/gistify900147.txt Secret

## gistify900147.txt
vagrant@central:~$
vagrant@central:~$ /vagrant/scripts/setup-ovn-cluster.sh
Note: node unavailable: compute3
starting ovn in compute1
 * /etc/openvswitch/conf.db does not exist
 * Creating empty database /etc/openvswitch/conf.db
 * Starting ovsdb-server
 * Configuring Open vSwitch system IDs
 * Starting ovs-vswitchd
 * Enabling remote OVSDB managers
 * Starting ovn-controller
starting ovn in compute2
 * /etc/openvswitch/conf.db does not exist
 * Creating empty database /etc/openvswitch/conf.db
 * Starting ovsdb-server
 * Configuring Open vSwitch system IDs
 * Starting ovs-vswitchd
 * Enabling remote OVSDB managers
 * Starting ovn-controller
starting ovn in central
 * /etc/openvswitch/conf.db does not exist
 * Creating empty database /etc/openvswitch/conf.db
 * Starting ovsdb-server
 * Configuring Open vSwitch system IDs
 * Starting ovs-vswitchd
 * Enabling remote OVSDB managers
 * Starting ovn-northd
vagrant@central:~$ /vagrant/scripts/tutorial/l3_basic/setup.sh
+ sudo ovn-nbctl ls-add ls1
+ sudo ovn-nbctl ls-add ls2
+ sudo ovn-nbctl lsp-add ls1 ls1-port1
+ sudo ovn-nbctl lsp-add ls2 ls2-port1
+ sudo ovn-nbctl lsp-set-addresses ls1-port1 00:00:00:00:00:01
+ sudo ovn-nbctl lsp-set-addresses ls2-port1 00:00:00:00:00:02
+ sudo ovn-nbctl lsp-set-port-security ls1-port1 00:00:00:00:00:01
+ sudo ovn-nbctl lsp-set-port-security ls2-port1 00:00:00:00:00:02
+ sudo ovn-nbctl lr-add lr0
+ sudo ovn-nbctl lrp-add lr0 lrp1 00:00:00:01:00:01 1.0.0.2/24 peer=lrp1-attachment
+ sudo ovn-nbctl -- lsp-add ls1 lrp1-attachment -- set Logical_Switch_Port lrp1-attachment type=router options:router-port=lrp1 'addresses="00:00:00:01:00:01 1.0.0.2"'
+ sudo ovn-nbctl lrp-add lr0 lrp2 00:00:00:01:00:02 2.0.0.2/24 peer=lrp2-attachment
+ sudo ovn-nbctl -- lsp-add ls2 lrp2-attachment -- set Logical_Switch_Port lrp2-attachment type=router options:router-port=lrp2 'addresses="00:00:00:01:00:02 2.0.0.2"'
vagrant@central:~$
vagrant@central:~$ sudo ovn-nbctl show
    switch 35e8fbf9-af03-4b51-bd0f-60425ea2f4fd (ls2)
        port lrp2-attachment
            addresses: ["00:00:00:01:00:02 2.0.0.2"]
        port ls2-port1
            addresses: ["00:00:00:00:00:02"]
    switch 46283e13-4908-48f3-b271-03e39300394c (ls1)
        port lrp1-attachment
            addresses: ["00:00:00:01:00:01 1.0.0.2"]
        port ls1-port1
            addresses: ["00:00:00:00:00:01"]
    router d755dfb1-084b-4994-9be9-fc1f809edc0d (lr0)
        port lrp1
            mac: "00:00:00:01:00:01"
            networks: ["1.0.0.2/24"]
        port lrp2
            mac: "00:00:00:01:00:02"
            networks: ["2.0.0.2/24"]
vagrant@central:~$
vagrant@central:~$
vagrant@central:~$ sudo ovn-sbctl show
Chassis "compute1"
    hostname: "compute1.ovn.dev"
    Encap geneve
        ip: "192.168.33.31"
Chassis "compute2"
    hostname: "compute2.ovn.dev"
    Encap geneve
        ip: "192.168.33.32"
vagrant@central:~$
vagrant@central:~$
vagrant@central:~$ sudo ovn-sbctl list datapath_binding ; echo '==' ; sudo ovn-sbctl lflow-list | grep --color -E 'Datapath|$'
_uuid               : 08bc7858-60f3-4308-bd7a-b45eeb888702
external_ids        : {logical-router="d755dfb1-084b-4994-9be9-fc1f809edc0d"}
tunnel_key          : 3

_uuid               : 235b9d45-2446-4777-ba0a-ad1d3a72ea70
external_ids        : {logical-switch="46283e13-4908-48f3-b271-03e39300394c"}
tunnel_key          : 1

_uuid               : 876f6fd6-c948-47d1-89bd-df3c2f347590
external_ids        : {logical-switch="35e8fbf9-af03-4b51-bd0f-60425ea2f4fd"}
tunnel_key          : 2
==
Datapath: 08bc7858-60f3-4308-bd7a-b45eeb888702  Pipeline: ingress
  table=0 (lr_in_admission    ), priority=100  , match=(vlan.present || eth.src[40]), action=(drop;)
  table=0 (lr_in_admission    ), priority=50   , match=((eth.mcast || eth.dst == 00:00:00:01:00:01) && inport == "lrp1"), action=(next;)
  table=0 (lr_in_admission    ), priority=50   , match=((eth.mcast || eth.dst == 00:00:00:01:00:02) && inport == "lrp2"), action=(next;)
  table=1 (lr_in_ip_input     ), priority=100  , match=(ip4.mcast || ip4.src == 255.255.255.255 || ip4.src == 127.0.0.0/8 || ip4.dst == 127.0.0.0/8 || ip4.src == 0.0.0.0/8 || ip4.dst == 0.0.0.0/8), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=100  , match=(ip4.src == {1.0.0.2, 1.0.0.255}), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=100  , match=(ip4.src == {2.0.0.2, 2.0.0.255}), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=90   , match=(arp.op == 2), action=(put_arp(inport, arp.spa, arp.sha);)
  table=1 (lr_in_ip_input     ), priority=90   , match=(inport == "lrp1" && arp.tpa == 1.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:01; arp.op = 2; /* ARP reply */ arp.tha = arp.sha; arp.sha = 00:00:00:01:00:01; arp.tpa = arp.spa; arp.spa = 1.0.0.2; outport = "lrp1"; inport = ""; /* Allow sending out inport. */ output;)
  table=1 (lr_in_ip_input     ), priority=90   , match=(inport == "lrp2" && arp.tpa == 2.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:02; arp.op = 2; /* ARP reply */ arp.tha = arp.sha; arp.sha = 00:00:00:01:00:02; arp.tpa = arp.spa; arp.spa = 2.0.0.2; outport = "lrp2"; inport = ""; /* Allow sending out inport. */ output;)
  table=1 (lr_in_ip_input     ), priority=90   , match=(ip4.dst == 1.0.0.2 && icmp4.type == 8 && icmp4.code == 0), action=(ip4.dst <-> ip4.src; ip.ttl = 255; icmp4.type = 0; inport = ""; /* Allow sending out inport. */ next; )
  table=1 (lr_in_ip_input     ), priority=90   , match=(ip4.dst == 2.0.0.2 && icmp4.type == 8 && icmp4.code == 0), action=(ip4.dst <-> ip4.src; ip.ttl = 255; icmp4.type = 0; inport = ""; /* Allow sending out inport. */ next; )
  table=1 (lr_in_ip_input     ), priority=60   , match=(ip4.dst == {1.0.0.2}), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=60   , match=(ip4.dst == {2.0.0.2}), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=50   , match=(eth.bcast), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=30   , match=(ip4 && ip.ttl == {0, 1}), action=(drop;)
  table=1 (lr_in_ip_input     ), priority=0    , match=(1), action=(next;)
  table=2 (lr_in_unsnat       ), priority=0    , match=(1), action=(next;)
  table=3 (lr_in_dnat         ), priority=0    , match=(1), action=(next;)
  table=4 (lr_in_ip_routing   ), priority=24   , match=(ip4.dst == 1.0.0.0/24), action=(ip.ttl--; reg0 = ip4.dst; reg1 = 1.0.0.2; eth.src = 00:00:00:01:00:01; outport = "lrp1"; inport = ""; /* Allow sending out inport. */ next;)
  table=4 (lr_in_ip_routing   ), priority=24   , match=(ip4.dst == 2.0.0.0/24), action=(ip.ttl--; reg0 = ip4.dst; reg1 = 2.0.0.2; eth.src = 00:00:00:01:00:02; outport = "lrp2"; inport = ""; /* Allow sending out inport. */ next;)
  table=5 (lr_in_arp_resolve  ), priority=0    , match=(1), action=(get_arp(outport, reg0); next;)
  table=6 (lr_in_arp_request  ), priority=100  , match=(eth.dst == 00:00:00:00:00:00), action=(arp { eth.dst = ff:ff:ff:ff:ff:ff; arp.spa = reg1; arp.op = 1; output; };)
  table=6 (lr_in_arp_request  ), priority=0    , match=(1), action=(output;)
Datapath: 08bc7858-60f3-4308-bd7a-b45eeb888702  Pipeline: egress
  table=0 (lr_out_snat        ), priority=0    , match=(1), action=(next;)
  table=1 (lr_out_delivery    ), priority=100  , match=(outport == "lrp1"), action=(output;)
  table=1 (lr_out_delivery    ), priority=100  , match=(outport == "lrp2"), action=(output;)
Datapath: 235b9d45-2446-4777-ba0a-ad1d3a72ea70  Pipeline: ingress
  table=0 (ls_in_port_sec_l2  ), priority=100  , match=(eth.src[40]), action=(drop;)
  table=0 (ls_in_port_sec_l2  ), priority=100  , match=(vlan.present), action=(drop;)
  table=0 (ls_in_port_sec_l2  ), priority=50   , match=(inport == "lrp1-attachment"), action=(next;)
  table=0 (ls_in_port_sec_l2  ), priority=50   , match=(inport == "ls1-port1" && eth.src == {00:00:00:00:00:01}), action=(next;)
  table=1 (ls_in_port_sec_ip  ), priority=0    , match=(1), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=90   , match=(inport == "ls1-port1" && eth.src == 00:00:00:00:00:01 && arp.sha == 00:00:00:00:00:01), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=90   , match=(inport == "ls1-port1" && eth.src == 00:00:00:00:00:01 && ip6 && nd && ((nd.sll == 00:00:00:00:00:00 || nd.sll == 00:00:00:00:00:01) || ((nd.tll == 00:00:00:00:00:00 || nd.tll == 00:00:00:00:00:01)))), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=80   , match=(inport == "ls1-port1" && (arp || nd)), action=(drop;)
  table=2 (ls_in_port_sec_nd  ), priority=0    , match=(1), action=(next;)
  table=3 (ls_in_pre_acl      ), priority=0    , match=(1), action=(next;)
  table=4 (ls_in_pre_lb       ), priority=0    , match=(1), action=(next;)
  table=5 (lr_in_arp_resolve  ), priority=100  , match=(outport == "lrp1-attachment" && reg0 == 1.0.0.2), action=(eth.dst = 00:00:00:01:00:01; next;)
  table=5 (ls_in_pre_stateful ), priority=100  , match=(reg0[0] == 1), action=(ct_next;)
  table=5 (ls_in_pre_stateful ), priority=0    , match=(1), action=(next;)
  table=6 (ls_in_acl          ), priority=0    , match=(1), action=(next;)
  table=7 (ls_in_lb           ), priority=0    , match=(1), action=(next;)
  table=8 (ls_in_stateful     ), priority=100  , match=(reg0[1] == 1), action=(ct_commit; next;)
  table=8 (ls_in_stateful     ), priority=100  , match=(reg0[2] == 1), action=(ct_lb;)
  table=8 (ls_in_stateful     ), priority=0    , match=(1), action=(next;)
  table=9 (ls_in_arp_rsp      ), priority=50   , match=(arp.tpa == 1.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:01; arp.op = 2; /* ARP reply */ arp.tha = arp.sha; arp.sha = 00:00:00:01:00:01; arp.tpa = arp.spa; arp.spa = 1.0.0.2; outport = inport; inport = ""; /* Allow sending out inport. */ output;)
  table=9 (ls_in_arp_rsp      ), priority=0    , match=(1), action=(next;)
  table=10(ls_in_l2_lkup      ), priority=100  , match=(eth.mcast), action=(outport = "_MC_flood"; output;)
  table=10(ls_in_l2_lkup      ), priority=50   , match=(eth.dst == 00:00:00:00:00:01), action=(outport = "ls1-port1"; output;)
  table=10(ls_in_l2_lkup      ), priority=50   , match=(eth.dst == 00:00:00:01:00:01), action=(outport = "lrp1-attachment"; output;)
Datapath: 235b9d45-2446-4777-ba0a-ad1d3a72ea70  Pipeline: egress
  table=0 (ls_out_pre_lb      ), priority=0    , match=(1), action=(next;)
  table=1 (ls_out_pre_acl     ), priority=0    , match=(1), action=(next;)
  table=2 (ls_out_pre_stateful), priority=100  , match=(reg0[0] == 1), action=(ct_next;)
  table=2 (ls_out_pre_stateful), priority=0    , match=(1), action=(next;)
  table=3 (ls_out_lb          ), priority=0    , match=(1), action=(next;)
  table=4 (ls_out_acl         ), priority=0    , match=(1), action=(next;)
  table=5 (ls_out_stateful    ), priority=100  , match=(reg0[1] == 1), action=(ct_commit; next;)
  table=5 (ls_out_stateful    ), priority=100  , match=(reg0[2] == 1), action=(ct_lb;)
  table=5 (ls_out_stateful    ), priority=0    , match=(1), action=(next;)
  table=6 (ls_out_port_sec_ip ), priority=0    , match=(1), action=(next;)
  table=7 (ls_out_port_sec_l2 ), priority=100  , match=(eth.mcast), action=(output;)
  table=7 (ls_out_port_sec_l2 ), priority=50   , match=(outport == "lrp1-attachment"), action=(output;)
  table=7 (ls_out_port_sec_l2 ), priority=50   , match=(outport == "ls1-port1" && eth.dst == {00:00:00:00:00:01}), action=(output;)
Datapath: 876f6fd6-c948-47d1-89bd-df3c2f347590  Pipeline: ingress
  table=0 (ls_in_port_sec_l2  ), priority=100  , match=(eth.src[40]), action=(drop;)
  table=0 (ls_in_port_sec_l2  ), priority=100  , match=(vlan.present), action=(drop;)
  table=0 (ls_in_port_sec_l2  ), priority=50   , match=(inport == "lrp2-attachment"), action=(next;)
  table=0 (ls_in_port_sec_l2  ), priority=50   , match=(inport == "ls2-port1" && eth.src == {00:00:00:00:00:02}), action=(next;)
  table=1 (ls_in_port_sec_ip  ), priority=0    , match=(1), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=90   , match=(inport == "ls2-port1" && eth.src == 00:00:00:00:00:02 && arp.sha == 00:00:00:00:00:02), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=90   , match=(inport == "ls2-port1" && eth.src == 00:00:00:00:00:02 && ip6 && nd && ((nd.sll == 00:00:00:00:00:00 || nd.sll == 00:00:00:00:00:02) || ((nd.tll == 00:00:00:00:00:00 || nd.tll == 00:00:00:00:00:02)))), action=(next;)
  table=2 (ls_in_port_sec_nd  ), priority=80   , match=(inport == "ls2-port1" && (arp || nd)), action=(drop;)
  table=2 (ls_in_port_sec_nd  ), priority=0    , match=(1), action=(next;)
  table=3 (ls_in_pre_acl      ), priority=0    , match=(1), action=(next;)
  table=4 (ls_in_pre_lb       ), priority=0    , match=(1), action=(next;)
  table=5 (lr_in_arp_resolve  ), priority=100  , match=(outport == "lrp2-attachment" && reg0 == 2.0.0.2), action=(eth.dst = 00:00:00:01:00:02; next;)
  table=5 (ls_in_pre_stateful ), priority=100  , match=(reg0[0] == 1), action=(ct_next;)
  table=5 (ls_in_pre_stateful ), priority=0    , match=(1), action=(next;)
  table=6 (ls_in_acl          ), priority=0    , match=(1), action=(next;)
  table=7 (ls_in_lb           ), priority=0    , match=(1), action=(next;)
  table=8 (ls_in_stateful     ), priority=100  , match=(reg0[1] == 1), action=(ct_commit; next;)
  table=8 (ls_in_stateful     ), priority=100  , match=(reg0[2] == 1), action=(ct_lb;)
  table=8 (ls_in_stateful     ), priority=0    , match=(1), action=(next;)
  table=9 (ls_in_arp_rsp      ), priority=50   , match=(arp.tpa == 2.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:02; arp.op = 2; /* ARP reply */ arp.tha = arp.sha; arp.sha = 00:00:00:01:00:02; arp.tpa = arp.spa; arp.spa = 2.0.0.2; outport = inport; inport = ""; /* Allow sending out inport. */ output;)
  table=9 (ls_in_arp_rsp      ), priority=0    , match=(1), action=(next;)
  table=10(ls_in_l2_lkup      ), priority=100  , match=(eth.mcast), action=(outport = "_MC_flood"; output;)
  table=10(ls_in_l2_lkup      ), priority=50   , match=(eth.dst == 00:00:00:00:00:02), action=(outport = "ls2-port1"; output;)
  table=10(ls_in_l2_lkup      ), priority=50   , match=(eth.dst == 00:00:00:01:00:02), action=(outport = "lrp2-attachment"; output;)
Datapath: 876f6fd6-c948-47d1-89bd-df3c2f347590  Pipeline: egress
  table=0 (ls_out_pre_lb      ), priority=0    , match=(1), action=(next;)
  table=1 (ls_out_pre_acl     ), priority=0    , match=(1), action=(next;)
  table=2 (ls_out_pre_stateful), priority=100  , match=(reg0[0] == 1), action=(ct_next;)
  table=2 (ls_out_pre_stateful), priority=0    , match=(1), action=(next;)
  table=3 (ls_out_lb          ), priority=0    , match=(1), action=(next;)
  table=4 (ls_out_acl         ), priority=0    , match=(1), action=(next;)
  table=5 (ls_out_stateful    ), priority=100  , match=(reg0[1] == 1), action=(ct_commit; next;)
  table=5 (ls_out_stateful    ), priority=100  , match=(reg0[2] == 1), action=(ct_lb;)
  table=5 (ls_out_stateful    ), priority=0    , match=(1), action=(next;)
  table=6 (ls_out_port_sec_ip ), priority=0    , match=(1), action=(next;)
  table=7 (ls_out_port_sec_l2 ), priority=100  , match=(eth.mcast), action=(output;)
  table=7 (ls_out_port_sec_l2 ), priority=50   , match=(outport == "lrp2-attachment"), action=(output;)
  table=7 (ls_out_port_sec_l2 ), priority=50   , match=(outport == "ls2-port1" && eth.dst == {00:00:00:00:00:02}), action=(output;)
	vagrant@central:~$
	vagrant@central:~$ /vagrant/scripts/setup-ovn-cluster.sh
	Note: node unavailable: compute3
	starting ovn in compute1
	* /etc/openvswitch/conf.db does not exist
	* Creating empty database /etc/openvswitch/conf.db
	* Starting ovsdb-server
	* Configuring Open vSwitch system IDs
	* Starting ovs-vswitchd
	* Enabling remote OVSDB managers
	* Starting ovn-controller
	starting ovn in compute2
	* /etc/openvswitch/conf.db does not exist
	* Creating empty database /etc/openvswitch/conf.db
	* Starting ovsdb-server
	* Configuring Open vSwitch system IDs
	* Starting ovs-vswitchd
	* Enabling remote OVSDB managers
	* Starting ovn-controller
	starting ovn in central
	* /etc/openvswitch/conf.db does not exist
	* Creating empty database /etc/openvswitch/conf.db
	* Starting ovsdb-server
	* Configuring Open vSwitch system IDs
	* Starting ovs-vswitchd
	* Enabling remote OVSDB managers
	* Starting ovn-northd
	vagrant@central:~$ /vagrant/scripts/tutorial/l3_basic/setup.sh
	+ sudo ovn-nbctl ls-add ls1
	+ sudo ovn-nbctl ls-add ls2
	+ sudo ovn-nbctl lsp-add ls1 ls1-port1
	+ sudo ovn-nbctl lsp-add ls2 ls2-port1
	+ sudo ovn-nbctl lsp-set-addresses ls1-port1 00:00:00:00:00:01
	+ sudo ovn-nbctl lsp-set-addresses ls2-port1 00:00:00:00:00:02
	+ sudo ovn-nbctl lsp-set-port-security ls1-port1 00:00:00:00:00:01
	+ sudo ovn-nbctl lsp-set-port-security ls2-port1 00:00:00:00:00:02
	+ sudo ovn-nbctl lr-add lr0
	+ sudo ovn-nbctl lrp-add lr0 lrp1 00:00:00:01:00:01 1.0.0.2/24 peer=lrp1-attachment
	+ sudo ovn-nbctl -- lsp-add ls1 lrp1-attachment -- set Logical_Switch_Port lrp1-attachment type=router options:router-port=lrp1 'addresses="00:00:00:01:00:01 1.0.0.2"'
	+ sudo ovn-nbctl lrp-add lr0 lrp2 00:00:00:01:00:02 2.0.0.2/24 peer=lrp2-attachment
	+ sudo ovn-nbctl -- lsp-add ls2 lrp2-attachment -- set Logical_Switch_Port lrp2-attachment type=router options:router-port=lrp2 'addresses="00:00:00:01:00:02 2.0.0.2"'
	vagrant@central:~$
	vagrant@central:~$ sudo ovn-nbctl show
	switch 35e8fbf9-af03-4b51-bd0f-60425ea2f4fd (ls2)
	port lrp2-attachment
	addresses: ["00:00:00:01:00:02 2.0.0.2"]
	port ls2-port1
	addresses: ["00:00:00:00:00:02"]
	switch 46283e13-4908-48f3-b271-03e39300394c (ls1)
	port lrp1-attachment
	addresses: ["00:00:00:01:00:01 1.0.0.2"]
	port ls1-port1
	addresses: ["00:00:00:00:00:01"]
	router d755dfb1-084b-4994-9be9-fc1f809edc0d (lr0)
	port lrp1
	mac: "00:00:00:01:00:01"
	networks: ["1.0.0.2/24"]
	port lrp2
	mac: "00:00:00:01:00:02"
	networks: ["2.0.0.2/24"]
	vagrant@central:~$
	vagrant@central:~$
	vagrant@central:~$ sudo ovn-sbctl show
	Chassis "compute1"
	hostname: "compute1.ovn.dev"
	Encap geneve
	ip: "192.168.33.31"
	Chassis "compute2"
	hostname: "compute2.ovn.dev"
	Encap geneve
	ip: "192.168.33.32"
	vagrant@central:~$
	vagrant@central:~$
	vagrant@central:~$ sudo ovn-sbctl list datapath_binding ; echo '==' ; sudo ovn-sbctl lflow-list \| grep --color -E 'Datapath\|$'
	_uuid : 08bc7858-60f3-4308-bd7a-b45eeb888702
	external_ids : {logical-router="d755dfb1-084b-4994-9be9-fc1f809edc0d"}
	tunnel_key : 3

	_uuid : 235b9d45-2446-4777-ba0a-ad1d3a72ea70
	external_ids : {logical-switch="46283e13-4908-48f3-b271-03e39300394c"}
	tunnel_key : 1

	_uuid : 876f6fd6-c948-47d1-89bd-df3c2f347590
	external_ids : {logical-switch="35e8fbf9-af03-4b51-bd0f-60425ea2f4fd"}
	tunnel_key : 2
	==
	Datapath: 08bc7858-60f3-4308-bd7a-b45eeb888702 Pipeline: ingress
	table=0 (lr_in_admission ), priority=100 , match=(vlan.present \|\| eth.src[40]), action=(drop;)
	table=0 (lr_in_admission ), priority=50 , match=((eth.mcast \|\| eth.dst == 00:00:00:01:00:01) && inport == "lrp1"), action=(next;)
	table=0 (lr_in_admission ), priority=50 , match=((eth.mcast \|\| eth.dst == 00:00:00:01:00:02) && inport == "lrp2"), action=(next;)
	table=1 (lr_in_ip_input ), priority=100 , match=(ip4.mcast \|\| ip4.src == 255.255.255.255 \|\| ip4.src == 127.0.0.0/8 \|\| ip4.dst == 127.0.0.0/8 \|\| ip4.src == 0.0.0.0/8 \|\| ip4.dst == 0.0.0.0/8), action=(drop;)
	table=1 (lr_in_ip_input ), priority=100 , match=(ip4.src == {1.0.0.2, 1.0.0.255}), action=(drop;)
	table=1 (lr_in_ip_input ), priority=100 , match=(ip4.src == {2.0.0.2, 2.0.0.255}), action=(drop;)
	table=1 (lr_in_ip_input ), priority=90 , match=(arp.op == 2), action=(put_arp(inport, arp.spa, arp.sha);)
	table=1 (lr_in_ip_input ), priority=90 , match=(inport == "lrp1" && arp.tpa == 1.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:01; arp.op = 2; /* ARP reply / arp.tha = arp.sha; arp.sha = 00:00:00:01:00:01; arp.tpa = arp.spa; arp.spa = 1.0.0.2; outport = "lrp1"; inport = ""; / Allow sending out inport. */ output;)
	table=1 (lr_in_ip_input ), priority=90 , match=(inport == "lrp2" && arp.tpa == 2.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:02; arp.op = 2; /* ARP reply / arp.tha = arp.sha; arp.sha = 00:00:00:01:00:02; arp.tpa = arp.spa; arp.spa = 2.0.0.2; outport = "lrp2"; inport = ""; / Allow sending out inport. */ output;)
	table=1 (lr_in_ip_input ), priority=90 , match=(ip4.dst == 1.0.0.2 && icmp4.type == 8 && icmp4.code == 0), action=(ip4.dst <-> ip4.src; ip.ttl = 255; icmp4.type = 0; inport = ""; /* Allow sending out inport. */ next; )
	table=1 (lr_in_ip_input ), priority=90 , match=(ip4.dst == 2.0.0.2 && icmp4.type == 8 && icmp4.code == 0), action=(ip4.dst <-> ip4.src; ip.ttl = 255; icmp4.type = 0; inport = ""; /* Allow sending out inport. */ next; )
	table=1 (lr_in_ip_input ), priority=60 , match=(ip4.dst == {1.0.0.2}), action=(drop;)
	table=1 (lr_in_ip_input ), priority=60 , match=(ip4.dst == {2.0.0.2}), action=(drop;)
	table=1 (lr_in_ip_input ), priority=50 , match=(eth.bcast), action=(drop;)
	table=1 (lr_in_ip_input ), priority=30 , match=(ip4 && ip.ttl == {0, 1}), action=(drop;)
	table=1 (lr_in_ip_input ), priority=0 , match=(1), action=(next;)
	table=2 (lr_in_unsnat ), priority=0 , match=(1), action=(next;)
	table=3 (lr_in_dnat ), priority=0 , match=(1), action=(next;)
	table=4 (lr_in_ip_routing ), priority=24 , match=(ip4.dst == 1.0.0.0/24), action=(ip.ttl--; reg0 = ip4.dst; reg1 = 1.0.0.2; eth.src = 00:00:00:01:00:01; outport = "lrp1"; inport = ""; /* Allow sending out inport. */ next;)
	table=4 (lr_in_ip_routing ), priority=24 , match=(ip4.dst == 2.0.0.0/24), action=(ip.ttl--; reg0 = ip4.dst; reg1 = 2.0.0.2; eth.src = 00:00:00:01:00:02; outport = "lrp2"; inport = ""; /* Allow sending out inport. */ next;)
	table=5 (lr_in_arp_resolve ), priority=0 , match=(1), action=(get_arp(outport, reg0); next;)
	table=6 (lr_in_arp_request ), priority=100 , match=(eth.dst == 00:00:00:00:00:00), action=(arp { eth.dst = ff:ff:ff:ff:ff:ff; arp.spa = reg1; arp.op = 1; output; };)
	table=6 (lr_in_arp_request ), priority=0 , match=(1), action=(output;)
	Datapath: 08bc7858-60f3-4308-bd7a-b45eeb888702 Pipeline: egress
	table=0 (lr_out_snat ), priority=0 , match=(1), action=(next;)
	table=1 (lr_out_delivery ), priority=100 , match=(outport == "lrp1"), action=(output;)
	table=1 (lr_out_delivery ), priority=100 , match=(outport == "lrp2"), action=(output;)
	Datapath: 235b9d45-2446-4777-ba0a-ad1d3a72ea70 Pipeline: ingress
	table=0 (ls_in_port_sec_l2 ), priority=100 , match=(eth.src[40]), action=(drop;)
	table=0 (ls_in_port_sec_l2 ), priority=100 , match=(vlan.present), action=(drop;)
	table=0 (ls_in_port_sec_l2 ), priority=50 , match=(inport == "lrp1-attachment"), action=(next;)
	table=0 (ls_in_port_sec_l2 ), priority=50 , match=(inport == "ls1-port1" && eth.src == {00:00:00:00:00:01}), action=(next;)
	table=1 (ls_in_port_sec_ip ), priority=0 , match=(1), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=90 , match=(inport == "ls1-port1" && eth.src == 00:00:00:00:00:01 && arp.sha == 00:00:00:00:00:01), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=90 , match=(inport == "ls1-port1" && eth.src == 00:00:00:00:00:01 && ip6 && nd && ((nd.sll == 00:00:00:00:00:00 \|\| nd.sll == 00:00:00:00:00:01) \|\| ((nd.tll == 00:00:00:00:00:00 \|\| nd.tll == 00:00:00:00:00:01)))), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=80 , match=(inport == "ls1-port1" && (arp \|\| nd)), action=(drop;)
	table=2 (ls_in_port_sec_nd ), priority=0 , match=(1), action=(next;)
	table=3 (ls_in_pre_acl ), priority=0 , match=(1), action=(next;)
	table=4 (ls_in_pre_lb ), priority=0 , match=(1), action=(next;)
	table=5 (lr_in_arp_resolve ), priority=100 , match=(outport == "lrp1-attachment" && reg0 == 1.0.0.2), action=(eth.dst = 00:00:00:01:00:01; next;)
	table=5 (ls_in_pre_stateful ), priority=100 , match=(reg0[0] == 1), action=(ct_next;)
	table=5 (ls_in_pre_stateful ), priority=0 , match=(1), action=(next;)
	table=6 (ls_in_acl ), priority=0 , match=(1), action=(next;)
	table=7 (ls_in_lb ), priority=0 , match=(1), action=(next;)
	table=8 (ls_in_stateful ), priority=100 , match=(reg0[1] == 1), action=(ct_commit; next;)
	table=8 (ls_in_stateful ), priority=100 , match=(reg0[2] == 1), action=(ct_lb;)
	table=8 (ls_in_stateful ), priority=0 , match=(1), action=(next;)
	table=9 (ls_in_arp_rsp ), priority=50 , match=(arp.tpa == 1.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:01; arp.op = 2; /* ARP reply / arp.tha = arp.sha; arp.sha = 00:00:00:01:00:01; arp.tpa = arp.spa; arp.spa = 1.0.0.2; outport = inport; inport = ""; / Allow sending out inport. */ output;)
	table=9 (ls_in_arp_rsp ), priority=0 , match=(1), action=(next;)
	table=10(ls_in_l2_lkup ), priority=100 , match=(eth.mcast), action=(outport = "_MC_flood"; output;)
	table=10(ls_in_l2_lkup ), priority=50 , match=(eth.dst == 00:00:00:00:00:01), action=(outport = "ls1-port1"; output;)
	table=10(ls_in_l2_lkup ), priority=50 , match=(eth.dst == 00:00:00:01:00:01), action=(outport = "lrp1-attachment"; output;)
	Datapath: 235b9d45-2446-4777-ba0a-ad1d3a72ea70 Pipeline: egress
	table=0 (ls_out_pre_lb ), priority=0 , match=(1), action=(next;)
	table=1 (ls_out_pre_acl ), priority=0 , match=(1), action=(next;)
	table=2 (ls_out_pre_stateful), priority=100 , match=(reg0[0] == 1), action=(ct_next;)
	table=2 (ls_out_pre_stateful), priority=0 , match=(1), action=(next;)
	table=3 (ls_out_lb ), priority=0 , match=(1), action=(next;)
	table=4 (ls_out_acl ), priority=0 , match=(1), action=(next;)
	table=5 (ls_out_stateful ), priority=100 , match=(reg0[1] == 1), action=(ct_commit; next;)
	table=5 (ls_out_stateful ), priority=100 , match=(reg0[2] == 1), action=(ct_lb;)
	table=5 (ls_out_stateful ), priority=0 , match=(1), action=(next;)
	table=6 (ls_out_port_sec_ip ), priority=0 , match=(1), action=(next;)
	table=7 (ls_out_port_sec_l2 ), priority=100 , match=(eth.mcast), action=(output;)
	table=7 (ls_out_port_sec_l2 ), priority=50 , match=(outport == "lrp1-attachment"), action=(output;)
	table=7 (ls_out_port_sec_l2 ), priority=50 , match=(outport == "ls1-port1" && eth.dst == {00:00:00:00:00:01}), action=(output;)
	Datapath: 876f6fd6-c948-47d1-89bd-df3c2f347590 Pipeline: ingress
	table=0 (ls_in_port_sec_l2 ), priority=100 , match=(eth.src[40]), action=(drop;)
	table=0 (ls_in_port_sec_l2 ), priority=100 , match=(vlan.present), action=(drop;)
	table=0 (ls_in_port_sec_l2 ), priority=50 , match=(inport == "lrp2-attachment"), action=(next;)
	table=0 (ls_in_port_sec_l2 ), priority=50 , match=(inport == "ls2-port1" && eth.src == {00:00:00:00:00:02}), action=(next;)
	table=1 (ls_in_port_sec_ip ), priority=0 , match=(1), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=90 , match=(inport == "ls2-port1" && eth.src == 00:00:00:00:00:02 && arp.sha == 00:00:00:00:00:02), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=90 , match=(inport == "ls2-port1" && eth.src == 00:00:00:00:00:02 && ip6 && nd && ((nd.sll == 00:00:00:00:00:00 \|\| nd.sll == 00:00:00:00:00:02) \|\| ((nd.tll == 00:00:00:00:00:00 \|\| nd.tll == 00:00:00:00:00:02)))), action=(next;)
	table=2 (ls_in_port_sec_nd ), priority=80 , match=(inport == "ls2-port1" && (arp \|\| nd)), action=(drop;)
	table=2 (ls_in_port_sec_nd ), priority=0 , match=(1), action=(next;)
	table=3 (ls_in_pre_acl ), priority=0 , match=(1), action=(next;)
	table=4 (ls_in_pre_lb ), priority=0 , match=(1), action=(next;)
	table=5 (lr_in_arp_resolve ), priority=100 , match=(outport == "lrp2-attachment" && reg0 == 2.0.0.2), action=(eth.dst = 00:00:00:01:00:02; next;)
	table=5 (ls_in_pre_stateful ), priority=100 , match=(reg0[0] == 1), action=(ct_next;)
	table=5 (ls_in_pre_stateful ), priority=0 , match=(1), action=(next;)
	table=6 (ls_in_acl ), priority=0 , match=(1), action=(next;)
	table=7 (ls_in_lb ), priority=0 , match=(1), action=(next;)
	table=8 (ls_in_stateful ), priority=100 , match=(reg0[1] == 1), action=(ct_commit; next;)
	table=8 (ls_in_stateful ), priority=100 , match=(reg0[2] == 1), action=(ct_lb;)
	table=8 (ls_in_stateful ), priority=0 , match=(1), action=(next;)
	table=9 (ls_in_arp_rsp ), priority=50 , match=(arp.tpa == 2.0.0.2 && arp.op == 1), action=(eth.dst = eth.src; eth.src = 00:00:00:01:00:02; arp.op = 2; /* ARP reply / arp.tha = arp.sha; arp.sha = 00:00:00:01:00:02; arp.tpa = arp.spa; arp.spa = 2.0.0.2; outport = inport; inport = ""; / Allow sending out inport. */ output;)
	table=9 (ls_in_arp_rsp ), priority=0 , match=(1), action=(next;)
	table=10(ls_in_l2_lkup ), priority=100 , match=(eth.mcast), action=(outport = "_MC_flood"; output;)
	table=10(ls_in_l2_lkup ), priority=50 , match=(eth.dst == 00:00:00:00:00:02), action=(outport = "ls2-port1"; output;)
	table=10(ls_in_l2_lkup ), priority=50 , match=(eth.dst == 00:00:00:01:00:02), action=(outport = "lrp2-attachment"; output;)
	Datapath: 876f6fd6-c948-47d1-89bd-df3c2f347590 Pipeline: egress
	table=0 (ls_out_pre_lb ), priority=0 , match=(1), action=(next;)
	table=1 (ls_out_pre_acl ), priority=0 , match=(1), action=(next;)
	table=2 (ls_out_pre_stateful), priority=100 , match=(reg0[0] == 1), action=(ct_next;)
	table=2 (ls_out_pre_stateful), priority=0 , match=(1), action=(next;)
	table=3 (ls_out_lb ), priority=0 , match=(1), action=(next;)
	table=4 (ls_out_acl ), priority=0 , match=(1), action=(next;)
	table=5 (ls_out_stateful ), priority=100 , match=(reg0[1] == 1), action=(ct_commit; next;)
	table=5 (ls_out_stateful ), priority=100 , match=(reg0[2] == 1), action=(ct_lb;)
	table=5 (ls_out_stateful ), priority=0 , match=(1), action=(next;)
	table=6 (ls_out_port_sec_ip ), priority=0 , match=(1), action=(next;)
	table=7 (ls_out_port_sec_l2 ), priority=100 , match=(eth.mcast), action=(output;)
	table=7 (ls_out_port_sec_l2 ), priority=50 , match=(outport == "lrp2-attachment"), action=(output;)
	table=7 (ls_out_port_sec_l2 ), priority=50 , match=(outport == "ls2-port1" && eth.dst == {00:00:00:00:00:02}), action=(output;)