实验2:Open vSwitch虚拟交换机实践
基本要求
1.创建OVS交换机并配置
输入命令创建OVS
sudo ovs-vsctl add-br ovs-switch026
sudo ovs-vsctl add-port ovs-switch026 p0
sudo ovs-vsctl set Interface p0 ofport_request=100 type=internal
sudo ovs-vsctl add-port ovs-switch026 p1
sudo ovs-vsctl set Interface p1 ofport_request=101 type=internal
# 查询相关信息
sudo ethtool -i p0
sudo ethtool -i p1
# 配置虚拟网络空间
sudo ip netns add ns0
sudo ip link set p0 netns ns0
sudo ip netns exec ns0 ip addr add 192.168.0.100/24 dev p0
sudo ip netns exec ns0 ifconfig p0 promisc up
sudo ip netns add ns1
sudo ip link set p1 netns ns1
sudo ip netns exec ns1 ip addr add 192.168.0.101/24 dev p1
sudo ip netns exec ns1 ifconfig p1 promisc up
# 测试ping
sudo ip netns exec ns0 ping 192.168.0.101
# 查看
sudo ovs-vsctl show
输入sudo ovs-vsctl show
查看网络状态
测试p0和p1的连通性,因为p0的ip为192.168.0.100
,p1的ip为192.168.0.101
,所以输入命令测试连通:
sudo ip netns exec ns0 ping 192.168.0.101
观察到成功联通:
2.搭建拓扑
使用Mininet搭建的SDN拓扑,如下图所示,要求支持OpenFlow 1.3协议,主机名、交换机名以及端口对应正确。
打开Miniedit可视化工具
# 在lab2目录下
sudo ./../mininet/examples/miniedit.py
放置拓扑
设置协议为1.3
将其保存成py文件
修改其中代码:
net.addLink(h1, s1, 1, 1)
net.addLink(h2, s1, 1, 2)
net.addLink(h3, s2, 1, 1)
net.addLink(h4, s2, 1, 2)
net.addLink(s1, s2, 3, 3)
执行命令运行
sudo python topo.py
完成任务
3.下发流表
通过命令行终端输入“ovs-ofctl”命令,直接在s1和s2上添加流表,划分出所要求的VLAN。
使用ovs-ofctl下发流表,配置vlan
# 将主机1,2发送来的包打上vlan标记
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096->vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097->vlan_vid,output:3
# 将主机3,4发送来的包取出vlan标记
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=0,actions=pop_vlan,output:1
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=1,actions=pop_vlan,output:2
# 将主机3,4发送来的包打上vlan标记
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096->vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097->vlan_vid,output:3
# 将主机1,2发送来的包取出vlan标记
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,dl_vlan=0,actions=pop_vlan,output:1
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,dl_vlan=1,actions=pop_vlan,output:2
4.测试网络
主机连通性要求:
- h1 – h3互通
- h2 – h4互通
- 其余主机不通
执行pingall
符合要求,输入命令查看所下发的流表
sudo ovs-ofctl -O OpenFlow13 dump-flows s1
sudo ovs-ofctl -O OpenFlow13 dump-flows s2
如图所示
利用wireshark抓包,抓取s1上的3端口,查看经过的包是否有vlan标记
在mininet命令行界面中执行h1 ping h3
在wireshark中看到vlan标记vlan标记为0
同样执行h2 ping h4
,抓包可以看到vlan标记为1
进阶要求
阅读SDNLAB实验使用Mininet,编写Python代码,生成(一)中的SDN拓扑,并在代码中直接使用OVS命令,做到可以直接运行Python程序完成和(一)相同的VLAN划分。
编写代码VlanOVS.py
from mininet.net import Mininet
from mininet.node import Node
from mininet.link import TCLink, Link
from mininet.log import setLogLevel, info
def myNet():
"Create network from scratch using Open vSwitch."
info( "*** Creating nodes
" )
switch1 = Node( 's1', inNamespace=False )
switch2 = Node( 's2', inNamespace=False )
h1 = Node( 'h1' )
h2 = Node( 'h2' )
h3 = Node( 'h3' )
h4 = Node( 'h4' )
info( "*** Creating links
" )
Link( h1, switch1 )
Link( h2, switch1 )
Link( h3, switch2 )
Link( h4, switch2 )
Link( switch1, switch2 )
info( "*** Configuring hosts
" )
h1.setIP( '192.168.123.1/24' )
h2.setIP( '192.168.123.2/24' )
h3.setIP( '192.168.123.3/24' )
h4.setIP( '192.168.123.4/24' )
info( str( h1 ) + '
' )
info( str( h2 ) + '
' )
info( str( h3 ) + '
' )
info( str( h4 ) + '
' )
info( "*** Starting network using Open vSwitch
" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.cmd( 'ovs-vsctl add-br dp0' )
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.cmd( 'ovs-vsctl add-br dp1' )
for intf in switch1.intfs.values():
print(intf)
print(switch1.cmd( 'ovs-vsctl add-port dp0 %s' % intf ))
for intf in switch2.intfs.values():
print(intf)
print(switch2.cmd( 'ovs-vsctl add-port dp1 %s' % intf ))
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096->vlan_vid,output:3' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097->vlan_vid,output:3' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=0,actions=pop_vlan,output=1' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=1,actions=pop_vlan,output=2' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096->vlan_vid,output:3' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097->vlan_vid,output:3' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=0,actions=pop_vlan,output=1' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=1,actions=pop_vlan,output=2' )
info( "*** Running test
" )
info( "
h1 ping h2
" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h2.IP() )
info( "
h1 ping h3
" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h3.IP() )
info( "
h1 ping h4
" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "
h2 ping h3
" )
h2.cmdPrint( 'ping -Q 0x30 -c 3 ' + h3.IP() )
info( "
h2 ping h4
" )
h2.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "
h3 ping h4
" )
h3.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "*** print the table
" )
info( switch1.cmd( 'ovs-ofctl dump-flows dp0 -O OpenFlow13' ) )
info( switch2.cmd( 'ovs-ofctl dump-flows dp1 -O OpenFlow13' ) )
info( "*** Stopping network
" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.deleteIntfs()
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.deleteIntfs()
info( '
' )
if __name__ == '__main__':
setLogLevel( 'info' )
info( '*** Scratch network demo (kernel datapath)
' )
Mininet.init()
myNet()
观察结果:
总结
这次实验没有遇到什么困难,唯一的困惑在于:在创建OVS交换机端口是出现报错,但是并不影响之后实验。对此并不是很理解,上网找不到相关的信息,之后的实验参考老师的pdf和参考链接,进行了实验。第一次体验了vlan的作用,感觉比较神奇,通过vlan将网络划分成不同的域,各个域之间才可以进行通信。在之后的进阶要求中,通过对链接中的代码进行修改实现了功能,而没有去领悟其中函数调用的作用,之后将研究一下这种新的写法,具体是怎样操作OVS,以及下发流表。