iptables on Mininet OVS

Question

I want running iptables on Mininet OVS.

I do this

1. 'xterm s1'
2. 'iptables -A INPUT(or FOWARD or OUTPUT) -i s1-eth1 -j DROP' on s1 terminal.

But it is not work.

When I use iptables on Mininet Host, it is work.

How can I running iptables or different packet filter?

please teach me.

Answer 1

You could not use iptables to do packet filter, because OpenvSwitch hooked network device.

All of the packets will through to OpenvSwitch datapath (OpenvSwitch kernel module).

If you want to filter packet in OpenvSwitch, please set flow entry to control your flow tables.