I have a system with arch linux running OVS. I also have a controller running in the same box. I have the following setup:-
ovs-vsctl set-controller br-int tcp:192.168.1.201:6633
I was hoping to use tshark( tshark 2.2.8) to capture the openflow using the following command:-
sudo tshark -i br-int -d tcp.port==6633,openflow -O openflow_v4
it dumps all the all the flows that is flowing in the system but no packetIn openflow messages. I did confirm packetIn message was received by the controller. ( pasting the last few lines:-)
EVENT ofp_event->EventOFPPacketIn
packet in 1237689849893337 b8:27:xx:xx:yy:yy:zz ff:ff:ff:ff:ff:ff:3
I also understand from the tshark document that by default it uses the port 6653 for openflow.
tshark -G decodes | grep -i openflow
tcp.port 6653 openflow
However I was in the impression that I can still look for openflow traffic by using the following capture command:-
https://wiki.wireshark.org/OpenFlow
tshark tcp port 6633
This also doesn't work as no events are captured though I can see the controller receiving lots of events..
would greatly appreciate any help here.
My guess would be that you're not listening on the correct interface. Try the following:
sudo tshark -i any -d tcp.port==6633,openflow -O openflow_v4
If that doesn't work, it's possible your controller and switch are not communicating using OpenFlow 1.3. To make sure you see everything, try:
sudo tshark -i any -d tcp.port==6633
Details. Unless there's something particular in your setup, packets from Open vSwitch to the controller and back do not go through the bridge. Since both ends of the communication are on the same host, packets are probably going through the loopback interface:
sudo tshark -i lo -d tcp.port==6633
I was able to reproduce your setup and issue to confirm my answer with Open vSwitch 2.5.2 and Floodlight (master branch). I can see packets passing through on the loopback interface with both tcpdump and tshark.