ovs 使用 OpenFlow

官方的文档比较全面，推荐阅读： http://docs.openvswitch.org/en/latest/faq/openflow/

1.ovs 启用 OpenFlow

$ ovs-vsctl set bridge br0 \
    protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13

2. ovs drop 目的地址的 arp 包

$ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop

A: The term “normalization” in the log message means that a flow cannot match on an L3 field without saying what L3 protocol is in use. The “ovs-ofctl” command above didn’t specify an L3 protocol, so the L3 field match was dropped.

In this case, the L3 protocol could be IP or ARP. A correct command for each possibility is, respectively:

$ ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop

and:

$ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop

Similarly, a flow cannot match on an L4 field without saying what L4 protocol is in use. For example, the flow match tp_src=1234 is, by itself, meaningless and will be ignored. Instead, to match TCP source port 1234, write tcp,tp_src=1234, or to match UDP source port 1234, write udp,tp_src=1234.