Page History

...

with understanding of how bridges, logical router are interconnected with patch ports lets see the flow rules are setup. Lets assume tier1, tier 2 and tier3 has subnets 10.1.1.0/24, 10.1.2.0/24 and 10.1.3.0/24 respectively. There are three different flow configurations on different bridges.

• bridge connected to logical router with patch port
• bridge connected to VPC VR (hence no patch port)
• bridge corresponding to logical router

Flows rules for bridge connected to VPC VR: no new additional flow rules are added to such bridges apart from what is added by OVS tunnel manager.  Bridge will act as a mac learning L2 switch. To recap from [4] below are the flow rules

• priority:1200 :- allow all incoming broadcast (dl_dst=ff:ff:ff:ff:ff:ff) and multicast (nw_dst=224.0.0.0/24) traffic from the VIF's that are connected to the VM's
• priority:1100 :-permit broadcast (dl_dst=ff:ff:ff:ff:ff:ff) and multicast (nw_dst=224.0.0.0/24) traffic to be sent out ONLY on the VIF's that are connect to VM's (i.e excluding the tunnel interfaces)
• priority:1000 :- suppress all broadcast/multicast ingress traffic on GRE tunnels
• do NORMAL processing on the rest of the flows