From: Ben Pfaff Date: Wed, 11 Jul 2012 07:54:53 +0000 (-0700) Subject: FAQ: Add FAQ entry about flow normalization. X-Git-Url: https://pintos-os.org/cgi-bin/gitweb.cgi?a=commitdiff_plain;h=5cb2356b599a1697825419cf4b7dda81ff07d517;p=openvswitch FAQ: Add FAQ entry about flow normalization. Signed-off-by: Ben Pfaff --- diff --git a/FAQ b/FAQ index 7f3a784f..a6dd5682 100644 --- a/FAQ +++ b/FAQ @@ -489,6 +489,37 @@ Q: My OpenFlow controller doesn't see the VLANs that I expect. A: See answer under "VLANs", above. +Q: I ran "ovs-ofctl add-flow br0 nw_dst=192.168.0.1,actions=drop" + but I got a funny message like this: + + ofp_util|INFO|normalization changed ofp_match, details: + ofp_util|INFO| pre: nw_dst=192.168.0.1 + ofp_util|INFO|post: + + and when I ran "ovs-ofctl dump-flows br0" I saw that my nw_dst + match had disappeared, so that the flow ends up matching every + packet. + +A: The term "normalization" in the log message means that a flow + cannot match on an L3 field without saying what L3 protocol is in + use. The "ovs-ofctl" command above didn't specify an L3 protocol, + so the L3 field match was dropped. + + In this case, the L3 protocol could be IP or ARP. A correct + command for each possibility is, respectively: + + ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop + + and + + ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop + + Similarly, a flow cannot match on an L4 field without saying what + L4 protocol is in use. For example, the flow match "tp_src=1234" + is, by itself, meaningless and will be ignored. Instead, to match + TCP source port 1234, write "tcp,tp_src=1234", or to match UDP + source port 1234, write "udp,tp_src=1234". + Contact -------