Open vswitch (mini how-to)
Версия от 08:48, 4 декабря 2014; Moiseevvi (обсуждение | вклад)
OVS на ubuntu 12.04
В системе присутствует два сетевых адаптера eth1 и eth2.
sudo ovs-vsctl add-br br1
sudo ovs-vsctl add-port br1 eth1
sudo ovs-vsctl add-port br1 eth2
OVS начнет бриджевать трафик между двумя портами.
Посмтореть data plane записи позволяет такая утилита
sudo ovs-dpctl dump-flows br1
269 sudo ovs-ofctl add-flow br1 "arp actions=NORMAL"
270 sudo ovs-ofctl add-flow br1 "ip actions=NORMAL"
274 sudo ovs-ofctl dump-flows br1
282 sudo ovs-ofctl del-flows br1 "ip"
283 sudo ovs-ofctl dump-flows br1
284 sudo ovs-ofctl add-flow br1 "ip tcp tp_src=22 action=normal"
285 sudo ovs-ofctl add-flow br1 "ip tcp tp_dst=22 action=normal"
293 sudo ovs-ofctl add-flow br1 "icmp action=normal"
sudo ovs-ofctl show br1
OFPT_FEATURES_REPLY (xid=0x1): ver:0x1, dpid:0000005056bf0e5e
n_tables:255, n_buffers:256
features: capabilities:0xc7, actions:0xfff
3(eth1): addr:00:50:56:bf:0e:5e
config: 0
state: 0
current: 1GB-FD COPPER AUTO_NEG
advertised: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG
supported: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG
4(eth2): addr:00:50:56:bf:46:86
config: 0
state: 0
current: 1GB-FD COPPER AUTO_NEG
advertised: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG
supported: 10MB-HD 10MB-FD 100MB-HD 100MB-FD 1GB-FD COPPER AUTO_NEG
LOCAL(br1): addr:00:50:56:bf:0e:5e
config: PORT_DOWN
state: LINK_DOWN
OFPT_GET_CONFIG_REPLY (xid=0x3): frags=normal miss_send_len=0
sudo ovs-ofctl del-flows br1
sudo ovs-ofctl add-flow br1 "in_port=3 action=output:4"
sudo ovs-ofctl add-flow br1 "in_port=4 action=output:3"
sudo ovs-ofctl dump-flows br1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=23.098s, table=0, n_packets=14, n_bytes=1296, in_port=3 actions=output:4
cookie=0x0, duration=12.887s, table=0, n_packets=14, n_bytes=1296, in_port=4 actions=output:3
http://blog.scottlowe.org/2012/10/04/some-insight-into-open-vswitch-configuration/
VLAN rewrite
OVS cannot output packet on port it was received from.
port 12 - Trunk
port 15 - Trunk
VLAN rewrite 185<>568 (port 12<>15)
system@br1:
lookups: hit:215846 missed:19069 lost:0
flows: 2
port 0: br1 (internal)
port 12: eth1
port 15: eth2
in_port(15),eth(src=00:50:56:bf:5b:26,dst=00:50:56:bf:07:c3),eth_type(0x8100),vlan(vid=568,pcp=0),encap(eth_type(0x0800),ipv4(src=10.15.1.102,dst=10.15.1.103,proto=1,tos=0,ttl=64,frag=no),icmp(type=8,code=0)), packets:516, bytes:50568, used:0.056s, actions:pop_vlan,push_vlan(vid=185,pcp=0),12
in_port(12),eth(src=00:50:56:bf:07:c3,dst=00:50:56:bf:5b:26),eth_type(0x8100),vlan(vid=185,pcp=0),encap(eth_type(0x0800),ipv4(src=10.15.1.103,dst=10.15.1.102,proto=1,tos=0,ttl=64,frag=no),icmp(type=0,code=0)), packets:516, bytes:50568, used:0.056s, actions:pop_vlan,push_vlan(vid=568,pcp=0),15
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=530.644s, table=0, n_packets=724, n_bytes=70122, in_port=12,dl_vlan=185 actions=mod_vlan_vid:568,output:15
cookie=0x0, duration=516.862s, table=0, n_packets=710, n_bytes=69282, in_port=15,dl_vlan=568 actions=mod_vlan_vid:185,output:12