ovn（一）

[root@kunpeng82 ovn]# ovn-nbctl ls-add dmz
[root@kunpeng82 ovn]# ovn-nbctl ls-del dmz
[root@kunpeng82 ovn]# ovn-nbctl show
[root@kunpeng82 ovn]# ovn-nbctl ls-add dmz
[root@kunpeng82 ovn]# ovn-nbctl show
switch 6ec318d1-fa29-4381-a42f-8a537bb7eecd (dmz)
[root@kunpeng82 ovn]# 

vm1mac=02:d4:1d:8c:d9:8f
vm2mac=02:d4:1d:8c:d9:8e

vm1ip=172.16.255.11
vm2ip=172.16.255.22
vm1mac=02:d4:1d:8c:d9:8f
vm2mac=02:d4:1d:8c:d9:8e

vm1ip=172.16.255.11
vm2ip=172.16.255.22
### Central节点
ovn-nbctl ls-add ls1

ovn-nbctl lsp-add ls1 ls1-vm1
ovn-nbctl lsp-set-addresses ls1-vm1 $vm1mac
ovn-nbctl lsp-set-port-security ls1-vm1 $vm1mac

ovn-nbctl lsp-add ls1 ls1-vm2
ovn-nbctl lsp-set-addresses ls1-vm2 $vm2mac
ovn-nbctl lsp-set-port-security ls1-vm2 $vm2mac

##central节点 
ovs-vsctl add-br br-int
ip netns add vm1
ovs-vsctl add-port br-int vm1 -- set interface vm1 type=internal
ip link set vm1 netns vm1
ip netns exec vm1 ip link set vm1 address $vm1mac
ip netns exec vm1 ip addr add $vm1ip/24 dev vm1
ip netns exec vm1 ip link set vm1 up
ovs-vsctl set Interface vm1 external_ids:iface-id=ls1-vm1
ip netns exec vm1 ip addr show

### Node节点
ip netns add vm2
ovs-vsctl add-port br-int vm2 -- set interface vm2 type=internal
ip link set vm2 netns vm2
ip netns exec vm2 ip link set vm2 address $vm2mac
ip netns exec vm2 ip addr add $vm2ip/24 dev vm2
ip netns exec vm2 ip link set vm2 up
ovs-vsctl set Interface vm2 external_ids:iface-id=ls1-vm2
ip netns exec vm2 ip addr show
[root@kunpeng82 evn1]# ovn-nbctl show
switch 6ec318d1-fa29-4381-a42f-8a537bb7eecd (dmz)
switch f5ea2a93-af3d-4bb4-b563-f8ead3feb47a (ls1)
    port ls1-vm2
        addresses: ["02:d4:1d:8c:d9:8e"]
    port ls1-vm1
        addresses: ["02:d4:1d:8c:d9:8f"]

[root@kunpeng82 evn1]# ip netns exec vm2 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
21: vm2: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 02:d4:1d:8c:d9:8e brd ff:ff:ff:ff:ff:ff
    inet 172.16.255.22/24 scope global vm2
       valid_lft forever preferred_lft forever
    inet6 fe80::d4:1dff:fe8c:d98e/64 scope link 
       valid_lft forever preferred_lft forever
[root@kunpeng82 evn1]# ip netns exec vm1 ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
20: vm1: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UNKNOWN group default qlen 1000
    link/ether 02:d4:1d:8c:d9:8f brd ff:ff:ff:ff:ff:ff
    inet 172.16.255.11/24 scope global vm1
       valid_lft forever preferred_lft forever
    inet6 fe80::d4:1dff:fe8c:d98f/64 scope link 
       valid_lft forever preferred_lft forever
[root@kunpeng82 evn1]# 

[root@kunpeng82 evn1]# ip netns exec vm2 ping 172.16.255.11
PING 172.16.255.11 (172.16.255.11) 56(84) bytes of data.
64 bytes from 172.16.255.11: icmp_seq=1 ttl=64 time=0.270 ms
64 bytes from 172.16.255.11: icmp_seq=2 ttl=64 time=0.041 ms
64 bytes from 172.16.255.11: icmp_seq=3 ttl=64 time=0.017 ms
64 bytes from 172.16.255.11: icmp_seq=4 ttl=64 time=0.015 ms
^C
--- 172.16.255.11 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3107ms
rtt min/avg/max/mdev = 0.015/0.085/0.270/0.107 ms
[root@kunpeng82 evn1]# 

[root@kunpeng82 evn1]# ovn-trace --detailed ls1 'inport == "ls1-vm2" && eth.src == 02:d4:1d:8c:d9:8e && eth.dst == 02:d4:1d:8c:d9:9f'

# reg10=0x2d4,reg11=0x1d8cd98e,reg12=0x2,reg14=0x2d4,reg15=0x1d8cd99f,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000

ingress(dp="ls1", inport="(unnamed)")
-------------------------------------
 0. ls_in_port_sec_l2 (ovn-northd.c:4585): inport == "ls1-vm2" && eth.src == {02:d4:1d:8c:d9:8e}, priority 50, uuid 8297e1fa
    next;
19. ls_in_l2_lkup: no match (implicit drop)

[root@kunpeng82 evn1]# ovn-trace --minimal ls1 'inport == "ls1-vm2" && eth.src == 02:d4:1d:8c:d9:8e && eth.dst == 02:d4:1d:8c:d9:9f'   ==两边只能有一个空格    

2020-05-18T20:08:58Z|00159|ovntrace|WARN|ip.ttl--; reg8[0..15] = 0; reg0 = 192.168.0.1; reg1 = 192.168.0.2; eth.src = 02:d4:1d:8c:d9:af; outport = "tenant1-transit"; flags.loopback = 1; next;: parsing actions failed (Syntax error at `reg0' expecting field name.)
2020-05-18T20:08:58Z|00160|ovntrace|WARN|nd_na: parsing expression failed (Syntax error at `nd_na' expecting field name.)
# reg10=0x2d4,reg11=0x1d8cd98e,reg12=0x2,reg14=0x2d4,reg15=0x1d8cd99f,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000

ovn-trace --minimal ls1 'inport == "ls1-vm2" && eth.src == 02:d4:1d:8c:d9:8e && eth.dst == 02:d4:1d:8c:d9:9f  && ip4.src==172.16.254.11 && ip4.dst==172.16.254.1 && ip.ttl==32'