How to write rules in neutron (openvswitch) bridges?

Hey guys, I have successfully installed openstack + openvswitch plugin (using devstack). I have assigned my VM floating IP and can ping my VM from outside world and vice versa.

Now I want to write flows (rules using ovs-ofctl) on the openvswitch bridges i.e., br-ex (or br-int). But the problem is that I don't see the ping (from outside world) on my br-ex bridge. (ping is successful)

I have added my physical interface into the br-ex bridge (as a port) and I can see the ping packets being recieved on the physical interface but I don't see the same packets on my br-ex interface (which is weird!).

PS: The br-ex interface does show other traffic such as rip,ARP,SSH etc packets but just not the ping I send.

I'll appreciate any kind of help

Cheers :)

you should never need to that directly. But if you are developing and what to experiment, then it's all here .

darragh-oreilly gravatar imagedarragh-oreilly ( 2013-09-26 07:52:57 -0500 )edit

Problem Solved (br-ex is the bridge to write rules on using simple ovs-ofctl):

Even though br-ex does not show the ping traffic, I can still write rules on it and they will be effective. For example:

In my scenario I was sending a ping from source= to VM (floating IP)= br-ex does not show this traffic but if I write a rule:

ovs-ofctl add-flow br-ex "dl_type=0x0800,nw_src=,nw_dst=,actions=drop"

Then the packets are dropped and the flow's packet count also increases.

