OVS中arp響應的流表的實現

總結：

1、br-int 流表總體是按照Normal 的方式，即常規的交換機的轉發方式進行轉發。而br-tun 交換機則主要按照流表的方式進行轉發。

2、一般情況下，VM發出的ARP請求，會在該VM的所有鄰居進行廣播發送和查找，大量浪費帶寬。當neutron開啟了l2 pop后（二次注入功能），

計算節點會學習別的主機發送的免費ARP, 從而在本地存在ARP表項。

3、當本地的VM發出ARP請求時，br-tun交換機會優先查找本地的ARP表項，從而對報文進行ARP應答。

這樣的話，就不用發出ARP請求的廣播報文。如果br-tun交換機查找不到對應的ARP響應流表，則按照普通的隧道廣播的方式進行正常廣播發送。

4、ARP響應流表的匹配條件和動作分別如下：

• ARP響應流表的匹配條件是：

br.add_flow(table=constants.ARP_RESPONDER,
            priority=1,
            proto='arp',
            dl_vlan=vlan,
            nw_dst='%s' % ip,
            actions=actions)

• ARP響應流表的動作如下：

ARP_RESPONDER_ACTIONS = ('move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],'
                         'mod_dl_src:%(mac)s,'
                         'load:0x2->NXM_OF_ARP_OP[],'
                         'move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],'
                         'move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],'
                         'load:%(mac)#x->NXM_NX_ARP_SHA[],'
                         'load:%(ip)#x->NXM_OF_ARP_SPA[],'
                         'in_port')
5、對匹配條件和動作的解釋如下：

self.tun_br.add_flow(table=constants.ARP_RESPONDER, – Add this new flow to the ARP_RESPONDER table

                                 priority=1, – With a priority of 1 (Another, default flow with the lower priority of 0 is added elsewhere in the code)

                                 proto=‘arp’, – Match only on ARP messages

                                 dl_vlan=lvid, – Match only if the destination VLAN (The message has been locally VLAN tagged by now) matches the VLAN ID / network of the remote VM

                                 nw_dst=‘%s‘ % ip, – Match on the IP address of the remote VM in question

                                 actions=actions)

actions = (‘move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[],’ – Place the source MAC address of the request (The requesting VM) as the new reply’s destination MAC address

                       ‘mod_dl_src:%(mac)s,’ – Put the requested MAC address of the remote VM as this message’s source MAC address

                       ‘load:0x2->NXM_OF_ARP_OP[],’ – Put an 0x2 code as the type of the ARP message. 0x2 is an ARP response.

                       ‘move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[],’ – Place the ARP request’s source hardware address (MAC) as this new message’s ARP target / destination hardware address

                       ‘move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[],’ – Place the ARP request’s source protocol / IP address as the new message’s ARP destination IP address

                       ‘load:%(mac)#x->NXM_NX_ARP_SHA[],’ – Place the requested VM’s MAC address as the source MAC address of the ARP reply

                       ‘load:%(ip)#x->NXM_OF_ARP_SPA[],’ – Place the requested VM’s IP address as the source IP address of the ARP reply

                       ‘in_port’ % {‘mac’: mac, ‘ip’: ip}) – Forward the message back to the port it came in on

6、參考blog: OVS ARP Responder – Theory and Practice

https://assafmuller.com/2014/05/21/ovs-arp-responder-theory-and-practice/