openvswitch question

openvswitch question

[ratheesh kannoth]

Hi list,


openvswitch internal devices are not real nic. So some routine should
receive the packet  for this interface. Who is receiving packet for
this internal device.
I could find a question similar floating without any answer
http://comments.gmane.org/gmane.network.openvswitch.devel/19402

Any clue is really appreciated .

-Ratheesh

Re: openvswitch question

[Jesse Gross]

On Wed, Mar 19, 2014 at 2:44 AM, ratheesh kannoth
<ratheesh.ksz@gmail.com> wrote:
> Hi list,
>
>
> openvswitch internal devices are not real nic. So some routine should
> receive the packet  for this interface. Who is receiving packet for
> this internal device.
> I could find a question similar floating without any answer
> http://comments.gmane.org/gmane.network.openvswitch.devel/19402

>From the perspective of the network stack, there is no difference
between Open vSwitch internal devices and real NICs so the entry
points into the stack are the same.

Re: openvswitch question

[ratheesh kannoth]

On Thu, Mar 20, 2014 at 7:06 AM, Jesse Gross <jesse@nicira.com> wrote:
> From the perspective of the network stack, there is no difference
> between Open vSwitch internal devices and real NICs so the entry
> points into the stack are the same.

Thanks a lot.
http://kerala-freaks0.blogspot.in/2014/03/openvswitchfunctionflow.html
please let me know if you find anything wrong

-Ratheesh

Re: openvswitch question

[sowmini varadhan]

On Wed, Mar 19, 2014 at 9:36 PM, Jesse Gross <jesse@nicira.com> wrote:
evel/19402
>
> From the perspective of the network stack, there is no difference
> between Open vSwitch internal devices and real NICs so the entry
> points into the stack are the same.

However, the internal vswitch ports like patch-tun and patch-int
are not standard net_devices, so they cannot, e.g.,  be tcpdump'ed,
correct?

FWIW, I've already raised an issue with tcpdump/ovswitch mirroring
 in the openstack-dev list, but repeat
it here, in the hope that someone can shed some light on what
I need to make this work. I'm using a ubuntu 13.10 qemu-kvm
where I'm running openvswitch 1.10.2.

" I'm following the instructions at
  http://docs.openstack.org/trunk/openstack-ops/content/network_troubleshooting.html

  to set up patch-tun mirrors, but running tcpdump on the "snooper0"
  produces inconsistent results- sometimes, I'm able to get a copy
  of the packet (e.g., the syn packet for ssh below) but not others
  (the tcpdump session did not show any more packets, for example).

  Why is this?

--------------------tcpdump on snooper0-------------------------

root@sowmini-virtual-machine:~/devstack# tcpdump -i snooper0 -xenvv
tcpdump: WARNING: snooper0: no IPv4 address assigned
tcpdump: listening on snooper0, link-type EN10MB (Ethernet), capture
size 65535 bytes
12:15:04.106523 fa:16:3e:1d:eb:b8 > fa:16:3e:e2:be:81, ethertype
802.1Q (0x8100), length 78: vlan 1, p 0, ethertype IPv4, (tos 0x0, ttl
63, id 51325, offset 0, flags [DF], proto TCP (6), length 60)
    192.168.12.41.48975 > 10.0.0.4.22: Flags [S], cksum 0xabdb
(correct), seq 3145500194, win 29200, options [mss 1460,sackOK,TS val
64704095 ecr 0,nop,wscale 7], length 0
        0x0000:  0001 0800 4500 003c c87d 4000 3f06 9c69
        0x0010:  c0a8 0c29 0a00 0004 bf4f 0016 bb7c 8622
        0x0020:  0000 0000 a002 7210 abdb 0000 0204 05b4
        0x0030:  0402 080a 03db 4e5f 0000 0000 0103 0307
12:15:04.109993 fa:16:3e:e2:be:81 > ff:ff:ff:ff:ff:ff, ethertype
802.1Q (0x8100), length 46: vlan 1, p 0, ethertype ARP, Ethernet (len
6), IPv4 (len 4), Request who-has 10.0.0.1 tell 10.0.0.4, length 28
        0x0000:  0001 0806 0001 0800 0604 0001 fa16 3ee2
        0x0010:  be81 0a00 0004 0000 0000 0000 0a00 0001

Re: openvswitch question

[Jesse Gross]

On Thu, Mar 20, 2014 at 3:26 AM, sowmini varadhan <sowmini05@gmail.com> wrote:
> On Wed, Mar 19, 2014 at 9:36 PM, Jesse Gross <jesse@nicira.com> wrote:
> evel/19402
>>
>> From the perspective of the network stack, there is no difference
>> between Open vSwitch internal devices and real NICs so the entry
>> points into the stack are the same.
>
> However, the internal vswitch ports like patch-tun and patch-int
> are not standard net_devices, so they cannot, e.g.,  be tcpdump'ed,
> correct?

Patch ports exist only in userspace in order to avoid multiple
redundant lookups, so, yes, they cannot be tcpdumped.

> FWIW, I've already raised an issue with tcpdump/ovswitch mirroring
>  in the openstack-dev list, but repeat
> it here, in the hope that someone can shed some light on what
> I need to make this work. I'm using a ubuntu 13.10 qemu-kvm
> where I'm running openvswitch 1.10.2.
>
> " I'm following the instructions at
>   http://docs.openstack.org/trunk/openstack-ops/content/network_troubleshooting.html
>
>   to set up patch-tun mirrors, but running tcpdump on the "snooper0"
>   produces inconsistent results- sometimes, I'm able to get a copy
>   of the packet (e.g., the syn packet for ssh below) but not others
>   (the tcpdump session did not show any more packets, for example).
>
>   Why is this?

Mirroring should work. You would have to look at the packets entering
the switch and then trying to look at the flows (using ovs-dpctl
dump-flows and ovs-appctl ofproto/trace) to figure out what is
different.

Re: openvswitch question

[Nicolas Dichtel]

Le 20/03/2014 02:36, Jesse Gross a écrit :
> On Wed, Mar 19, 2014 at 2:44 AM, ratheesh kannoth
> <ratheesh.ksz@gmail.com> wrote:
>> Hi list,
>>
>>
>> openvswitch internal devices are not real nic. So some routine should
>> receive the packet  for this interface. Who is receiving packet for
>> this internal device.
>> I could find a question similar floating without any answer
>> http://comments.gmane.org/gmane.network.openvswitch.devel/19402
>
>  From the perspective of the network stack, there is no difference
> between Open vSwitch internal devices and real NICs so the entry
> points into the stack are the same.

Stop me if I'm wrong, but there may be a difference with netns, the netdevice
can be in a different netns than the ovs port.

Re: openvswitch question

[ratheesh kannoth]

On Fri, Mar 21, 2014 at 3:20 PM, Nicolas Dichtel
<nicolas.dichtel@6wind.com> wrote:
> Stop me if I'm wrong, but there may be a difference with netns, the
> netdevice
> can be in a different netns than the ovs port.

No.  below command show  no name space.

ip netns list

-Ratheesh

Re: openvswitch question

[Nicolas Dichtel]

Le 21/03/2014 16:15, ratheesh kannoth a écrit :
> On Fri, Mar 21, 2014 at 3:20 PM, Nicolas Dichtel
> <nicolas.dichtel@6wind.com> wrote:
>> Stop me if I'm wrong, but there may be a difference with netns, the
>> netdevice
>> can be in a different netns than the ovs port.
>
> No.  below command show  no name space.
>
> ip netns list

Sure, you have to create one first.
But you can start ovs in the current netns and move the interface to another
netns after that.
Then, you will show the ovs port in the initial netns and the network dev in the
other netns.

Re: openvswitch question

[ratheesh kannoth]

On Tue, Mar 25, 2014 at 3:13 PM, Nicolas Dichtel
<nicolas.dichtel@6wind.com> wrote:
> Le 21/03/2014 16:15, ratheesh kannoth a écrit :
>
>> On Fri, Mar 21, 2014 at 3:20 PM, Nicolas Dichtel
>> <nicolas.dichtel@6wind.com> wrote:
>>>
>>> Stop me if I'm wrong, but there may be a difference with netns, the
>>> netdevice
>>> can be in a different netns than the ovs port.

Nicolas,

You are absolutely right.  Thanks a lot. This is only available in
newer version of  openvswitch.

I was working in 2.0.0. I could see the internal device ( switch )
device  using command  "ifconfig".

Yesterday  i git cloned newest version. when i created a new internal
device ( openvswitch switch ),  ifconfig command doesnot list out the
device. http://lists.linuxfoundation.org/pipermail/containers/2007-September/007112.html

-Ratheesh