環境信息
盛科交換機信息:
R3# show version
CentecOS Software, E580, Version 5.3.6
Copyright (C) 2004-2017 Centec Networks Inc. All rights reserved.
The current running image is: flash:/boot/centecOS-v580-openflow-v5.3.6.bin
R3 uptime is 2 days, 22 hours, 56 minutes
Hardware Type : 32X
SDRAM size : 1024M
Flash size : 2048M
Hardware Version : 2.0
EPLD Version : 1.2
BootRom Version : 8.1.1
System serial number : E142GD169030
ovs交換機信息:
root@openlab:~# cat /etc/issue
Ubuntu 18.04.5 LTS \n \l
root@openlab:~# ovs-vsctl --version
ovs-vsctl (Open vSwitch) 2.6.3
DB Schema 7.14.0
網絡拓撲
miniet新建拓撲
使用mininet創建最簡單拓撲
mn
網卡信息
盛科交換機配置
設置local_ip
R3# configure terminal
R3(config)# openflow tunnel local_vtep_ip 172.171.3.104
創建vxlan隧道
ovs-vsctl add-port br0 vxlan1 -- set interface vxlan1 type=vxlan options:remote_ip=172.171.8.21 options:bind_port=eth-0-1 options:nexthop_mac=64:00:6a:1f:d5:9f
盛科v580的vxlan隧道必須有三個配置項:
remote_ip: 隧道另一端的地址,這里是ovs交換機所在主機的網卡ip,enp3s0的ip。
bind_port: 隧道綁定的端口。vxlan隧道是虛擬出來的端口,物理交換機上不存在,所以需要一個物理端口承載流量。這里是交換機出流量的端口eth-0-1。
nexthop_mac: remote_ip 配置的網卡的mac地址,就是enp3s0的mac地址。
隧道:
隧道的端口:
下發流表
ovs-ofctl add-flow br0 "in_port=5,actions=set_field:10->tun_id,output:2201"
ovs-ofctl add-flow br0 "in_port=2201,tun_id=10,actions=output:5"
進隧道流量:
主機連接到盛科交換機5端口,將所有5端口進來的流量設置tun_id為10,然后轉發到vxlan隧道的端口2201
進隧道流量:
隧道對端過來的流量從2201端口進入交換機。匹配進端口為2201,tun_id=10的流量,轉發到5端口中
ovs交換機配置
新建隧道
ovs-vsctl add-port s1 vtep -- set interface vtep type=vxlan option:remote_ip=172.171.3.104 option:key=flow ofport_request=10
ovs交換機的兩個參數:
remote_ip: 隧道另一端的ip地址。這里要寫盛科交換機的local_ip
key=flow ofport_request: vxlan類型為基於流表,新建的端口為10
root@openlab:~# ovs-vsctl show
a3e32c7e-3d35-40ac-b360-15603a98a1ec
Bridge "s1"
Controller "tcp:127.0.0.1:6653"
is_connected: true
Controller "ptcp:6654"
fail_mode: secure
Port "s1-eth2"
Interface "s1-eth2"
Port "s1"
Interface "s1"
type: internal
Port "s1-eth1"
Interface "s1-eth1"
Port vtep
Interface vtep
type: vxlan
options: {key=flow, remote_ip="172.171.3.104"}
ovs_version: "2.6.3"
root@openlab:~# ovs-ofctl show s1
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000000000000001
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
1(s1-eth1): addr:1a:a3:c9:a7:f1:ec
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
2(s1-eth2): addr:b2:84:d9:29:cc:a9
config: 0
state: 0
current: 10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
10(vtep): addr:5a:63:14:3d:64:27
config: 0
state: 0
speed: 0 Mbps now, 0 Mbps max
LOCAL(s1): addr:8a:27:12:84:6c:4e
config: PORT_DOWN
state: LINK_DOWN
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
root@openlab:~#
下發流表
ovs-ofctl add-flow s1 "in_port=1,actions=set_field:10->tun_id,output:10"
ovs-ofctl add-flow s1 "in_port=10,tun_id=10,actions=output:1"
隧道出流量:
主機連接ovs交換機的1端口,將從1端口進入的流量設置tun_id=10,然后轉發到隧道的端口10
隧道入流量:
對端隧道流量進入的端口為10,匹配進端口為10,tun_id=10的流量,轉發給主機1
宣告arp
arp -s 172.171.3.104 00:1e:08:0c:99:38
ovs交換機的隧道外層封裝時需要對端ip和mac,因為盛科交換機無法回復arp信息,所以需要手動宣告盛科交換機的local_ip以及bind_port中配置的端口的mac地址。
驗證
