1. 实验拓扑
2. 创建拓扑
from mininet.topo import Topo
class MyTopo(Topo):
def __init__(self):
# initilaize topology
Topo.__init__(self)
# add hosts and switches
h1 = self.addHost('h1')
h2 = self.addHost('h2')
h3 = self.addHost('h3')
s1 = self.addSwitch('s1')
# add links
self.addLink(h1, s1, 1, 1)
self.addLink(h2, s1, 1, 2)
self.addLink(h3, s1, 1, 3)
topos = {'mytopo': (lambda: MyTopo())}
- 注意:如果OpenDayLight此前已经创建过拓扑,那么最好在DLUX界面中将相应交换机的流表清空,以免pingall不通
3. ODL DLUX下发流表实现hardtimeout
- Yang UI>Opendaylight-inventory>config>nodes>table>flow
- node/openflow:1 交换机编号
- table/0 流表编号
- flow/不超过1024,不冲突即可 流表项编号
- GET为查询流表,下发流表要修改为PUT
为了使h1 20s 内ping不通h3首先要知道h3和h1分别连接OVS的哪个端口,在mininet中用links查询链路连接情况
h1连接s1的port1
h3连接s1的port3
由于连接上ODL默认ping通,所以下发策略使port1进来的目的IP为h3的数据包都drop掉就能ping不通(也可以反过来使port3进来的目的IP为h1的IP的数据包drop),同时设置hard_time为20s,则20s后策略失效。
为了保证流表生效,把优先级设成最大,65535
4. 验证流表下发成功
5. 借助Postman调用ODL北向接口下发
http://127.0.0.1:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:1/flow-node-inventory:table/0/flow/1
{
"flow": [
{
"id": "1",
"match": {
"in-port": "1",
"ethernet-match": {
"ethernet-type": {
"type": "0x800"
}
},
"ipv4-destination": "10.0.0.3/32"
},
"instructions": {
"instruction": [
{
"order": "0",
"apply-actions": {
"action": [
{
"order": "0",
"drop-action": {}
}
]
}
}
]
},
"priority": "65535",
"hard-timeout": "20",
"table_id": "0"
}
]
}
使用get可以调用接口查看流表