實驗2:Open vSwitch虛擬交換機實踐
基本要求
1.創建OVS交換機並配置
輸入命令創建OVS
sudo ovs-vsctl add-br ovs-switch026
sudo ovs-vsctl add-port ovs-switch026 p0
sudo ovs-vsctl set Interface p0 ofport_request=100 type=internal
sudo ovs-vsctl add-port ovs-switch026 p1
sudo ovs-vsctl set Interface p1 ofport_request=101 type=internal
# 查詢相關信息
sudo ethtool -i p0
sudo ethtool -i p1
# 配置虛擬網絡空間
sudo ip netns add ns0
sudo ip link set p0 netns ns0
sudo ip netns exec ns0 ip addr add 192.168.0.100/24 dev p0
sudo ip netns exec ns0 ifconfig p0 promisc up
sudo ip netns add ns1
sudo ip link set p1 netns ns1
sudo ip netns exec ns1 ip addr add 192.168.0.101/24 dev p1
sudo ip netns exec ns1 ifconfig p1 promisc up
# 測試ping
sudo ip netns exec ns0 ping 192.168.0.101
# 查看
sudo ovs-vsctl show
輸入sudo ovs-vsctl show查看網絡狀態
測試p0和p1的連通性,因為p0的ip為192.168.0.100,p1的ip為192.168.0.101,所以輸入命令測試連通:
sudo ip netns exec ns0 ping 192.168.0.101
觀察到成功聯通:
2.搭建拓撲
使用Mininet搭建的SDN拓撲,如下圖所示,要求支持OpenFlow 1.3協議,主機名、交換機名以及端口對應正確。
打開Miniedit可視化工具
# 在lab2目錄下
sudo ./../mininet/examples/miniedit.py
放置拓撲
設置協議為1.3
將其保存成py文件
修改其中代碼:
net.addLink(h1, s1, 1, 1)
net.addLink(h2, s1, 1, 2)
net.addLink(h3, s2, 1, 1)
net.addLink(h4, s2, 1, 2)
net.addLink(s1, s2, 3, 3)
執行命令運行
sudo python topo.py
完成任務
3.下發流表
通過命令行終端輸入“ovs-ofctl”命令,直接在s1和s2上添加流表,划分出所要求的VLAN。
使用ovs-ofctl下發流表,配置vlan
# 將主機1,2發送來的包打上vlan標記
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3
# 將主機3,4發送來的包取出vlan標記
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=0,actions=pop_vlan,output:1
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=1,actions=pop_vlan,output:2
# 將主機3,4發送來的包打上vlan標記
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3
# 將主機1,2發送來的包取出vlan標記
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,dl_vlan=0,actions=pop_vlan,output:1
sudo ovs-ofctl -O OpenFlow13 add-flow s2 priority=1,dl_vlan=1,actions=pop_vlan,output:2
4.測試網絡
主機連通性要求:
- h1 – h3互通
- h2 – h4互通
- 其余主機不通
執行pingall
符合要求,輸入命令查看所下發的流表
sudo ovs-ofctl -O OpenFlow13 dump-flows s1
sudo ovs-ofctl -O OpenFlow13 dump-flows s2
如圖所示
利用wireshark抓包,抓取s1上的3端口,查看經過的包是否有vlan標記
在mininet命令行界面中執行h1 ping h3
在wireshark中看到vlan標記vlan標記為0
同樣執行h2 ping h4,抓包可以看到vlan標記為1
進階要求
閱讀SDNLAB實驗使用Mininet,編寫Python代碼,生成(一)中的SDN拓撲,並在代碼中直接使用OVS命令,做到可以直接運行Python程序完成和(一)相同的VLAN划分。
編寫代碼VlanOVS.py
from mininet.net import Mininet
from mininet.node import Node
from mininet.link import TCLink, Link
from mininet.log import setLogLevel, info
def myNet():
"Create network from scratch using Open vSwitch."
info( "*** Creating nodes\n" )
switch1 = Node( 's1', inNamespace=False )
switch2 = Node( 's2', inNamespace=False )
h1 = Node( 'h1' )
h2 = Node( 'h2' )
h3 = Node( 'h3' )
h4 = Node( 'h4' )
info( "*** Creating links\n" )
Link( h1, switch1 )
Link( h2, switch1 )
Link( h3, switch2 )
Link( h4, switch2 )
Link( switch1, switch2 )
info( "*** Configuring hosts\n" )
h1.setIP( '192.168.123.1/24' )
h2.setIP( '192.168.123.2/24' )
h3.setIP( '192.168.123.3/24' )
h4.setIP( '192.168.123.4/24' )
info( str( h1 ) + '\n' )
info( str( h2 ) + '\n' )
info( str( h3 ) + '\n' )
info( str( h4 ) + '\n' )
info( "*** Starting network using Open vSwitch\n" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.cmd( 'ovs-vsctl add-br dp0' )
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.cmd( 'ovs-vsctl add-br dp1' )
for intf in switch1.intfs.values():
print(intf)
print(switch1.cmd( 'ovs-vsctl add-port dp0 %s' % intf ))
for intf in switch2.intfs.values():
print(intf)
print(switch2.cmd( 'ovs-vsctl add-port dp1 %s' % intf ))
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=0,actions=pop_vlan,output=1' )
switch1.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=1,actions=pop_vlan,output=2' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=0,actions=pop_vlan,output=1' )
switch2.cmd( 'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=1,actions=pop_vlan,output=2' )
info( "*** Running test\n" )
info( "\nh1 ping h2\n" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h2.IP() )
info( "\nh1 ping h3\n" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h3.IP() )
info( "\nh1 ping h4\n" )
h1.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "\nh2 ping h3\n" )
h2.cmdPrint( 'ping -Q 0x30 -c 3 ' + h3.IP() )
info( "\nh2 ping h4\n" )
h2.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "\nh3 ping h4\n" )
h3.cmdPrint( 'ping -Q 0x30 -c 3 ' + h4.IP() )
info( "*** print the table\n" )
info( switch1.cmd( 'ovs-ofctl dump-flows dp0 -O OpenFlow13' ) )
info( switch2.cmd( 'ovs-ofctl dump-flows dp1 -O OpenFlow13' ) )
info( "*** Stopping network\n" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.deleteIntfs()
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.deleteIntfs()
info( '\n' )
if __name__ == '__main__':
setLogLevel( 'info' )
info( '*** Scratch network demo (kernel datapath)\n' )
Mininet.init()
myNet()
觀察結果:
總結
這次實驗沒有遇到什么困難,唯一的困惑在於:在創建OVS交換機端口是出現報錯,但是並不影響之后實驗。對此並不是很理解,上網找不到相關的信息,之后的實驗參考老師的pdf和參考鏈接,進行了實驗。第一次體驗了vlan的作用,感覺比較神奇,通過vlan將網絡划分成不同的域,各個域之間才可以進行通信。在之后的進階要求中,通過對鏈接中的代碼進行修改實現了功能,而沒有去領悟其中函數調用的作用,之后將研究一下這種新的寫法,具體是怎樣操作OVS,以及下發流表。