※この記事は「AOS 7.0.xx」時点の情報をもとに作成しています。その後の機能アップデートについてはメーカーの公開情報をご確認ください。
この記事は、AHVにおけるOVSのブリッジチェーンの中身を確認する連載シリーズです。各記事には以下のリンクからアクセスできます。
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認① アップリンクの確認
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認② ブリッジチェーンの確認
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認③ ブリッジチェーンの解説
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認④ MACアドレステーブルの確認
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認⑤ Flowテーブルの確認
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認⑥ br0ブリッジで通信が処理される仕組み
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認⑦ ブリッジチェーンのFlowテーブルを確認
- 【AOS 7.0】Nutanix AHVの仮想スイッチを確認⑧ br0.localのFlowテーブル
前回の記事では、Nutanix AHVの仮想スイッチを構成するOVSで、br0ブリッジ内での通信処理の仕組みを確認しました。今回は、br0だけでなく、その他のブリッジの情報も確認してみます。
目次
1.今回の環境
3ノードAHVクラスタ
AOS: 7.0.1
AHV: 10.0.1
Prism Central: pc.2024.3.1.1
test-VM: Windows Server 2022
環境は以下のイメージで、一般的なNutanixの3ノードクラスタです。
イメージとしては、ノード上に作成している仮想マシンの通信経路となる▽このあたりの話です。
2. 各ブリッジのFlowテーブルの確認
「br.dmx」ブリッジ
br.dmxブリッジのFlowテーブルは以下の通りです。
[root@ahv-01 ~]# ovs-ofctl dump-flows br.dmx
cookie=0x0, duration=873998.034s, table=0, n_packets=319411955, n_bytes=160151019571, priority=31,in_port="br.dmx.u" actions=learn(table="flow_table_32768",hard_timeout=300,priority=31,NXM_NX_PKT_MARK[0..7],NXM_OF_ETH_DST=NXM_OF_ETH_SRC,NXM_OF_VLAN_TCI[0..11],load:0x1->NXM_NX_REG0),resubmit(,"flow_table_32768"),resubmit(,2)
cookie=0x0, duration=873998.032s, table=0, n_packets=343652216, n_bytes=150880945477, priority=31,in_port="br.dmx.d.br0" actions=load:0->NXM_NX_PKT_MARK,learn(table="flow_table_32768",hard_timeout=300,priority=31,NXM_NX_PKT_MARK[0..7],NXM_OF_ETH_DST=NXM_OF_ETH_SRC,NXM_OF_VLAN_TCI[0..11],load:0x2->NXM_NX_REG0),output:"br.dmx.u"
cookie=0x0, duration=873999.082s, table=0, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x0, duration=873998.034s, table=0, n_packets=0, n_bytes=0, priority=30 actions=drop
cookie=0x0, duration=859898.898s, table="flow_table_32768", n_packets=29, n_bytes=9946, priority=34,pkt_mark=0/0xff,udp,vlan_tci=0x089d/0x0fff,dl_src=50:6b:8d:c3:d5:32,dl_dst=ff:ff:ff:ff:ff:ff,tp_dst=67 actions=load:0x2->NXM_NX_REG0
~~~~中略~~~~
cookie=0x0, duration=873998.032s, table=2, n_packets=0, n_bytes=0, priority=32,pkt_mark=0/0xff,arp,reg0=0x1 actions=IN_PORT,output:"br.dmx.d.br0"
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=31,reg0=0x1 actions=IN_PORT
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=31,reg0=0x3 actions=drop
cookie=0x0, duration=873998.033s, table=2, n_packets=102684, n_bytes=4755496, priority=31,pkt_mark=0/0xff,reg0=0 actions=IN_PORT,output:"br.dmx.d.br0"
cookie=0x0, duration=873998.032s, table=2, n_packets=319309271, n_bytes=160146264075, priority=31,pkt_mark=0/0xff,reg0=0x2 actions=output:"br.dmx.d.br0"
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=30 actions=drop
cookie=0x0, duration=873998.034s, table=0, n_packets=319411955, n_bytes=160151019571, priority=31,in_port="br.dmx.u" actions=learn(table="flow_table_32768",hard_timeout=300,priority=31,NXM_NX_PKT_MARK[0..7],NXM_OF_ETH_DST=NXM_OF_ETH_SRC,NXM_OF_VLAN_TCI[0..11],load:0x1->NXM_NX_REG0),resubmit(,"flow_table_32768"),resubmit(,2)
cookie=0x0, duration=873998.032s, table=0, n_packets=343652216, n_bytes=150880945477, priority=31,in_port="br.dmx.d.br0" actions=load:0->NXM_NX_PKT_MARK,learn(table="flow_table_32768",hard_timeout=300,priority=31,NXM_NX_PKT_MARK[0..7],NXM_OF_ETH_DST=NXM_OF_ETH_SRC,NXM_OF_VLAN_TCI[0..11],load:0x2->NXM_NX_REG0),output:"br.dmx.u"
cookie=0x0, duration=873999.082s, table=0, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x0, duration=873998.034s, table=0, n_packets=0, n_bytes=0, priority=30 actions=drop
cookie=0x0, duration=859898.898s, table="flow_table_32768", n_packets=29, n_bytes=9946, priority=34,pkt_mark=0/0xff,udp,vlan_tci=0x089d/0x0fff,dl_src=50:6b:8d:c3:d5:32,dl_dst=ff:ff:ff:ff:ff:ff,tp_dst=67 actions=load:0x2->NXM_NX_REG0
~~~~中略~~~~
cookie=0x0, duration=873998.032s, table=2, n_packets=0, n_bytes=0, priority=32,pkt_mark=0/0xff,arp,reg0=0x1 actions=IN_PORT,output:"br.dmx.d.br0"
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=31,reg0=0x1 actions=IN_PORT
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=31,reg0=0x3 actions=drop
cookie=0x0, duration=873998.033s, table=2, n_packets=102684, n_bytes=4755496, priority=31,pkt_mark=0/0xff,reg0=0 actions=IN_PORT,output:"br.dmx.d.br0"
cookie=0x0, duration=873998.032s, table=2, n_packets=319309271, n_bytes=160146264075, priority=31,pkt_mark=0/0xff,reg0=0x2 actions=output:"br.dmx.d.br0"
cookie=0x0, duration=873998.033s, table=2, n_packets=0, n_bytes=0, priority=30 actions=drop
▽表で表現するとこんな感じです。
このブリッジでは、「table=0」で学習しつつ、別のポートに転送したり、table=2に送信して、別のポートに送信したり破棄したりしていますね。学習した情報に対して、レジスタに特定の値をロードしたりしているようです。なお、「MACアドレステーブルは白紙でした。
「br.nf」ブリッジ
br.nfブリッジのFlowテーブルは以下の通りです。
[root@ahv-01 ~]# ovs-ofctl dump-flows br.nf
cookie=0x0, duration=876757.784s, table=0, n_packets=320403712, n_bytes=160587747136, priority=11,in_port="br.nf.u" actions=load:0x2->NXM_NX_REG6,resubmit(,10)
cookie=0x0, duration=876757.783s, table=0, n_packets=344866220, n_bytes=151346989892, priority=11,in_port="br.nf.d" actions=load:0x1->NXM_NX_REG6,resubmit(,10)
cookie=0x0, duration=880317.056s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
cookie=0x0, duration=876757.783s, table=0, n_packets=0, n_bytes=0, priority=10 actions=drop
cookie=0x0, duration=873147.758s, table=1, n_packets=0, n_bytes=0, priority=12,vlan_tci=0x0000/0x0fff,dl_src=50:6b:8d:96:c5:eb actions=load:0x200->NXM_NX_PKT_MARK
cookie=0x0, duration=862658.627s, table=1, n_packets=0, n_bytes=0, priority=12,vlan_tci=0x089d/0x0fff,dl_src=50:6b:8d:c3:d5:32 actions=load:0x300->NXM_NX_PKT_MARK
cookie=0x0, duration=874250.184s, table=1, n_packets=0, n_bytes=0, priority=11,vlan_tci=0x0000/0x0fff actions=load:0->NXM_NX_PKT_MARK
cookie=0x0, duration=874193.318s, table=1, n_packets=0, n_bytes=0, priority=11,vlan_tci=0x089d/0x0fff actions=load:0->NXM_NX_PKT_MARK
cookie=0x0, duration=876757.783s, table=1, n_packets=0, n_bytes=0, priority=10 actions=exit
cookie=0x0, duration=876757.782s, table=10, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,12)
cookie=0x0, duration=876757.782s, table=11, n_packets=0, n_bytes=0, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.782s, table=12, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.782s, table=13, n_packets=0, n_bytes=0, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.781s, table=20, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,21)
cookie=0x0, duration=876757.781s, table=21, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,40)
cookie=0x0, duration=876757.781s, table=40, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,50)
cookie=0x0, duration=876757.781s, table=50, n_packets=320403712, n_bytes=160587747136, priority=11,in_port="br.nf.u" actions=output:"br.nf.d"
cookie=0x0, duration=876757.781s, table=50, n_packets=344866220, n_bytes=151346989892, priority=11,in_port="br.nf.d" actions=output:"br.nf.u"
cookie=0x0, duration=876757.781s, table=50, n_packets=0, n_bytes=0, priority=10 actions=drop
cookie=0x0, duration=876757.784s, table=0, n_packets=320403712, n_bytes=160587747136, priority=11,in_port="br.nf.u" actions=load:0x2->NXM_NX_REG6,resubmit(,10)
cookie=0x0, duration=876757.783s, table=0, n_packets=344866220, n_bytes=151346989892, priority=11,in_port="br.nf.d" actions=load:0x1->NXM_NX_REG6,resubmit(,10)
cookie=0x0, duration=880317.056s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
cookie=0x0, duration=876757.783s, table=0, n_packets=0, n_bytes=0, priority=10 actions=drop
cookie=0x0, duration=873147.758s, table=1, n_packets=0, n_bytes=0, priority=12,vlan_tci=0x0000/0x0fff,dl_src=50:6b:8d:96:c5:eb actions=load:0x200->NXM_NX_PKT_MARK
cookie=0x0, duration=862658.627s, table=1, n_packets=0, n_bytes=0, priority=12,vlan_tci=0x089d/0x0fff,dl_src=50:6b:8d:c3:d5:32 actions=load:0x300->NXM_NX_PKT_MARK
cookie=0x0, duration=874250.184s, table=1, n_packets=0, n_bytes=0, priority=11,vlan_tci=0x0000/0x0fff actions=load:0->NXM_NX_PKT_MARK
cookie=0x0, duration=874193.318s, table=1, n_packets=0, n_bytes=0, priority=11,vlan_tci=0x089d/0x0fff actions=load:0->NXM_NX_PKT_MARK
cookie=0x0, duration=876757.783s, table=1, n_packets=0, n_bytes=0, priority=10 actions=exit
cookie=0x0, duration=876757.782s, table=10, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,12)
cookie=0x0, duration=876757.782s, table=11, n_packets=0, n_bytes=0, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.782s, table=12, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.782s, table=13, n_packets=0, n_bytes=0, priority=10 actions=resubmit(,20)
cookie=0x0, duration=876757.781s, table=20, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,21)
cookie=0x0, duration=876757.781s, table=21, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,40)
cookie=0x0, duration=876757.781s, table=40, n_packets=665269932, n_bytes=311934737028, priority=10 actions=resubmit(,50)
cookie=0x0, duration=876757.781s, table=50, n_packets=320403712, n_bytes=160587747136, priority=11,in_port="br.nf.u" actions=output:"br.nf.d"
cookie=0x0, duration=876757.781s, table=50, n_packets=344866220, n_bytes=151346989892, priority=11,in_port="br.nf.d" actions=output:"br.nf.u"
cookie=0x0, duration=876757.781s, table=50, n_packets=0, n_bytes=0, priority=10 actions=drop
▽表で表現するとこんな感じです。
このブリッジでは、入力ポートに基いて、レジスタに値をロードしながら、別のポートに転送しているようですね。こちらもMACアドレステーブルは白紙でした。「table=0」→「table=1」へのパスがないので、「table=1」の処理がいつ適用されるのか不明ですね。
「br.microseg」ブリッジ
br.microsegブリッジのFlowテーブルは以下の通りです。
[root@ahv-01 ~]# ovs-ofctl dump-flows br.microseg
cookie=0x0, duration=878625.115s, table=0, n_packets=321082328, n_bytes=160947382900, priority=10,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.115s, table=0, n_packets=345625390, n_bytes=151660948379, priority=10,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=882184.338s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
cookie=0x0, duration=878625.115s, table=1, n_packets=0, n_bytes=0, priority=100,ct_mark=0x1,ip actions=drop
cookie=0x0, duration=878625.114s, table=1, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,10)
cookie=0x0, duration=878625.114s, table=10, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,12)
cookie=0x0, duration=878625.114s, table=11, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=12, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,20)
cookie=0x0, duration=878625.113s, table=13, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=20, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,30)
cookie=0x0, duration=878625.113s, table=21, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=22, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,23)
cookie=0x0, duration=878625.113s, table=23, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,100)
cookie=0x0, duration=878625.113s, table=30, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,32)
cookie=0x0, duration=878625.112s, table=31, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=32, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,35)
cookie=0x0, duration=878625.112s, table=33, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=35, n_packets=0, n_bytes=0, priority=10,ip actions=load:0x1->OXM_OF_METADATA[1],resubmit(,36)
cookie=0x0, duration=878625.112s, table=36, n_packets=0, n_bytes=0, priority=10,ip actions=load:0->OXM_OF_METADATA[1],resubmit(,40)
cookie=0x0, duration=878625.112s, table=40, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,42)
cookie=0x0, duration=878625.112s, table=41, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=42, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,50)
cookie=0x0, duration=878625.112s, table=43, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=50, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,51)
cookie=0x0, duration=878625.111s, table=51, n_packets=0, n_bytes=0, priority=10,ip,metadata=0x1 actions=resubmit(,54)
cookie=0x0, duration=878625.111s, table=51, n_packets=0, n_bytes=0, priority=10,ip,metadata=0 actions=resubmit(,90)
cookie=0x0, duration=878625.111s, table=52, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,53)
cookie=0x0, duration=878625.111s, table=53, n_packets=0, n_bytes=0, priority=10,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=54, n_packets=0, n_bytes=0, priority=10,ct_state=-rpl,ip actions=load:0x2->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=54, n_packets=0, n_bytes=0, priority=10,ct_state=+rpl,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=55, n_packets=0, n_bytes=0, priority=10,ct_state=-rpl,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=55, n_packets=0, n_bytes=0, priority=10,ct_state=+rpl,ip actions=load:0x2->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=57, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,100)
cookie=0x0, duration=878625.111s, table=58, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.111s, table=59, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+new,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+new,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+trk,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+trk,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,70)
cookie=0x0, duration=878625.110s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est-rel+rpl,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est-rel+rpl,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=-new-est+rel-inv,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=-new-est+rel-inv,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=10,ip actions=drop
cookie=0x0, duration=878625.108s, table=80, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x1->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=80, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x1->NXM_NX_CT_MARK)),output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=90, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.u"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK[])),output:"br.microseg.u"
cookie=0x0, duration=878625.107s, table=100, n_packets=0, n_bytes=0, priority=100,ip actions=drop
cookie=0x0, duration=878625.107s, table=125, n_packets=0, n_bytes=0, priority=11 actions=resubmit(,126)
cookie=0x0, duration=878625.107s, table=126, n_packets=0, n_bytes=0, priority=1000,ip actions=drop
cookie=0x0, duration=878625.107s, table=126, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,127)
cookie=0x0, duration=878625.107s, table=127, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,130)
cookie=0x0, duration=878625.107s, table=130, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,140)
cookie=0x0, duration=878625.106s, table=140, n_packets=0, n_bytes=0, priority=1,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.106s, table=140, n_packets=0, n_bytes=0, priority=1,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.115s, table=0, n_packets=321082328, n_bytes=160947382900, priority=10,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.115s, table=0, n_packets=345625390, n_bytes=151660948379, priority=10,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=882184.338s, table=0, n_packets=0, n_bytes=0, priority=0 actions=NORMAL
cookie=0x0, duration=878625.115s, table=1, n_packets=0, n_bytes=0, priority=100,ct_mark=0x1,ip actions=drop
cookie=0x0, duration=878625.114s, table=1, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,10)
cookie=0x0, duration=878625.114s, table=10, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,12)
cookie=0x0, duration=878625.114s, table=11, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=12, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,20)
cookie=0x0, duration=878625.113s, table=13, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=20, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,30)
cookie=0x0, duration=878625.113s, table=21, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.113s, table=22, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,23)
cookie=0x0, duration=878625.113s, table=23, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,100)
cookie=0x0, duration=878625.113s, table=30, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,32)
cookie=0x0, duration=878625.112s, table=31, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=32, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,35)
cookie=0x0, duration=878625.112s, table=33, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=35, n_packets=0, n_bytes=0, priority=10,ip actions=load:0x1->OXM_OF_METADATA[1],resubmit(,36)
cookie=0x0, duration=878625.112s, table=36, n_packets=0, n_bytes=0, priority=10,ip actions=load:0->OXM_OF_METADATA[1],resubmit(,40)
cookie=0x0, duration=878625.112s, table=40, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,42)
cookie=0x0, duration=878625.112s, table=41, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=42, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,50)
cookie=0x0, duration=878625.112s, table=43, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.112s, table=50, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,51)
cookie=0x0, duration=878625.111s, table=51, n_packets=0, n_bytes=0, priority=10,ip,metadata=0x1 actions=resubmit(,54)
cookie=0x0, duration=878625.111s, table=51, n_packets=0, n_bytes=0, priority=10,ip,metadata=0 actions=resubmit(,90)
cookie=0x0, duration=878625.111s, table=52, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,53)
cookie=0x0, duration=878625.111s, table=53, n_packets=0, n_bytes=0, priority=10,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=54, n_packets=0, n_bytes=0, priority=10,ct_state=-rpl,ip actions=load:0x2->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=54, n_packets=0, n_bytes=0, priority=10,ct_state=+rpl,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=55, n_packets=0, n_bytes=0, priority=10,ct_state=-rpl,ip actions=load:0x1->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=55, n_packets=0, n_bytes=0, priority=10,ct_state=+rpl,ip actions=load:0x2->NXM_NX_REG4,resubmit(,58)
cookie=0x0, duration=878625.111s, table=57, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,100)
cookie=0x0, duration=878625.111s, table=58, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.111s, table=59, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,90)
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+new,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+new,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+trk,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=100,ct_state=+trk,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.110s, table=60, n_packets=0, n_bytes=0, priority=10,ip actions=resubmit(,70)
cookie=0x0, duration=878625.110s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.109s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est-rel+rpl,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=+est-rel+rpl,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=-new-est+rel-inv,ip,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=100,ct_state=-new-est+rel-inv,ip,in_port="br.microseg.d" actions=output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=70, n_packets=0, n_bytes=0, priority=10,ip actions=drop
cookie=0x0, duration=878625.108s, table=80, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x1->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.108s, table=80, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x1->NXM_NX_CT_MARK)),output:"br.microseg.u"
cookie=0x0, duration=878625.108s, table=90, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ct_state=+est+trk,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.u"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.u" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK)),output:"br.microseg.d"
cookie=0x0, duration=878625.107s, table=90, n_packets=0, n_bytes=0, priority=100,ip,in_port="br.microseg.d" actions=ct(commit,exec(load:0x5->NXM_NX_CT_MARK[])),output:"br.microseg.u"
cookie=0x0, duration=878625.107s, table=100, n_packets=0, n_bytes=0, priority=100,ip actions=drop
cookie=0x0, duration=878625.107s, table=125, n_packets=0, n_bytes=0, priority=11 actions=resubmit(,126)
cookie=0x0, duration=878625.107s, table=126, n_packets=0, n_bytes=0, priority=1000,ip actions=drop
cookie=0x0, duration=878625.107s, table=126, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,127)
cookie=0x0, duration=878625.107s, table=127, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,130)
cookie=0x0, duration=878625.107s, table=130, n_packets=0, n_bytes=0, priority=1 actions=resubmit(,140)
cookie=0x0, duration=878625.106s, table=140, n_packets=0, n_bytes=0, priority=1,in_port="br.microseg.u" actions=output:"br.microseg.d"
cookie=0x0, duration=878625.106s, table=140, n_packets=0, n_bytes=0, priority=1,in_port="br.microseg.d" actions=output:"br.microseg.u"
▽表で表現するとこんな感じです。
このブリッジの内容は正直あまり理解できていないですが、「table=0」でポートからポートにそのまま送信していますね。「table=1」以降はマイクロセグメンテーションなどで使われるのかもしれません。こちらもMACアドレステーブルは白紙でした。
「br.mx」ブリッジ
br.mxブリッジのFlowテーブルは以下の通りです。
[root@ahv-01 ~]# ovs-ofctl dump-flows br.mx
cookie=0x0, duration=882638.650s, table=0, n_packets=322534526, n_bytes=161600719176, priority=1,in_port="br.mx.u.br0" actions=output:"br.mx.d"
cookie=0x0, duration=882638.649s, table=0, n_packets=347253999, n_bytes=152336378394, priority=1,pkt_mark=0/0xff,in_port="br.mx.d" actions=output:"br.mx.u.br0"
cookie=0x0, duration=882638.650s, table=0, n_packets=0, n_bytes=0, priority=0 actions=drop
cookie=0x0, duration=882638.650s, table=0, n_packets=322534526, n_bytes=161600719176, priority=1,in_port="br.mx.u.br0" actions=output:"br.mx.d"
cookie=0x0, duration=882638.649s, table=0, n_packets=347253999, n_bytes=152336378394, priority=1,pkt_mark=0/0xff,in_port="br.mx.d" actions=output:"br.mx.u.br0"
cookie=0x0, duration=882638.650s, table=0, n_packets=0, n_bytes=0, priority=0 actions=drop
▽表で表現するとこんな感じです。
このブリッジはとてもシンプルで、ポートからポートへそのまま送信するだけのようですね。
今回は、Nutanix AHVのOVS仮想スイッチにおけるブリッジチェーンのFlowテーブルを順番に確認してみました。ブリッジチェーンでは各々のFlowテーブルによって通信が処理されながら通過しているようなイメージになるかと思います。
次回は、仮想マシンが接続されている「br0.local」ブリッジの中身を確認してみたいと思います。
