Open vSwitch
Create instance one
Assign Floating IP
Create instance two
Assign Floating IP
stack@workstation:~$ sudo ovs-vsctl show
1716aa40-cfbf-40d1-84f4-b54f413c956f
Manager "ptcp:6640:127.0.0.1"
is_connected: true
Bridge br-ex
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port phy-br-ex
Interface phy-br-ex
type: patch
options: {peer=int-br-ex}
Port br-ex
Interface br-ex
type: internal
Bridge br-tun
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port patch-int
Interface patch-int
type: patch
options: {peer=patch-tun}
Port br-tun
Interface br-tun
type: internal
Bridge br-int
Controller "tcp:127.0.0.1:6633"
is_connected: true
fail_mode: secure
Port "tap5c877dda-8c"
tag: 3
Interface "tap5c877dda-8c"
type: internal
Port br-int
Interface br-int
type: internal
Port "qg-87472836-0e"
tag: 2
Interface "qg-87472836-0e"
type: internal
Port int-br-ex
Interface int-br-ex
type: patch
options: {peer=phy-br-ex}
Port "qr-1bad49fd-d9"
tag: 1
Interface "qr-1bad49fd-d9"
type: internal
Port "tapd0f0eaf4-be"
tag: 1
Interface "tapd0f0eaf4-be"
type: internal
Port patch-tun
Interface patch-tun
type: patch
options: {peer=patch-int}
Port "qr-846cb383-16"
tag: 1
Interface "qr-846cb383-16"
type: internal
ovs_version: "2.8.1"
stack@workstation:~$stack@workstation:~$ sudo ifconfig
br-ex Link encap:Ethernet HWaddr aa:49:ab:01:f3:44
inet addr:172.24.4.1 Bcast:0.0.0.0 Mask:255.255.255.0
inet6 addr: 2001:db8::2/64 Scope:Global
inet6 addr: fe80::a849:abff:fe01:f344/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:7638 errors:0 dropped:0 overruns:0 frame:0
TX packets:7710 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:886789 (886.7 KB) TX bytes:1097499 (1.0 MB)
enp0s25 Link encap:Ethernet HWaddr b8:ae:ed:73:2a:ba
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:1192416 errors:0 dropped:0 overruns:0 frame:0
TX packets:713888 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:1705663012 (1.7 GB) TX bytes:62408687 (62.4 MB)
Interrupt:20 Memory:f7100000-f7120000
lo Link encap:Local Loopback
inet addr:127.0.0.1 Mask:255.0.0.0
inet6 addr: ::1/128 Scope:Host
UP LOOPBACK RUNNING MTU:65536 Metric:1
RX packets:7147267 errors:0 dropped:0 overruns:0 frame:0
TX packets:7147267 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:12200373662 (12.2 GB) TX bytes:12200373662 (12.2 GB)
virbr0 Link encap:Ethernet HWaddr 00:00:00:00:00:00
inet addr:192.168.122.1 Bcast:192.168.122.255 Mask:255.255.255.0
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
wlp2s0 Link encap:Ethernet HWaddr 34:13:e8:21:92:ec
inet addr:192.168.1.71 Bcast:192.168.1.255 Mask:255.255.255.0
inet6 addr: fe80::6a34:1fbd:ae5e:768c/64 Scope:Link
UP BROADCAST RUNNING MULTICAST MTU:1500 Metric:1
RX packets:5617 errors:0 dropped:0 overruns:0 frame:0
TX packets:5715 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:4751757 (4.7 MB) TX bytes:890182 (890.1 KB)
wlx803f5dc15809 Link encap:Ethernet HWaddr 80:3f:5d:c1:58:09
UP BROADCAST MULTICAST MTU:1500 Metric:1
RX packets:0 errors:0 dropped:0 overruns:0 frame:0
TX packets:0 errors:0 dropped:0 overruns:0 carrier:0
collisions:0 txqueuelen:1000
RX bytes:0 (0.0 B) TX bytes:0 (0.0 B)
stack@workstation:~$stack@workstation:~/devstack$ /sbin/brctl show
bridge name bridge id STP enabled interfaces
qbr0f0b2f1c-fe 8000.5e36ff130537 no qvb0f0b2f1c-fe
tap0f0b2f1c-fe
qbr96ceaf3c-e8 8000.4e9697ab7e66 no qvb96ceaf3c-e8
tap96ceaf3c-e8
virbr0 8000.000000000000 yes
stack@workstation:~/devstack$ ip neigh
172.24.4.3 dev br-ex lladdr fa:16:3e:70:cc:40 REACHABLE
192.168.1.254 dev wlp4s0 FAILED
192.168.1.253 dev enp0s25 lladdr 9e:97:26:26:57:ea STALE
192.168.1.254 dev enp0s25 lladdr 9c:97:26:26:57:ea REACHABLE
172.24.4.11 dev br-ex lladdr fa:16:3e:70:cc:40 STALE
172.24.4.5 dev br-ex lladdr fa:16:3e:70:cc:40 STALE
fe80::b67c:9cff:fe2b:8782 dev wlp4s0 lladdr b4:7c:9c:2b:87:82 STALE
fe80::9e97:26ff:fe26:57ea dev enp0s25 lladdr 9c:97:26:26:57:ea router STALE
fe80::b67c:9cff:fe2b:8782 dev enp0s25 lladdr b4:7c:9c:2b:87:82 STALE
fe80::2921:efcb:40f9:2f84 dev wlp4s0 lladdr b8:27:eb:3d:8f:a1 STALE
fe80::f2d7:aaff:fec2:6875 dev wlp4s0 lladdr f0:d7:aa:c2:68:75 STALE
fe80::2921:efcb:40f9:2f84 dev enp0s25 lladdr b8:27:eb:3d:8f:a1 STALE
fe80::f2d7:aaff:fec2:6875 dev enp0s25 lladdr f0:d7:aa:c2:68:75 STALE
fe80::f816:3eff:fe70:cc40 dev br-ex lladdr fa:16:3e:70:cc:40 STALE
fe80::9e97:26ff:fe26:57ea dev wlp4s0 lladdr 9c:97:26:26:57:ea router STALE
stack@workstation:~/devstack$ ip addr
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP group default qlen 1000
link/ether 54:ee:75:2d:1d:f4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.83/24 brd 192.168.1.255 scope global dynamic enp0s25
valid_lft 77061sec preferred_lft 77061sec
inet6 fe80::5f2f:c360:6bb2:43c2/64 scope link
valid_lft forever preferred_lft forever
3: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP group default qlen 1000
link/ether e8:b1:fc:08:6b:b4 brd ff:ff:ff:ff:ff:ff
inet 192.168.1.79/24 brd 192.168.1.255 scope global dynamic wlp4s0
valid_lft 70414sec preferred_lft 70414sec
inet6 fe80::405a:3e2f:ec17:f58f/64 scope link
valid_lft forever preferred_lft forever
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
inet 192.168.122.1/24 brd 192.168.122.255 scope global virbr0
valid_lft forever preferred_lft forever
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN group default qlen 1000
link/ether 52:54:00:f8:38:e0 brd ff:ff:ff:ff:ff:ff
6: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 5e:15:90:29:49:d5 brd ff:ff:ff:ff:ff:ff
7: br-int: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN group default qlen 1000
link/ether 0e:08:d2:ee:09:4c brd ff:ff:ff:ff:ff:ff
8: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
link/ether 26:c3:f0:08:c0:4f brd ff:ff:ff:ff:ff:ff
inet 172.24.4.1/24 scope global br-ex
valid_lft forever preferred_lft forever
inet6 2001:db8::2/64 scope global
valid_lft forever preferred_lft forever
inet6 fe80::24c3:f0ff:fe08:c04f/64 scope link
valid_lft forever preferred_lft forever
9: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 9a:86:fd:8d:75:4e brd ff:ff:ff:ff:ff:ff
22: qbr0f0b2f1c-fe: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000
link/ether 5e:36:ff:13:05:37 brd ff:ff:ff:ff:ff:ff
23: qvo0f0b2f1c-fe@qvb0f0b2f1c-fe: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP group default qlen 1000
link/ether 02:3a:18:bc:21:5b brd ff:ff:ff:ff:ff:ff
inet6 fe80::3a:18ff:febc:215b/64 scope link
valid_lft forever preferred_lft forever
24: qvb0f0b2f1c-fe@qvo0f0b2f1c-fe: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master qbr0f0b2f1c-fe state UP group default qlen 1000
link/ether 5e:36:ff:13:05:37 brd ff:ff:ff:ff:ff:ff
inet6 fe80::5c36:ffff:fe13:537/64 scope link
valid_lft forever preferred_lft forever
26: tap0f0b2f1c-fe: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master qbr0f0b2f1c-fe state UNKNOWN group default qlen 1000
link/ether fe:16:3e:6e:a4:24 brd ff:ff:ff:ff:ff:ff
27: qbr96ceaf3c-e8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP group default qlen 1000
link/ether 4e:96:97:ab:7e:66 brd ff:ff:ff:ff:ff:ff
28: qvo96ceaf3c-e8@qvb96ceaf3c-e8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP group default qlen 1000
link/ether 72:7f:52:25:bd:a4 brd ff:ff:ff:ff:ff:ff
inet6 fe80::707f:52ff:fe25:bda4/64 scope link
valid_lft forever preferred_lft forever
29: qvb96ceaf3c-e8@qvo96ceaf3c-e8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master qbr96ceaf3c-e8 state UP group default qlen 1000
link/ether 4e:96:97:ab:7e:66 brd ff:ff:ff:ff:ff:ff
inet6 fe80::4c96:97ff:feab:7e66/64 scope link
valid_lft forever preferred_lft forever
30: tap96ceaf3c-e8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master qbr96ceaf3c-e8 state UNKNOWN group default qlen 1000
link/ether fe:16:3e:c6:f1:ca brd ff:ff:ff:ff:ff:ff
stack@workstation:~/devstack$ ip link
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
2: enp0s25: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc pfifo_fast state UP mode DEFAULT group default qlen 1000
link/ether 54:ee:75:2d:1d:f4 brd ff:ff:ff:ff:ff:ff
3: wlp4s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc mq state UP mode DORMANT group default qlen 1000
link/ether e8:b1:fc:08:6b:b4 brd ff:ff:ff:ff:ff:ff
4: virbr0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN mode DEFAULT group default qlen 1000
link/ether 00:00:00:00:00:00 brd ff:ff:ff:ff:ff:ff
5: virbr0-nic: <BROADCAST,MULTICAST> mtu 1500 qdisc pfifo_fast state DOWN mode DEFAULT group default qlen 1000
link/ether 52:54:00:f8:38:e0 brd ff:ff:ff:ff:ff:ff
6: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 5e:15:90:29:49:d5 brd ff:ff:ff:ff:ff:ff
7: br-int: <BROADCAST,MULTICAST> mtu 1450 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 0e:08:d2:ee:09:4c brd ff:ff:ff:ff:ff:ff
8: br-ex: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN mode DEFAULT group default qlen 1000
link/ether 26:c3:f0:08:c0:4f brd ff:ff:ff:ff:ff:ff
9: br-tun: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN mode DEFAULT group default qlen 1000
link/ether 9a:86:fd:8d:75:4e brd ff:ff:ff:ff:ff:ff
22: qbr0f0b2f1c-fe: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 5e:36:ff:13:05:37 brd ff:ff:ff:ff:ff:ff
23: qvo0f0b2f1c-fe@qvb0f0b2f1c-fe: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP mode DEFAULT group default qlen 1000
link/ether 02:3a:18:bc:21:5b brd ff:ff:ff:ff:ff:ff
24: qvb0f0b2f1c-fe@qvo0f0b2f1c-fe: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master qbr0f0b2f1c-fe state UP mode DEFAULT group default qlen 1000
link/ether 5e:36:ff:13:05:37 brd ff:ff:ff:ff:ff:ff
26: tap0f0b2f1c-fe: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master qbr0f0b2f1c-fe state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:16:3e:6e:a4:24 brd ff:ff:ff:ff:ff:ff
27: qbr96ceaf3c-e8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc noqueue state UP mode DEFAULT group default qlen 1000
link/ether 4e:96:97:ab:7e:66 brd ff:ff:ff:ff:ff:ff
28: qvo96ceaf3c-e8@qvb96ceaf3c-e8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master ovs-system state UP mode DEFAULT group default qlen 1000
link/ether 72:7f:52:25:bd:a4 brd ff:ff:ff:ff:ff:ff
29: qvb96ceaf3c-e8@qvo96ceaf3c-e8: <BROADCAST,MULTICAST,PROMISC,UP,LOWER_UP> mtu 1450 qdisc noqueue master qbr96ceaf3c-e8 state UP mode DEFAULT group default qlen 1000
link/ether 4e:96:97:ab:7e:66 brd ff:ff:ff:ff:ff:ff
30: tap96ceaf3c-e8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1450 qdisc pfifo_fast master qbr96ceaf3c-e8 state UNKNOWN mode DEFAULT group default qlen 1000
link/ether fe:16:3e:c6:f1:ca brd ff:ff:ff:ff:ff:ff
stack@workstation:~/devstack$ ip route
default via 192.168.1.254 dev enp0s25 proto static metric 100
default via 192.168.1.254 dev wlp4s0 proto static metric 600
169.254.0.0/16 dev wlp4s0 scope link metric 1000
172.24.4.0/24 dev br-ex proto kernel scope link src 172.24.4.1
192.168.1.0/24 dev enp0s25 proto kernel scope link src 192.168.1.83 metric 100
192.168.1.0/24 dev wlp4s0 proto kernel scope link src 192.168.1.79 metric 600
192.168.122.0/24 dev virbr0 proto kernel scope link src 192.168.122.1 linkdown
stack@workstation:~/devstack$ ip netns
qrouter-d3ffe3ea-2be5-44c6-901c-9a4fd9dc40e9
qdhcp-d80926c2-8088-4921-887e-2b7bdaa9dc52
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 show br-ex
OFPT_FEATURES_REPLY (OF1.3) (xid=0x2): dpid:000026c3f008c04f
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS
OFPST_PORT_DESC reply (OF1.3) (xid=0x3):
1(phy-br-ex): addr:ba:c4:5a:db:fd:4e
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
LOCAL(br-ex): addr:26:c3:f0:08:c0:4f
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (OF1.3) (xid=0x7): frags=normal miss_send_len=0
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 show br-int
OFPT_FEATURES_REPLY (OF1.3) (xid=0x2): dpid:00000e08d2ee094c
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS
OFPST_PORT_DESC reply (OF1.3) (xid=0x3):
1(int-br-ex): addr:e6:b4:e1:2d:58:52
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
2(patch-tun): addr:76:6b:e3:9a:91:e6
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
3(tap0a773b78-86): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
4(qr-bece279d-64): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
5(qg-114a286b-54): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
6(qr-a9dcc10f-32): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
9(qvo0f0b2f1c-fe): addr:02:3a:18:bc:21:5b
config: 0
state: LIVE
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
10(qvo96ceaf3c-e8): addr:72:7f:52:25:bd:a4
config: 0
state: LIVE
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
LOCAL(br-int): addr:0e:08:d2:ee:09:4c
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (OF1.3) (xid=0x7): frags=normal miss_send_len=0
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 show br-tun
OFPT_FEATURES_REPLY (OF1.3) (xid=0x2): dpid:00009a86fd8d754e
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS
OFPST_PORT_DESC reply (OF1.3) (xid=0x3):
1(patch-int): addr:e2:bd:92:2e:d5:ef
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
LOCAL(br-tun): addr:9a:86:fd:8d:75:4e
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (OF1.3) (xid=0x7): frags=normal miss_send_len=0
stack@workstation:~/devstack$
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 show br-tun
OFPT_FEATURES_REPLY (OF1.3) (xid=0x2): dpid:00009a86fd8d754e
n_tables:254, n_buffers:0
capabilities: FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATS QUEUE_STATS
OFPST_PORT_DESC reply (OF1.3) (xid=0x3):
1(patch-int): addr:e2:bd:92:2e:d5:ef
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
LOCAL(br-tun): addr:9a:86:fd:8d:75:4e
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (OF1.3) (xid=0x7): frags=normal miss_send_len=0
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports-desc br-ex
OFPST_PORT_DESC reply (OF1.3) (xid=0x2):
1(phy-br-ex): addr:ba:c4:5a:db:fd:4e
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
LOCAL(br-ex): addr:26:c3:f0:08:c0:4f
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports-desc br-int
OFPST_PORT_DESC reply (OF1.3) (xid=0x2):
1(int-br-ex): addr:e6:b4:e1:2d:58:52
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
2(patch-tun): addr:76:6b:e3:9a:91:e6
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
3(tap0a773b78-86): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
4(qr-bece279d-64): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
5(qg-114a286b-54): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
6(qr-a9dcc10f-32): addr:00:00:00:00:76:08
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
9(qvo0f0b2f1c-fe): addr:02:3a:18:bc:21:5b
config: 0
state: LIVE
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
10(qvo96ceaf3c-e8): addr:72:7f:52:25:bd:a4
config: 0
state: LIVE
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
LOCAL(br-int): addr:0e:08:d2:ee:09:4c
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports-desc br-tun
OFPST_PORT_DESC reply (OF1.3) (xid=0x2):
1(patch-int): addr:e2:bd:92:2e:d5:ef
config: 0
state: LIVE
speed: 0 Mbps now, 0 Mbps max
LOCAL(br-tun): addr:9a:86:fd:8d:75:4e
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports br-ex
OFPST_PORT reply (OF1.3) (xid=0x2): 2 ports
port LOCAL: rx pkts=360154, bytes=20518364, drop=0, errs=0, frame=0, over=0, crc=0
tx pkts=614446, bytes=950505419, drop=0, errs=0, coll=0
duration=7665.808s
port "phy-br-ex": rx pkts=360407, bytes=25588511, drop=?, errs=?, frame=?, over=?, crc=?
tx pkts=614445, bytes=950505246, drop=?, errs=?, coll=?
duration=7495.298s
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports br-int
OFPST_PORT reply (OF1.3) (xid=0x2): 9 ports
port "qvo96ceaf3c-e8": rx pkts=777, bytes=80020, drop=0, errs=0, frame=0, over=0, crc=0
tx pkts=747, bytes=88867, drop=0, errs=0, coll=0
duration=1226.334s
port LOCAL: rx pkts=0, bytes=0, drop=426, errs=0, frame=0, over=0, crc=0
tx pkts=0, bytes=0, drop=0, errs=0, coll=0
duration=7671.449s
port "qvo0f0b2f1c-fe": rx pkts=361094, bytes=25656279, drop=0, errs=0, frame=0, over=0, crc=0
tx pkts=614659, bytes=950531638, drop=0, errs=0, coll=0
duration=5487.561s
port "qg-114a286b-54": rx pkts=614435, bytes=941901743, drop=0, errs=0, frame=0, over=0, crc=0
tx pkts=360174, bytes=25562248, drop=0, errs=0, coll=0
duration=7477.492s
port "int-br-ex": rx pkts=614446, bytes=950505419, drop=?, errs=?, frame=?, over=?, crc=?
tx pkts=360407, bytes=25588511, drop=?, errs=?, coll=?
duration=7500.670s
port "qr-bece279d-64": rx pkts=360939, bytes=20587839, drop=4, errs=0, frame=0, over=0, crc=0
tx pkts=614751, bytes=950540450, drop=0, errs=0, coll=0
duration=7480.963s
port "qr-a9dcc10f-32": rx pkts=90, bytes=7582, drop=5, errs=0, frame=0, over=0, crc=0
tx pkts=130, bytes=15300, drop=0, errs=0, coll=0
duration=7473.695s
port "patch-tun": rx pkts=0, bytes=0, drop=?, errs=?, frame=?, over=?, crc=?
tx pkts=422, bytes=45920, drop=?, errs=?, coll=?
duration=7500.562s
port "tap0a773b78-86": rx pkts=1445, bytes=99559, drop=4, errs=0, frame=0, over=0, crc=0
tx pkts=104, bytes=7478, drop=0, errs=0, coll=0
duration=7490.506s
stack@workstation:~/devstack$
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-ports br-tun
OFPST_PORT reply (OF1.3) (xid=0x2): 2 ports
port LOCAL: rx pkts=0, bytes=0, drop=0, errs=0, frame=0, over=0, crc=0
tx pkts=0, bytes=0, drop=0, errs=0, coll=0
duration=7633.527s
port "patch-int": rx pkts=424, bytes=46156, drop=?, errs=?, frame=?, over=?, crc=?
tx pkts=0, bytes=0, drop=?, errs=?, coll=?
duration=7633.486s
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-flows br-ex
cookie=0x52451daabb7bb184, duration=7612.508s, table=0, n_packets=409763, n_bytes=29025890, priority=4,in_port="phy-br-ex",dl_vlan=2 actions=pop_vlan,NORMAL
cookie=0x52451daabb7bb184, duration=7636.998s, table=0, n_packets=255, n_bytes=28227, priority=2,in_port="phy-br-ex" actions=drop
cookie=0x52451daabb7bb184, duration=7637.020s, table=0, n_packets=700547, n_bytes=1083834985, priority=0 actions=NORMAL
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-flows br-int
cookie=0x61b3bbddd8c8421c, duration=5625.320s, table=0, n_packets=10, n_bytes=860, priority=10,icmp6,in_port="qvo0f0b2f1c-fe",icmp_type=136 actions=goto_table:24
cookie=0x61b3bbddd8c8421c, duration=1366.002s, table=0, n_packets=0, n_bytes=0, priority=10,icmp6,in_port="qvo96ceaf3c-e8",icmp_type=136 actions=goto_table:24
cookie=0x61b3bbddd8c8421c, duration=5625.317s, table=0, n_packets=199, n_bytes=8358, priority=10,arp,in_port="qvo0f0b2f1c-fe" actions=goto_table:24
cookie=0x61b3bbddd8c8421c, duration=1365.997s, table=0, n_packets=55, n_bytes=2310, priority=10,arp,in_port="qvo96ceaf3c-e8" actions=goto_table:24
cookie=0x61b3bbddd8c8421c, duration=7642.436s, table=0, n_packets=25, n_bytes=3339, priority=2,in_port="int-br-ex" actions=drop
cookie=0x61b3bbddd8c8421c, duration=5625.325s, table=0, n_packets=410623, n_bytes=29123690, priority=9,in_port="qvo0f0b2f1c-fe" actions=goto_table:25
cookie=0x61b3bbddd8c8421c, duration=1366.009s, table=0, n_packets=860, n_bytes=90204, priority=9,in_port="qvo96ceaf3c-e8" actions=goto_table:25
cookie=0x61b3bbddd8c8421c, duration=7617.943s, table=0, n_packets=700523, n_bytes=1083831819, priority=3,in_port="int-br-ex",vlan_tci=0x0000/0x1fff actions=push_vlan:0x8100,set_field:4098->vlan_vid,goto_table:60
cookie=0x61b3bbddd8c8421c, duration=7642.639s, table=0, n_packets=1110863, n_bytes=1112920685, priority=0 actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=7642.640s, table=23, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x61b3bbddd8c8421c, duration=5625.323s, table=24, n_packets=1, n_bytes=86, priority=2,icmp6,in_port="qvo0f0b2f1c-fe",icmp_type=136,nd_target=fdf0:e510:5486:0:f816:3eff:fe6e:a424 actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=5625.322s, table=24, n_packets=9, n_bytes=774, priority=2,icmp6,in_port="qvo0f0b2f1c-fe",icmp_type=136,nd_target=fe80::f816:3eff:fe6e:a424 actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=1366.006s, table=24, n_packets=0, n_bytes=0, priority=2,icmp6,in_port="qvo96ceaf3c-e8",icmp_type=136,nd_target=fe80::f816:3eff:fec6:f1ca actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=1366.004s, table=24, n_packets=0, n_bytes=0, priority=2,icmp6,in_port="qvo96ceaf3c-e8",icmp_type=136,nd_target=fdf0:e510:5486:0:f816:3eff:fec6:f1ca actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=5625.319s, table=24, n_packets=199, n_bytes=8358, priority=2,arp,in_port="qvo0f0b2f1c-fe",arp_spa=10.0.0.4 actions=goto_table:25
cookie=0x61b3bbddd8c8421c, duration=1366s, table=24, n_packets=55, n_bytes=2310, priority=2,arp,in_port="qvo96ceaf3c-e8",arp_spa=10.0.0.11 actions=goto_table:25
cookie=0x61b3bbddd8c8421c, duration=7642.635s, table=24, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x61b3bbddd8c8421c, duration=5625.329s, table=25, n_packets=410802, n_bytes=29128800, priority=2,in_port="qvo0f0b2f1c-fe",dl_src=fa:16:3e:6e:a4:24 actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=1366.015s, table=25, n_packets=902, n_bytes=89869, priority=2,in_port="qvo96ceaf3c-e8",dl_src=fa:16:3e:c6:f1:ca actions=goto_table:60
cookie=0x61b3bbddd8c8421c, duration=7642.637s, table=60, n_packets=2224009, n_bytes=2226051885, priority=3 actions=NORMAL
stack@workstation:~/devstack$ sudo ovs-ofctl --protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13,OpenFlow14 dump-flows br-tun
cookie=0x3eb375ce2058e86a, duration=7648.285s, table=0, n_packets=424, n_bytes=46156, priority=1,in_port="patch-int" actions=goto_table:2
cookie=0x3eb375ce2058e86a, duration=7648.283s, table=0, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x3eb375ce2058e86a, duration=7648.281s, table=2, n_packets=14, n_bytes=1020, priority=0,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=goto_table:20
cookie=0x3eb375ce2058e86a, duration=7648.279s, table=2, n_packets=410, n_bytes=45136, priority=0,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=goto_table:22
cookie=0x3eb375ce2058e86a, duration=7648.277s, table=3, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x3eb375ce2058e86a, duration=7637.907s, table=4, n_packets=0, n_bytes=0, priority=1,tun_id=0x2b actions=push_vlan:0x8100,set_field:4097->vlan_vid,goto_table:10
cookie=0x3eb375ce2058e86a, duration=7648.275s, table=4, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x3eb375ce2058e86a, duration=7648.273s, table=6, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x3eb375ce2058e86a, duration=7648.271s, table=10, n_packets=0, n_bytes=0, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,cookie=0x3eb375ce2058e86a,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:OXM_OF_IN_PORT[]),output:"patch-int"
cookie=0x3eb375ce2058e86a, duration=7648.267s, table=20, n_packets=14, n_bytes=1020, priority=0 actions=goto_table:22
cookie=0x3eb375ce2058e86a, duration=7648.265s, table=22, n_packets=424, n_bytes=46156, priority=0 actions=drop
stack@workstation:~/devstack$ sudo iptables --line-numbers -L -nv -t filter
Chain INPUT (policy ACCEPT 435K packets, 1046M bytes)
num pkts bytes target prot opt in out source destination
1 2269K 9677M neutron-openvswi-INPUT all -- * * 0.0.0.0/0 0.0.0.0/0
2 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:53
3 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:53
4 0 0 ACCEPT udp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 udp dpt:67
5 0 0 ACCEPT tcp -- virbr0 * 0.0.0.0/0 0.0.0.0/0 tcp dpt:67
Chain FORWARD (policy ACCEPT 416K packets, 413M bytes)
num pkts bytes target prot opt in out source destination
1 2236K 2206M neutron-filter-top all -- * * 0.0.0.0/0 0.0.0.0/0
2 2236K 2206M neutron-openvswi-FORWARD all -- * * 0.0.0.0/0 0.0.0.0/0
3 0 0 ACCEPT all -- * virbr0 0.0.0.0/0 192.168.122.0/24 ctstate RELATED,ESTABLISHED
4 0 0 ACCEPT all -- virbr0 * 192.168.122.0/24 0.0.0.0/0
5 0 0 ACCEPT all -- virbr0 virbr0 0.0.0.0/0 0.0.0.0/0
6 0 0 REJECT all -- * virbr0 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
7 0 0 REJECT all -- virbr0 * 0.0.0.0/0 0.0.0.0/0 reject-with icmp-port-unreachable
Chain OUTPUT (policy ACCEPT 434K packets, 1042M bytes)
num pkts bytes target prot opt in out source destination
1 2261K 9630M neutron-filter-top all -- * * 0.0.0.0/0 0.0.0.0/0
2 2261K 9630M neutron-openvswi-OUTPUT all -- * * 0.0.0.0/0 0.0.0.0/0
3 0 0 ACCEPT udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68
Chain neutron-filter-top (2 references)
num pkts bytes target prot opt in out source destination
1 4497K 12G neutron-openvswi-local all -- * * 0.0.0.0/0 0.0.0.0/0
Chain neutron-openvswi-FORWARD (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap0a773b78-86 --physdev-is-bridged /* Accept all packets when port is trusted. */
2 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tapbece279d-64 --physdev-is-bridged /* Accept all packets when port is trusted. */
3 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap114a286b-54 --physdev-is-bridged /* Accept all packets when port is trusted. */
4 0 0 ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tapa9dcc10f-32 --physdev-is-bridged /* Accept all packets when port is trusted. */
5 704K 1080M neutron-openvswi-sg-chain all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap0f0b2f1c-fe --physdev-is-bridged /* Direct traffic from the VM interface to the security group chain. */
6 413K 23M neutron-openvswi-sg-chain all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap0f0b2f1c-fe --physdev-is-bridged /* Direct traffic from the VM interface to the security group chain. */
7 807 83745 neutron-openvswi-sg-chain all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap96ceaf3c-e8 --physdev-is-bridged /* Direct traffic from the VM interface to the security group chain. */
8 855 76457 neutron-openvswi-sg-chain all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap96ceaf3c-e8 --physdev-is-bridged /* Direct traffic from the VM interface to the security group chain. */
Chain neutron-openvswi-INPUT (1 references)
num pkts bytes target prot opt in out source destination
1 0 0 neutron-openvswi-o0f0b2f1c-f all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap0f0b2f1c-fe --physdev-is-bridged /* Direct incoming traffic from VM to the security group chain. */
2 0 0 neutron-openvswi-o96ceaf3c-e all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap96ceaf3c-e8 --physdev-is-bridged /* Direct incoming traffic from VM to the security group chain. */
Chain neutron-openvswi-OUTPUT (1 references)
num pkts bytes target prot opt in out source destination
Chain neutron-openvswi-i0f0b2f1c-f (1 references)
num pkts bytes target prot opt in out source destination
1 704K 1080M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED /* Direct packets associated with a known session to the RETURN chain. */
2 2 727 RETURN udp -- * * 0.0.0.0/0 10.0.0.4 udp spt:67 dpt:68
3 0 0 RETURN udp -- * * 0.0.0.0/0 255.255.255.255 udp spt:67 dpt:68
4 13 852 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 match-set NIPv44c10ca24-b903-48ec-a1c5- src
5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID /* Drop packets that appear related to an existing connection (e.g. TCP ACK/FIN) but do not have an entry in conntrack. */
6 2 648 neutron-openvswi-sg-fallback all -- * * 0.0.0.0/0 0.0.0.0/0 /* Send unmatched traffic to the fallback chain. */
Chain neutron-openvswi-i96ceaf3c-e (1 references)
num pkts bytes target prot opt in out source destination
1 801 82793 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED /* Direct packets associated with a known session to the RETURN chain. */
2 2 728 RETURN udp -- * * 0.0.0.0/0 10.0.0.11 udp spt:67 dpt:68
3 0 0 RETURN udp -- * * 0.0.0.0/0 255.255.255.255 udp spt:67 dpt:68
4 4 224 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 match-set NIPv44c10ca24-b903-48ec-a1c5- src
5 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID /* Drop packets that appear related to an existing connection (e.g. TCP ACK/FIN) but do not have an entry in conntrack. */
6 0 0 neutron-openvswi-sg-fallback all -- * * 0.0.0.0/0 0.0.0.0/0 /* Send unmatched traffic to the fallback chain. */
Chain neutron-openvswi-local (1 references)
num pkts bytes target prot opt in out source destination
Chain neutron-openvswi-o0f0b2f1c-f (2 references)
num pkts bytes target prot opt in out source destination
1 2 656 RETURN udp -- * * 0.0.0.0 255.255.255.255 udp spt:68 dpt:67 /* Allow DHCP client traffic. */
2 413K 23M neutron-openvswi-s0f0b2f1c-f all -- * * 0.0.0.0/0 0.0.0.0/0
3 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67 /* Allow DHCP client traffic. */
4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 /* Prevent DHCP Spoofing by VM. */
5 412K 23M RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED /* Direct packets associated with a known session to the RETURN chain. */
6 964 61386 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID /* Drop packets that appear related to an existing connection (e.g. TCP ACK/FIN) but do not have an entry in conntrack. */
8 0 0 neutron-openvswi-sg-fallback all -- * * 0.0.0.0/0 0.0.0.0/0 /* Send unmatched traffic to the fallback chain. */
Chain neutron-openvswi-o96ceaf3c-e (2 references)
num pkts bytes target prot opt in out source destination
1 2 648 RETURN udp -- * * 0.0.0.0 255.255.255.255 udp spt:68 dpt:67 /* Allow DHCP client traffic. */
2 853 75809 neutron-openvswi-s96ceaf3c-e all -- * * 0.0.0.0/0 0.0.0.0/0
3 0 0 RETURN udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:68 dpt:67 /* Allow DHCP client traffic. */
4 0 0 DROP udp -- * * 0.0.0.0/0 0.0.0.0/0 udp spt:67 dpt:68 /* Prevent DHCP Spoofing by VM. */
5 813 73258 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED /* Direct packets associated with a known session to the RETURN chain. */
6 40 2551 RETURN all -- * * 0.0.0.0/0 0.0.0.0/0
7 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 state INVALID /* Drop packets that appear related to an existing connection (e.g. TCP ACK/FIN) but do not have an entry in conntrack. */
8 0 0 neutron-openvswi-sg-fallback all -- * * 0.0.0.0/0 0.0.0.0/0 /* Send unmatched traffic to the fallback chain. */
Chain neutron-openvswi-s0f0b2f1c-f (1 references)
num pkts bytes target prot opt in out source destination
1 413K 23M RETURN all -- * * 10.0.0.4 0.0.0.0/0 MAC FA:16:3E:6E:A4:24 /* Allow traffic from defined IP/MAC pairs. */
2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Drop traffic without an IP/MAC allow rule. */
Chain neutron-openvswi-s96ceaf3c-e (1 references)
num pkts bytes target prot opt in out source destination
1 853 75809 RETURN all -- * * 10.0.0.11 0.0.0.0/0 MAC FA:16:3E:C6:F1:CA /* Allow traffic from defined IP/MAC pairs. */
2 0 0 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Drop traffic without an IP/MAC allow rule. */
Chain neutron-openvswi-sg-chain (4 references)
num pkts bytes target prot opt in out source destination
1 704K 1080M neutron-openvswi-i0f0b2f1c-f all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap0f0b2f1c-fe --physdev-is-bridged /* Jump to the VM specific chain. */
2 413K 23M neutron-openvswi-o0f0b2f1c-f all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap0f0b2f1c-fe --physdev-is-bridged /* Jump to the VM specific chain. */
3 807 83745 neutron-openvswi-i96ceaf3c-e all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-out tap96ceaf3c-e8 --physdev-is-bridged /* Jump to the VM specific chain. */
4 855 76457 neutron-openvswi-o96ceaf3c-e all -- * * 0.0.0.0/0 0.0.0.0/0 PHYSDEV match --physdev-in tap96ceaf3c-e8 --physdev-is-bridged /* Jump to the VM specific chain. */
5 1120K 1103M ACCEPT all -- * * 0.0.0.0/0 0.0.0.0/0
Chain neutron-openvswi-sg-fallback (4 references)
num pkts bytes target prot opt in out source destination
1 22 2256 DROP all -- * * 0.0.0.0/0 0.0.0.0/0 /* Default drop rule for unmatched traffic. */
stack@workstation:~/devstack$ sudo iptables --line-numbers -L -nv -t nat
Chain PREROUTING (policy ACCEPT 1005 packets, 71535 bytes)
num pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 36 packets, 7279 bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 9252 packets, 565K bytes)
num pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 9998 packets, 615K bytes)
num pkts bytes target prot opt in out source destination
1 20 2077 RETURN all -- * * 192.168.122.0/24 224.0.0.0/24
2 0 0 RETURN all -- * * 192.168.122.0/24 255.255.255.255
3 0 0 MASQUERADE tcp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
4 0 0 MASQUERADE udp -- * * 192.168.122.0/24 !192.168.122.0/24 masq ports: 1024-65535
5 0 0 MASQUERADE all -- * * 192.168.122.0/24 !192.168.122.0/24
6 203 12594 MASQUERADE all -- * enp0s25 172.24.4.0/24 0.0.0.0/0
7 0 0 MASQUERADE all -- * wlp4s0 172.24.4.0/24 0.0.0.0/0
stack@workstation:~/devstack$ sudo iptables --line-numbers -L -nv -t mangle
Chain PREROUTING (policy ACCEPT 4978K packets, 13G bytes)
num pkts bytes target prot opt in out source destination
Chain INPUT (policy ACCEPT 2740K packets, 10G bytes)
num pkts bytes target prot opt in out source destination
Chain FORWARD (policy ACCEPT 2238K packets, 2209M bytes)
num pkts bytes target prot opt in out source destination
Chain OUTPUT (policy ACCEPT 2558K packets, 9690M bytes)
num pkts bytes target prot opt in out source destination
Chain POSTROUTING (policy ACCEPT 4796K packets, 12G bytes)
num pkts bytes target prot opt in out source destination
1 0 0 CHECKSUM udp -- * virbr0 0.0.0.0/0 0.0.0.0/0 udp dpt:68 CHECKSUM fill
stack@workstation:~/devstack$ sudo ebtables -t filter -L
Bridge table: filter
Bridge chain: INPUT, entries: 0, policy: ACCEPT
Bridge chain: FORWARD, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
stack@workstation:~/devstack$ sudo ebtables -t nat -L
Bridge table: nat
Bridge chain: PREROUTING, entries: 0, policy: ACCEPT
Bridge chain: OUTPUT, entries: 0, policy: ACCEPT
Bridge chain: POSTROUTING, entries: 0, policy: ACCEPT
stack@workstation:~/devstack$ sudo ebtables -t broute -L
Bridge table: broute
Bridge chain: BROUTING, entries: 0, policy: ACCEPT
stack@workstation:~/devstack$Last updated