[prev in list] [next in list] [prev in thread] [next in thread]
List: openvswitch-discuss
Subject: [ovs-discuss] how to use ovs-conntrack
From: jpettit () nicira ! com (Justin Pettit)
Date: 2015-06-30 1:00:05
Message-ID: C22D4100-EE7E-4D76-9A3F-4CDFA8ACC842 () nicira ! com
[Download RAW message or body]
> On Jun 28, 2015, at 8:55 PM, Zhang, Chunyu <zhangcy at cn.fujitsu.com> wrote:
>
> hi justin
>
> > > 3. ovs-ofctl command
> > > in our project , we use nf_conntrack extension :
> > >
> > > static struct nf_ct_ext_type nf_ct_colo_extend __read_mostly = {
> > > .len = sizeof(struct nf_conn_colo),
> > > .move = nf_ct_colo_extend_move,
> > > .destroy = nf_ct_colo_extend_destroy,
> > > .align = __alignof__(struct nf_conn_colo),
> > > .id = NF_CT_EXT_COLO,
> > > };
> > >
> > > if i want to nf_conntrack extension work.
> > > ovs-ofctl command is ?
> > > please give me some example and advise
> >
> > If you use the OVS repo, the man pages for ovs-ofctl were updated. Look for the \
> > new "ct" action and "conn_state" match.
>
> I use this:
> ovs-ofctl add-flow ovsbr0 "in_port=1,conn_state=+trk+new,tcp,action=ct(commit),1"
> ovs-ofctl add-flow ovsbr0 "in_port=2,conn_state=+trk+new,tcp,action=ct(commit),1"
> ovs-ofctl add-flow ovsbr0 "in_port=3,conn_state=+trk+new,tcp,action=ct(commit),1"
I don't understand these flows. You can't match on "conn_state" until after your \
call to ct(). This is documented in the ovs-ofctl man page:
conn_state=[+flag...][-flag...]
Bitwise match on connection state flags. The flags are only
available after a call to the ct action with the "recirc" flag
set.
Further, you're sending all of your packets to port 1, which I can't imagine is what \
you want.
One of the commit messages provides some example flows:
https://github.com/justinpettit/ovs/commit/be947f2
--Justin
[prev in list] [next in list] [prev in thread] [next in thread]
Configure |
About |
News |
Add a list |
Sponsored by KoreLogic