Openflow ACL-configuration

  • 0
  • 1
  • Problem
  • Updated 11 months ago
  • Not a Problem
  • (Edited)
Good day,
I am trying to configure Openflow on 4 x670 stack. I simply followed the instructions according to the documentation and have successfully installed Openflow. however, it returns the following error.

11/21/2017 20:20:26.24 <Warn:OpenFlow.OVS.Warn> Slot-1: 04181|ofproto_exos|WARN|No context returned from ACL manager (cmd=0x3002), likely when port is removed
11/21/2017 20:20:26.24 <Warn:OpenFlow.OVS.Warn> Slot-1: 04180|ofproto_exos|WARN|No context returned from ACL manager (cmd=0x3002), likely when port is removed 11/21/2017 20:20:26.24 <Warn:OpenFlow.OVS.Warn> Slot-1: 04179|ofproto_exos|WARN|No context returned from ACL manager (cmd=0x3002), likely when port is removed 11/21/2017 20:20:26.24 <Warn:OpenFlow.OVS.Warn> Slot-1: 04178|ofproto_exos|WARN|No context returned from ACL manager (cmd=0x3002), likely when port is removed 11/21/2017 20:20:26.24 <Warn:OpenFlow.OVS.Warn> Slot-1: 04177|ofproto_exos|WARN|No context returned from ACL manager (cmd=0x3002), likely when port is removed 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2624 Config of_34 with error=0. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2571 Add of_34 with error=-22. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2624 Config of_33 with error=0. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2571 Add of_33 with error=-22. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2624 Config of_32 with error=0. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2571 Add of_32 with error=-22. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2624 Config of_31 with error=0. 11/21/2017 20:20:26.24 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2571 Add of_31 with error=-22. 11/21/2017 20:20:26.23 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2624 Config of_30 with error=0. 11/21/2017 20:20:26.23 <Warn:OpenFlow.ACLModRuleFail> Slot-1: Failed to ofproto/ofproto-exos.c:2571 Add of_30 with error=-22.
I tried tcpdump on the controller side and it returns the following error.
Frame 1: 187 bytes on wire (1496 bits), 187 bytes captured (1496 bits)Ethernet II, Src: SuperMic_cd:d0:62 (0c:c4:7a:cd:d0:62), Dst: ExtremeNetworks_98:78:25 (02:04:96:98:78:25)
Internet Protocol Version 4, Src: 192.168.212.236, Dst: 192.168.212.250
Transmission Control Protocol, Src Port: 6633, Dst Port: 49854, Seq: 1, Ack: 1, Len: 121
OpenFlow 1.3
    Version: 1.3 (0x04)
    Type: OFPT_PACKET_OUT (13)
    Length: 121
    Transaction ID: 4758085
    Buffer ID: OFP_NO_BUFFER (0xffffffff)
    In port: OFPP_CONTROLLER (0xfffffffd)
    Actions length: 16
    Pad: 000000000000
    Action
    Data
        Ethernet II, Src: 02:eb:9f:67:c9:42 (02:eb:9f:67:c9:42), Dst: OpenNetw_00:00:01 (a5:23:05:00:00:01)
        Link Layer Discovery Protocol
            Chassis Subtype = MAC address, Id: 02:04:96:98:78:25
            Port Subtype = Port component, Id: 00000401
            Time To Live = 120 sec
            OpenNetw - Unknown (1)
                1111 111. .... .... = TLV Type: Organization Specific (127)
                .... ...0 0001 0010 = TLV Length: 18
                Organization Unique Code: Unknown (0xa42305)
                Unknown Subtype: 1
                Unknown Subtype Content: 4f4e4f5320446973636f76657279
            OpenNetw - Unknown (2)
                1111 111. .... .... = TLV Type: Organization Specific (127)
                .... ...0 0001 0111 = TLV Length: 23
                Organization Unique Code: Unknown (0xa42305)
                Unknown Subtype: 2
                Unknown Subtype Content: 6f663a30303030303230343936393837383235
            End of LLDPDU

Any tips on what the next step should be is highly appreciated.

Thanks in advance 
Christian
Photo of Christian Matira

Christian Matira

  • 80 Points 75 badge 2x thumb

Posted 11 months ago

  • 0
  • 1
Photo of Stephen Williams

Stephen Williams, Employee

  • 9,040 Points 5k badge 2x thumb
Can we see your openflow config?
Photo of Christian Matira

Christian Matira

  • 80 Points 75 badge 2x thumb
Sorry I forgot to include the openflow configurations 
OpenFlow:          Enabled
Versions:          OpenFlow10, OpenFlow13
Mode:              Standard
FDB:               On
Access-list width: Double
Controller       : Primary
    Status       : ACTIVE
    Datapath ID  : 0000020496987825
    VR           : VR-Default
    Mode         : out-of-band Active
    Target       : tcp:192.168.212.236:6633
    Uptime(secs) : 54314
Controller       : Secondary
    Not configured.
                                                     Flows
VLAN                             VID  Mode     Ports Active Error
-------------------------------- ---- -------- ----- ------ ------
Internal                          300 Standard    14      0      0
HPC                               600 Standard    85      0      0
CloudSci                          700 Standard     9      0      0
CloudEnt                          800 Standard     9      0      0
Total number of VLAN(s): 4
# Module openflow configuration.
#
configure openflow default-rule bddp controller
configure openflow default-rule lldp controller
configure openflow default-rule iparp controller
configure openflow default-rule miss controller
enable openflow
configure openflow tables fdb on
enable openflow vlan "Internal"
enable openflow vlan "HPC"
enable openflow vlan "CloudSci"
enable openflow vlan "CloudEnt"
configure openflow controller primary out-of-band active ipaddress 192.168.212.236 
What I did here is tagged the controller to the Vlan "Internal" and gave the IP 192.168.212.236. On the controller side, it is able to discover the ports associated with the openflow enabled vlans, however, it does not show any topology and flows.

Currently, There are no access-list configured in the switches. 

Additional info: 
Here are the openflow tables 
show openflow tables 
table_t_get valid=1, id=0
table_t_get id=0, first/last=1/3
Type Usage Flows
---- ----- ------
ACL  on         0
FDB  on         0
It says in the error logs something to do with ofproto-exos here are the debug output of ofproto-exos

debug openflow show ofproto-exos 
glob_ofproto:
def_rule_no                    0          def_rule_count                 0          
def_rules_flushed              0          numOfVlansPendingDefaultACL    0          
numOfVlansPendingDelete        0          acl_count                      0          
fdb_rule_no                    0          fdb_rule_count                 0          
fdb_rules_flushed              0          fdb_count                      0          
glob_ofproto barrier:
barrier_rule_count             0          barrier_max_cnt                0          
barrier_req_cnt                27         barrier_resp_delay_cnt         0          
barrier_resp_cnt               27         config_req_op_cnt              56664      
config_resp_op_cnt             56664      unconfig_req_op_cnt            0          
unconfig_resp_op_cnt           0          
========================================
Message stats                       sent       rcvd
----------------------------- ---------- ----------
OFPT_HELLO                             0          0
OFPT_ERROR                         55573          0
OFPT_ECHO_REQUEST                      0          0
OFPT_ECHO_REPLY                        0          0
OFPT_VENDOR                            0          0
OFPT_FEATURES_REQUEST                  0          1
OFPT_FEATURES_REPLY                    1          0
OFPT_GET_CONFIG_REQUEST                0          1
OFPT_GET_CONFIG_REPLY                  1          0
OFPT_SET_CONFIG                        0          1
OFPT_PACKET_IN                         0          0
OFPT_FLOW_REMOVED                      0          0
OFPT_PORT_STATUS                       0          0
OFPT_PACKET_OUT                        0    2939700
OFPT_FLOW_MOD                          0      55573
OFPT_PORT_MOD                          0          0
OFPT_STATS_REQUEST                     0          0
OFPT_STATS_REPLY                       0          0
OFPT_BARRIER_REQUEST                   0      49853
OFPT_BARRIER_REPLY                 49853          0
OFPT_QUEUE_GET_CONFIG_REQUEST          0          9
========================================
Flow Tree: flowTreeCnt=0
========================================
Flow Priority Tree: flowPriorityTreeCnt=0

Thanks again in advance 
Christian
Photo of Stephen Williams

Stephen Williams, Employee

  • 9,040 Points 5k badge 2x thumb
Thanks for the information?  What type of flow are you trying to push?  What controller are you using?  how is it configured?

Are you running a older version of EXOS?