Ask Your Question
0

issue regarding ovs br-int

asked 2014-10-27 08:06:59 -0500

anna_g gravatar image

Hello,

I have a multinode set up with openstack and ovs. I am using gre tunneling for communication between vms in different hosts. When I ping vmA in host A from vmB in host B (vmA and vmB are in the same vlan) I get a normal reply. However if i do a tcpdump -n -i br-int in host A i only see the ARP requests but not the icmp ones. If i do tcpdump -n -i qvoda209351-8a (the interface that the vmA connects to) i see everything normally (both arp and icmp). Can someone tell me why this is happening and how can i make the icmp requests to appear also in br-int?

Thank you Anna

edit retag flag offensive close merge delete

3 answers

Sort by ยป oldest newest most voted
1

answered 2014-10-27 09:30:32 -0500

anna_g gravatar image

thank you for the answer. The reason i am asking this is because i want to mirror the traffic on the br-int and send it to another host. I have tried to mirror all traffic to a gre tunnel ( using the ovs command for mirroring to a gre tunnel) but again i only see the arp requests. Now if i setup a mirror port (snooper) on br-int this logs everything( along with the icmp requests). My issue is how to redirect this traffic from snooper to a gre tunnel to another host (that will run snort). My set up is like this :

Bridge br-int
    fail_mode: secure
    Port patch-tun
        Interface patch-tun
            type: patch
            options: {peer=patch-int}
    Port "qvoe8c77d3e-de"
        tag: 1
        Interface "qvoe8c77d3e-de"
    Port br-int
        Interface br-int
            type: internal
    Port "qvo9370efb0-8f"
        tag: 1
        Interface "qvo9370efb0-8f"
    Port snooper
        Interface snooper
            type: internal
Bridge br-tun
    Port "gre-0a188503"
        Interface "gre-0a188503"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.x.x.x", out_key=flow, remote_ip="10.x.x.x"}
    Port gremirror
        Interface gremirror
            type: gre
            options: {remote_ip="10.x.x.x"}
    Port patch-int
        Interface patch-int
            type: patch
            options: {peer=patch-tun}
    Port "gre-0a188501"
        Interface "gre-0a188501"
            type: gre
            options: {df_default="true", in_key=flow, local_ip="10.x.x.x", out_key=flow, remote_ip="10.x.x.x"}
    Port br-tun
        Interface br-tun
            type: internal

what i wanna do is send the traffic from snooper to gremirror ( i am suspecting it has something to do with adding a flow rule to br-tun but i cant seem to get how)

edit flag offensive delete link more

Comments

did you succeed to do it? How?

yaroni gravatar imageyaroni ( 2015-02-03 04:15:30 -0500 )edit
0

answered 2014-10-27 09:16:51 -0500

bishoy gravatar image

I think br-int is acting like a switch and icmp works in layer 4. you will see only the arp request. you have to dump the interface to see the traffic you pointing too as you did in tcpdump -n -i qvoda209351-8a

edit flag offensive delete link more

Your Answer

Please start posting anonymously - your entry will be published after you log in or create a new account.

Add Answer

Get to know Ask OpenStack

Resources for moderators

Question Tools

1 follower

Stats

Asked: 2014-10-27 08:06:59 -0500

Seen: 373 times

Last updated: Oct 27 '14