# ovs 使用 OpenFlow

官方的文档比较全面，推荐阅读： <http://docs.openvswitch.org/en/latest/faq/openflow/>

1.ovs 启用 OpenFlow

```
$ ovs-vsctl set bridge br0 \
    protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13
```

2\. ovs drop 目的地址的 arp 包

```
$ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop
```

> A: The term “normalization” in the log message means that a flow cannot match on an L3 field without saying what L3 protocol is in use. The “ovs-ofctl” command above didn’t specify an L3 protocol, so the L3 field match was dropped.
>
> In this case, the L3 protocol could be IP or ARP. A correct command for each possibility is, respectively:
>
> ```
> $ ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop
> ```
>
> and:
>
> ```
> $ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop
> ```
>
> Similarly, a flow cannot match on an L4 field without saying what L4 protocol is in use. For example, the flow match `tp_src=1234` is, by itself, meaningless and will be ignored. Instead, to match TCP source port 1234, write `tcp,tp_src=1234`, or to match UDP source port 1234, write `udp,tp_src=1234`.