SDN实验---Mininet实验（玩转流表）

一：实验目的

（一）案例目的

（二）实验内容

 

（三）网络拓扑结构 

二：OpenFlow流表实验准备

（一）使用Python设置网络拓扑 --- tree_topo.py

from mininet.topo import Topo
from mininet.net import Mininet
from mininet.node import RemoteController
from mininet.link import TCLink
from mininet.util import dumpNodeConnections

class MyTopo(Topo):

    def __init__(self):
        super(MyTopo,self).__init__()

        # add host
        Host1 = self.addHost('h1')
        Host2 = self.addHost('h2')
        Host3 = self.addHost('h3')

        switch1 = self.addSwitch('s1')
        switch2 = self.addSwitch('s2')

        self.addLink(Host1,switch1)
        self.addLink(Host2,switch1)
        self.addLink(Host3,switch2)
        self.addLink(switch1,switch2)

topos = {"mytopo":(lambda:MyTopo())}

（二）启动远程Ryu控制器

 ryu-manager simple_switch.py　　注意，该控制器py文件在app目录下

# Copyright (C) 2011 Nippon Telegraph and Telephone Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
#    http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""
An OpenFlow 1.0 L2 learning switch implementation.
"""


from ryu.base import app_manager
from ryu.controller import ofp_event
from ryu.controller.handler import MAIN_DISPATCHER
from ryu.controller.handler import set_ev_cls
from ryu.ofproto import ofproto_v1_0
from ryu.lib.mac import haddr_to_bin
from ryu.lib.packet import packet
from ryu.lib.packet import ethernet
from ryu.lib.packet import ether_types


class SimpleSwitch(app_manager.RyuApp):　　不同与之前的Ryu实验，这里面没有在交换机初始连接时下发默认流表...待思考
    OFP_VERSIONS = [ofproto_v1_0.OFP_VERSION]

    def __init__(self, *args, **kwargs):
        super(SimpleSwitch, self).__init__(*args, **kwargs)
        self.mac_to_port = {}

    def add_flow(self, datapath, in_port, dst, src, actions):　　下发流表
        ofproto = datapath.ofproto

        match = datapath.ofproto_parser.OFPMatch(
            in_port=in_port,
            dl_dst=haddr_to_bin(dst), dl_src=haddr_to_bin(src))

        mod = datapath.ofproto_parser.OFPFlowMod(
            datapath=datapath, match=match, cookie=0,
            command=ofproto.OFPFC_ADD, idle_timeout=0, hard_timeout=0,
            priority=ofproto.OFP_DEFAULT_PRIORITY,
            flags=ofproto.OFPFF_SEND_FLOW_REM, actions=actions)
        datapath.send_msg(mod)

    @set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
    def _packet_in_handler(self, ev):　　交换机向控制器发送数据
        msg = ev.msg
        datapath = msg.datapath
        ofproto = datapath.ofproto

        pkt = packet.Packet(msg.data)
        eth = pkt.get_protocol(ethernet.ethernet)

        if eth.ethertype == ether_types.ETH_TYPE_LLDP:
            # ignore lldp packet
            return
        dst = eth.dst
        src = eth.src

        dpid = datapath.id
        self.mac_to_port.setdefault(dpid, {})

        self.logger.info("packet in %s %s %s %s", dpid, src, dst, msg.in_port)

        # learn a mac address to avoid FLOOD next time.
        self.mac_to_port[dpid][src] = msg.in_port

        if dst in self.mac_to_port[dpid]:
            out_port = self.mac_to_port[dpid][dst]
        else:
            out_port = ofproto.OFPP_FLOOD

        actions = [datapath.ofproto_parser.OFPActionOutput(out_port)]

        # install a flow to avoid packet_in next time
        if out_port != ofproto.OFPP_FLOOD:
            self.add_flow(datapath, msg.in_port, dst, src, actions)

        data = None
        if msg.buffer_id == ofproto.OFP_NO_BUFFER:
            data = msg.data

        out = datapath.ofproto_parser.OFPPacketOut(
            datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port,
            actions=actions, data=data)
        datapath.send_msg(out)

    @set_ev_cls(ofp_event.EventOFPPortStatus, MAIN_DISPATCHER)
    def _port_status_handler(self, ev):
        msg = ev.msg
        reason = msg.reason
        port_no = msg.desc.port_no

        ofproto = msg.datapath.ofproto
        if reason == ofproto.OFPPR_ADD:
            self.logger.info("port added %s", port_no)
        elif reason == ofproto.OFPPR_DELETE:
            self.logger.info("port deleted %s", port_no)
        elif reason == ofproto.OFPPR_MODIFY:
            self.logger.info("port modified %s", port_no)
        else:
            self.logger.info("Illeagal port state %s %s", port_no, reason)

（三）Mininet开始启动网络拓扑

sudo mn --custom tree_topt.py --topo=mytopo --controller=remote,ip=127.0.0.1,port=6633

注意：应该是主机连接发送了数据，导致控制器对网络进行了拓扑收集，问题同上：SDN实验---Ryu的应用开发（二）Learning Switch

三：进行OpenFlow流表分析

（一）主要流表操作命令

dpctl dump-flows    查看静态流表

dpctl del-flows    删除所有交换机中的流表

dpctl add-flow in_port=1,actions=output:2　　添加流表项到所有交换机，注意：一般是成对添加，实现双方通信

sh ovs-ofctl del-flows s1 in_port=2　　删除指定交换机的，匹配in_port=2的流表

dpctl del-flows in_port=1    删除所有交换机中符合in_port=1的流表

dpctl add-flow in_port=2,actions=drop  　　添加丢弃数据包的流表项

（二）先解决上面问题，是不是启动Mininet后进行了数据包发送，导致控制器下发流表

重新启动Ryu和Mininet，直接查看交换机中是否有流表.

1.先启动交换机，查看流表，为空

2.启动控制器，之后再查看交换机中流表信息，依旧为空

3.主机使用pingall命令后，查看流表，发生变化

已解决。但是交换机是如何设置默认流表当不知道packet如何处理的时候发生给控制器？如果这是默认动作，那么我们之前Ryu实验中为何要实现    
@set_ev_cls(ofp_event.EventOFPSwitchFeatures,CONFIG_DISPATCHER)
    def switch_features_handler(self,ev):　　　　？？？？？

经过启动hub.py在控制器上，进行测试，发现会进入switch_features_handler,并且会下发默认流表---所以说，我们可以不用设置这个默认流表也可以，但是这个函数中，我们可以设置一些其他的流表进行控制---所以说还是比较有用的

注意从（三）开始的实验我们需要关闭控制器Ryu进行

（三）删除所有流表

由于没有流表，所有ping操作不可达

（四）添加h1与和h2之间的流表转发

1.单个交换机操作

2.h1 ping h2,信息可达（因为有流表进行指导）

3.h1 ping h3,消息不可达（因为交换机2中没有流表项，并且交换机1也没有配置到port3的动作

4.实现所有网络所有主机互通（先清空流表）

为所有交换机添加端口1和端口2的操作---两个交换机公共操作

dpctl add-flow in_port=1,actions=output:2　　

dpctl add-flow in_port=2,actions=output:1

为交换机之间端口提供交互---只操作s1(因为只有s1有端口3)

sh ovs-ofctl add-flow s1 in_port=1,actions=output:2,3

sh ovs-ofctl add-flow s1 in_port=3,actions=output:1,2

sh ovs-ofctl add-flow s1 in_port=2,actions=output:1,3

实验结果显示

或者：我们直接添加下面流表也可以实现上面操作

mininet> dpctl add-flow in_port=1,actions=output:2,3
mininet> dpctl add-flow in_port=2,actions=output:1,3
mininet> dpctl add-flow in_port=3,actions=output:1,2

5.为交换机2添加丢弃流表，使得两个交换机不可通信（在前面互通基础上实现）

mininet> sh ovs-ofctl del-flows s2 in_port=1　　删除原有流表
mininet> sh ovs-ofctl add-flow s2 in_port=1,actions=drop　　添加丢弃流表