[原創]SDN之openflow簡明教程

SDN之openflow簡明教程

軟件准備

使用虛擬機進行仿真很容易，這里不再介紹。
下面在ubuntu 13.10上安裝mininet仿真環境。

Mininet 2.1.0 on Ubuntu 13.10: sudo apt-get install mininet
Mininet 2.0.0 on Ubuntu 13.04: sudo apt-get install mininet
Mininet 2.0.0 on Ubuntu 12.10: sudo apt-get install mininet/quantal-backports
Mininet 2.0.0 on Ubuntu 12.04: sudo apt-get install mininet/precise-backports

apt-get install openvswitch-datapath-dkms
/etc/init.d/openvswitch-switch  start

至此，mininet已經安裝完成。
運行mn --test pingall測試安裝是否正常。。

/*-----------------可選-----------------
如需要OpenFlow reference switch, reference controller and Wireshark dissector組件，請運行下面命令，這里我們跳過。

git clone git://github.com/mininet/mininet
mininet/util/install.sh -fw

當然也可以直接用源碼包安裝，如下：

git clone git://github.com/mininet/mininet
To install everything (using your home directory): install.sh -a

mininet/util/install.sh -h可以查看幫助選項。
------------------可選----------------*/

使用命令mn --topo single,3 --mac --switch ovsk --controller remote創建一個3台主機，一台(openvSwitch-based)交換機的虛擬網絡。

mininet簡明介紹

查看節點：mininet> nodes
在特定主機上運行命令，在命令前面上加上主機名即可：mininet> h1 ifconfig

退出mininet后，可使用mn -c清除之前構建的虛擬網絡。

dpclt簡介

顯示交換機端口狀態：dpctl show tcp:127.0.0.1:6634
顯示交換機流表狀態：dpctl dump-flows tcp:127.0.0.1:6634
在交換機中增加一條流表：dpctl add-flow tcp:127.0.0.1:6634 in_port=1,actions=output:2

控制器與交換機間的交互過程

Message	Type	Description
Hello	Controller->Switch	following the TCP handshake, the controller sends its version number to the switch.
Hello	Switch->Controller	the switch replies with its supported version number.
Features Request	Controller->Switch	the controller asks to see which ports are available.
Set Config	Controller->Switch	in this case, the controller asks the switch to send flow expirations.
Features Reply	Switch->Controller	the switch replies with a list of ports, port speeds, and supported tables and actions.
Port Status	Switch->Controller	enables the switch to inform that controller of changes to port speeds or connectivity. Ignore this one, it appears to be a bug.

報文通過SDN網絡的過程

Message	Type	Description
Packet-In	Switch->Controller	a packet was received and it didn't match any entry in the switch's flow table, causing the packet to be sent to the controller.
Packet-Out	Controller->Switch	controller send a packet out one or more switch ports.
Flow-Mod	Controller->Switch	instructs a switch to add a particular flow to its flow table.
Flow-Expired	Switch->Controller	a flow timed out after a period of inactivity.

性能測試

mininet> iperf

選擇控制器開發框架

Python:POX,Ryu
Ruby:Trema
Haskell:Nettle(還不完善)
Java:Floodlight

詳細的控制器列表參見http://yuba.stanford.edu/~casado/of-sw.html

下面我們用POX來嘗試開發控制器。

git clone http://github.com/noxrepo/pox
cd pox
./pox.py log.level --DEBUG misc.of_tutorial

現在我們使用了位於pox/misc下的of_tutorial.py作為控制器。
使用mininet> pingall測試連通性。
使用mininet> iperf測試性能。

好，現在我們來看一下of_tutorial.py的源碼。

# Copyright 2012 James McCauley
#
# Licensed under the Apache License, Version 2.0 (the "License");
# you may not use this file except in compliance with the License.
# You may obtain a copy of the License at:
#
#     http://www.apache.org/licenses/LICENSE-2.0
#
# Unless required by applicable law or agreed to in writing, software
# distributed under the License is distributed on an "AS IS" BASIS,
# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or implied.
# See the License for the specific language governing permissions and
# limitations under the License.

"""
This component is for use with the OpenFlow tutorial.

It acts as a simple hub, but can be modified to act like an L2
learning switch.

It's roughly similar to the one Brandon Heller did for NOX.
"""

from pox.core import core
import pox.openflow.libopenflow_01 as of

log = core.getLogger()



class Tutorial (object):
  """
  A Tutorial object is created for each switch that connects.
  A Connection object for that switch is passed to the __init__ function.
  """
  def __init__ (self, connection):
    # Keep track of the connection to the switch so that we can
    # send it messages!
    self.connection = connection

    # This binds our PacketIn event listener
    connection.addListeners(self)

    # Use this table to keep track of which ethernet address is on
    # which switch port (keys are MACs, values are ports).
    self.mac_to_port = {}


  def resend_packet (self, packet_in, out_port):
    """
    Instructs the switch to resend a packet that it had sent to us.
    "packet_in" is the ofp_packet_in object the switch had sent to the
    controller due to a table-miss.
    """
    msg = of.ofp_packet_out()
    msg.data = packet_in

    # Add an action to send to the specified port
    action = of.ofp_action_output(port = out_port)
    msg.actions.append(action)

    # Send message to switch
    self.connection.send(msg)


  def act_like_hub (self, packet, packet_in):
    """
    Implement hub-like behavior -- send all packets to all ports besides
    the input port.
    """

    # We want to output to all ports -- we do that using the special
    # OFPP_ALL port as the output port.  (We could have also used
    # OFPP_FLOOD.)
    self.resend_packet(packet_in, of.OFPP_ALL)

    # Note that if we didn't get a valid buffer_id, a slightly better
    # implementation would check that we got the full data before
    # sending it (len(packet_in.data) should be == packet_in.total_len)).


  def act_like_switch (self, packet, packet_in):
    """
    Implement switch-like behavior.
    """

    """ # DELETE THIS LINE TO START WORKING ON THIS (AND THE ONE BELOW!) #

    # Here's some psuedocode to start you off implementing a learning
    # switch.  You'll need to rewrite it as real Python code.

    # Learn the port for the source MAC
    self.mac_to_port ... <add or update entry>

    if the port associated with the destination MAC of the packet is known:
      # Send packet out the associated port
      self.resend_packet(packet_in, ...)

      # Once you have the above working, try pushing a flow entry
      # instead of resending the packet (comment out the above and
      # uncomment and complete the below.)

      log.debug("Installing flow...")
      # Maybe the log statement should have source/destination/port?

      #msg = of.ofp_flow_mod()
      #
      ## Set fields to match received packet
      #msg.match = of.ofp_match.from_packet(packet)
      #
      #< Set other fields of flow_mod (timeouts? buffer_id?) >
      #
      #< Add an output action, and send -- similar to resend_packet() >

    else:
      # Flood the packet out everything but the input port
      # This part looks familiar, right?
      self.resend_packet(packet_in, of.OFPP_ALL)

    """ # DELETE THIS LINE TO START WORKING ON THIS #


  def _handle_PacketIn (self, event):
    """
    Handles packet in messages from the switch.
    """

    packet = event.parsed # This is the parsed packet data.
    if not packet.parsed:
      log.warning("Ignoring incomplete packet")
      return

    packet_in = event.ofp # The actual ofp_packet_in message.

    # Comment out the following line and uncomment the one after
    # when starting the exercise.
    self.act_like_hub(packet, packet_in)
    #self.act_like_switch(packet, packet_in)



def launch ():
  """
  Starts the component
  """
  def start_switch (event):
    log.debug("Controlling %s" % (event.connection,))
    Tutorial(event.connection)
  core.openflow.addListenerByName("ConnectionUp", start_switch)

POX使用簡介

Sending OpenFlow messages with POX

connection.send( ... ) # send an OpenFlow message to a switch

When a connection to a switch starts, a ConnectionUp event is fired. The example code creates a new Tutorial object that holds a reference to the associated Connection object. This can later be used to send commands (OpenFlow messages) to the switch.

ofp_action_output class

This is an action for use with ofp_packet_out and ofp_flow_mod. It specifies a switch port that you wish to send the packet out of. It can also take various "special" port numbers. An example of this would be OFPP_FLOOD which sends the packet out all ports except the one the packet originally arrived on.

Example. Create an output action that would send packets to all ports:

out_action = of.ofp_action_output(port = of.OFPP_FLOOD)

ofp_match class

Objects of this class describe packet header fields and an input port to match on. All fields are optional -- items that are not specified are "wildcards" and will match on anything.

Some notable fields of ofp_match objects are:

• dl_src - The data link layer (MAC) source address
• dl_dst - The data link layer (MAC) destination address
• in_port - The packet input switch port

Example. Create a match that matches packets arriving on port 3:

match = of.ofp_match()
match.in_port = 3

ofp_packet_out OpenFlow message

The ofp_packet_out message instructs a switch to send a packet. The packet might be one constructed at the controller, or it might be one that the switch received, buffered, and forwarded to the controller (and is now referenced by a buffer_id).

Notable fields are:

• buffer_id - The buffer_id of a buffer you wish to send. Do not set if you are sending a constructed packet.
• data - Raw bytes you wish the switch to send. Do not set if you are sending a buffered packet.
• actions - A list of actions to apply (for this tutorial, this is just a single ofp_action_output action).
• in_port - The port number this packet initially arrived on if you are sending by buffer_id, otherwise OFPP_NONE.

ofp_flow_mod OpenFlow message

This instructs a switch to install a flow table entry. Flow table entries match some fields of incoming packets, and executes some list of actions on matching packets. The actions are the same as for ofp_packet_out, mentioned above (and, again, for the tutorial all you need is the simple ofp_action_output action). The match is described by an ofp_match object.

Notable fields are:

• idle_timeout - Number of idle seconds before the flow entry is removed. Defaults to no idle timeout.
• hard_timeout - Number of seconds before the flow entry is removed. Defaults to no timeout.
• actions - A list of actions to perform on matching packets (e.g., ofp_action_output)
• priority - When using non-exact (wildcarded) matches, this specifies the priority for overlapping matches. Higher values are higher priority. Not important for exact or non-overlapping entries.
• buffer_id - The buffer_id of a buffer to apply the actions to immediately. Leave unspecified for none.
• in_port - If using a buffer_id, this is the associated input port.
• match - An ofp_match object. By default, this matches everything, so you should probably set some of its fields!

Example. Create a flow_mod that sends packets from port 3 out of port 4.

fm = of.ofp_flow_mod()
fm.match.in_port = 3
fm.actions.append(of.ofp_action_output(port = 4))

更詳細的POX介紹，請參見https://openflow.stanford.edu/display/ONL/POX+Wiki

關於多交換機的控制器的編寫請關注后續的文章。