ovs-vsctl add-br arp_sw ip netns add ns2 ip link add tap0 type veth peer name tap0_br ip link set tap0 netns ns2 ip netns exec ns2 ip link set tap0 up ip netns exec ns2 ip link set lo up ip link set tap0_br up ip netns exec ns2 ip addr add 192.168.2.210/24 dev tap0 ip netns exec ns2 route add -net 192.168.2.0 netmask 255.255.255.0 dev tap0 ovs-vsctl add-port arp_sw tap0_br
## ovs-ofctl del-flows arp_sw table=0,in_port=1,arp,arp_tpa=10.0.0.1,arp_op=1
[root@kunpeng82 devuser]# ip netns exec ns2 ping 10.0.0.1 connect: Network is unreachable [root@kunpeng82 devuser]# ip netns exec ns2 ip n
[root@kunpeng82 devuser]# ovs-ofctl dump-flows arp_sw cookie=0x0, duration=679.979s, table=0, n_packets=4, n_bytes=280, priority=0 actions=NORMAL [root@kunpeng82 devuser]#
[root@kunpeng82 devuser]# ip netns exec ns2 route -n Kernel IP routing table Destination Gateway Genmask Flags Metric Ref Use Iface 0.0.0.0 0.0.0.0 0.0.0.0 U 0 0 0 tap0 192.168.2.0 0.0.0.0 255.255.255.0 U 0 0 0 tap0 添加arp reply
[root@kunpeng82 devuser]# ovs-ofctl add-flow arp_sw table=0,in_port=1,arp,arp_tpa=10.0.0.1,arp_op=1,actions=move:"NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[]",mod_dl_src:"02:ac:10:ff:01:01",load:"0x02->NXM_OF_ARP_OP[]",move:"NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[]",load:"0x02ac10ff0101->NXM_NX_ARP_SHA[]",move:"NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[]",load:"0x0a000001->NXM_OF_ARP_SPA[]",in_port [root@kunpeng82 devuser]# ip netns exec ns2 ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. ^C --- 10.0.0.1 ping statistics --- 2 packets transmitted, 0 received, 100% packet loss, time 1028ms [root@kunpeng82 devuser]# ip netns exec ns2 ip n 10.0.0.1 dev tap0 lladdr 02:ac:10:ff:01:01 REACHABLE [root@kunpeng82 devuser]#
添加icmp reply
ovs-ofctl add-flow arp_sw table=0,in_port=1,arp,arp_tpa=10.0.0.1,arp_op=1,actions=move:"NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[]",mod_dl_src:"02:ac:10:ff:01:01",load:"0x02->NXM_OF_ARP_OP[]",move:"NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[]",load:"0x02ac10ff0101->NXM_NX_ARP_SHA[]",move:"NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[]",load:"0x0a000001->NXM_OF_ARP_SPA[]",in_port ovs-ofctl add-flow arp_sw table=0,in_port=1,icmp,nw_dst=10.0.0.1,icmp_type=8,icmp_code=0,actions=push:"NXM_OF_ETH_SRC[]",push:"NXM_OF_ETH_DST[]",pop:"NXM_OF_ETH_SRC[]",pop:"NXM_OF_ETH_DST[]",push:"NXM_OF_IP_SRC[]",push:"NXM_OF_IP_DST[]",pop:"NXM_OF_IP_SRC[]",pop:"NXM_OF_IP_DST[]",load:"0xff->NXM_NX_IP_TTL[]",load:"0->NXM_OF_ICMP_TYPE[]",in_port [root@kunpeng82 devuser]# ovs-ofctl add-flow arp_sw table=0,in_port=1,icmp,nw_dst=10.0.0.1,icmp_type=8,icmp_code=0,actions=push:"NXM_OF_ETH_SRC[]",push:"NXM_OF_ETH_DST[]",pop:"NXM_OF_ETH_SRC[]",pop:"NXM_OF_ETH_DST[]",push:"NXM_OF_IP_SRC[]",push:"NXM_OF_IP_DST[]",pop:"NXM_OF_IP_SRC[]",pop:"NXM_OF_IP_DST[]",load:"0xff->NXM_NX_IP_TTL[]",load:"0->NXM_OF_ICMP_TYPE[]",in_port [root@kunpeng82 devuser]# ip netns exec ns2 ping 10.0.0.1 PING 10.0.0.1 (10.0.0.1) 56(84) bytes of data. 64 bytes from 10.0.0.1: icmp_seq=1 ttl=255 time=0.187 ms 64 bytes from 10.0.0.1: icmp_seq=2 ttl=255 time=0.088 ms ^C --- 10.0.0.1 ping statistics --- 2 packets transmitted, 2 received, 0% packet loss, time 1068ms rtt min/avg/max/mdev = 0.088/0.137/0.187/0.050 ms