RYU 灭龙战 third day
前言
传统的交换机有自学习能力。然而你知道在SDN的世界里,脑子空空的OpenFlow交换机是如何学习的吗?今日说法带你领略SDN的mac学习能力。
RYUBook从中学习
场景描述
传统交换机原理
- 学习连接到传统交换机的主机的mac地址,并把其存在mac地址表中
- 对于已经记录下来的mac地址,若是收到送往该mac地址的数据包时,就往对应的端口进行转发
- 对于mac地址表中没有的数据包,则进行flooding
OpenFlow交换机实现传统交换机功能
- 对于接收到的数据包针对指定的端口转发
- 把接收到的数据包发送给控制器(Packet-In)
- 把从控制器接收到的数据包转发到指定的端口(Packet-Out)
图示
1.初始状态
mac地址表和交换机的流表均为空的表项
2.Host A -> Host B
当Host A 向 Host B 发送数据包时。这个时候会出发PacketIn消息。Host A的mac地址以及对应的端口会记录到mac地址表内。然后由于Host B的mac不在mac地址表内,此时会flooding
3.Host B -> Host A
数据包从host B回复给Host B时,在Flow table上新增一条流表,讲数据包转发给端口1
4.Host A -> Host B
再次由主机A向主机B发送数据包,新增流表,将数据包转发到端口4
场景实现
代码附录(附加注释)simple_switch_13.py
# Copyright (C) 2011 Nippon Telegraph and Telephone Corporation.
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at
#
# http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or
# implied.
# See the License for the specific language governing permissions and
# limitations under the License.
from ryu.base import app_manager
from ryu.controller import ofp_event
from ryu.controller.handler import CONFIG_DISPATCHER, MAIN_DISPATCHER
from ryu.controller.handler import set_ev_cls
from ryu.ofproto import ofproto_v1_3
from ryu.lib.packet import packet
from ryu.lib.packet import ethernet
from ryu.lib.packet import ether_types
class SimpleSwitch13(app_manager.RyuApp):
#OF版本为1.3
OFP_VERSIONS = [ofproto_v1_3.OFP_VERSION]
#初始化函数
def __init__(self, *args, **kwargs):
super(SimpleSwitch13, self).__init__(*args, **kwargs)
#MAC地址表的定义
self.mac_to_port = {}
#"ryu.controller.handler.set_ev_cls作为修饰器,参数为指定事件类别的接受信息,以及交换机的状态
#此时接收到的是SwitchFeatures,即交换机的功能,CONFIG_DISPATCHER则是交换机的状态为接收SwitchFeatures消息
#每一个事件管理(Envent Handler)都需要有一个事件event作为参数
@set_ev_cls(ofp_event.EventOFPSwitchFeatures, CONFIG_DISPATCHER)
def switch_features_handler(self, ev):
#ev.msg是用来存对应事件的OpenFlow消息类别实体,这里指的是OFPSwitchFeatures
#datapath是用来处理OpenFlow交换机重要的消息,比如与交换机的通讯和触发接收消息相关的实践
datapath = ev.msg.datapath
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
# install table-miss flow entry
#
# We specify NO BUFFER to max_len of the output action due to
# OVS bug. At this moment, if we specify a lesser number, e.g.,
# 128, OVS will send Packet-In with invalid buffer_id and
# truncated packet data. In that case, we cannot output packets
# correctly. The bug has been fixed in OVS v2.1.0.
#下发Table-miss Flow Entry优先级为0的流表,即如果报文都没有匹配的话,则匹配该报文,并将其发送给控制器
match = parser.OFPMatch()
actions = [parser.OFPActionOutput(ofproto.OFPP_CONTROLLER,
ofproto.OFPCML_NO_BUFFER)]
self.add_flow(datapath, 0, match, actions)
#add_flow方法用来发送Flow Mod消息
def add_flow(self, datapath, priority, match, actions, buffer_id=None):
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
inst = [parser.OFPInstructionActions(ofproto.OFPIT_APPLY_ACTIONS,
actions)]
if buffer_id:
mod = parser.OFPFlowMod(datapath=datapath, buffer_id=buffer_id,
priority=priority, match=match,
instructions=inst)
else:
mod = parser.OFPFlowMod(datapath=datapath, priority=priority,
match=match, instructions=inst)
#用FlowMod消息去更新,增加,删除流表
datapath.send_msg(mod)
#处理Packet-in数据包,交换机状态为一般状态
@set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
def _packet_in_handler(self, ev):
# If you hit this you might want to increase
# the "miss_send_length" of your switch
if ev.msg.msg_len < ev.msg.total_len:
self.logger.debug("packet truncated: only %s of %s bytes",
ev.msg.msg_len, ev.msg.total_len)
msg = ev.msg
datapath = msg.datapath
ofproto = datapath.ofproto
parser = datapath.ofproto_parser
#match用来存储数据包的Meta元数据
in_port = msg.match['in_port']
#data接受数据包本身的消息
pkt = packet.Packet(msg.data)
eth = pkt.get_protocols(ethernet.ethernet)[0]
#忽略LLDP数据包
if eth.ethertype == ether_types.ETH_TYPE_LLDP:
# ignore lldp packet
return
#源目mac
dst = eth.dst
src = eth.src
#id为交换机的id
dpid = datapath.id
#更新mac地址表,每台交换机独立的dpid对应一个表
self.mac_to_port.setdefault(dpid, {})
self.logger.info("packet in %s %s %s %s", dpid, src, dst, in_port)
# learn a mac address to avoid FLOOD next time.
#学习mac地址表,源mac和端口对应起来
self.mac_to_port[dpid][src] = in_port
#如果目的mac在mac地址表里面,则将出端口置位对应目的mac对应的端口,否则就泛洪flooding
if dst in self.mac_to_port[dpid]:
out_port = self.mac_to_port[dpid][dst]
else:
out_port = ofproto.OFPP_FLOOD
actions = [parser.OFPActionOutput(out_port)]
# install a flow to avoid packet_in next time
#下发对应的目的端口到目的mac的流表,优先级为1,比之前的table_miss的优先级高
if out_port != ofproto.OFPP_FLOOD:
match = parser.OFPMatch(in_port=in_port, eth_dst=dst)
# verify if we have a valid buffer_id, if yes avoid to send both
# flow_mod & packet_out
if msg.buffer_id != ofproto.OFP_NO_BUFFER:
self.add_flow(datapath, 1, match, actions, msg.buffer_id)
return
else:
self.add_flow(datapath, 1, match, actions)
data = None
if msg.buffer_id == ofproto.OFP_NO_BUFFER:
data = msg.data
#将经过上述处理的消息通过PacketOut数据包发送给交换机
out = parser.OFPPacketOut(datapath=datapath, buffer_id=msg.buffer_id,
in_port=in_port, actions=actions, data=data)
datapath.send_msg(out)
运行测试
- 一个终端执行
sudo mn --topo single,3 --mac --switch ovsk,protocols=OpenFlow13 --controller remote
- 另一终端执行
sudo ovs-vsctl show
继续执行,查看交换机流表
sudo ovs-ofctl -O OpenFlow13 dump-flows s1
- 在mininet端执行pingall,结果可想肯定是丢包
- 再开一个终端,开启RYU
进入到RYU目录下,执行
ryu-manager --verbose ryu.app.simple_switch_13
- 在ovs端查看流表
sudo ovs-ofctl -O OpenFlow13 dump-flows s1
如今正如代码所示 Table-miss Flow Entry 加入OVS
- mininet端
h1 ping -c1 h2
ping通
- 再次查看OVS流表
sudo ovs-ofctl -O OpenFlow13 dump-flows s1
- 查看ryu端的新增输出
共发出三次PacketIn,下发三次流表
总结
1、相比与传统交换机,OpenFlow交换机的mac地址表维护都是在控制器内部。控制器的压力实在是太大了,毕竟可能要管理多台交换机;
2、借鉴该应用中,处理对应OpenFlow数据包的方法,接下来可以做一些相应的尝试。