl --version
> > ovs-ofctl (Open vSwitch) 1.4.3
> > Compiled Oct 11 2012 11:08:37
> > OpenFlow versions 0x1:0x1
> > 
> > 
> > On 22.10.2012 23:28, Ben Pfaff wrote:
> > > On Sat, Oct 20, 2012 at 04:03:18AM +0400, George Shuklin wrote:
> > > > After upgrading from ovs 1.0 to 1.4 on XCP 1.1 I found following
> > > > message in log appears every 10-20min:
> > > > 
> > > > Oct 20 03:37:42|00245|ofproto_dpif|WARN|unexpected flow from
> > > > datapath in_port(1),eth(src=88:e0:f3:23:42:c0,dst=92:cf:e9:66:a1:46),eth_type( \
> > > > 0x0800),ipv4(src=122.226.56.20,dst=188.16.98.12,proto=6,tos=0,ttl=101,frag=no),tcp(src=6000,dst=1433)
> > > >  
> > > > What that message means, can this cause any problems and if, how to fix?
> > > It indicates a bug, but the only implication for use is a potential
> > > performance problem in some corner case.  If it only occurs that
> > > often, it should not be a serious performance problem in any case.
> > > 
> > > What particular OVS version is this?  e.g. 1.4.0, 1.4.1, ...?  Perhaps
> > > it is a bug that has been fixed in a later version.


[prev in list] [next in list] [prev in thread] [next in thread]