Host can't ping each other after adding port to openvswitch

toomuchmacha · May 10, 2019, 6:32am

So i'm using WR1043NDv4 that i install OpenWRT, i already do some configuration to meet requirement of it to be made into OpenFlow-enabled with installing openvswitch package on the router and using Opendaylight Flourine-SR2 as the controller.

Before i add the lan port (1 until 4) to openvswitch, hosts that connect to the router still can ping each other and to the router, but after adding it to openvswitch the lan port become inaccessible, even when it was given static address to each of it. hosts can't ping to the router and to each other. I'm using my wan port that i didn't add to openvswitch as management.

I already tried to include the openvswitch br interface (that i give name ovslan) to /etc/config/network and giving it static ip address but still doesn't work.

but if I stop openvswitch services that run on OpenWRT the lan port become accessible again. Please help me

here is my content of /etc/config/network and /etc/config/firewall :

root@OpenWrt:~# cat /etc/config/network

config interface 'loopback'
	option ifname 'lo'
	option proto 'static'
	option ipaddr '127.0.0.1'
	option netmask '255.0.0.0'

config globals 'globals'
	option ula_prefix 'fdbc:261a:0d40::/48'

#config interface 'lan'
#	option ifname 'eth0.1 eth0.3 eth0.4 eth0.5'
#	option proto 'static'
#	option ipaddr '192.168.1.1'
#	option netmask '255.255.255.0'
#	option gateway '192.168.1.254'

config interface 'lan1'
	option ifname 'eth0.1'
	option proto 'static'
#	option ipaddr '192.168.0.1'
#	option netmask '255.255.255.0'

config interface 'lan2'
	option ifname 'eth0.3'
	option proto 'static'
#	option ipaddr '192.168.3.1'
#	option netmask '255.255.255.0'

config interface 'lan3'
	option ifname 'eth0.4'
	option proto 'static'
#	option ipaddr '192.168.4.1'
#	option netmask '255.255.255.0'

config interface 'lan4'
	option ifname 'eth0.5'
	option proto 'static'
#	option ipaddr '192.168.5.1'
#	option netmask '255.255.255.0'

config device 'lan_dev'
	option name 'eth0.1 eth0.3 eth0.4 eth0.5'
	option macaddr '98:de:xx:xx:xx:xx'

config interface 'wan'
	option ifname 'eth0.2'
	option proto 'static'
	option ipaddr '192.168.2.1'
	option netmask '255.255.255.0'

config device 'wan_dev'
	option name 'eth0.2'
	option macaddr '98:de:xx:xx:xx:xx

config interface 'wan6'
	option ifname 'eth0.2'
	option proto 'dhcpv6'

config interface 'ovslan'
	option proto 'static'
	option netmask '255.255.255.0'
	option ipaddr '192.168.1.1'
	option ifname 'ovslan'
	option gateway '192.168.1.254'
	option dns '192.168.1.254'

config switch
	option name 'switch0'
	option reset '1'
	option enable_vlan '1'
	option enable_learning '0'

config switch_vlan
	option device 'switch0'
	option vlan '1'
	option ports '1 0t'

config switch_vlan
	option device 'switch0'
	option vlan '2'
	option ports '5 0t'

config switch_vlan
	option device 'switch0'
	option vlan '3'
	option ports '2 0t'

config switch_vlan
	option device 'switch0'
	option vlan '4'
	option ports '3 0t'

config switch_vlan
	option device 'switch0'
	option vlan '5'
	option ports '4 0t'

root@OpenWrt:~# cat /etc/config/firewall 

config defaults
	option syn_flood '1'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'

config zone
	option name 'lan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option network 'lan1 lan2 lan3 lan4 ovslan'

config zone
	option name 'wan'
	option input 'ACCEPT'
	option output 'ACCEPT'
	option forward 'ACCEPT'
	option masq '1'
	option mtu_fix '1'
	option network 'wan wan6'

config forwarding
	option src 'lan'
	option dest 'wan'

config rule
	option name 'Allow-DHCP-Renew'
	option src 'wan'
	option proto 'udp'
	option dest_port '68'
	option target 'ACCEPT'
	option family 'ipv4'

config rule
	option name 'Allow-Ping'
	option src 'wan'
	option proto 'icmp'
	option icmp_type 'echo-request'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-IGMP'
	option src 'wan'
	option proto 'igmp'
	option family 'ipv4'
	option target 'ACCEPT'

config rule
	option name 'Allow-DHCPv6'
	option src 'wan'
	option proto 'udp'
	option src_ip 'fc00::/6'
	option dest_ip 'fc00::/6'
	option dest_port '546'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-MLD'
	option src 'wan'
	option proto 'icmp'
	option src_ip 'fe80::/10'
	list icmp_type '130/0'
	list icmp_type '131/0'
	list icmp_type '132/0'
	list icmp_type '143/0'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Input'
	option src 'wan'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	list icmp_type 'router-solicitation'
	list icmp_type 'neighbour-solicitation'
	list icmp_type 'router-advertisement'
	list icmp_type 'neighbour-advertisement'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-ICMPv6-Forward'
	option src 'wan'
	option dest '*'
	option proto 'icmp'
	list icmp_type 'echo-request'
	list icmp_type 'echo-reply'
	list icmp_type 'destination-unreachable'
	list icmp_type 'packet-too-big'
	list icmp_type 'time-exceeded'
	list icmp_type 'bad-header'
	list icmp_type 'unknown-header-type'
	option limit '1000/sec'
	option family 'ipv6'
	option target 'ACCEPT'

config rule
	option name 'Allow-IPSec-ESP'
	option src 'wan'
	option dest 'lan'
	option proto 'esp'
	option target 'ACCEPT'

config rule
	option name 'Allow-ISAKMP'
	option src 'wan'
	option dest 'lan'
	option dest_port '500'
	option proto 'udp'
	option target 'ACCEPT'

config include
	option path '/etc/firewall.user'

and here my configuration on ovs-vsctl:

root@OpenWrt:~# ovs-vsctl show
7a3baad8-3b47-4751-b5a9-48f347768b41
    Manager "ptcp:6640"
    Bridge ovslan
        Controller "tcp:192.168.2.152:6633"
            is_connected: true
        fail_mode: standalone
        Port ovslan
            Interface ovslan
                type: internal
        Port "eth0.1"
            Interface "eth0.1"
        Port "eth0.5"
            Interface "eth0.5"
        Port "eth0.4"
            Interface "eth0.4"
        Port "eth0.3"
            Interface "eth0.3"
    ovs_version: "2.8.5"

I've been stuck in these problem for one day, i've already tried adding dhcp server on my main router to connect to one of lan port but the hosts still didn't recieve any IP address and therefore can't ping each other

mikma · May 10, 2019, 9:14am

What configuration are you using on the controller (opendaylight)?

toomuchmacha · May 10, 2019, 11:49am

I follow the OpenFlow Plugin Project User Guide of the ODL Flourine-SR2 version. I already install the package required according to the Tutorial/How to section of the site. And i already tried some of restconf API syntax using postman and it's work, however i didn't see any of my configured static IP on the openvswitch bridge that i created anywhere when i retrieve the inventory node.

mikma · May 10, 2019, 6:47pm

Did you solve the problem that the hosts couldn't ping each other?

Are you using VLANs? Because I think ovslan is a trunk port, which is the default.