Ask Your Question

SFC not working in Ocata

asked 2018-08-29 06:40:10 -0500

Dhopu gravatar image

I have a Ocata set up (not devstack) with SFC installed. I am trying to set up SFC with 3 VM'S, all on same subnet VM1 - VM2 - VM3. I am able to ping VM1 to VM3. With SFC I want to steer the traffic to VM2. But as VM2 does not have any SFC function, it will drop the packet. Consequently, with SFC, my ping from VM1 to VM3 should fail. I executed the following commands:

**ports of VM2

neutron port-pair-create --ingress 9c9d9f1d-d381-4125-941b-e6adff797331 --egress 4e5e3179-8ef3-48e0-a537-b653ccd7a8db PP1

neutron port-pair-group-create --port-pair PP1 PPG1

**source port of VM1 and destination port of VM3

neutron flow-classifier-create --ethertype IPv4 --logical-source-port 5a26fdbe-38f6-4389-b6aa-ef08c4646cca --logical-destination-port 197383c0-5c07-4de6-b025-f5f06cbffae6 --protocol icmp FC1

neutron port-chain-create create --port-pair-group PPG1 --flow-classifier FC1 PC1

But I am still able to ping VM3 from VM1? What is wrong? How do I investigate whether the flow classifier is correctly set? Does SFC work if the 2 VM's are on the same host and in the same subnet?

edit retag flag offensive close merge delete

1 answer

Sort by ยป oldest newest most voted

answered 2018-09-12 20:45:47 -0500

hoangphuoc gravatar image

Hi, you have to create the chain with the same network. You also need to enable packet forwarding by setting "net.ipv4.ip_forward=1".

Hope that can help you.

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2018-08-29 06:40:10 -0500

Seen: 12 times

Last updated: Sep 12