On 14/11/2015 08:45, Joe Stringer wrote: > On 13 November 2015 at 06:46, Or Gerlitz <gerlitz...@gmail.com> wrote: >> > On Fri, Nov 13, 2015 at 10:14 AM, Joe Stringer <joestrin...@nicira.com> >> > wrote: >> > >>> >> I don't follow the logic. You observed one flow which matched on >>> >> TTL=64, therefore all vxlan packets terminated at OVS have TTL=64? >> > >>> >> If OVS received packets with different TTLs, they would miss and >>> >> ovs-vswitchd would generate flows to match that traffic too. >> > >> > ok, that makes things a bit better, but (see next) >> > >>> >> If that becomes an issue, presumably the wildcard generation can be >>> >> improved. >> > >> > is there a deep reason for vlxan "learned flows" to actually match w >> > or w.o wild cards on TTLs?? for non-tunneled flow I don't see this >> > happening. > No deep reason I'm aware of.
Hi, We looked into the OVS kernel module, and apparently there's a check that rejects new tunnel flows if they don't have the TTL mask set [1]. I was able to trace it to this commit [2] on the OVS tree, but I don't quite understand why the check was added. There was some discussion about the patch on the mailing list [3] that hints this was about catching zero TTL, but it has too little context for me to understand. I'm adding the author and reviewer of the patch, perhaps they can help explain this requirement. Regards, Haggai [1] http://lxr.free-electrons.com/source/net/openvswitch/flow_netlink.c?v=4.3#L660 [2] datapath: More flexible kernel/userspace tunneling attribute. 9b405f1aa8d175dc63ad3ffe5d0fe05d5ee09162 [3] http://openvswitch.org/pipermail/dev/2013-January/024573.html -- To unsubscribe from this list: send the line "unsubscribe netdev" in the body of a message to majord...@vger.kernel.org More majordomo info at http://vger.kernel.org/majordomo-info.html
