- 积分
- 16844
在线时间 小时
最后登录1970-1-1
|
楼主 |
发表于 2019-10-18 10:50:26
|
显示全部楼层
关于 VLAN U) r4 t! w" q# H" ~5 l
设置 VLAN tag
/ }+ ?* H' f9 z& M+ _9 l, w4 |) Q2 ^* `: |- I4 E( V4 k5 Q# R5 V+ m2 P
ovs-vsctl add-port ovs-br vlan3 tag=3 -- set interface vlan3 type=internal
- {2 z8 ^6 p' r* S6 B移除 VLAN
1 P% Q& m7 R" ?4 o+ t
( J& `( F* n: ^4 i! W1 povs-vsctl del-port ovs-br vlan3* a5 H3 O; `! O3 x5 C! z2 ^' N
查询 VLAN
/ C( `1 e7 \8 d5 ~0 `& n9 w+ \5 ? b9 g) L3 z* ^( B- o
ovs-vsctl show
3 O7 W8 R3 N- `/ c/ s4 y5 Xifconfig vlan3- q% M& P% `8 N2 L6 Y9 R Z: _
设置 Vlan trunk. c; W n% {+ g# k" N( e
ovs-vsctl add-port ovs-br eth0 trunk=3,4,5,6
* M$ {) F0 m) D) Z. [3 i7 l# X) p
' Q: [8 g; W6 z, Y设置已 add 的 port 为 access port, vlan id 9
6 v5 e- ]1 y; s8 v* P E# W( [8 _
: T! w5 b3 N# K5 |1 a; z: Eovs-vsctl set port eth0 tag=9" ]% K* L$ H8 V: F5 n6 b/ r
ovs-ofctl add-flow 设置 vlan 1003 D% x; y9 H" ~5 f3 R
- d1 ?9 H7 ]9 b2 |1 }) b% o e8 _ovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=mod_vlan_vid:100,output:3
7 k5 e6 U/ E3 b9 H- qovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=push_vlan:0x8100,set_field:100-\>vlan_vid,output:3+ f% I' x& i7 P; y B) D4 D1 Q
ovs-ofctl add-flow 拿掉 vlan tag
; H( Z$ L* u* E# U8 z
# N& Q5 a3 i0 U# l3 }ovs-ofctl add-flow ovs1 in_port=3,dl_vlan=100,actions=strip_vlan,output:16 \0 @/ u2 Y) ^1 m! a- m$ B
two_vlan example# Q& x$ @. z. u0 {
ovs-ofctl add-flow pop-vlan
% Y" a2 H6 o5 ~6 W
" r/ X( H8 y) s! @( movs-ofctl add-flow ovs-br in_port=3,dl_vlan=0xffff,actions=pop_vlan,output:16 o. j1 m" {( P5 ]- w8 ~) e4 G
% i, m1 S& m6 ] ^1 h2 l
7 J3 H& Z1 i& m; x8 w, I+ |8 H关于 GRE Tunnel- ?/ |, M4 f7 e7 h2 j! i1 y1 |
设置 GRE tunnel
' x) D/ P* U5 _8 A) X6 `' ?! H0 S+ {4 j1 y/ S) R5 |$ ]
ovs−vsctl add−port ovs-br ovs-gre -- set interface ovs-gre type=gre options:remote_ip=1.2.3.48 F& D; z# h T$ K1 Z& C0 o% B8 v
查询 GRE Tunnel- A* H+ E! S8 D2 K! {% k5 i
6 O1 x. q3 x% e. L6 i4 n8 e
ovs-vsctl show" f6 M0 t2 e' }% S; @8 ]' h; \
7 C; n. t, S: z" X, a- K( A
M: \+ ]. B: ]' G" b' _ \' O
关于 Dump flows8 l8 B1 o- u, f- g& u4 f& z
Dumps OpenFlow flows 不含 hidden flows (常用)
9 ^) }" t1 x, _# a( L
: [4 R: h9 w; J4 b& g& M1 ?ovs-ofctl dump-flows ovs-br |6 N" {8 P: T: N
Dumps OpenFlow flows 包含 hidden flows
5 G5 v+ V$ f6 C/ I
3 r3 r6 B$ w bovs-appctl bridge/dump-flows ovs-br3 ~: F2 h- h0 ^% Q6 V( d
Dump 特定 bridge 的 datapath flows 不論任何 type
) g3 ~7 |$ k7 P4 q W
9 d0 U# {; Q" Hovs-appctl dpif/dump-flows ovs-br5 {: W+ b$ ?, b w
Dump 在 Linux kernel 裡的 datapath flow table (常用)2 @ P% r1 B+ c$ ?% w
; f: f' t4 o R1 Govs-dpctl dump-flows [dp]8 N5 I! T0 n$ u' W* j4 d. Z" [; R
Top like behavior for ovs-dpctl dump-flows/ B& |& E+ L: Q* e4 i$ u/ c. F
( M4 C, P6 h. \
ovs-dpctl-top" \( }4 t6 Y3 n6 q. P# w
0 @( l6 ^) z0 f" T0 c! u: ^4 C" F. H; w$ z, y
$ c) h7 G5 a3 @* A, hXenServer 开启 OpenvSwitch 方式
9 f" Q K$ `5 O5 I. @2 r检查是否启动openvswitch服务:/ \+ P6 T+ D4 i2 i) [
4 q k6 U, J) z$ i2 R% }
service openvswitch status3 l& _5 S/ ~: K, x
启动服务# L% v( G0 b" h h O: |$ w
/ ~ s @3 M5 V8 b: oxe-switch-network-backend openvswitch
! T D+ n. x8 H5 x1 c$ d- p" _关闭服务9 `6 @4 K9 o3 j f b2 P3 P
& M7 x4 D: u" j W- @. t exe-switch-network-backend bridge
+ t5 F( Y3 x8 U* R% H0 F" e( L/ @5 b
" B* s: |' M/ g& G关于 Log" d$ N* u+ q, K1 N2 s
查询 log level list
& R3 t% q4 Z! @9 ]0 j* z8 q d$ h2 ^5 _
ovs-appctl vlog/list' }. r' u N$ Y2 I2 w0 j! {
设置 log level (以 stp 设置 file 为 dbg level 为例)* r. Q( F8 g7 G0 ~
: s% l& U& V0 r1 Xovs-appctl vlog/set stp:file:dbg, a# e3 r( j7 N5 n
ovs-appctl vlog/set {module name}:{console, syslog, file}:{off, emer, err, warn, info, dbg}6 @0 U: z& T' ^" `$ z" [+ P- w) y
3 n# ^0 ?2 l7 {1 `: x7 r3 ^) y9 T7 y: T
关于 Fallback& \2 A; d$ ?4 x' o& K
Controller connection: false 的时候, 会自动调成 legacy switch mode$ C( v5 V2 Z1 ~1 h9 r5 H
$ r8 n4 t8 {" M( r! _( K* {2 Bovs-vsctl set-fail-mode ovs-br standalone2 g3 J. j9 T$ e* e' z: V
无论 Controller connection status 为何, 都必须通过 OpenFlow 进行网络行为 (default)! e H2 A x; E' C7 s
6 H. R2 C/ z0 S% qovs-vsctl set-fail-mode ovs-br secure
& X) ?+ t9 p( g移除4 q s" L, b8 y7 h
) U5 \5 U7 z& S- d; U
ovs-vsctl del-fail-mode ovs-br
7 U( t9 I1 a3 n9 i4 \查询
3 T# z4 B7 c) p8 O+ }& i
4 V$ u9 N! [- K- D s( F/ Hovs-vsctl get-fail-mode ovs-br( v- T2 M- d) \
) P$ U2 z4 s1 E: T
4 Y O+ Z/ l! M9 y! g. X关于 sFlow
3 U Y) A$ v8 p, `查询; r& r0 B' }3 p% {: e
5 N3 o# u1 G/ d$ `- O p: N. `ovs-vsctl list sflow
0 L- _- ^' a* ~7 j: f新增8 N! j8 q# V: `
X1 b" M' O0 x6 d5 u6 r$ t
Set sFlow 缺' n5 p5 x2 l( i* _- @
刪除( ]# ~& f% \( y4 x, P5 Q
4 V6 {# ], N. |6 B: U1 ]6 f! x
ovs-vsctl -- clear Bridge ovs-br sflow
2 [' j! H6 P5 x1 w5 Q, S7.13关于 NetFlow8 Y. W; Z+ q7 I
查询
- M' U' r, a0 U7 I4 x1 }/ C' U0 \+ {6 S+ |+ ]
ovs-vsctl list netflow- Y% s' H& U8 p
新增
9 W: q/ f8 v8 q# }5 \9 ?% `2 i, u0 k# y$ z% [ c' v
Set NetFlow 缺! h* m! O0 |+ L$ M/ q7 {# s5 d
刪除. k3 S/ d0 H) W# y
, w: V& V) \4 Hovs-vsctl -- clear Bridge ovs-br netflow" u5 J6 M. w. _8 s* ^3 \
7.14 设置 Out-of-band 和 in-band! }3 }6 F1 A/ p4 Z& e b; S* I
查询
& i l# R6 l+ g! ]+ T5 }9 {
( r& L: d6 e2 s; ~- [ovs-vsctl get controller ovs-br connection-mode
' G5 T3 a* V" l. H1 m) m- n; pOut-of-band
1 f6 |/ Z0 d7 x3 D8 y+ v
: {) k! d# z& a6 o( covs-vsctl set controller ovs-br connection-mode=out-of-band
& ?+ [$ b1 x8 ? A! bIn-band (default)2 \% l( H3 A7 J/ j0 I
4 e+ g. a2 W. k+ N8 k8 ^2 V
ovs-vsctl set controller ovs-br connection-mode=in-band- A& T4 }1 p& X2 Z
移除 hidden flow
: J& D7 u2 E" p. L
+ Y3 z6 [5 O, `/ e$ y1 Aovs-vsctl set bridge br0 other-config:disable-in-band=true
' B3 J: e3 [5 J3 D7.15 关于 ssl
5 J7 a* Q! L3 d; D( N6 n7 v3 a查询3 {# P' K! U# E
% z, m: O( J' i7 \0 `! V' kovs-vsctl get-ssl
; q. d7 ~, E6 _) M0 t设置
* d( `% f+ O( w1 W7 {* p5 f2 {
- {% I# z' j9 W# ]ovs-vsctl set-ssl sc-privkey.pem sc-cert.pem cacert.pem6 D k3 c/ h- g5 S% N$ |. K: g
OpenvSwitch Lab 6$ TLS SSL : http://roan.logdown.com/posts/208707-openvswitch-lab-6-ssl
; K! f# O* ]- V" B刪除
6 X" o5 a6 b/ x: {% p1 \. \) y5 f- t( H
ovs-vsctl del-ssl* J% `/ v7 x- U" k& |' j( y6 O
7.16 关于 SPAN
2 V$ @8 v% a3 a" K( S: l3 r# N$ p详细设置
& u3 p8 U) D0 p, g7 N; \
( B; q3 j' N% k8 kovs-vsctl add-br ovs-br8 C1 y) { x0 P3 ^3 H/ V
ovs-vsctl add-port ovs-br eth03 d$ J5 F! V& a9 ~3 R# x
ovs-vsctl add-port ovs-br eth1
: a3 @% L k- U/ [/ qovs-vsctl add-port ovs-br tap0 \
# k1 m/ e: r1 s' N. }7 f -- --id=@p get port tap0 \/ {/ }. P% f0 M2 ?# U; S
-- --id=@m create mirror name=m0 select-all=true output-port=@p \* ~, |: g- l9 \
-- set bridge ovs-br mirrors=@m5 Y1 i5 M3 T# e4 U4 x* b J
将 ovs-br 上 add-port {eth0,eth1} mirror 至 tap05 e4 Y- k j- Y o% T
+ ?" i1 Q* D2 g2 s% H刪除
5 {1 i$ E$ }& K, Z8 i, I8 ]0 o4 p" m2 j8 K; r
ovs-vsctl clear bridge ovs-br mirrors # 關於 Table4 z& f G4 r4 V7 U1 T: }; m9 l7 r2 y
查 table ovs-ofctl dump-tables ovs-br/ ]8 D9 } y# i+ o4 L& J) Y
5 I: w8 I; `( P+ G3 t
7.17 关于 Group Table! A/ N+ t, D3 m' f* l
参考 hwchiu – Multipath routing with Group table at mininet
! q0 A; ~ z9 X# T; J a1 ?2 y: w
6 \0 z H Q; X# [/ N建立 Group id 及对应的 bucket
- h% ?* ~+ \1 |$ A: J2 v! e
; R& [0 u! u8 `, J% [4 l' `+ k1 yovs-ofctl -O OpenFlow13 add-group ovs-br group_id=5566,type=select,bucket=output:1,bucket=output:2,bucket=output:3
! Y, c0 \2 g" X3 V. Mtype 共有 All, Select, Indirect, FastFailover, 详细规格:http://flowgrammable.org/sdn/ope ... upmod/#GroupMod_1.3: c( N& b. Z" g
2 j( ?' ?: Y) K# D. a: h
使用 Group Table4 x: L r( S1 A4 @: q
& v% m H( j" ^
ovs-ofctl -O OpenFlow13 add-flow ovs-br in_port=4,actions=group:5566/ u! Y! q/ g- i+ k
7.18 关于 VXLAN v! C4 ^9 r; ^
参考 rascov – Bridge Remote Mininets using VXLAN
: X# O8 d7 I* X! E6 V- P1 f7 P2 r) A. ?9 @7 o- B; m
建立 VXLAN Network ID (VNI) 和指定的 OpenFlow port number, eg: VNI=5566, OF_PORT=93 U: v* U/ s7 B, A) \
4 t" W# ]( e. ]! ~3 U% K: Govs-vsctl set interface vxlan type=vxlan option:remote_ip=x.x.x.x option:key=5566 ofport_request=9
9 Z3 N4 w5 P6 RVNI flow by flow
( H( W% v" g& s& a! i) S5 K9 r# j( U) y0 H% } d( [
ovs-vsctl set interface vxlan type=vxlan option:remote_ip=140.113.215.200 option:key=flow ofport_request=9
. k8 j# k' r' H5 d0 E6 [' G设置 VXLAN tunnel id; o6 ~% v. \0 f
) Y' j2 ?+ q% K8 L4 o
ovs-ofctl add-flow ovs-br in_port=1,actions=set_field:5566->tun_id,output:2
: b' B3 j$ l7 {" l) D# iovs-ofctl add-flow s1 in_port=2,tun_id=5566,actions=output:1' f1 X. S. h) |- g9 G' n) r* Z5 t8 p
7.19 关于 OVSDB Manager4 m# W6 b h5 J( X8 U6 k
参考 OVSDB Integration:Mininet OVSDB Tutorial) j* A7 a4 f1 ^2 [8 Y* @
- K& k8 R6 n/ K. vActive Listener 设置& K3 V/ Q3 t( Y# |: k8 ` w [& b
0 S8 s* c5 n* b# c w: c, o7 jovs-vsctl set-manager tcp:1.2.3.4:6640
. d, ~/ h. l' k6 vPassive Listener 设置# b" [9 t1 T! |1 K
* \9 W9 t5 @/ x7 I' `1 govs-vsctl set-manager ptcp:6640. A/ o1 u- w8 M+ ~4 ~
7.20 OpenFlow Trace
1 P4 v+ H8 E5 ^0 [6 TGenerate pakcet trace
5 o8 k G0 T% u# r
* \9 S- E4 y( Y4 d! N9 z% U" govs-appctl ofproto/trace ovs-br in_port=1,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:02 -generate
2 P" e: b/ S+ b# f7.21 其它& ^% q8 U4 A# z4 s( ?+ V+ U
查询 OpenvSwitch 版本
' d. C+ d I* ]0 Z! E5 a& b: |
, h/ c9 i; I( [; P4 X+ Q! o% o- Tovs-ofctl -V
; [* H9 _% _- k( ]/ m6 ]查询指令历史记录9 d: n. e0 x" U- U9 s
9 h/ \) E+ W0 L4 T+ Z6 ?ovsdb-tool show-log [-mmm]$ j$ h' `, X% c7 f- _
|
|
/4 
|返回首页|Archiver|小黑屋|易陆发现技术论坛
( 蜀ICP备2026014127号-1 )
窥视卡
雷达卡
发表于 2019-10-18 10:38:50
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜