Ask Your Question

issue regarding ovs br-int

asked 2014-10-27 08:06:59 -0500

anna_g gravatar image


I have a multinode set up with openstack and ovs. I am using gre tunneling for communication between vms in different hosts. When I ping vmA in host A from vmB in host B (vmA and vmB are in the same vlan) I get a normal reply. However if i do a tcpdump -n -i br-int in host A i only see the ARP requests but not the icmp ones. If i do tcpdump -n -i qvoda209351-8a (the interface that the vmA connects to) i see everything normally (both arp and icmp). Can someone tell me why this is happening and how can i make the icmp requests to appear also in br-int?

Thank you Anna

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted

answered 2014-10-27 09:30:32 -0500

anna_g gravatar image

thank you for the answer. The reason i am asking this is because i want to mirror the traffic on the br-int and send it to another host. I have tried to mirror all traffic to a gre tunnel ( using the ovs command for mirroring to a gre tunnel) but again i only see the arp requests. Now if i setup a mirror port (snooper) on br-int this logs everything( along with the icmp requests). My issue is how to redirect this traffic from snooper to a gre tunnel to another host (that will run snort). My set up is like this :

Bridge br-int
    fail_mode: secure
    Port patch-tun
        Interface patch-tun
            type: patch
            options: {peer=patch-int}
    Port "qvoe8c77d3e-de"
        tag: 1
        Interface "qvoe8c77d3e-de"
    Port br-int
        Interface br-int
            type: internal
    Port "qvo9370efb0-8f"
        tag: 1
        Interface "qvo9370efb0-8f"
    Port snooper
        Interface snooper
            type: internal
Bridge br-tun
    Port "gre-0a188503"
        Interface "gre-0a188503"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.x.x.x", out_key=flow, remote_ip="10.x.x.x"}
    Port gremirror
        Interface gremirror
            type: gre
            options: {remote_ip="10.x.x.x"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
    Port "gre-0a188501"
        Interface "gre-0a188501"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.x.x.x", out_key=flow, remote_ip="10.x.x.x"}
    Port br-tun
        Interface br-tun
            type: internal

what i wanna do is send the traffic from snooper to gremirror ( i am suspecting it has something to do with adding a flow rule to br-tun but i cant seem to get how)

edit flag offensive delete link more


did you succeed to do it? How?

yaroni gravatar imageyaroni ( 2015-02-03 04:15:30 -0500 )edit

answered 2014-10-27 09:16:51 -0500

bishoy gravatar image

I think br-int is acting like a switch and icmp works in layer 4. you will see only the arp request. you have to dump the interface to see the traffic you pointing too as you did in tcpdump -n -i qvoda209351-8a

edit flag offensive delete link more

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower


Asked: 2014-10-27 08:06:59 -0500

Seen: 462 times

Last updated: Oct 27 '14