CODEWITHSUNDEEP
namespacesopenvswitchvxlan
light_rain
light_rain

Reputation: 1

ARP issues in cross-host namespace interaction based on ovs_openflow

I'm trying to build connectivity between linux namespaces on different hosts. Here's my network topology.
topo Here's the scripts to build this topo.
hostA:

ovs-vsctl add-br ovs1
ifconfig ovs1 up
ip netns add ns1
ip link add veth1 type veth peer veth2
ip link set veth2 netns ns1
ip netns exec ns1 ifconfig veth2 10.1.1.1/24 up
ifconfig veth1 up
ovs-vsctl add-port ovs1 vxlan0 -- set interface vxlan0 type=vxlan options:key=flow options:remote_ip=flow
ip netns exec ns1 ifconfig lo up

hostB:

ovs-vsctl add-br ovs1
ifconfig ovs1 up
ip netns add ns1
ip link add veth1 type veth peer veth2
ip link set veth2 netns ns1
ip netns exec ns1 ifconfig veth2 10.1.1.2/24 up
ifconfig veth1 up
ovs-vsctl add-port ovs1 vxlan0 -- set interface vxlan0 type=vxlan options:key=flow options:remote_ip=flow
ip netns exec ns1 ifconfig lo up

I want to use openflow to realize the VXLAN. Here's the openflow settings.
hostA, remember to change the tun_dst ip address to you machine's ip address:

ovs-ofctl add-flow ovs1 "table=0, priority=100,ip,nw_dst=10.1.1.2/32, actions=set_field:192.168.31.182->tun_dst,normal"

hostB:

ovs-ofctl add-flow ovs1 "table=0, priority=100,ip,nw_src=10.1.1.1/32, actions=set_field:192.168.31.181->tun_dst,normal"

But the two ns can't ping each other because the arp request can't reach to each other. So I make the arp request in the vxlan packet.
hostA:

ovs-ofctl add-flow ovs1 "table=0, priority=200, arp, arp_op=1, actions=set_field:192.168.31.182->tun_dst,normal"
ovs-ofctl add-flow ovs1 "table=0, priority=200, arp, arp_op=2, actions=set_field:192.168.31.182->tun_dst,normal"

hostB:

ovs-ofctl add-flow ovs1 "table=0, priority=200, arp, arp_op=1, actions=set_field:192.168.31.181->tun_dst,normal"
ovs-ofctl add-flow ovs1 "table=0, priority=200, arp, arp_op=2, actions=set_field:192.168.31.181->tun_dst,normal"

Then on hostA ip netns exec ns1 ping 10.1.1.2 works.

But my question is why this works properly? I think the openflow rules which matches arp may result in something like a cycle. When arp request arrives in hostB, B's openflow rule will pack the arp request in a VXLAN packet and then send back to hostA. The circle will not stop? But I use tshark to capture the packets and didn't see anything like this. How to explain it?
And I also wonder, to solve the arp problems, is there any other solution?

Upvotes: 0

Views: 56

Answers (0)

Related Questions