SD-WAN

 View Only

  • 1.  HP Aruba 2920, HP SDN Controller, Curl, Failed to validate flowmod

    Posted Mar 12, 2017 06:51 PM

    Hello. I have physical HP-2920-24G Aruba switch and I'm using the HP SDN Controller (trial version). I've just started with SDN. I wanted to add a flow, using curl:

    curl -ski -X POST \
     -H "X-Auth-Token: b83786a25be841e29e99b0cc079dc972" \
     -H "Content-Type:application/json" \
     -d '{
         "flow": {
                "cookie": "0x2031987",
                "table_id": 0,
                "priority": 30000,
                "idle_timeout": 300,
                "hard_timeout": 300,
                "match": [
                        {"ipv4_src": "10.0.2.101"},
                        {"ipv4_dst": "10.0.2.102"},
                        {"eth_type": "ipv4"}
                ],
                "instructions": [{"apply_actions": [{"output": 2}]}]
                }
          }' \
      https://10.0.1.103:8443/sdn/v2.0/of/datapaths/00:01:94:18:82:25:bc:80/flows

    But it showed me the following error:

    HTTP/1.1 400 Bad Request
Server: Apache-Coyote/1.1
X-FRAME-OPTIONS: deny
Access-Control-Allow-Origin: *
Access-Control-Allow-Methods: GET, POST, PUT, HEAD, PATCH
Access-Control-Allow-Headers: Content-Type, Accept, X-Auth-Token
Content-Type: application/json
Transfer-Encoding: chunked
Date: Sun, 12 Mar 2017 12:14:54 GMT
Connection: close

{"error":"java.lang.IllegalArgumentException","message":"Failed to validate flowmod: {ofm:[V_1_3,FLOW_MOD,104,300784],cmd=ADD,match={Match(V_1_3):[type=OXM,len=26],fields=ETH_TYPE,IPV4_SRC,IPV4_DST},...}"}

    I double-checked the syntax, it seems to me that it's OK.

    What is the problem, what am I doing wrong here? Thank you.



  • 2.  RE: HP Aruba 2920, HP SDN Controller, Curl, Failed to validate flowmod

    Posted Mar 13, 2017 08:48 AM

    Hello Roger,

    I have assuming you are using OpenFlow version 1.3 here.

    Table 0 of standard-match pipeline on Aruba switches is read-only. Any flow-mods to add a flow to that table is rejected by the switch. It is possible that the VAN controller is doing that validation at the controller layer because of its knowledge of the Aruba behavior.

    Can you change the Table ID in the flow to 100 and retry the same flow. It should work. If it doesn't work, can you please share the switch's running configuration.

    Thanks!

    Abhay



  • 3.  RE: HP Aruba 2920, HP SDN Controller, Curl, Failed to validate flowmod

    Posted Mar 15, 2017 06:32 AM

    Hello,

    Thank you for the information. I changed the syntax a little bit, and also changed the table ID:

    curl --header ’X-Auth-Token:
88fd25c12e4c455ca3f7e56c5c3a4689’ --header "Accept:
application/json" --header "Content-type:
application/json" --fail -ksSfL
-X POST -d
’{"flow":
{"priority":100,
"table_id":100,
"idle_timeout":60,
"match":[
{"in_port":1},
{"ipv4_src":"10.0.2.101"},
{"ipv4_dst":"10.0.2.102"},
{"eth_type":"ipv4"},
{"ip_proto":"udp"}],
"instructions":[
{"apply_actions":""}]
}
}’
--url
https://10.0.1.103:8443/sdn/v2.0/of/datapaths/00:01:94:18:82:25:bc:80/flows

    Now it works great.

     



  • 4.  RE: HP Aruba 2920, HP SDN Controller, Curl, Failed to validate flowmod

    Posted Mar 17, 2017 10:19 AM

    Hi Roger,

    One other possibility would be to omit the "table_id" parameter entirely. The HPE SDN controller has table auto-selection which will automatically select the best table in the switch to fit a particular flow. That way, you don't need to know which table supports the flow you're pushing.

    Shaun



Related Content