浏览此站
联系我们相册切换到窄版 Language

 找回密码
 注册
易陆发现论坛»论坛 云计算开源区 neutron网络 ovs-ofctl dump-ports 输出交换机的端口统计信息,包括 ...
返回列表 发新帖
查看: 4312|回复: 3

ovs-ofctl dump-ports 输出交换机的端口统计信息,包括收发包、丢包、错误包等数量。

[复制链接]
admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
发表于 2019-10-25 10:00:33 | 显示全部楼层 |阅读模式
ovs-ofctl dump-ports 输出交换机的端口统计信息,包括收发包、丢包、错误包等数量。 ovs-ofctl dump-flows alubr0  
: l. ?- J4 u' qOFPST_FLOW reply (xid=0x2): flags=[more]1 m% p. d& s7 D3 z* s" v5 A
cookie=0x1, duration=1263.439s, table=0, n_packets=572, n_bytes=27498, priority=1 actions=move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG1[
, H0 v2 [' n7 W0..11],strip_vlan,resubmit(,22),resubmit(,23),move:NXM_OF_IN_PORT[]->NXM_NX_REG4[0..15],move:NXM_NX_REG1[0..15]->NXM_OF_IN_PORT[],re
* _' S. D1 t. W6 E  ^submit(,4)
' `+ U+ \6 a) k* v3 a cookie=0x1, duration=1263.439s, table=4, n_packets=36175, n_bytes=26587191, priority=0 actions=resubmit(,27)
4 Y9 c+ Y4 b  `  A' F, q- O5 Z cookie=0x1, duration=1263.439s, table=5, n_packets=35646, n_bytes=26564073, priority=0 actions=resubmit(,7)
# t* |3 N- S/ Q7 p& U# _5 _. u# A9 Y6 f; l cookie=0x1, duration=1193.636s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=18038,dl_src=fa:16:3e:83:4c:69 actions=drop  O+ h8 a+ ^. E2 ?0 `1 F- Y9 B
cookie=0x1, duration=1253.085s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=3575,dl_src=fa:16:3e:e8:53:ed actions=drop' _; T, J2 j+ i. m6 |
cookie=0x1, duration=1190.175s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=291,dl_src=fa:16:3e:b2:1c:91 actions=drop
8 F2 h. d' w4 x8 q; y5 U cookie=0x1, duration=1176.930s, table=7, n_packets=522, n_bytes=21924, priority=32769,in_port=21588,dl_src=fa:16:3e:f7:f2:b0 action
5 ?4 A1 [' @) Bs=drop
9 G/ `* m2 P9 C6 i cookie=0x1, duration=1256.088s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=5670,dl_src=fa:16:3e:35:a6:e0 actions=drop
) M4 ^: b% I% ?- P cookie=0x1, duration=1197.461s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=29064,dl_src=fa:16:3e:82:2c:2c actions=drop
: [0 u- y0 ~% t/ g7 ]0 V8 | cookie=0x1, duration=1196.999s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=249,dl_src=fa:16:3e:83:aa:df actions=drop
0 D3 X9 O: j) b# Q5 C7 Q cookie=0x1, duration=1195.700s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=422,dl_src=fa:16:3e:c9:6d:72 actions=drop' A) L; A( e$ }5 v. v& E
cookie=0x1, duration=1198.286s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=19360,dl_src=fa:16:3e:95:46:90 actions=drop
) W. K( q  s0 U, b3 ^" N cookie=0x1, duration=1195.371s, table=7, n_packets=246, n_bytes=22388, priority=32769,in_port=440,dl_src=fa:16:3e:21:d3:7c actions=2 g1 J0 v* h" T, X
drop
: N5 s: B9 k1 P) Y6 |5 ~: ?7 k. [ cookie=0x1, duration=1214.428s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=417,dl_src=fa:16:3e:ca:06:53 actions=drop# U4 i" U; J: W8 p5 C7 i; l
cookie=0x1, duration=1207.443s, table=7, n_packets=22, n_bytes=3454, priority=32769,in_port=386,dl_src=fa:16:3e:34:aa:b7 actions=dr2 w$ N, o2 J# _4 S' N) O# X9 h* Q
op# `- m2 }, d) ^( Y" k1 B
cookie=0x1, duration=1185.017s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=29117,dl_src=fa:16:3e:ec:aa:39 actions=drop
8 a' v3 I9 N; M4 a% {9 L) Q1 ^0 [ cookie=0x1, duration=1204.103s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=15250,dl_src=fa:16:3e:d7:f6:f5 actions=drop$ q/ I3 D8 n8 Q4 p
cookie=0x1, duration=1197.818s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=28265,dl_src=fa:16:3e:f4:c0:f1 actions=drop0 y+ N2 \3 C( m4 w& g
cookie=0x1, duration=1185.573s, table=7, n_packets=283, n_bytes=28562, priority=32769,in_port=275,dl_src=fa:16:3e:ed:7d:60 actions=( a# X% B- c+ e8 X! B( e7 y
drop1 R, `7 C* G8 N6 G% g: K7 A4 g
cookie=0x1, duration=1191.564s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=185,dl_src=fa:16:3e:55:06:7c actions=drop
  s' G8 U; v0 }, G5 o4 F cookie=0x1, duration=1210.767s, table=7, n_packets=8553, n_bytes=549905, priority=32769,in_port=526,dl_src=fa:16:3e:62:2a:1b action$ c/ H1 H" f9 p
s=drop$ s+ ]& D) w. i9 m- L. Z
cookie=0x1, duration=1231.485s, table=7, n_packets=5, n_bytes=450, priority=32769,in_port=8163,dl_src=fa:16:3e:cd:48:42 actions=dro
/ _, u) }( ?# D4 W; vp+ A5 j! x( I) ^- j- v3 X. [8 @
cookie=0x1, duration=1254.538s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=799,dl_src=fa:16:3e:da:fe:ec actions=drop
, B) ]' Z! o( A2 b" J
* H( ]8 w3 E/ |7 z/ d9 Q
% y" v8 ~, \# f% n3 J2 l8 g如果设为fail-secure mode,则初始情况下flow table是空的,否则会有normal$ sudo ovs-vsctl add-br helloworld1
! e+ [7 g/ |( x& G+ R$ sudo ovs-ofctl show helloworld1
4 G& v- K: ?5 S: c$ sudo ovs-ofctl dump-flows helloworld1 ' @* J# z  U8 Q! S- B6 q
NXST_FLOW reply (xid=0x4):
3 a5 Q. p  W, P" Y* z$ gcookie=0x0, duration=31.467s, table=0, n_packets=8, n_bytes=648, idle_age=21, priority=0 actions=NORMAL接下来,创建四个veth pairsudo ip link add first_br type veth peer name first_if * \) P" O' B* a- r$ |
sudo ip link add second_br type veth peer name second_if    ( S% l  W) F: e
sudo ip link add third_br type veth peer name third_if      
( b$ N% n' N  o5 }& Msudo ip link add forth_br type veth peer name forth_ifxxx_br将是添加到bridge上的。我们添加四个端口portsudo ovs-vsctl add-port helloworld first_br -- set Interface first_br ofport_request=1 ( A; g* @& \8 l7 h
sudo ovs-vsctl add-port helloworld second_br -- set Interface second_br ofport_request=2
% D  b/ i7 h* }% Tsudo ovs-vsctl add-port helloworld third_br -- set Interface third_br ofport_request=3 , Q" D8 a/ H6 F
sudo ovs-vsctl add-port helloworld forth_br -- set Interface forth_br ofport_request=4ofport_request是指定端口号新添加的port都是出于DOWN的状态8 t! |2 G* u6 ]. ~
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2019-10-25 10:00:34 | 显示全部楼层
把它们设为UP
( f$ P3 {. k, o  y4 A& L+ K: [$ \/ E$ L. J0 p7 r
sudo ip link set first_if up
5 g& D- w/ M  @' ^% ?sudo ip link set first_br up 6 q/ t  ]6 _2 Q# w' z' O
sudo ip link set second_br up     " x; |7 s4 @0 L; e7 p
sudo ip link set second_if up - Q1 p! U/ l1 }# x- _- B4 y0 r
sudo ip link set third_if up      2 x+ f5 t4 e6 b& C1 Q- P. W
sudo ip link set third_br up     
; }3 [5 `  P5 x# [/ R. ?sudo ip link set forth_br up         8 G4 S6 ~3 o$ ]$ J/ H& H
sudo ip link set forth_if up
" V; B' M8 @1 ~/ F/ p# t( Z$ h, |
2 I. R, I# l% F+ U% o6 {5 k也可以用下面的命令
2 _! e' o, j& V4 B& S9 a0 z' ?  i# i  d6 ~% g
ovs-ofctl mod-port helloworld first_br up
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2019-10-25 10:00:35 | 显示全部楼层
实现第一个Table 0,Admission control5 `2 C& N+ ^: ~' A+ }8 f

! u$ m9 J- r+ x+ V* H$ w包进入vswitch的时候首先进入Table 0,我们在这里可以设定规则,控制那些包可以进入,那些包不可以进入。
! Y1 u8 @& w9 U: |1 g2 c0 Y, f/ n+ s- v9 ]
比如,如果source address是multicast的就不允许进入。% H: E2 W% N/ [, L0 r& d6 H4 J

2 A" x0 G( l" b: c" [01:00:00:00:00:00/01:00:00:00:00:00是广播地址2 L$ @* l" r7 D7 C7 j
00:00:00:00:00:00/01:00:00:00:00:00是单播地址( P& o; k' T0 ]5 @) R
这种表示形式类似CIDR
  |7 X6 B1 c) p) f于是我们添加下面的规则:
; i& I7 x4 H3 R; R6 a5 I' l5 nsudo ovs-ofctl add-flow helloworld "table=0, dl_src=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"1 \- z: E  y! ~; G. s. P: j& A. m
STP的也不接受
& a; L: t) R1 Ksudo ovs-ofctl add-flow helloworld "table=0, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"7 i+ E2 T* m: [" V0 }
我们在添加最后一个flow,这个flow的priority低于default,如果上面两个不匹配,则我们进入table 1
' S9 [0 \/ o6 U& M) \1 R3 g+ Osudo ovs-ofctl add-flow helloworld "table=0, priority=0, actions=resubmit(,1)"
, j9 r0 \6 U* @5 T2 |- B4 w) y9 a我们查看一下所有的flow' W% _, `  }# l  t
$ sudo ovs-ofctl dump-flows helloworld        9 x: d% o. T2 F0 [- b
NXST_FLOW reply (xid=0x4):
7 |. f) A) r! Z: [3 M8 S9 @: Bcookie=0x0, duration=42.162s, table=0, n_packets=0, n_bytes=0, idle_age=42, priority=0 actions=resubmit(,1) 5 h! c6 t* q* N. y2 u  @* u
cookie=0x0, duration=232.121s, table=0, n_packets=0, n_bytes=0, idle_age=232, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 2 C4 r2 S# }5 c) x
cookie=0x0, duration=167.636s, table=0, n_packets=0, n_bytes=0, idle_age=167, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
9 _8 G7 U& ?& b" ^, W' m0 G* w& s, A3 u$ x
测试Table 0$ `& u! {% k9 J7 o" J4 e

: q" O: v9 X. O  x8 y! `- ~有个很好的工具ovs-appctl ofproto/trace9 }! `7 X$ T% W! D9 B2 A+ G
" h  g$ m2 z" v3 C) s
不满足条件DROP: E; y% _+ ]8 v. i
0 H: n) O( l% b& S8 G% B3 ^
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:05
) l! |0 [' \" \9 j( _Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:05,dl_type=0x0000
$ q/ w) C$ S+ ~( [( k% a5 zRule: table=0 cookie=0 dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 : \( n% o% F5 s7 j) B8 l$ Y) ^
OpenFlow actions=drop
0 J) h( Y( A5 z) F9 F
# _( J9 d6 |2 X; {Final flow: unchanged
5 R( o# j7 x! d1 I; ?& \Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
* `/ _2 B' I  @1 ]Datapath actions: drop
1 a3 T& u* s2 Q( O/ t0 `& n+ I, Z5 N3 Y1 y$ B. k$ A
满足条件RESUBMIT
3 ~  ~3 w. `8 g' Y& Z/ X  e$ J! Y
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:10 3 `1 c( N: {4 M$ `2 Y; P
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:10,dl_type=0x0000 : u3 A1 n: K6 V0 u  h
Rule: table=0 cookie=0 priority=0
5 a1 y; F' \- ~; C' xOpenFlow actions=resubmit(,1)7 `8 [" v0 |# P8 t' {
9 {  j+ H% A$ |! N
        Resubmitted flow: unchanged
( H/ w8 i6 S) v- }% M6 N        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & c4 l4 w' C9 `* Z( p7 d
        Resubmitted  odp: drop
7 y- x6 P: J: q& o% s        No match
& A" J7 ?# y$ i$ B% s. o% p9 I3 s- ~( f3 A. @
Final flow: unchanged 7 ~, y$ D9 r5 B* Q/ R' U
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:10/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no ! g8 r# ?- a( N# |% Q. }
Datapath actions: drop
4 G4 L- m! }0 Q' M
/ ?1 k7 f. k9 T! e实现第二个Table 1:VLAN Input Processing
; H. m& N+ h2 r! R' r# C3 x" O# _) C* X
首先添加一个最低优先级的DROP的规则
5 ~5 U& F& o' y7 s% Z7 R: ^
" S6 t, X( D2 O/ Y& Z% s. usudo ovs-ofctl add-flow helloworld "table=1, priority=0, actions=drop", X$ h9 y3 u8 K) K: Z/ K

# o+ f! ?4 Q4 u; J) P对于port 1,是trunk口,无论有没有VLAN Header都接受。
' E+ r3 Z( b* z7 z9 \: v& I: f8 u: p
sudo ovs-ofctl add-flow helloworld "table=1, priority=99, in_port=1, actions=resubmit(,2)"
' V# b- y6 D$ `
4 |' P) u: w5 ?9 b6 _对于port 2, 3, 4, 我们希望没有VLAN Tag,然后我们给打上VLAN Tag$ k$ X% A2 u6 w
2 J4 u, y; k/ Q( \' e& v. B
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'
$ a/ g+ V3 V5 Ftable=1, priority=99, in_port=2, vlan_tci=0, actions=mod_vlan_vid:20, resubmit(,2)
  C+ h0 {/ G3 l0 W. M" c6 r0 Rtable=1, priority=99, in_port=3, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2)
8 k& t" C2 Q5 J  @table=1, priority=99, in_port=4, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) 2 O: I9 }6 D4 ~' q. A; P- Z
EOF
; G+ i. ^8 d! W( g5 [" K( t' K$ l2 @, C8 Q
$ sudo ovs-ofctl dump-flows helloworld & q$ q) @  {# E7 j
NXST_FLOW reply (xid=0x4):
1 @- i  x* c: L7 _2 R. Xcookie=0x0, duration=4478.582s, table=0, n_packets=0, n_bytes=0, idle_age=4478, priority=0 actions=resubmit(,1) * j6 h' g1 J0 h, u0 V
cookie=0x0, duration=4668.541s, table=0, n_packets=0, n_bytes=0, idle_age=4668, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
: m" s+ M8 ~0 ]7 H8 qcookie=0x0, duration=4604.056s, table=0, n_packets=0, n_bytes=0, idle_age=4604, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
: H+ ]& G1 S0 ?( a9 P5 }. O7 xcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 6 a- ]! r' k% a& a
cookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
1 z3 ]! B' n$ D9 F3 s) ~, mcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
) v6 j  ?+ g3 v; N% ?8 h' vcookie=0x0, duration=220.318s, table=1, n_packets=0, n_bytes=0, idle_age=220, priority=99,in_port=1 actions=resubmit(,2)
' q2 X3 X* C. b5 O1 vcookie=0x0, duration=298.739s, table=1, n_packets=0, n_bytes=0, idle_age=298, priority=0 actions=drop0 b- C* S/ u9 A2 P4 r2 A

# V- w# l, D- p& |测试一个从port 1进入,tag为5的
; ]- M: Q: s$ r4 r" R) s, I
- s5 i. c4 Y! g, e0 ?4 ~$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=5
# j7 V. p! [/ o! s6 wFlow: metadata=0,in_port=1,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
1 v# Y9 K) R. z' {! Z. B8 D1 o6 W5 {Rule: table=0 cookie=0 priority=0
/ g0 y2 U, |9 T& \1 m. z* I% nOpenFlow actions=resubmit(,1)
  m( `- m0 m; g; f/ C: _/ R( k/ ~. h- k8 E
        Resubmitted flow: unchanged " P- Q& k/ }; R9 O# h7 m+ S3 }
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ ]: o) A- W  D- x$ O
        Resubmitted  odp: drop . C: z2 ?! s1 K9 s, v- x" A6 \
        Rule: table=1 cookie=0 priority=99,in_port=1
* k, h6 C, ^* U% p        OpenFlow actions=resubmit(,2)
1 ]" ^1 {4 V/ N- j( _  e$ K
5 |/ u6 v. m  A                Resubmitted flow: unchanged
4 ?' k. E- {. W; f                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 , p8 }" I( B& S  c1 O) M
                Resubmitted  odp: drop
$ f( V5 f# T+ T3 t: o# _" \# U                No match
: Y; l' f; [/ k" O6 m# S/ S" y  r2 m% n0 b0 H/ `; o
Final flow: unchanged
9 ^+ s  o/ ?" `% Y- d* ERelevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no $ ]7 p7 `$ y: W+ F' L
Datapath actions: drop: h2 E! s1 v1 ]! V
. l# Q8 a! @+ f
测试二,从port 2进入,没有打Tag的
8 F( a$ L3 t9 P* w. m: \2 O
) s; E" i# `$ i$ {. t8 @2 e" Y4 D$ sudo ovs-appctl ofproto/trace helloworld in_port=2 5 A  r1 s- `, e& M
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
; V# c1 D2 w( u2 ?. S3 ^/ BRule: table=0 cookie=0 priority=0
' w6 ?4 S: ]  V9 l% @1 yOpenFlow actions=resubmit(,1)0 \* ?/ P! g& O0 }& V- U$ ?

6 K# {1 l* B6 o+ I, o        Resubmitted flow: unchanged
) g  {( K) G" P# f0 N8 G        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 " j# b9 ~7 ]1 b
        Resubmitted  odp: drop 4 E' ]0 b2 g* d0 M5 t9 ^
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 - u, P% D$ b/ l) R% _& c4 |6 h
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
1 ^9 f! v: C) l- B- d9 L* _$ W3 f! x* O$ K
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20这里被打上了Tag,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 $ x$ h/ _6 @' Y7 q: h/ w( E
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 + H( V' r  S# z- v; |9 e
                Resubmitted  odp: drop 1 O9 V4 f  |- N4 o* f1 L
                No match; r% N' Z& h7 b& Z. r6 {

- a9 j+ V9 ]9 _' T$ z8 OFinal flow: unchanged 2 o3 u+ j& q& K+ A. R
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no ( x  R7 H! c4 _# F' j) c
Datapath actions: drop
1 s3 Q3 p2 j' O
+ L5 ]+ P3 F% ?: m测试三:从port进入,带Tag 5的4 C) z6 a- D; O; F

+ l+ Z: i* t$ p0 ~$ sudo ovs-appctl ofproto/trace helloworld in_port=2,vlan_tci=5 ) E$ n) t" ^& _* S7 b
Flow: metadata=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
* L  m5 n3 p  M0 l: G) _9 ^Rule: table=0 cookie=0 priority=0 ! e) a- _6 @3 Y- V3 T
OpenFlow actions=resubmit(,1)9 {4 ^# D( S* E" ]/ n

: g* f' m9 J5 N. y        Resubmitted flow: unchanged
$ h& {: C# ]( n1 \: I        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
6 L3 {5 D0 {  w+ h+ J" E        Resubmitted  odp: drop
- j  |$ `% v) k9 w9 G% P  j        Rule: table=1 cookie=0 priority=0 ; i/ S' x: Z4 u5 [" \( Q8 ]% @0 ?
        OpenFlow actions=drop
5 ]8 X& ~) Z0 w- N
6 r7 z0 A* y0 I# R1 o6 J  z% AFinal flow: unchanged
8 A7 S( [0 Q* B7 v: e- n3 K$ G! Q6 ORelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no + T3 |2 C, F' g  x! X, M
Datapath actions: drop* h2 n; @. J' p4 s/ C/ b
9 u" D7 ^% t: e9 B
实现第三个Table 2: MAC, VLAN learning for ingress port% H5 a+ R2 R# O

# N" k' I0 y* b/ P9 q$ R' D: ]6 D对于普通的switch,都会有这个学习的过程,当一个包到来的时候,由于包里面有MAC,VLAN Tag,以及从哪个口进来的这个信息。于是switch学习后,维护了一个表格port –> MAC –> VLAN Tag。
' S. }7 q7 e2 j2 E' ~( n# T: |
4 `* \" m& \9 ~! {$ ~: C这样以后如果有需要发给这个MAC的包,不用ARP,switch自然之道应该发给哪个port,应该打什么VLAN Tag。- u, v' q! E' T1 z6 D

; X# R8 u; ~$ a; f, p0 ]OVS也要学习这个,并维护三个之间的mapping关系。7 I2 L6 [! A+ Y$ M4 W

8 E- l5 S$ S% _3 r1 b* a0 s" I在我们的例子中,无论是从port进来的本身就带Tag的,还是从port 2, 3, 4进来的后来被打上Tag的,都需要学习。
, g; o$ t1 Y; w4 ~, k( L% l  Z7 w6 N! c3 C$ ?
sudo ovs-ofctl add-flow helloworld "table=2 actions=learn(table=10, NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]), resubmit(,3)"
! ]) u& a4 S( X& p  f) C$ b  a; a  g8 c7 c( I) O5 [
这一句比较难理解。" e$ w  [4 p0 h( S$ ^9 }2 v

' d5 F- S: H! T3 E( rlearn表示这是一个学习的action# X, W9 e/ T8 e  Z4 }- e

$ Y4 _' S6 H1 m; m9 D8 f* O2 Atable 10,这是一个MAC learning table,学习的结果会放在这个table中。
2 K, H# _" b- S8 |0 ~- [+ j( s4 ?6 Y9 K$ J
NXM_OF_VLAN_TCI这个是VLAN Tag,在MAC Learning table中,每一个entry都是仅仅对某一个VLAN来说的,不同VLAN的learning table是分开的。在学习的结果的entry中,会标出这个entry是对于哪个VLAN的。
$ n( l' V9 I/ }" }
, R' y* r* J9 ?6 \: K* G/ CNXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]这个的意思是当前包里面的MAC Source Address会被放在学习结果的entry里面的dl_dst里面。这是因为每个switch都是通过Ingress包来学习,某个MAC从某个port进来,switch就应该记住以后发往这个MAC的包要从这个port出去,因而MAC source address就被放在了Mac destination address里面,因为这是为发送用的。1 \2 |1 {6 G( \2 E, S& e
& {: E: S5 q- E# p) ~
NXM_OF_IN_PORT[]->NXM_NX_REG0将portf放入register.
! A3 @  M& I7 a/ l
1 K# v, u! O3 O7 N一般对于学习的entry还需要有hard_timeout,这是的每个学习结果都会expire,需要重新学习。* l4 R  K* T1 m2 }6 [4 L

% W1 n, u4 c5 |; t7 v我们再来分析一个实践中,openstack中使用openvswitch的情况,这是br-tun上的规则。
& `5 a5 l; ?, Q# m0 M& o
; d  M3 @, O8 M0 k* L& \cookie=0x0, duration=802188.071s, table=10, n_packets=4885, n_bytes=347789, idle_age=730, hard_age=65534, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
! r3 ~/ o) P% m' y9 ~- Icookie=0x0, duration=802187.786s, table=20, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,21)
! J+ k) B4 ^5 \3 f! r cookie=0x0, duration=802038.514s, table=20, n_packets=1239, n_bytes=83620, idle_age=735, hard_age=65534, priority=2,dl_vlan=1,dl_dst=fa:16:3e:7e:ab:cc actions=strip_vlan,set_tunnel:0x3e9,output:2
3 m+ Q6 U2 r& t. h; ^! ]0 J3 T1 w- [cookie=0x0, duration=802187.653s, table=21, n_packets=17, n_bytes=1426, idle_age=65534, hard_age=65534, priority=0 actions=drop
' T' K: g/ g( ^8 `2 Wcookie=0x0, duration=802055.878s, table=21, n_packets=40, n_bytes=1736, idle_age=65534, hard_age=65534, dl_vlan=1 actions=strip_vlan,set_tunnel:0x3e9,output:2* A2 E& m( H: A0 G+ L: V& d
* K7 ?( i+ |0 F1 Z$ W
这里table 10是用来学习的。table 20是learning table。如果table 20是空的,也即还没有学到什么,则会通过priority=0的规则resubmit到table 21.; k' P7 {% @; p$ y: W* R, \& o6 ]; n
8 {& p: `1 p+ ~( ~; {7 a
table 21是发送规则,将br-int上的vlan tag消除,然后打上gre tunnel的id。. Z6 E3 {; E; f9 z" b2 L+ l

9 w, q5 I5 p8 q3 n上面的情况中,table 20不是空的,也即发送给dl_dst=fa:16:3e:7e:ab:cc的包不用走默认规则,直接通过table 20就发送出去了。
) \; l% o* Q" Q0 w, L+ K
- N+ L& i) d, ]$ f+ o, y% _table 20的规则是通过table 10学习得到的,table 10是一个接受规则。最终output 1,发送给了br-int
( W: ?% D3 \4 C7 S( o" o2 k7 v5 I/ A2 e+ C
NXM_OF_VLAN_TCI[0..11]是记录vlan tag,所以学习结果中有dl_vlan=1
0 s+ o* D8 }8 J6 x* j  l! R* S3 N% z# l0 p' g: I3 b
NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]是将mac source address记录,所以结果中有dl_dst=fa:16:3e:7e:ab:cc1 H6 N2 H+ ~+ C1 F5 g. Z7 L7 X' ~

7 c7 \) g% z3 l0 ]& s$ Bload:0->NXM_OF_VLAN_TCI[]意思是发送出去的时候,vlan tag设为0,所以结果中有actions=strip_vlan
6 K  j) |  I, {, C: T! d" ~. L6 L% W, E0 I2 J) B
load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[]意思是发出去的时候,设置tunnul id,所以结果中有set_tunnel:0x3e92 X# e" _' M- h. }& l7 O5 N
6 ^  e+ I+ U; m) r* s/ }
output:NXM_OF_IN_PORT[]意思是发送给哪个port,由于是从port2进来的,因而结果中有output:2+ a9 z) F; Q2 Q4 d2 m
  t. o8 m2 [& r% R
测试一:从port 1来一个vlan为20的mac为50:00:00:00:00:01的包
) k: ^) F$ P6 n7 ]9 c+ ~
- U5 A0 `# g# F' _* k$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=20,dl_src=50:00:00:00:00:01 -generate   
5 N' D- N+ Z' W' s$ Z* ^  WFlow: metadata=0,in_port=1,vlan_tci=0x0014,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
" G  r! ?3 H: E* I2 `9 S; |( URule: table=0 cookie=0 priority=0 ( W$ ?" z5 l: D) d
OpenFlow actions=resubmit(,1)
1 S6 X# c% Q; }0 P3 l+ \! I% X) [- X. @% a
        Resubmitted flow: unchanged
1 W) L) _7 X- S% F" X7 H3 I        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 / Y' _2 |) W* U5 N. I
        Resubmitted  odp: drop
2 a8 C& \+ y0 M. a        Rule: table=1 cookie=0 priority=99,in_port=1 # l- F0 G, r* d4 ~& g; h+ _! r5 U8 x
        OpenFlow actions=resubmit(,2)
- N, Z" z9 l9 j3 K
! S! T& q* C1 {4 p/ ^; s2 {                Resubmitted flow: unchanged 3 C+ w% u  k4 C( C. A3 t& ]
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0   X; e) x: T: c' q% i
                Resubmitted  odp: drop
3 o* i( Z  @& r8 w  ?! i                Rule: table=2 cookie=0 . I% J+ `& d/ o, u' |. @
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)0 _% \& {) h3 \( F* e! q3 s1 b; d9 w4 g! R
8 L7 B/ Z7 J/ }% l0 y
                        Resubmitted flow: unchanged
5 ?+ e. o9 U4 W" z. x: R5 w                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" U. Q1 ~+ r/ D$ `7 h                        Resubmitted  odp: drop
6 m! |/ Z7 L: V' k: w$ i  z9 r                        No match2 N6 G! [$ L5 ]- j- L

  g. s* V* i' g: OFinal flow: unchanged
1 A9 C3 }, H- b' T/ YRelevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no " x/ ?7 Z# @4 ?& W, ?2 H
Datapath actions: drop
2 t  L) q" Y; h: h* [& h
# O: y9 v: Y0 B2 W% l' e* a$ sudo ovs-ofctl dump-flows helloworld 2 L. H' E/ w7 [: U- c
NXST_FLOW reply (xid=0x4): 7 E6 m% d1 ]2 U. C! B5 @2 O
cookie=0x0, duration=90537.25s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) & i# Q/ u0 e6 v4 L
cookie=0x0, duration=90727.209s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
! Q( J* Q- e4 G( mcookie=0x0, duration=90662.724s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop + \8 `, \! ^4 E! l+ g, a# P8 F; N/ O
cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
9 c, o" Y! o( m# z+ [* ]" `# Y: Acookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
$ D  n5 D) H' c7 Icookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) 9 |: l2 M; b$ J
cookie=0x0, duration=86278.986s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) : O8 D% g* x: a( l1 {
cookie=0x0, duration=86357.407s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
, @( F# `  H) j3 _cookie=0x0, duration=83587.281s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
( F. f8 @5 S% [/ t! B. T cookie=0x0, duration=31.258s, table=10, n_packets=0, n_bytes=0, idle_age=31, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]+ \% g) P/ i7 `% X; ]6 k

& w) M3 w" |, u( j/ @+ P4 l9 xtable 10多了一条,vlan为20,dl_dst为50:00:00:00:00:01,发送的时候从port 1出去。' Y0 m$ W6 p( x" [% a

& m- u0 d" y8 y- y3 H! K2 S测试二:从port 2进来,被打上了vlan 20,mac为50:00:00:00:00:02* l/ H  E: J4 C! N

$ G# R. ~, l0 m0 }7 c( D$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=50:00:00:00:00:02 -generate   
7 B& S. q, `6 U6 n& H) n7 tFlow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000
! n9 g& S* G% J$ k% `Rule: table=0 cookie=0 priority=0
8 `8 _3 g1 y+ @+ a& ^OpenFlow actions=resubmit(,1)
% l: _4 b, n' g2 S
, g8 w" J" S/ c9 q$ R! Q        Resubmitted flow: unchanged
/ i& d  u, P, T        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& S1 e. N3 k, J; `        Resubmitted  odp: drop
3 Y& t$ D  F7 k8 E        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 8 \6 p. U3 Z0 e6 Z/ D- p
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)" d- E7 @% i) ]( M+ A/ n& Y6 b) K
* v7 q) n. i: `4 f
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000
' N7 f% M) o% c5 T$ a6 q                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ Q2 q/ n9 Y. c- g3 }. Z, _, |5 ^
                Resubmitted  odp: drop
! i" ~& l8 |+ D6 F% \                Rule: table=2 cookie=0 8 N4 x5 E0 Z9 B: a' e) u8 C
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)9 [  B2 |* l/ v5 S* `! ^; t

3 F* c3 W1 ^0 P3 f+ u; `4 Q                        Resubmitted flow: unchanged
% D) Y1 {8 z# v. ?6 ]- Z" L                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ! R9 {+ o1 L4 I
                        Resubmitted  odp: drop
: h6 r1 D! Q1 l! u2 ^6 D4 T+ s                        No match. H$ M# n* Z, y
) O! w1 @  C/ s$ m) \4 l
Final flow: unchanged ( I2 L3 [) \9 `
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 5 n" o% x, m  p2 U* c
Datapath actions: drop
1 S! t6 u. x  c9 o9 C( @0 P
* k6 _; X6 A6 R$ [( ^( R$ sudo ovs-ofctl dump-flows helloworld                                                
1 A. S7 t5 ~9 e# G+ Z" _+ x+ O$ qNXST_FLOW reply (xid=0x4): 6 Q- `5 o; O- M$ t& \
cookie=0x0, duration=90823.14s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
) }  o8 q8 e1 k7 @) {cookie=0x0, duration=91013.099s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
" T7 c' g. q. F4 B+ M- P3 A, Wcookie=0x0, duration=90948.614s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
& R) k4 z* m, k1 C- ]- Ncookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 3 J3 e; w' I) b+ B0 @& Q$ p, [
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
  W% Z# F* `& W) c- C* q% Lcookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) $ D# b7 f( z& y9 D
cookie=0x0, duration=86564.876s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
/ U. S( {; L) O) V3 o  _! e1 Ocookie=0x0, duration=86643.297s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop * N( T. H- _: d2 B1 b; Q" \
cookie=0x0, duration=83873.171s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) ! v) x. S4 f% W
cookie=0x0, duration=4.472s, table=10, n_packets=0, n_bytes=0, idle_age=4, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
9 B  G& |; ^* z0 C1 M1 mcookie=0x0, duration=317.148s, table=10, n_packets=0, n_bytes=0, idle_age=317, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]) i; W0 j5 o1 {- ]4 a1 y  t
: G! w; A  s, T/ ]" D5 B0 q; o
实现第四个table 3: Look Up Destination Port: g. ^. b( f9 Y2 l3 I% }' n
; ?. o  u2 c5 `- m  b
在table 2中,vswtich通过进入的包,学习了vlanid –> mac –> port的映射后,对于要发送的包,可以根据学习到的table 10里面的内容,根据destination mac和vlan,来找到相应的port发送出去,而不用每次都flood
& C! c' U6 y6 v7 q  P: r* u4 B- s  Y4 h: u
sudo ovs-ofctl add-flow helloworld "table=3 priority=50 actions=resubmit(,10), resubmit(,4)"+ M1 b- z: d7 o# ~: _

0 X# y: R- q) Y! p添加这条规则,首先到table 10中查找learn table entry,如果找不到则到table 46 c& M+ }: f" d* g9 [& M) G* X  P
8 O) S, q6 O+ G8 n' H& d
如果包本身就是multicast的或者broadcast的,则不用去table 10里面取查找。' Z; R; p% A; y! U. w

" n( ]2 W; h" G0 u9 Wsudo ovs-ofctl add-flow helloworld "table=3 priority=99 dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4)"
& J. Y5 {# ^8 d* X  M9 p0 K5 D4 w& ?
我们进行一项测试$ L- F: U' j4 e( }" t8 G
4 g4 Z& ~5 [* ^8 v6 r( D$ W2 j
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate   ) @) o( M' ?0 k7 r* V+ `
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 / @  n1 \& p5 M. r
Rule: table=0 cookie=0 priority=0
$ W5 m5 X2 U# L7 B: j' MOpenFlow actions=resubmit(,1)* x' T% w. W; }4 S) W  ]( s# p

- u" o- m9 `: `5 u7 C8 U        Resubmitted flow: unchanged 9 K; k9 J3 X, t) x8 ?
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' h0 A: C) b5 ], R        Resubmitted  odp: drop
9 @  y: v& d/ J+ |        Rule: table=1 cookie=0 priority=99,in_port=1
: Q4 B1 Y5 l: H& V. u        OpenFlow actions=resubmit(,2)
7 {4 e1 ?& c) f1 e( O; a2 d/ d7 Z' W$ W6 K  N# Z  K
                Resubmitted flow: unchanged 8 F; N' j: Y( Q6 N2 F' [: y
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 2 F: C8 w0 B7 L7 \) H2 f- }
                Resubmitted  odp: drop , S! c- E$ H+ d' N" S( b
                Rule: table=2 cookie=0 ( f4 n- d- `: G2 y, r  a4 \
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
1 G4 j1 e0 O2 d; O
9 M3 j# J( w2 L+ v3 P                        Resubmitted flow: unchanged " |: P9 u% D, m
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ E8 z6 L/ \: ]' \
                        Resubmitted  odp: drop - I2 i! A) a, R& C% H" M
                        Rule: table=3 cookie=0 priority=50
* v4 o; d$ l0 l) k8 ~                        OpenFlow actions=resubmit(,10),resubmit(,4)9 l3 H+ j0 p+ |
/ j" f1 }, n5 j2 o, e
                                Resubmitted flow: unchanged : A8 r. A$ }  x
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ' ~5 H' j4 k1 X+ Z' S
                                Resubmitted  odp: drop ( ^+ F8 j6 K0 C
                                No match
% R: |1 K" E  R0 j  Y! `8 c7 W" z! x" V) i, i% b
                                Resubmitted flow: unchanged + b# t7 y4 t3 l2 r5 G- A, l0 n
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 2 H8 r: i6 n! ~- Z; B
                                Resubmitted  odp: drop 7 E0 w& x% |, @) c8 E0 X
                                No match
! f8 R' t2 h6 X3 ^. m& r% c- J5 A) r7 I1 ?3 z! L0 I, j+ c
Final flow: unchanged 1 y& o* a+ O+ G: P3 C* P" Q
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no
  L- V/ M2 C1 [, m4 @7 {, }Datapath actions: drop
) r7 S( O- U; Z, P2 ?
" a- i5 ?$ x: r* W1 S/ f由于目标地址f0:00:00:00:00:01没有在table 10中找到,因而到达table 4.
$ O5 e. O# }! X6 x" s9 C1 n) Z9 O8 I$ q6 [7 X" @; g4 C  m
但是这次测试使得table 10中学习到了mac地址90:00:00:00:00:01& H1 Z$ P$ o1 ?* D% }
. O  o7 N5 m3 A/ j# B
$ sudo ovs-ofctl dump-flows helloworld
: Z* i% z3 O% e& U, u7 b! VNXST_FLOW reply (xid=0x4):
( Y5 l" I: J$ Q% k  rcookie=0x0, duration=91588.452s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
1 ]: j. j& O) E/ icookie=0x0, duration=91778.411s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
) z) `' C! ~- _2 U2 Ncookie=0x0, duration=91713.926s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop % S- d$ A8 W+ |! U% d
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
2 H4 |! H8 G1 m! U* Y* rcookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) & u5 w5 y* D1 {0 s! a% p
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) " _# |( V! s7 l1 k
cookie=0x0, duration=87330.188s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
2 X6 T& d6 `2 E6 m/ `5 G9 P9 ccookie=0x0, duration=87408.609s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
$ y9 X9 c5 t, t, n1 icookie=0x0, duration=84638.483s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
5 ?. O1 F/ d- l$ h4 q  G$ k& Lcookie=0x0, duration=352.841s, table=3, n_packets=0, n_bytes=0, idle_age=352, priority=50 actions=resubmit(,10),resubmit(,4) & p- y# b" k8 s& h& F" |. d( d7 H
cookie=0x0, duration=212.704s, table=3, n_packets=0, n_bytes=0, idle_age=212, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) ( V6 Y! p' C5 k  f9 v  K0 W8 t& e
cookie=0x0, duration=117.364s, table=10, n_packets=0, n_bytes=0, idle_age=117, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
# A: c' c6 Y# O' a- q+ Dcookie=0x0, duration=769.784s, table=10, n_packets=0, n_bytes=0, idle_age=769, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
( ^6 C/ \2 Y! l6 K; o2 {cookie=0x0, duration=1082.46s, table=10, n_packets=0, n_bytes=0, idle_age=1082, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
: B) q! M9 }& U4 q6 ^3 _9 Q- L
下面我们进行另一个测试
/ A/ h/ v+ L& h& ]+ D2 p  U' M: z! H7 i; s
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01 -generate   
$ K  _: c( L9 G0 ?, X5 n& k' t# jFlow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
) y: P. o4 ^* WRule: table=0 cookie=0 priority=0
3 h- ^2 o' b" eOpenFlow actions=resubmit(,1)
6 E+ o1 C6 \, j2 o! m! \' w# G8 k9 i8 K% ]/ G6 b1 Q: r+ @0 I
        Resubmitted flow: unchanged : K+ E+ b. l) W9 Q* H
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . s# C1 n* ~, j4 U* a
        Resubmitted  odp: drop
% V. T  w: l! l. n/ |& J. J        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 & [0 _# m/ L0 E( n) L3 |
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)3 Z! T# Y8 |; n  F6 |( \

$ u" ^1 p: X: A                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000 5 t; G) p, _, _# O* b9 S0 Q
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ! ]* }. ^% C. a6 e9 _) \$ D8 s5 g) R
                Resubmitted  odp: drop 9 w" H1 ~& x& Y% ~6 c
                Rule: table=2 cookie=0 ! S* v( }$ l% G4 t1 l
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)* e3 J/ L4 X: l/ N
; b* x* T/ b$ @0 W" m
                        Resubmitted flow: unchanged * I  t. Z# t( M( \' A8 m2 {
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . z; c7 T( E6 I: p& t* s
                        Resubmitted  odp: drop 8 r+ B, a$ w$ R2 A
                        Rule: table=3 cookie=0 priority=50
6 C3 ]5 f/ e+ z3 h8 B" g                        OpenFlow actions=resubmit(,10),resubmit(,4)
4 c  s% ?- Q+ }0 h& u: O! g' c# Y( G+ g8 P
                                Resubmitted flow: unchanged
4 g, V6 m& J/ L                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
% A9 l7 L9 D' U0 A3 b" Q; \; K6 ]- J                                Resubmitted  odp: drop : C" v2 `9 ^3 n* q, n5 C! N/ E, W
                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01
; g5 J/ i6 J- j, f4 s! z5 {( o                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]/ P, a" H# [" t$ ^1 T

& W3 M2 ?. O& y. a6 m6 C( ]# S8 S- \                                Resubmitted flow: reg0=0x1,metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
% J% `4 z' K8 C* B. j) A  A3 F                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
( i$ R4 t. |& O' B8 o0 G                                Resubmitted  odp: drop
4 g+ H3 ~) Q/ ]+ w' \                                No match
. P8 B3 I- }8 y! T
) l& X8 ]$ t* E3 K  G( n5 z4 ]( FFinal flow: unchanged
6 N1 f; p8 j8 i4 s3 B5 wRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000,nw_frag=no ( i  U6 a' v$ S% O" p: P
Datapath actions: drop
: r4 M3 k. q  G; P2 X& t, R* g# w9 S" e3 `' z; h
因为刚才学习到了mac地址f0:00:00:00:00:01,所以这次在table 10中找到了这条记录,这次同时也学习到了mac地址90:00:00:00:00:01) l6 ]) z9 f0 I( E
. Q8 |) R2 }! A/ u. J5 l/ r/ e* g9 ?
下面我们再发送第一次的包
- B$ N2 A$ o- {; T" F. W8 ~
! T( Z: a4 l9 h$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate
0 i4 H4 S' b; D$ gFlow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
# y8 U) K; H: \8 S  s. {* D& GRule: table=0 cookie=0 priority=0
; u! c% Q5 v: _OpenFlow actions=resubmit(,1)( F  s" D2 y- g( x$ v3 u

4 w* b  o7 M$ }8 M: Y$ F" ~% a        Resubmitted flow: unchanged
3 E3 u/ G, W3 w4 X$ b        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' @$ P* K& f+ Y5 x% l9 y$ t" e        Resubmitted  odp: drop
/ G- X2 n, |9 Z" ~: N2 E- Q        Rule: table=1 cookie=0 priority=99,in_port=1 ) L( k# e+ l0 [
        OpenFlow actions=resubmit(,2)7 X) k& @  D  z' J

  z3 E6 Y7 c; n! M- _                Resubmitted flow: unchanged
5 Q' d  ?& s, |/ \                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
7 `7 Q% v) s% ^7 c7 G                Resubmitted  odp: drop
% i  g$ p8 S5 D! T                Rule: table=2 cookie=0
7 R$ i" u3 R$ D                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3), Y& y- d" F  V5 \7 n

; G$ e& n+ k% o9 J: k                        Resubmitted flow: unchanged 3 U9 e# T( q: u- _  A
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
: T5 ]0 b/ U4 A0 M% c# e5 n                        Resubmitted  odp: drop $ c# L1 G+ S5 b* T2 b& W
                        Rule: table=3 cookie=0 priority=50
! r1 ^- R: \3 j! _. o$ ]0 P+ j                        OpenFlow actions=resubmit(,10),resubmit(,4)
0 l1 u, U1 C/ e' j1 f8 x1 X/ J3 \3 m5 S
                                Resubmitted flow: unchanged
  }: v9 I( A# d3 z" A3 G                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
) R8 M6 d9 q4 S  q                                Resubmitted  odp: drop   d  S, K1 I1 X8 J" b6 V0 b
                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01
" ~+ M* g5 R/ `+ l1 |                                OpenFlow actions=load:0x2->NXM_NX_REG0[0..15]
4 l9 m  H' j/ z1 k: ?7 ?$ p, T' g9 w
5 q! U& w: C+ ?+ x# {0 e                                Resubmitted flow: reg0=0x2,metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 * e. ?' B' y$ l! G. D- q# Q8 ?
                                Resubmitted regs: reg0=0x2 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 # I+ `% Z6 y. K+ x6 t
                                Resubmitted  odp: drop 2 ]0 F3 T3 [1 W1 h& D: J3 J4 ~: ~
                                No match( b: b( n1 O2 @; e( P+ L+ M7 l

( r- x/ F% K' @+ r$ N# B$ w% EFinal flow: unchanged / b1 J  I( o# @7 z+ z- B3 C) D) t
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no * M0 T' R: K( R; f- q' j
Datapath actions: drop: n0 p+ d% L. W. {

& Q2 e. a6 {! t/ t: e! S9 L2 D发现也在table 10中找到了记录9 F& k$ V1 e; a
( {5 c) e/ z& R# s2 d
实现第五个table 4: Output Processing
% A! {8 h- j+ U: _- y2 R1 b( K- {2 l8 y# n
这个时候,register 0中包含了output port,如果是0则说明是flood。- e0 d/ r. N! c* P5 C

3 r$ P3 i* Q4 C8 v对于port 1来讲,是trunk port,所以携带的vlan tag就让他带着,从port 1出去。
% W8 |0 d7 B6 D, m9 d0 t; T! y- v) H3 N) u/ A! n
sudo ovs-ofctl add-flow helloworld "table=4 reg0=1 actions=1", d6 Z5 g  X: M, `. N; N  Z

6 T( R2 ~' j' y8 G; f对于port 2来讲,是vlan 20的,然而出去的时候,vlan tag会被抹掉,从port 2发出去
1 E4 P: j) }6 X# U$ P
' q% `/ R. X/ A' ^5 U  Y* _. b对于port 3, 4来讲,是vlan 30的,然而出去的时候,vlan tag会被抹掉,从port 3, 4出去
; v  a7 z8 S. {2 {. ^% \+ O
$ [3 K& ~: m$ ^4 K( {$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   7 }9 \$ R: c2 V, D. `3 ?
        table=4 reg0=2 actions=strip_vlan,2 4 [! _0 i. Z  B- y2 @; j3 \
        table=4 reg0=3 actions=strip_vlan,3
8 D8 |: k. g$ t9 V  d. \. Y        table=4 reg0=4 actions=strip_vlan,4
" v7 `6 q4 A! F' {8 T3 |2 D' [4 Q$ PEOF8 W4 y) Y5 u  s3 G5 X' _2 |
8 W$ A; o# G  {* [
对于broadcast来讲,我们希望一个vlan的broadcast仅仅在这个vlan里面发送,不影响其他的vlan。4 L2 C, e" n- R  \

* Q! E( X& j( y' q# X; v$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   
6 Q% v7 t& D( d! ~2 J        table=4 reg0=0 priority=99 dl_vlan=20 actions=1,strip_vlan,2
# r* e2 E" L* o- j! ~" Z! q' h; N        table=4 reg0=0 priority=99 dl_vlan=30 actions=1,strip_vlan,3,4
5 ^) g$ \+ ~$ G! b( Z9 Y, Q        table=4 reg0=0 priority=50            actions=1
1 S: x/ S, S5 K7 MEOF( T& L2 z! l6 w; Y) ^2 y- c: l
, ]2 [7 N4 W3 f
所以对于register = 0的,也即是broadcast的,属于vlan 20的,则从port 1, 2出去,属于vlan 30的,则从port 1, 3, 4出去。
; i* _2 ]8 _! c  I
3 z" t9 u  {( M: F$ sudo ovs-ofctl dump-flows helloworld 7 d$ }: m& _, a  K( [  ^7 E, ^0 Y  f
NXST_FLOW reply (xid=0x4): 0 B. i, w& k5 n5 x7 P, a
cookie=0x0, duration=92909.119s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
2 D* _  A/ K9 c( M5 Ecookie=0x0, duration=93099.078s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
4 W; j. j) l' h2 P6 k' Ocookie=0x0, duration=93034.593s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop ! F$ G+ b1 h3 G
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 1 |4 F8 C5 z0 ]5 h
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
1 V$ h8 P7 T3 Q8 w3 Z$ `cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) ! f  }3 l$ h7 Q4 d
cookie=0x0, duration=88650.855s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
0 b- B# X: g' D9 ]0 l) G' G& R0 zcookie=0x0, duration=88729.276s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop 4 y7 a4 `& `* D( b/ I9 S
cookie=0x0, duration=85959.15s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
" P2 H% [+ u0 O% d, l8 Y( Mcookie=0x0, duration=1673.508s, table=3, n_packets=0, n_bytes=0, idle_age=1673, priority=50 actions=resubmit(,10),resubmit(,4)
8 F  m, Q; U7 J6 Z( u, k4 Acookie=0x0, duration=1533.371s, table=3, n_packets=0, n_bytes=0, idle_age=1533, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) 8 |9 V4 O8 r. S9 P3 \$ N$ G) k
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x3 actions=strip_vlan,output:3
0 @' ~6 J* e' R, S9 h+ @cookie=0x0, duration=228.839s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=50,reg0=0x0 actions=output:1 ( c0 c( o' T  G, r5 o' D
cookie=0x0, duration=483.068s, table=4, n_packets=0, n_bytes=0, idle_age=483, reg0=0x1 actions=output:1
( T: J8 ?7 k  c6 i- t& Icookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x4 actions=strip_vlan,output:4 + I* a: K0 t0 r  A; [4 l6 k
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x2 actions=strip_vlan,output:2 4 D6 D1 r, c  u
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=30 actions=output:1,strip_vlan,output:3,output:4 6 X3 R$ W4 d- W) I5 F( y
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=20 actions=output:1,strip_vlan,output:2 + H0 P- K5 i' Q: n8 ~1 K; B% A0 J
cookie=0x0, duration=1438.031s, table=10, n_packets=0, n_bytes=0, idle_age=1438, hard_age=1109, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
+ L- d& X  e& P( l, Hcookie=0x0, duration=2090.451s, table=10, n_packets=0, n_bytes=0, idle_age=2090, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
  T$ {6 D  u7 U/ i: a) acookie=0x0, duration=1258.881s, table=10, n_packets=0, n_bytes=0, idle_age=1258, vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15] , }, z8 d2 x* x$ t1 [" x) j& |$ }& V: X
cookie=0x0, duration=2403.127s, table=10, n_packets=0, n_bytes=0, idle_age=2403, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
( O6 ]  t$ |: {& z: F4 c: {% s& Z3 y5 s% z2 b) t$ E% `3 l
首先来测试一个multicast和broadcast
# L1 t/ m+ W  ^4 L7 b
2 D+ q5 L5 M0 N: y" O如果是一个port 1来的vlan 30的broadcast
3 N, u1 U& \  `3 ~/ i+ J' h  a. @& D  Y4 B
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=30
: |5 U5 h7 L6 o% D% r9 Q, j4 n& O1 LFlow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 % r9 F5 c, }) q4 B$ |: \) U
Rule: table=0 cookie=0 priority=0 + t% l1 S' d+ e+ h5 q/ l4 U
OpenFlow actions=resubmit(,1)
0 U' _$ F6 n% V5 l* W; J; ~) Z1 @3 j6 F6 B9 W# q- c
        Resubmitted flow: unchanged & H' G2 N+ }1 n/ C: h6 h3 \( f
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
1 h$ d+ k% v. ]9 X) e        Resubmitted  odp: drop * X4 I' \$ b* K+ x
        Rule: table=1 cookie=0 priority=99,in_port=1 6 D* k$ \# Y; a  M8 c& \0 t
        OpenFlow actions=resubmit(,2)
$ t8 H0 b/ |2 L* \: \1 Q- H$ g! K* e# M$ g& z8 e
                Resubmitted flow: unchanged
- ^, s  u, |' I$ q                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' |# d% [6 p: N( |& A. O7 t8 K                Resubmitted  odp: drop
' \0 b* u7 Q4 N7 ~2 W. T% ~                Rule: table=2 cookie=0 - v/ m' o) B: Q
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3); k8 T) w* v5 G4 Q
6 B0 \$ ?$ N- h$ }2 ~. O( D
                        Resubmitted flow: unchanged : w3 ~" z& E3 a8 ?9 L2 N
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & C5 L* K, D: b
                        Resubmitted  odp: drop 1 E: k: b6 y2 S& d& T7 Y
                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
2 s/ k. |! k; K3 ~8 _9 g                        OpenFlow actions=resubmit(,4)
% h7 r$ T& J" u& {7 E
% \) X6 B4 z( n8 u                                Resubmitted flow: unchanged & W5 d3 K0 p2 ?2 R2 Q/ L
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 * `7 y& g6 n1 \8 |9 y
                                Resubmitted  odp: drop
1 a$ m7 c8 i$ {' c! Z                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30 8 E8 I- L" z# L8 e
                                OpenFlow actions=output:1,strip_vlan,output:3,output:4   R8 d6 o2 x& ^1 X* H; C3 [
                                skipping output to input port; e) M: E+ c' M: X- B& k
. y5 [7 c& Z1 \6 f$ L. w; \
Final flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
$ a8 R  T% ~, WRelevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
% J) B/ f" `  F; y* nDatapath actions: pop_vlan,12,13( ^$ y0 a- m9 P3 y
* C" I, L. N3 X, N: D- L
结果是port 1就不发送了,发送给了port 3, 4
6 ~6 [5 ]  K1 S* h
- g1 E* n5 Z0 `; m* w$ sudo ovs-appctl ofproto/trace helloworld in_port=3,dl_dst=ff:ff:ff:ff:ff:ff
4 z. i, _/ z, d/ w% YFlow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 - q- K0 q1 f! ]! S
Rule: table=0 cookie=0 priority=0   M9 u, v7 R0 b: T& w1 T+ @9 _
OpenFlow actions=resubmit(,1)
9 v$ B8 e" O8 y$ Q) Y/ ]! [
* y. t8 A9 I  c& f; b: A% f) g        Resubmitted flow: unchanged 4 L1 a1 _8 [+ l9 Y* u9 P$ i9 n
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ) t9 B: j, F+ ^3 A. |  J; k/ u8 {
        Resubmitted  odp: drop
, [( ~. B6 g( T3 k& K+ E        Rule: table=1 cookie=0 priority=99,in_port=3,vlan_tci=0x0000
6 q# f/ n8 _, y        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)9 V3 j$ e# s) X) q2 r& R% c: ~; S
2 ]2 U9 R/ B; r1 e. m! R6 ~+ _
                Resubmitted flow: metadata=0,in_port=3,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
# P- k6 |2 j( r' W9 c# r; W                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' n) [8 q; z% R& ~' c* T1 ^                Resubmitted  odp: drop
% F- w' V9 T6 K  k) O                Rule: table=2 cookie=0
; l- J  H/ A9 l  h* D6 Y  h  q                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3): o/ j: G- a9 N  i; Y/ C
5 v; r5 a: |! r$ P& ]+ E
                        Resubmitted flow: unchanged
. e/ z" E, _; ]- h9 i7 B                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 2 F0 E, a+ L' v0 m) m
                        Resubmitted  odp: drop
/ g" F- o8 M( x                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 % y$ R- x5 {7 R$ \/ R
                        OpenFlow actions=resubmit(,4)1 ~. Y! k4 K8 }+ O

6 l3 R2 L, W4 [( P/ E                                Resubmitted flow: unchanged ) g% L' M& R0 D0 N
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
  q7 s2 b' r2 |0 ^) X" y                                Resubmitted  odp: drop
( _4 g& s3 |5 o+ y1 |0 M" G                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
- Y6 l( L+ F9 G8 [: v                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 : G: D7 z$ m# i, u/ |
                                skipping output to input port: o" P% s2 F+ s: F

3 Q+ ~7 W1 A' z5 Q5 OFinal flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 . P+ Q0 ^5 F. y7 y$ \
Relevant fields: skb_priority=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
; @) }' T: d, r, R- e4 M0 J( sDatapath actions: push_vlan(vid=30,pcp=0),10,pop_vlan,133 e1 Q  c+ G. F, b& d" F
& H* p' h: K. j% m6 H( J6 s
接着我们测试mac learning* g: \, k3 I" L& T9 h% f
8 r1 E% |; f. K" C6 N: k; z" a; o
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate   6 m" [3 o* a" K! v% I
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
+ G, m+ i# N9 q/ ]4 e. ?Rule: table=0 cookie=0 priority=0 % Z. Q0 s# U. p, A$ N7 q9 a
OpenFlow actions=resubmit(,1)4 z" S5 L9 g4 p: F# @

; ?6 y  V" V6 s) c$ i/ f        Resubmitted flow: unchanged
0 ]1 j2 X: ]3 ~: E6 t+ b$ v        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
- Z* c3 m' H: Z" d6 Y. f        Resubmitted  odp: drop
( |$ K6 Q3 z; b4 F7 c& h        Rule: table=1 cookie=0 priority=99,in_port=1
, H/ f# K, I2 t. X! Y/ }! {        OpenFlow actions=resubmit(,2)& u1 N" J6 M  w' f7 d/ m

* A  [; y, r2 m8 Z$ s: \2 P0 ]                Resubmitted flow: unchanged
2 _$ v' Z6 Q* ]+ X                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
. R: M% J$ F, D: c' P                Resubmitted  odp: drop
& o3 Z2 V- h% k                Rule: table=2 cookie=0 # h9 v* O& B0 r/ B. U+ ^
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)2 D4 X* U, _$ }5 [9 r5 }5 t( o' g
' e: Y9 B3 T5 C
                        Resubmitted flow: unchanged
8 F# }( b) t5 M# N  N, a% g" H1 ?5 \0 H                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 # d6 F" d! m7 M* k  \) w/ |
                        Resubmitted  odp: drop
! i& R$ {) U3 T  V+ `9 _0 v                        Rule: table=3 cookie=0 priority=50
5 R& [! v8 I3 s" x$ z% `                        OpenFlow actions=resubmit(,10),resubmit(,4)
/ q9 l* ^$ t, {6 z8 R7 r
! G* B) ^- k, k                                Resubmitted flow: unchanged
( Q* |7 k2 e) S5 f" g4 k                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
$ F; w: Q, @( r                                Resubmitted  odp: drop
  Y# ~' ^4 O5 O% J                                No match5 M  E( i3 {/ O& A; t! ~! A0 ~
6 n( x* c4 s0 p& q* J' ?# X
                                Resubmitted flow: unchanged & v3 ~! j1 W2 ^3 \- K1 h3 ~
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
# z+ Q" T3 p1 [5 t                                Resubmitted  odp: drop 5 [) t5 {& x% n( R
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30 6 f0 _! v; k, A% S4 Z' J, K
                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 2 H2 A9 D6 ~8 I) H+ T
                                skipping output to input port4 j6 ~7 p" `5 r! X$ G& G

- ?7 o' ]4 M) S0 cFinal flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
; G( ], l% \1 u3 I  y2 \* BRelevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no
' P! X& ?3 o, q4 vDatapath actions: pop_vlan,12,13. @7 h" F! W7 X1 N$ w/ [; Y8 B

- S8 a* r. j6 v' d. d由于这两个地址没有出现过,则除了进行学习以外,广播发送给port 3,4( ]6 d9 s& a+ h/ b: P3 o) B

  e+ N& ~' W6 E" n$ sudo ovs-appctl ofproto/trace helloworld in_port=4,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01 -generate   / v8 F2 [+ n1 a
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
7 ?7 q$ t" W+ y0 s/ YRule: table=0 cookie=0 priority=0
- x4 ~; n. O2 V# j) F" K  JOpenFlow actions=resubmit(,1)6 C& k0 ?* y& \) }; W. v
* z4 w/ G% x2 U7 U( Z" S* d8 |
        Resubmitted flow: unchanged
; [! [2 g! m- |- o        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
4 a7 F- g5 W9 |) Y        Resubmitted  odp: drop
9 t! q2 r9 `) o  E        Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
3 I& H# t. }4 P7 `# L( A6 }        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)
* A$ A" D, x0 W! ?! h
4 u6 g* M2 L# S# Y5 Z                Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
( i/ d- B( U1 g                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
! [1 o* U! v/ `9 z' i                Resubmitted  odp: drop
% S4 M. W9 B- H$ l9 s. g0 G                Rule: table=2 cookie=0
& h; o0 X& Z/ t0 Z0 B                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
$ U0 A/ O. h1 a
  E. p1 m. a3 e7 H                        Resubmitted flow: unchanged
" R% C1 B' a( V9 o7 n                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& }$ k5 ?" H" s8 q                        Resubmitted  odp: drop
* w  k( V' _8 d5 f                        Rule: table=3 cookie=0 priority=50 $ G! h- }" l8 _* U8 g9 {
                        OpenFlow actions=resubmit(,10),resubmit(,4); ?! l7 y, C" ?- Z

) B! |/ w  _% N" d7 @# [; V7 D                                Resubmitted flow: unchanged
4 {( {( J/ D& j                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 4 Q( w3 s1 G/ @8 K. f' S$ |
                                Resubmitted  odp: drop 0 V, k# S3 m. W: K0 K
                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=10:00:00:00:00:01 4 H4 G- W8 }& Q9 w
                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]
, }9 j, r2 B7 D" i) `- ]3 w! _3 z
                                Resubmitted flow: reg0=0x1,metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 3 h! f) s) x5 F, M+ ~
                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& P: l4 J0 G4 k% o' w                                Resubmitted  odp: drop
: H# B- Q+ [, w: [  m- q                                Rule: table=4 cookie=0 reg0=0x1 9 ~* D& e# P1 B+ F  X0 i9 P. H
                                OpenFlow actions=output:1
7 L: q* T2 L5 Q5 E0 I- q% R. O1 ^% ]: ~' w8 z6 b# w" _
Final flow: unchanged ) l0 s' A+ E+ e! I: _: O
Relevant fields: skb_priority=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000,nw_frag=no 0 t1 G( w3 I* Y* c; \
Datapath actions: push_vlan(vid=30,pcp=0),10
# ?  x7 }; O+ S6 ~* b2 e% @9 y4 n: f9 o8 ^8 h7 b
回复的时候,由于学习过了,则仅仅从port 1发送出去。
: ]/ y8 k, U0 J) q9 x, E8 z
# a7 U4 A4 Q/ P# ^: |. {$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate ! H! z4 I, N3 }4 r& c
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 + F% ^/ u" }9 d) X: _
Rule: table=0 cookie=0 priority=0 ; Q7 {& n6 ^( V7 h: j
OpenFlow actions=resubmit(,1)9 j. w! b% ?* i

* L7 t1 t8 w# ^( d9 o        Resubmitted flow: unchanged
2 \/ t0 ?; M2 m! h        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . o+ A9 E9 @$ H
        Resubmitted  odp: drop
" d# m4 h$ `+ g        Rule: table=1 cookie=0 priority=99,in_port=1
. T+ t* l0 r0 e8 V1 d        OpenFlow actions=resubmit(,2)
- Z4 I" l  x: l& }9 [+ G
, ^7 V6 E! `, M                Resubmitted flow: unchanged 0 X+ n4 _; V( z3 N  f
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
, i. y: Z: V7 a- D) G                Resubmitted  odp: drop
2 G! }' c. t7 j! g                Rule: table=2 cookie=0
  P( x" K# {  j' \                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
9 V9 H/ M, a- O. l
  N& a; a1 P# s) u                        Resubmitted flow: unchanged
) ]7 J5 \& g) H0 |2 P* ]( A. M                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
* c& L* C8 [; p: e4 I) F8 g( h                        Resubmitted  odp: drop # J0 C4 i2 e* q: L" D$ z
                        Rule: table=3 cookie=0 priority=50 & W' L5 E: t- R+ f
                        OpenFlow actions=resubmit(,10),resubmit(,4)8 {1 g* Q5 C+ Z6 [: n2 Y$ W8 M1 f  k5 ?
4 O& c- s4 \: b$ S
                                Resubmitted flow: unchanged
0 Q% N/ x* M5 F+ d8 g6 W( @                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
1 |- d& K# w7 O                                Resubmitted  odp: drop 1 }  v4 }" V/ S2 @. g9 t
                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=20:00:00:00:00:01
( s, [# J4 d. [& t                                OpenFlow actions=load:0x4->NXM_NX_REG0[0..15]
: j' ?" {" J  Z7 Y& k, B
0 @' l9 }* S* C3 j5 v                                Resubmitted flow: reg0=0x4,metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
: E$ H2 {, ~, T" H4 }% P# C! T                                Resubmitted regs: reg0=0x4 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ) w% d: Z0 x. E# P6 d
                                Resubmitted  odp: drop
* ^. ^2 f9 m8 k# L  S) _  E                                Rule: table=4 cookie=0 reg0=0x4
% K% ?% c* ~' e6 r1 H2 T                                OpenFlow actions=strip_vlan,output:4. d% T* {2 x2 n; y, M/ d
0 ^- F  G; b9 e3 m  i3 J
Final flow: reg0=0x4,metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 6 k6 L- _# g  T' G: ?
Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no
! {- P  R3 _5 N" ?& nDatapath actions: pop_vlan,13
) G' D! H) P0 R' B' {) X! S
6 {& x/ X; @/ f8 A" B由于在回复中进行了学习,因而发送的时候,仅仅发送port 4
回复

举报

admin

1

主题

0

回帖

12

积分

管理员

积分
12
QQ
 楼主| 发表于 2019-10-25 10:00:36 | 显示全部楼层
实现第一个Table 0,Admission control# t  f7 ~8 `' ?1 T% a6 p) v- p0 H
: L' N- `* T9 |- _
包进入vswitch的时候首先进入Table 0,我们在这里可以设定规则,控制那些包可以进入,那些包不可以进入。+ J( [, D* }' p& {

# a, [& o0 r$ }比如,如果source address是multicast的就不允许进入。, K, U1 `1 @( _% F' Y

. r6 A+ c$ k. m" s, T. w, l01:00:00:00:00:00/01:00:00:00:00:00是广播地址
8 }& M9 h& X+ o, R' b% B6 h, z00:00:00:00:00:00/01:00:00:00:00:00是单播地址
9 j2 X1 Z; E6 T( i6 g这种表示形式类似CIDR+ S! U* r5 y! R2 }7 }1 c2 r
于是我们添加下面的规则:
* @* T: s  K3 D: V" f( D# p4 s, Y9 Asudo ovs-ofctl add-flow helloworld "table=0, dl_src=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"
+ O: X" l5 I6 d7 M+ A3 z6 MSTP的也不接受
6 M! U5 S, d7 B# R' Fsudo ovs-ofctl add-flow helloworld "table=0, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"
6 B8 L3 R3 i4 u: y: Z0 {3 Z我们在添加最后一个flow,这个flow的priority低于default,如果上面两个不匹配,则我们进入table 1' b5 ^  w6 Q5 |' H' W+ S) a4 V
sudo ovs-ofctl add-flow helloworld "table=0, priority=0, actions=resubmit(,1)"  L" K1 |5 O# k# C$ K& j
我们查看一下所有的flow
8 r8 s, c8 g  d& v5 w$ l6 I+ U6 d+ c$ sudo ovs-ofctl dump-flows helloworld        
& N% t& x' N2 ]9 S4 b* v- KNXST_FLOW reply (xid=0x4):
& p4 }* w, o3 scookie=0x0, duration=42.162s, table=0, n_packets=0, n_bytes=0, idle_age=42, priority=0 actions=resubmit(,1) & b  d& e  S2 ^6 J! ^; |) z) g
cookie=0x0, duration=232.121s, table=0, n_packets=0, n_bytes=0, idle_age=232, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 5 V: F- |" X, F' B
cookie=0x0, duration=167.636s, table=0, n_packets=0, n_bytes=0, idle_age=167, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
1 a- }# l) B1 |6 U9 N5 G# r$ M0 p
测试Table 0
9 Z. ]7 a. u2 b% B  k7 I9 c: t" _# C$ u- E# |8 B. R" |
有个很好的工具ovs-appctl ofproto/trace
8 _9 J$ P2 w9 T* j' R) g9 }0 h! r4 t6 `/ {# L  ]8 H
不满足条件DROP( [8 N# U+ }+ W; \& j' ]
  L+ ~3 y/ ?8 T3 W
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:05 ( \* y, W  t5 s0 F
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:05,dl_type=0x0000 " n. E3 Z. J# x; q) x5 S/ d
Rule: table=0 cookie=0 dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0
; w. a" v0 B) p) ~$ G# s3 l8 BOpenFlow actions=drop
: g4 r/ h' z0 h, c( [9 |  B# x7 u2 y+ n9 t
Final flow: unchanged ) l9 U" u. H$ V$ Q
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no : X) v! k2 y! {3 J4 C' W4 N4 M) }
Datapath actions: drop
  d6 g* A) Q/ o0 o) o" P0 H% {& K6 }3 @( w
满足条件RESUBMIT1 D% b) M2 S- c4 d6 }* q/ Z: M5 Q8 c

/ i, y. k- R8 n: b/ g- h; _$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:10
/ ^. D& y" T% s3 |& B- A/ c7 S6 WFlow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:10,dl_type=0x0000
3 P$ [8 f' s1 e6 }  g1 O' r( \Rule: table=0 cookie=0 priority=0 # y" N8 X9 y) a# E! O; v) E
OpenFlow actions=resubmit(,1)
4 O) [: |8 @5 \6 @4 F6 f4 t1 F, d0 ^
        Resubmitted flow: unchanged
4 a9 W' K  n) X  L# @' H; O        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" y8 }% h7 l1 U, Y        Resubmitted  odp: drop ' R1 ?1 {1 @$ [' p9 g+ A
        No match/ R( S4 }6 ]3 i
' [6 }( g. Q- I- B
Final flow: unchanged
% w. M# [2 U! j: d9 }/ qRelevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:10/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no ! k& R# w' T; g+ o
Datapath actions: drop
* A1 }/ h' E* z0 T$ d* F7 ^, v2 ^7 ~) j' p  R
实现第二个Table 1:VLAN Input Processing# ?' B( c' p- r) @% r/ U- P, J' G

: K) i  O3 `. U; g6 r首先添加一个最低优先级的DROP的规则
( G: p. h( i( G, I" Y
3 ?& P$ j! G& U. H, A, v  _% Bsudo ovs-ofctl add-flow helloworld "table=1, priority=0, actions=drop"
( g  a: y* a7 s5 l% [2 M% |' W% l1 M, O
对于port 1,是trunk口,无论有没有VLAN Header都接受。
) w( {) _/ b5 \6 R! ]" v
1 R  x% [4 i" G: |) K' s) u$ ~& c0 tsudo ovs-ofctl add-flow helloworld "table=1, priority=99, in_port=1, actions=resubmit(,2)"
# ~; H; k; X# i* _' P* d& h, P  \  t, w
对于port 2, 3, 4, 我们希望没有VLAN Tag,然后我们给打上VLAN Tag
7 S; B7 `0 c0 `0 q$ G* ~' ]/ j' K  d, T  U
$ sudo ovs-ofctl add-flows helloworld - <<'EOF' 2 F$ e3 {2 V% P8 L5 ~
table=1, priority=99, in_port=2, vlan_tci=0, actions=mod_vlan_vid:20, resubmit(,2)
( f6 E7 S" M  Y/ Mtable=1, priority=99, in_port=3, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) $ U& N. M3 _2 ~9 Z7 i8 A
table=1, priority=99, in_port=4, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2)
0 K6 b2 J. b' j: l$ QEOF$ R2 K- B: x1 m" N' Q; P% n" ~
, B8 w# z2 n1 F9 ^
$ sudo ovs-ofctl dump-flows helloworld
( S7 {5 {! v3 d/ ANXST_FLOW reply (xid=0x4): 3 I2 b( S/ p2 n- H- T. j+ d
cookie=0x0, duration=4478.582s, table=0, n_packets=0, n_bytes=0, idle_age=4478, priority=0 actions=resubmit(,1) 0 ^, M8 u4 M3 f; G) i  W
cookie=0x0, duration=4668.541s, table=0, n_packets=0, n_bytes=0, idle_age=4668, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop . u% c% r& F- L, ?% W/ ^  x
cookie=0x0, duration=4604.056s, table=0, n_packets=0, n_bytes=0, idle_age=4604, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
9 {' @6 _# }2 A# {- _" {+ pcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) % A' x2 Y/ a1 g$ D
cookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) + L) v' e8 C! p' `7 `3 F
cookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) + P6 d# Y+ s# M7 Y1 @6 o
cookie=0x0, duration=220.318s, table=1, n_packets=0, n_bytes=0, idle_age=220, priority=99,in_port=1 actions=resubmit(,2)
6 @+ v% |  r$ h# I9 {cookie=0x0, duration=298.739s, table=1, n_packets=0, n_bytes=0, idle_age=298, priority=0 actions=drop6 _$ R4 ?5 {1 A! j. _& Y
# J( ?9 ]9 n, r+ B3 H
测试一个从port 1进入,tag为5的& d# f# `! Y7 s" a

% R, d# Q, b; e- k) h. f0 s) j$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=5
2 @( A1 I' p2 w! E0 `2 C- X  G' gFlow: metadata=0,in_port=1,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
$ W* H! u5 k0 A2 c; CRule: table=0 cookie=0 priority=0
1 Y& y+ l6 m/ q9 ?OpenFlow actions=resubmit(,1)
# b+ [0 R. l! o& |
; g4 p  ^  {8 b" {' A! H        Resubmitted flow: unchanged . C, q' `) e' j
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 4 }; C% P- n; Z5 @6 w1 J2 ^4 ~; m; F
        Resubmitted  odp: drop
6 J) a" k/ O; o. o        Rule: table=1 cookie=0 priority=99,in_port=1 1 I) U( g3 Y5 C2 Q$ t
        OpenFlow actions=resubmit(,2)+ h& A( L& W  L) V

8 Y- n; Y& D" S, w+ C6 A5 R                Resubmitted flow: unchanged % J* D& C4 Q0 l1 _7 v
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
8 _' ]7 z7 r. ?0 L  c7 ~1 O' }4 Y: m                Resubmitted  odp: drop # r. J3 L9 I8 O3 ?( I, s) z9 S4 Y
                No match. F; l+ e- U6 r/ V% D$ Y; e

! y, ~/ {  x! s, ]Final flow: unchanged
7 w  n' E+ T2 t+ w) o) cRelevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 5 |' d, y7 _7 e+ \  d) B, R& ~
Datapath actions: drop
" E" Y# @4 ^4 o  ]! m" e
7 Y" X, b0 g2 U7 O1 k测试二,从port 2进入,没有打Tag的: F9 N0 F9 l- b1 t# y
7 `2 P( r" k( @) C
$ sudo ovs-appctl ofproto/trace helloworld in_port=2 " t, _) l* Q1 ^5 x. @: ]
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 ! a, Z( }! k/ l) J
Rule: table=0 cookie=0 priority=0
! K2 o+ o" t3 n" _OpenFlow actions=resubmit(,1)# O$ b# ~2 m' V: z2 k

. R. s' ^- f: w% ~! T% r% T        Resubmitted flow: unchanged
" W6 I- M, n1 [; Q+ S8 B        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
3 A8 n, p8 w3 \9 c6 z2 x        Resubmitted  odp: drop
! t7 b0 J9 l0 _2 G8 W. J        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 9 A% n3 k& n( b3 [
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
- z& ]0 B; q( ?+ ^5 U" y! x
7 x$ n# E* ^8 f                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20这里被打上了Tag,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
& b3 R  E; Y  a" |                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
8 G5 W0 u, S" @4 G                Resubmitted  odp: drop
( \9 j5 b. o& |& K4 x                No match
" o  J+ k# h. a' b7 N: C$ g7 {$ h- B# a  R
Final flow: unchanged ) O0 u( K( K7 @/ ^3 j  ]; w
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
' J3 V* _0 i; _! J$ `& Y- @6 \Datapath actions: drop
* ^" U. ]- g* x% W- W1 R9 i
* Y; j. |+ t! W( C# h测试三:从port进入,带Tag 5的
! |$ O8 H6 B- w1 D1 q! M& v0 }1 H
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,vlan_tci=5
+ \1 \6 g: Z- F3 J. c9 rFlow: metadata=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 ' C( S' P5 Y* b' y" ]/ N) G% e/ a0 Q* O
Rule: table=0 cookie=0 priority=0 . a& B1 t! C# A# S  g% O/ h
OpenFlow actions=resubmit(,1)- c! K. C/ r: o" Y

9 m$ d  s& D7 R, J        Resubmitted flow: unchanged ; L! L& o2 @  B+ m7 r) g
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
. X+ G! d9 l3 T/ G. t$ I4 W$ Q& A        Resubmitted  odp: drop + H4 R. Z4 X7 Q5 v9 o  K4 C
        Rule: table=1 cookie=0 priority=0 , v8 S& ^# U  ^; \0 o: ?. M
        OpenFlow actions=drop& |# r6 X* S& I% v8 {0 Z9 C# q; p

( ^/ F3 A6 f* D/ H  y' x0 U* PFinal flow: unchanged
  B$ w4 f. C$ J6 k5 ARelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
7 N( \: \5 i: y: m" aDatapath actions: drop1 U' n2 E& [+ U: t+ E% c

9 l+ }1 Q5 h: M实现第三个Table 2: MAC, VLAN learning for ingress port
# v0 b- X/ M' M! R2 _* _  q2 p
对于普通的switch,都会有这个学习的过程,当一个包到来的时候,由于包里面有MAC,VLAN Tag,以及从哪个口进来的这个信息。于是switch学习后,维护了一个表格port –> MAC –> VLAN Tag。) E' n5 y2 C( e* T, {9 C+ M; B
3 M- E  D6 M$ e4 `6 b, G4 Q+ q$ K
这样以后如果有需要发给这个MAC的包,不用ARP,switch自然之道应该发给哪个port,应该打什么VLAN Tag。
* s0 V4 T/ V8 K( m0 W" P: _5 o7 Z' o; w1 I$ _- z" l5 p$ L
OVS也要学习这个,并维护三个之间的mapping关系。& ?$ k4 r' ~5 L, x% ~
% q& Q9 h- B3 {  @  J) c
在我们的例子中,无论是从port进来的本身就带Tag的,还是从port 2, 3, 4进来的后来被打上Tag的,都需要学习。
# ?2 f* \" y; c& d3 \4 _# `4 s
6 B  z9 a4 w2 }5 Q( q/ Fsudo ovs-ofctl add-flow helloworld "table=2 actions=learn(table=10, NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]), resubmit(,3)"
: x* n, A$ ?' {' `  s
" S' }9 t$ @+ t# `2 v这一句比较难理解。3 a& z, r* H7 Q8 a
" T+ g* m* ^9 ~- D/ |1 F) D
learn表示这是一个学习的action
$ V( L+ X3 @$ ^8 V+ G
. @9 h% g& U/ C& ptable 10,这是一个MAC learning table,学习的结果会放在这个table中。
; C, d5 [, X, C2 ?& t& L/ F! O. ?" ]1 ~7 @
NXM_OF_VLAN_TCI这个是VLAN Tag,在MAC Learning table中,每一个entry都是仅仅对某一个VLAN来说的,不同VLAN的learning table是分开的。在学习的结果的entry中,会标出这个entry是对于哪个VLAN的。
! |8 O# ~( X. V* v5 ~9 }4 A! w: n7 i! A! h- p1 _
NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]这个的意思是当前包里面的MAC Source Address会被放在学习结果的entry里面的dl_dst里面。这是因为每个switch都是通过Ingress包来学习,某个MAC从某个port进来,switch就应该记住以后发往这个MAC的包要从这个port出去,因而MAC source address就被放在了Mac destination address里面,因为这是为发送用的。* N; x% z, M- [+ J5 d  V9 r
9 ]: I1 G& S' |; [
NXM_OF_IN_PORT[]->NXM_NX_REG0将portf放入register.0 E0 F% [- R  r6 L% B* T' J
2 n9 R) g6 h( P7 w( R* I# V" p
一般对于学习的entry还需要有hard_timeout,这是的每个学习结果都会expire,需要重新学习。
' ?8 y* S; H0 V2 q  L
+ L4 ]: S1 e5 O7 p' x我们再来分析一个实践中,openstack中使用openvswitch的情况,这是br-tun上的规则。) k( d3 W' O& T" d" U9 l! C
0 W% ?( K# u1 D& Y
cookie=0x0, duration=802188.071s, table=10, n_packets=4885, n_bytes=347789, idle_age=730, hard_age=65534, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
  v8 T" X2 c- x5 |( Fcookie=0x0, duration=802187.786s, table=20, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,21)
5 s! n5 g0 h- }4 A9 L1 q cookie=0x0, duration=802038.514s, table=20, n_packets=1239, n_bytes=83620, idle_age=735, hard_age=65534, priority=2,dl_vlan=1,dl_dst=fa:16:3e:7e:ab:cc actions=strip_vlan,set_tunnel:0x3e9,output:2 ; ?: C- \8 r8 f. M! ]& c
cookie=0x0, duration=802187.653s, table=21, n_packets=17, n_bytes=1426, idle_age=65534, hard_age=65534, priority=0 actions=drop
) P7 e9 e0 B% T* O. xcookie=0x0, duration=802055.878s, table=21, n_packets=40, n_bytes=1736, idle_age=65534, hard_age=65534, dl_vlan=1 actions=strip_vlan,set_tunnel:0x3e9,output:2% c, [" ^0 k: e

! J# o- q' G2 N# O& s这里table 10是用来学习的。table 20是learning table。如果table 20是空的,也即还没有学到什么,则会通过priority=0的规则resubmit到table 21.$ i9 F+ a: n) q* p

2 d( |- O  b+ W0 |table 21是发送规则,将br-int上的vlan tag消除,然后打上gre tunnel的id。/ w+ O& V3 M( s
7 I# x: u8 q( C2 i9 m7 x
上面的情况中,table 20不是空的,也即发送给dl_dst=fa:16:3e:7e:ab:cc的包不用走默认规则,直接通过table 20就发送出去了。
' b# a5 a; q% {% M: q
' k% d( g  ]( L7 itable 20的规则是通过table 10学习得到的,table 10是一个接受规则。最终output 1,发送给了br-int
6 o+ R+ {& \+ z+ N! R" B
$ e6 u# }0 K# R3 y' |+ G. {NXM_OF_VLAN_TCI[0..11]是记录vlan tag,所以学习结果中有dl_vlan=1# M; s/ q* F* Y' K8 L+ t# f' N

  J% Z. a6 i5 p. vNXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]是将mac source address记录,所以结果中有dl_dst=fa:16:3e:7e:ab:cc
4 ^6 \* ?" h5 i; Y- r4 n2 a% z
5 n$ o" Z# ?& Vload:0->NXM_OF_VLAN_TCI[]意思是发送出去的时候,vlan tag设为0,所以结果中有actions=strip_vlan
/ U: \4 p/ g0 T, }4 I
3 D/ \. U  d6 Z6 sload:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[]意思是发出去的时候,设置tunnul id,所以结果中有set_tunnel:0x3e9* C5 d7 {, p* H0 M6 g& Z" x
9 o9 v( `1 D4 E/ m# _7 M3 b
output:NXM_OF_IN_PORT[]意思是发送给哪个port,由于是从port2进来的,因而结果中有output:20 [' _1 n7 X% h) Q* y

' O/ ^9 |# k  L: o; a' g测试一:从port 1来一个vlan为20的mac为50:00:00:00:00:01的包5 e0 c' i' N( W8 W& O, s
5 a9 q/ n7 d6 E/ \
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=20,dl_src=50:00:00:00:00:01 -generate   
2 l9 [& S/ h9 A, T" A9 p' fFlow: metadata=0,in_port=1,vlan_tci=0x0014,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
) ~2 z' |' X' r, j( ]% A8 bRule: table=0 cookie=0 priority=0
. J* a/ O4 B6 p1 V4 Q6 qOpenFlow actions=resubmit(,1)$ q$ P" J' s1 y5 T+ F) P( v/ O
' S8 w7 [5 F4 r# Z; d" F$ O% Y
        Resubmitted flow: unchanged
3 w5 `6 L- i, F        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 6 o1 q* X+ x& {* Q
        Resubmitted  odp: drop , j, P' x' Z% q; E5 Q" l: V
        Rule: table=1 cookie=0 priority=99,in_port=1 1 |! I( Q! @/ L, |" V8 i0 M
        OpenFlow actions=resubmit(,2)
" ^2 K3 U" h& Y2 O
5 g2 F0 a  l, {8 U  M1 ?$ b                Resubmitted flow: unchanged # G+ I1 h: j* X& \
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
/ G& h( O% n; d; V! H                Resubmitted  odp: drop 6 U( c( c/ F- _1 z9 L- _3 r& h
                Rule: table=2 cookie=0
! o/ n  K, f3 N% U" C4 C                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)5 D) q0 z7 \( M6 c" f. F
1 v# B3 ~' q+ k
                        Resubmitted flow: unchanged
; k0 l: H& G. N- g' w                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
5 B/ d" [9 W' I/ p                        Resubmitted  odp: drop
3 ~8 n9 n- @" _- y" Y                        No match
2 [0 P4 ~. g  U+ k; g! g' i# [5 K6 v# [3 Y! V; `
Final flow: unchanged ; j: }9 `$ [: |1 h5 ~4 Q& l6 @$ [
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no , ?; ^7 }0 ?' S
Datapath actions: drop
5 ?) X6 N- O) T* ?& k3 f& p
  h& Y+ ]: y2 h5 X% H6 Q. y% U$ sudo ovs-ofctl dump-flows helloworld
- u, g0 r/ X6 E4 m' ONXST_FLOW reply (xid=0x4):
, L. f3 n) M% d; ^5 ucookie=0x0, duration=90537.25s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)   b$ L) K1 N7 n
cookie=0x0, duration=90727.209s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
2 N/ n; I) T% _* P5 C# Rcookie=0x0, duration=90662.724s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
0 i8 R, ]: E  @; |2 m" f6 }cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) / C6 P, m# `5 N
cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
/ I8 d/ Q9 M$ h8 M1 G! |cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) . C, k# Y9 [( k( x& R* \/ F' K
cookie=0x0, duration=86278.986s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) # ]# _6 m$ ^6 P  z6 ~' y7 b
cookie=0x0, duration=86357.407s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop $ }7 L( X3 H% D
cookie=0x0, duration=83587.281s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) " Q5 s6 i4 g! H* N+ K) Y4 h$ r
cookie=0x0, duration=31.258s, table=10, n_packets=0, n_bytes=0, idle_age=31, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
8 i/ E" c# A! ]) \: a1 u5 G5 X* I$ m, A
table 10多了一条,vlan为20,dl_dst为50:00:00:00:00:01,发送的时候从port 1出去。* G4 `* n3 I9 A0 A  i# a2 V

/ i( X& Q0 D0 ?测试二:从port 2进来,被打上了vlan 20,mac为50:00:00:00:00:02$ o$ j; Z, b; w5 B$ f$ I  r+ C$ q
9 y0 S3 ?. C' _
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=50:00:00:00:00:02 -generate   1 C2 T; ~/ r8 K/ ?) I+ Z
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000 9 @7 N5 C" a  m* {
Rule: table=0 cookie=0 priority=0
; i6 X/ @/ @. o+ ~, v$ Q* _. rOpenFlow actions=resubmit(,1)! Y4 E& |, t- v9 o9 i# p& z. @3 }4 s1 A

6 r6 I. i! h( t- \        Resubmitted flow: unchanged . F/ n& W$ q/ Z  p  V- e2 w8 \7 i' X
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' r  G" L' ]: u2 m( r        Resubmitted  odp: drop " Z; t" `, n" o3 r# V6 u
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000   p# T, x" @. x  R
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)( u, l5 z' z# p% |

6 e' A/ y5 Z8 u& [3 s                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000 # E( I7 I8 }7 z; o# z
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
% _. D( k5 _: y8 Q: y                Resubmitted  odp: drop
' `& P* x1 @: _) p' v; k                Rule: table=2 cookie=0
: t2 G$ a3 [7 p  r, P  C                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)) }* j+ c# B8 \& w0 m7 m" A: w: D: H4 a

6 w1 ~' O5 i. Q. |& }3 T                        Resubmitted flow: unchanged 4 I: }1 S" A$ k: p, w
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 - P3 N$ u8 ?) m3 \! H
                        Resubmitted  odp: drop " \7 M3 M$ v- M: Y7 x' U: j
                        No match
8 q+ I( m0 q( y% B* L0 J- J: h9 k5 L
& w: _+ [8 t+ ?Final flow: unchanged
* o$ c( x+ K5 |) I0 nRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
9 U* t( a: t( v  Z6 FDatapath actions: drop% ]! ?6 _7 ~/ f+ w* X+ K4 d
7 _& c! }$ q. ~  ~7 d8 Y8 R
$ sudo ovs-ofctl dump-flows helloworld                                                 4 l4 K0 f- D+ k0 j
NXST_FLOW reply (xid=0x4):
/ W, T! w% p3 }# l; Xcookie=0x0, duration=90823.14s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
+ v( ~; q7 j" x$ ~" D; x' h' [cookie=0x0, duration=91013.099s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
! W- `1 Z1 q- j% t% }1 J5 Ycookie=0x0, duration=90948.614s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop - o; d0 f6 p2 z4 L
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 2 a- t% N3 l! ?8 t$ _
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
7 F4 |( v0 H$ ^* Ncookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
& n  w% P3 H# P: tcookie=0x0, duration=86564.876s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) ( i! F( `: X9 e( p: o
cookie=0x0, duration=86643.297s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop 6 F$ \. ^  z/ a
cookie=0x0, duration=83873.171s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) 8 `6 J1 d" K- ~4 p8 Z
cookie=0x0, duration=4.472s, table=10, n_packets=0, n_bytes=0, idle_age=4, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] - F& D: c, e) X9 J$ o$ u. g1 u
cookie=0x0, duration=317.148s, table=10, n_packets=0, n_bytes=0, idle_age=317, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
2 G( C/ \) d7 X3 |7 ~- h. m) [) f& b6 O
实现第四个table 3: Look Up Destination Port: U) U% `4 g% y
: ?& A% n5 X& J/ }5 J  P3 L
在table 2中,vswtich通过进入的包,学习了vlanid –> mac –> port的映射后,对于要发送的包,可以根据学习到的table 10里面的内容,根据destination mac和vlan,来找到相应的port发送出去,而不用每次都flood
* P8 f5 d$ f$ x3 q" M
8 `" r3 e: l; usudo ovs-ofctl add-flow helloworld "table=3 priority=50 actions=resubmit(,10), resubmit(,4)"
5 L. y/ J. P7 o! p( ?
" t1 h  O+ r& P4 ?1 {添加这条规则,首先到table 10中查找learn table entry,如果找不到则到table 4
' N' E. R( x' j8 V9 ~8 @& h) {! z3 q" A! T9 j& R( o
如果包本身就是multicast的或者broadcast的,则不用去table 10里面取查找。! f; g$ m3 E- _' t5 b2 X& I

: `0 U8 c$ U- {7 ^sudo ovs-ofctl add-flow helloworld "table=3 priority=99 dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4)"
/ o5 \- `; _8 ^7 h' |
3 p6 s/ E, @! n% S( G我们进行一项测试
9 P* ?8 }# t; ?+ \$ ]- T; {8 a, D; c: [
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate   # U; X$ ?! r! G* I
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
4 n, E; {% F8 n( q6 {: J1 |3 kRule: table=0 cookie=0 priority=0 0 G' S( B! z5 f' q. b
OpenFlow actions=resubmit(,1)9 B" k) }0 x- [2 z3 ^
- q+ `: h( \7 \$ x
        Resubmitted flow: unchanged
" h! B& k1 N6 x        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& Q3 Z/ q# y- |7 Z* x) }0 V        Resubmitted  odp: drop
5 [2 T; b' d2 x3 \- Z( i        Rule: table=1 cookie=0 priority=99,in_port=1 8 B1 J3 q4 U4 u. K
        OpenFlow actions=resubmit(,2)% z, f. N5 _4 K. d
8 U6 b5 f8 n$ a
                Resubmitted flow: unchanged
' B6 V7 B5 z5 k3 M5 ?. t0 g                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 0 h: Z9 ~5 A7 \1 F& b
                Resubmitted  odp: drop
1 G% \' Q7 f( B4 R: r0 d                Rule: table=2 cookie=0 : W, R5 z: G& j) l0 g5 g
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
6 E" J3 Z; l* {, g% d  L8 L5 `. h2 R6 S7 V" Y: a' H! U
                        Resubmitted flow: unchanged $ T& Y: s* n: q7 U2 T8 D
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0   C, U+ p! ~! j
                        Resubmitted  odp: drop 2 }2 l& J: B. D: o6 @; A
                        Rule: table=3 cookie=0 priority=50
3 J. n4 f/ n9 w# s8 z8 P                        OpenFlow actions=resubmit(,10),resubmit(,4)
2 C( L2 H* L# n' @3 A) n" }/ o# R  ?, o! I' y
                                Resubmitted flow: unchanged
# r( |; @- R5 `* k                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
$ {* L& H2 }+ O, C3 k5 }/ u8 k2 M                                Resubmitted  odp: drop * P- V" V, T3 {& F1 U
                                No match
- J- l5 }2 C$ h9 S
, W" ^; b! q* t5 c2 Q- m+ \, ?6 [+ G                                Resubmitted flow: unchanged 6 B7 Q& Y3 X. m6 m% j6 {" C
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
, y6 o7 ~, A5 W6 j2 G* Q( q                                Resubmitted  odp: drop : V: n- u% S2 _+ d& b& u0 `1 F# r
                                No match
# F1 S& p& N; I1 _# w: M; |7 X* s
9 n" q3 _& e$ S! m: K! AFinal flow: unchanged + g& B: l3 T' ~
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no ( u, f$ X# V2 x+ W
Datapath actions: drop
, |3 E" K9 N/ I3 T, `
8 j, R# I0 t1 Y由于目标地址f0:00:00:00:00:01没有在table 10中找到,因而到达table 4.& Z! g4 c4 ]+ A4 {7 x

3 S/ U  L3 z# N, e* J! |但是这次测试使得table 10中学习到了mac地址90:00:00:00:00:01
7 ?3 @/ j4 j7 _& ]. K- S/ s) Z* }
8 Z( Y2 p9 ~2 @) ~$ sudo ovs-ofctl dump-flows helloworld 0 q! d& y# e1 Q% ]" N
NXST_FLOW reply (xid=0x4):
" @+ A+ p/ X) a! \cookie=0x0, duration=91588.452s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
; B- o, P% u2 x# Z8 l. g6 P$ Scookie=0x0, duration=91778.411s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop * h7 j4 ^0 `" _; y3 ]
cookie=0x0, duration=91713.926s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
" b6 }' ^5 B2 p  kcookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
1 H  |) e; F& Scookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) & h$ @& E9 c* G& T( E- y7 k% ~+ q2 \
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) % ~8 R% @3 ~! j/ ~1 v1 l
cookie=0x0, duration=87330.188s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) 0 A8 r: X: F. f! u+ _
cookie=0x0, duration=87408.609s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
# C) L7 _( g( vcookie=0x0, duration=84638.483s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
) y3 s/ O$ t# \9 e9 o! U) a4 Vcookie=0x0, duration=352.841s, table=3, n_packets=0, n_bytes=0, idle_age=352, priority=50 actions=resubmit(,10),resubmit(,4) : l" K* i$ h3 g6 p. m" @" ]
cookie=0x0, duration=212.704s, table=3, n_packets=0, n_bytes=0, idle_age=212, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4)
" _, I. v4 k; f cookie=0x0, duration=117.364s, table=10, n_packets=0, n_bytes=0, idle_age=117, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15] # U9 u) g" b1 Q: q5 C- q7 D
cookie=0x0, duration=769.784s, table=10, n_packets=0, n_bytes=0, idle_age=769, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] + ?* \& Y5 O% Q0 K% p
cookie=0x0, duration=1082.46s, table=10, n_packets=0, n_bytes=0, idle_age=1082, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
+ T7 u9 }. C6 k6 X
4 e4 U/ f% t& M8 b  a0 U下面我们进行另一个测试
5 S* Y6 B: E  D0 v
3 Z; P9 a9 u9 e$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01 -generate   . M" y- H4 ^- W( ^7 }
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
; p9 M7 E% f2 c2 c7 eRule: table=0 cookie=0 priority=0 ' V% M$ q) u/ C  N
OpenFlow actions=resubmit(,1)
" e  z0 H; C. t! ~( X5 ^, F% R/ k6 n( _+ B1 x7 a. w- K8 L
        Resubmitted flow: unchanged
. d* |' f- D8 r, [7 F5 I6 m. q        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
; Q, G% ^* E( W& O        Resubmitted  odp: drop & A& {% o- v) N  c
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 " b5 ^1 w! L0 i
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
6 m( e) a2 f6 ~; ^, o2 S# A! K; K) A0 S. h9 i2 x
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000 # Y- n: s- m2 c- k$ i) |1 l
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
- ~2 X1 T) `5 N- z3 v                Resubmitted  odp: drop : x% V/ N% |; B& y5 Z* M
                Rule: table=2 cookie=0 1 I, k2 u2 m1 p' O7 i! v
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)# s  S# g  p# r3 {$ ]9 c. D

- d! I$ M  X+ q( M5 ]                        Resubmitted flow: unchanged 7 |% f  r2 p6 N
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
8 ]: o# M' F7 r& I' Q% c: \                        Resubmitted  odp: drop / W# r4 ~- ^1 |5 [- D2 J# ^
                        Rule: table=3 cookie=0 priority=50 % m1 d& P$ ^: ~" e4 b% p; b
                        OpenFlow actions=resubmit(,10),resubmit(,4)- W6 s$ H# G4 G6 @9 e' W
3 i+ \. t# K& R6 v
                                Resubmitted flow: unchanged
; R# Q& ^! }, D+ W! k                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ' y  Y, E; C6 ^
                                Resubmitted  odp: drop
2 c' R  n' y7 a; N# F                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01
. a/ R* a" {$ g8 c                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]
% z: S1 i# t+ T# N& x. X1 J6 i0 x
                                Resubmitted flow: reg0=0x1,metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000 2 ]5 q& A$ x5 c
                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
, X4 I0 Z; M+ @3 V3 k6 N  i3 s7 E                                Resubmitted  odp: drop
* W4 T0 o& Z* l# X) L- P                                No match$ V  H! c/ H3 q8 s! F8 N  ~7 H4 S
6 c7 B0 T: U# I+ A
Final flow: unchanged 3 x0 A4 i7 t9 J. W+ f
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000,nw_frag=no 4 ]* w( V$ e$ Y9 p* |, F
Datapath actions: drop
' q0 ~7 Y5 p7 o5 }! r4 q
& @) R) M5 ^9 E9 }因为刚才学习到了mac地址f0:00:00:00:00:01,所以这次在table 10中找到了这条记录,这次同时也学习到了mac地址90:00:00:00:00:01
7 i* _) Y, I4 w% r. x7 J4 X) w1 T  j. v6 l% n6 t6 t
下面我们再发送第一次的包$ ~  J* x8 r. H- @- T0 Y

. S7 }4 k! R; f; N" \1 W$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate ; C8 k  k) Z! H( h6 ]
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
; t' k* ~( x5 \* WRule: table=0 cookie=0 priority=0
* o5 U+ H& h  r# Q# p$ h/ hOpenFlow actions=resubmit(,1). d2 u# U# `1 t# ^  o9 a
; o* A# H& k& t" U5 Q; t: s8 N
        Resubmitted flow: unchanged
+ f$ d2 G1 @6 E& ~- ~/ l: C: H2 I% {        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . S9 H: P' _  j, _8 E
        Resubmitted  odp: drop
6 j5 L: K" a" g7 B' \: ^/ ~0 a        Rule: table=1 cookie=0 priority=99,in_port=1
$ n: Q% D# ?- V$ m, |        OpenFlow actions=resubmit(,2)
' r2 c( a: }5 i7 R7 p, _& ~
+ Y' I2 _: L4 M: u/ W) x                Resubmitted flow: unchanged
2 Y0 d. z  [6 B                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ( N9 f7 d" u. Z( b7 ]+ O
                Resubmitted  odp: drop * B8 }1 D/ q3 P) [, k" F
                Rule: table=2 cookie=0
1 @0 A, J2 \, g* z/ V& u                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
7 ^$ K& d) i1 T" W$ p  |4 U6 N0 y$ o( p1 o
                        Resubmitted flow: unchanged / W4 k, _9 D& Y5 @# H
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" q( S. `8 P* N2 H& B                        Resubmitted  odp: drop $ y  V4 F0 t5 _( i4 z$ L
                        Rule: table=3 cookie=0 priority=50 9 b  _6 J' z" z& v/ C9 D0 Y
                        OpenFlow actions=resubmit(,10),resubmit(,4)
! k6 t8 V* ^; U7 y% T6 N# ~0 {
, @8 z! ^2 {( D$ G0 B4 f                                Resubmitted flow: unchanged
: I  H5 v+ i' H+ v  ^$ z7 U/ @9 D                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ! z) M" D3 I' E- F) {! N6 l
                                Resubmitted  odp: drop 9 H) {8 _/ U: Z4 @# V" [. y
                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01
) r# q  N; o  `  B                                OpenFlow actions=load:0x2->NXM_NX_REG0[0..15]
: ^1 B) ]2 x8 r0 L. Y
/ Z4 {+ x( _0 Y; y. g# M7 C6 N2 |                                Resubmitted flow: reg0=0x2,metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 / h' x% p! d8 ?0 ?
                                Resubmitted regs: reg0=0x2 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 2 ~' u3 [( U' M) e5 C4 S4 H
                                Resubmitted  odp: drop
1 g7 V8 [+ u7 G% O, P                                No match! q$ m1 n. ~1 ~2 ^

0 ]1 V1 B8 q  U5 QFinal flow: unchanged
6 _' |" V8 G1 R" HRelevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no
) \8 k0 B0 Q' |* ^9 {7 p; w  YDatapath actions: drop
( o+ p/ h' J. a' t: d9 h( x( k  p2 P/ O! t, \) Q
发现也在table 10中找到了记录
" {# O1 y; I8 z. d* z+ M2 P8 R0 z+ s9 o' [% k/ W
实现第五个table 4: Output Processing% P# {% q! B* i
6 K4 W+ n, A7 {
这个时候,register 0中包含了output port,如果是0则说明是flood。
& a4 B4 I: K7 V) l* R
% @: b0 i( d+ V1 ^% I( p# R对于port 1来讲,是trunk port,所以携带的vlan tag就让他带着,从port 1出去。4 Z" m/ ~. c! H4 @, h& [0 Y
3 |& I2 A6 Q: Q0 h7 c2 A& k
sudo ovs-ofctl add-flow helloworld "table=4 reg0=1 actions=1"
) b# V& }! s8 [2 z1 |  T) v
: T: g  ], O( |% j- u% d7 H* X对于port 2来讲,是vlan 20的,然而出去的时候,vlan tag会被抹掉,从port 2发出去  X9 m# s* @6 c  I6 [
; f+ n5 }+ U4 X3 K* o
对于port 3, 4来讲,是vlan 30的,然而出去的时候,vlan tag会被抹掉,从port 3, 4出去
2 H* u2 P% S, C$ ?( n# I) j7 s& ?, F5 g7 i* g6 e3 Z
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   
+ y! }, {1 E- S  e- z        table=4 reg0=2 actions=strip_vlan,2 ! I: L( m8 r/ _7 \" V9 `4 d
        table=4 reg0=3 actions=strip_vlan,3 ; K( x: q3 m5 V
        table=4 reg0=4 actions=strip_vlan,4
8 a( H/ h6 v' C: L4 D/ G+ T/ qEOF
3 t/ U. w2 q1 t( w. i! ~4 o! j5 [  y# H: J) l% k6 {( {
对于broadcast来讲,我们希望一个vlan的broadcast仅仅在这个vlan里面发送,不影响其他的vlan。4 W6 d/ S% `$ B5 }' i, i; E

; P" ]# y; B) }: |$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   6 d! b; v2 w4 A3 H" J: O' ~2 _
        table=4 reg0=0 priority=99 dl_vlan=20 actions=1,strip_vlan,2 - X# A# n( \3 ~" M. t' Y( \1 |
        table=4 reg0=0 priority=99 dl_vlan=30 actions=1,strip_vlan,3,4
& _9 t3 b  f/ ~3 J! o3 `2 H+ K3 T5 ~/ ~( G        table=4 reg0=0 priority=50            actions=1
1 X7 k/ t. |, e4 P& LEOF* V- {# y, E/ W( R3 G) L1 \1 O- {

: \+ M, P7 F" r6 V' s6 H所以对于register = 0的,也即是broadcast的,属于vlan 20的,则从port 1, 2出去,属于vlan 30的,则从port 1, 3, 4出去。
) z- g/ x2 e0 i0 J
3 {1 [* R# K0 U7 t. W$ sudo ovs-ofctl dump-flows helloworld
9 \$ f1 ?  m0 `! ?NXST_FLOW reply (xid=0x4): 0 Z& b& P" O# a5 G& e# t! w* f
cookie=0x0, duration=92909.119s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
& P! K0 j1 y9 {, i- f: Ucookie=0x0, duration=93099.078s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop ( ]0 |& E/ W) A1 t( f* E! W
cookie=0x0, duration=93034.593s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop " ?$ f! `4 T( w  ^
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) , P4 t& Z5 J( g  O- }% _
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
' }0 x! L- {5 }7 d! E$ |* Kcookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) # ?5 k; e% X2 c* K& N
cookie=0x0, duration=88650.855s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) 1 x, c& }2 o& J; p+ J
cookie=0x0, duration=88729.276s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop " E) I0 u' H/ b: k7 x9 e
cookie=0x0, duration=85959.15s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
; }& h: G. y. ~6 i7 ^+ Rcookie=0x0, duration=1673.508s, table=3, n_packets=0, n_bytes=0, idle_age=1673, priority=50 actions=resubmit(,10),resubmit(,4) - R5 u% `. D/ ~/ K/ ~& f- y
cookie=0x0, duration=1533.371s, table=3, n_packets=0, n_bytes=0, idle_age=1533, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) ! E2 ^7 L4 M# t1 n( W
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x3 actions=strip_vlan,output:3
2 e0 a2 T/ H0 t8 W' {cookie=0x0, duration=228.839s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=50,reg0=0x0 actions=output:1 8 i4 y7 H* T: ]8 X! V. e8 Y
cookie=0x0, duration=483.068s, table=4, n_packets=0, n_bytes=0, idle_age=483, reg0=0x1 actions=output:1
4 Z) u1 P1 Z$ f2 Z7 p9 Wcookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x4 actions=strip_vlan,output:4 , R0 [  L4 s2 Y
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x2 actions=strip_vlan,output:2
& i' Q, @" `6 E* j4 n% t; f" C# [9 qcookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=30 actions=output:1,strip_vlan,output:3,output:4 3 @% B1 C0 R# {+ t7 p& \
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=20 actions=output:1,strip_vlan,output:2
2 I  E+ C5 F$ T* Z, r2 Y5 scookie=0x0, duration=1438.031s, table=10, n_packets=0, n_bytes=0, idle_age=1438, hard_age=1109, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
4 j/ V1 Y' ]9 J* p2 ycookie=0x0, duration=2090.451s, table=10, n_packets=0, n_bytes=0, idle_age=2090, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
' v8 A8 j8 n1 U  `cookie=0x0, duration=1258.881s, table=10, n_packets=0, n_bytes=0, idle_age=1258, vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15] ) Q: q. q# |8 t  C, p
cookie=0x0, duration=2403.127s, table=10, n_packets=0, n_bytes=0, idle_age=2403, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
  n* U6 c1 v' S9 [
% ~& }9 a  T9 ~" V! A! U: C: [首先来测试一个multicast和broadcast
1 N( D2 [& |2 \! \% X; n* z' T9 `+ O; Q2 B  F
如果是一个port 1来的vlan 30的broadcast
- y% e! G; `$ S( e+ ?
+ P/ G0 w+ F8 w% ^' t- G. ^$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=30
5 O: r; W  T! x) c1 W! mFlow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 & D9 z+ B7 Y' l9 E: z
Rule: table=0 cookie=0 priority=0 ( J1 u- Z$ s8 C4 H
OpenFlow actions=resubmit(,1)
7 v0 a. \7 A6 O$ j4 D- W: \8 K5 H3 E7 ~1 q6 }
        Resubmitted flow: unchanged $ P9 I: W$ m+ `; r& O" L
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
) S# i+ I; O% @! E. Q        Resubmitted  odp: drop & `+ c! H+ }# R( b! i
        Rule: table=1 cookie=0 priority=99,in_port=1
2 S- s3 e2 Z$ B* ]1 @% w        OpenFlow actions=resubmit(,2)
& p7 |% f' ]0 y
8 ^0 ~8 T6 E! Q- \7 \5 ~# }5 y                Resubmitted flow: unchanged
' P2 A3 L7 G3 ]' P: F. H0 w                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 6 Q0 X- D5 R" V' W
                Resubmitted  odp: drop   O; x, v/ L! ]% n* v
                Rule: table=2 cookie=0
* ?5 i! t4 p# Z5 z% U                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
! L+ W, F2 d5 U. X2 V$ `
( s" ]) T7 [( z' g9 U8 U                        Resubmitted flow: unchanged 4 A" M" v, V+ v! N
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 1 \+ n( P( P! }) z! q8 l
                        Resubmitted  odp: drop 9 d5 l$ G% a+ x; W. o" V2 z& H
                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
. d+ @$ G0 D' ~                        OpenFlow actions=resubmit(,4); K2 I) U( y4 a1 Q3 R* O
* {' E, j! k) B6 E& f. J
                                Resubmitted flow: unchanged
: T' \4 ]2 X, S! j5 l1 c4 O3 J                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
( S6 @7 G. g( b                                Resubmitted  odp: drop 6 N7 f0 ^8 G' D- C2 H
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30 $ K& X  @5 `2 x% M
                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 $ m. P) M" v6 j# k$ I) B( A
                                skipping output to input port$ i7 ]$ \  ?; n* ?' o, Q$ V" |! S
0 i" C& _6 O9 w7 g( p
Final flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
. [% t, Z, B& J0 M5 PRelevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 4 A8 P) B7 I+ I+ l7 k
Datapath actions: pop_vlan,12,13& N& E) L( I+ S' j" l+ `
0 i+ S7 M) o& ^% ~- h6 f2 M6 Q
结果是port 1就不发送了,发送给了port 3, 4! o; l1 P8 |3 c7 E1 M0 U: l4 p* z

6 @8 g& ~7 ?' Z) _0 U$ sudo ovs-appctl ofproto/trace helloworld in_port=3,dl_dst=ff:ff:ff:ff:ff:ff + n5 s' W' |' \1 @1 h  t7 \
Flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 " t4 Q# |! Q; S/ [7 p
Rule: table=0 cookie=0 priority=0 5 \3 A! p; m. n
OpenFlow actions=resubmit(,1), ]8 A5 r' \( X/ M6 @' c
- b- S5 s+ C1 o9 B
        Resubmitted flow: unchanged ; @  k, X, s7 f. O6 o
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ; W; S+ a' K" }' e+ K
        Resubmitted  odp: drop * a4 _5 Q1 S4 ^5 l7 n1 ?$ d
        Rule: table=1 cookie=0 priority=99,in_port=3,vlan_tci=0x0000
! c: ^% l# U1 I$ x( H4 B        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)
" S( G" C  T8 Q; r2 A# ]; Y% B
) B2 h+ f& p5 k1 A# }5 a) o                Resubmitted flow: metadata=0,in_port=3,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
2 P& z* P- `* Z4 W                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
2 w2 H: v  z3 d" ^) ~5 Z                Resubmitted  odp: drop
! Z# z" \, f( T                Rule: table=2 cookie=0 / U* B; ^. b" n  L2 l* f! O
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
0 d9 i8 |+ [: ?2 {' B! s1 G: L0 W/ q6 T% H1 V: U1 E
                        Resubmitted flow: unchanged
9 {+ }' a/ ~" k" X/ ?                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
0 m* g9 z, c1 _& y                        Resubmitted  odp: drop 4 O0 w, N: R$ `, s, r: ^2 T% H
                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 * w  t( _) K- o& a
                        OpenFlow actions=resubmit(,4). Q* `! C: ^8 o9 X& H

) H0 y% K" y8 o7 x; H8 M                                Resubmitted flow: unchanged 0 y% N4 g8 C' L0 p# j! u
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
2 i6 N# ^" w: _2 m2 l. L. ?                                Resubmitted  odp: drop 7 D- h2 Q6 l) B
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
) f0 O: u6 S' A3 D+ e8 _                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 . r7 [: W# V1 t( F$ `3 |, j6 S
                                skipping output to input port1 X/ D/ e7 B. F4 Q0 V# ]

& q4 ~( D+ e; C0 D. x7 e# v) UFinal flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
2 @$ b+ e* b) W  p. E7 @! E8 H- oRelevant fields: skb_priority=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no ( q# @$ Q1 P1 T, D6 V" ^
Datapath actions: push_vlan(vid=30,pcp=0),10,pop_vlan,13$ Z0 t. O! T+ L: E0 _8 _- \5 y; s4 N

" l8 b. F/ |4 @+ J& v) b2 d接着我们测试mac learning
0 Z2 ]" i+ L! J* r4 R2 e
3 P0 X- x$ ]) W* F9 r$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate   . F: r8 p( M8 U% m
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
9 ]: Q1 X7 E' U0 n& I* |Rule: table=0 cookie=0 priority=0
, F; K" t& r, g" ?OpenFlow actions=resubmit(,1)# ?9 b3 y3 m" s( H; C; b

! k; k" @3 ]0 r  @* Z        Resubmitted flow: unchanged
6 i! j( I6 @, V8 H! L: |8 S% [        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 % v' D0 ^( a6 N
        Resubmitted  odp: drop
: x, a$ _! x+ S; q5 q+ C0 p        Rule: table=1 cookie=0 priority=99,in_port=1
* w' [( F" I) B3 o        OpenFlow actions=resubmit(,2)
+ s/ b7 L0 \( D, v2 `
/ d  S' e# M0 n: y                Resubmitted flow: unchanged 1 Y  ~$ w# u0 [. d. Y$ ~, F  N
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
; `" x0 F9 h1 `7 G3 B% i' t( ]                Resubmitted  odp: drop / \' Z* C/ Y0 R
                Rule: table=2 cookie=0
: ?8 x( c7 Y( C2 C. F! y0 e  @                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
' ~) E! T+ R" b/ K  f  {9 a  @$ R; G0 i: i! g
                        Resubmitted flow: unchanged 2 x" `$ T4 n1 r  q' B# n. d. k  P
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . ]* P# ]* Z7 _6 ^4 P! W
                        Resubmitted  odp: drop
/ Q# A, N6 d( w. s+ N4 A5 a                        Rule: table=3 cookie=0 priority=50 $ f2 }3 Q+ B6 Q8 b
                        OpenFlow actions=resubmit(,10),resubmit(,4)1 l: @# q/ t) h2 @' Q
* g$ F* G9 G4 d1 U" M
                                Resubmitted flow: unchanged   m  g8 L) z$ Z
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
% }% R" {7 P. y. L9 W                                Resubmitted  odp: drop
8 R- G0 `" J: W; R& N1 }                                No match
7 Q1 f2 R% Z* Y) ]  |5 D' h) Q
+ e3 B/ s9 \6 i" _2 F5 G% R8 p' h) d                                Resubmitted flow: unchanged
, u4 c8 U9 I: h9 ^2 h) A2 W- N2 D                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 1 D: E1 J$ X0 u% K# J0 M# d
                                Resubmitted  odp: drop
, I0 @" T4 a# |- v4 |. @0 }' {                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30 6 M  E8 X8 q5 j$ k  Y0 p4 g
                                OpenFlow actions=output:1,strip_vlan,output:3,output:4
# H  y8 C' o7 D  K) C8 s  D; v                                skipping output to input port- z4 \: H! E4 B  y6 Y' ~5 w
2 R) Z2 m* u- M: \
Final flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 & d' Y2 l. w* _  l7 B: X3 W
Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no
' m$ V- x! E% t9 y& _5 _* R# VDatapath actions: pop_vlan,12,13. F! E4 Z& v0 V- q' g. j% G* C+ o0 P+ n
+ b( o- v4 u' {/ L8 P8 U! K7 V
由于这两个地址没有出现过,则除了进行学习以外,广播发送给port 3,4
& L7 s$ F$ |  O- w0 B' X* g8 h, j
) m$ u0 o) x% I3 z8 \* g& [3 a$ sudo ovs-appctl ofproto/trace helloworld in_port=4,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01 -generate   
( \* k# d: |) d  Z% z. r1 r/ nFlow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 8 d( {) n6 c6 Y0 T6 v& m
Rule: table=0 cookie=0 priority=0
# r2 F# u5 Q3 O  n, W4 e7 dOpenFlow actions=resubmit(,1)# h0 _) {' t9 _: e1 s
3 f0 ^3 {- d6 I$ C/ z- M
        Resubmitted flow: unchanged
+ p: C9 S# `& x8 V2 c- y& |9 }        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
6 F4 V% Y$ Q! u3 d- [* v+ y  H# m. p0 f        Resubmitted  odp: drop
! u  t: r1 ]! H) |# I0 ?; {4 A        Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
/ W- F0 m. L" E$ M  [! Q9 r- d        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)
& m4 m! L- d  }8 W$ J) A& @" K% @" J: H9 D( A! K
                Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
# `/ I/ E7 }2 W  Q6 p1 |6 N! q                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
: Q/ q" P' j7 |* q& q                Resubmitted  odp: drop   ], g: B3 ?! J! H7 B6 t
                Rule: table=2 cookie=0
) l3 H0 ?- E+ t2 |, w                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
7 Y: S( {: |* _+ Q* r' k' \. Y+ m3 z& R. c3 S, s7 P. Q" t$ D- I
                        Resubmitted flow: unchanged
) X! D/ l# e3 j% c, _$ ?                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ S# E! y8 T5 L- ]4 P3 t
                        Resubmitted  odp: drop $ V3 j, P6 c" p) s
                        Rule: table=3 cookie=0 priority=50
/ @9 [) f6 H' f5 I2 _/ o7 ?) O2 {                        OpenFlow actions=resubmit(,10),resubmit(,4)! e5 d2 Y8 b8 P7 T" ]

! M" A7 a7 Z- d% R" R  l4 N8 y1 N                                Resubmitted flow: unchanged ; M# k  Y8 G: Q' O
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
9 ^' v' _4 F& K' C                                Resubmitted  odp: drop
; n7 l3 B4 z) O2 Y. {                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=10:00:00:00:00:01
8 l9 _- k) q. V' R& W. x                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]
% @$ ~5 V* R6 Q0 w# D( x% o/ I8 C5 x$ {3 a' t
                                Resubmitted flow: reg0=0x1,metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 3 n; f5 q: l: m8 P& Y
                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & ^$ a* l+ D* d2 U# K7 P1 V& b! [  d
                                Resubmitted  odp: drop
! V% h; v& b# @1 @% |, q  z, ^                                Rule: table=4 cookie=0 reg0=0x1 / c4 o9 p# m3 R% o& h( A; T) z
                                OpenFlow actions=output:1
2 N( [8 R, Y2 I: f9 b% O$ E5 f; ~2 {
Final flow: unchanged 9 q9 ]/ t- A4 I( U7 l* L! J1 o5 ~, {9 Y
Relevant fields: skb_priority=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000,nw_frag=no 2 u0 ?. s( N5 h$ H  F
Datapath actions: push_vlan(vid=30,pcp=0),10/ O7 y5 x4 L. f

) i# M& G8 u+ ?8 a/ ?: S回复的时候,由于学习过了,则仅仅从port 1发送出去。, M( ~( |* E7 e0 n* j. G
/ }+ s, z9 y$ w8 c( i: g( l
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate
2 p' Z- ^6 t: RFlow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 ) f! g1 s; T, g  {- ]/ T* Y
Rule: table=0 cookie=0 priority=0
, _3 j9 Y5 u8 b) u; }! J" IOpenFlow actions=resubmit(,1)
, Z9 j7 H- u) J- R6 I9 b2 ~$ f0 `5 I7 i% ]+ b
        Resubmitted flow: unchanged 2 t  R! `( h! s4 Y
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
$ D* n) B" C* D        Resubmitted  odp: drop + f# i, G# ?2 {# F& F! c% [7 a
        Rule: table=1 cookie=0 priority=99,in_port=1 " l7 n0 P, k" v0 s: c/ r; R
        OpenFlow actions=resubmit(,2)
, M; j6 T* ?) S. E
7 b# q+ w" ]+ L  K0 U" X, k" v+ U1 @                Resubmitted flow: unchanged
0 a4 R5 \5 R" J$ J/ m, ?$ M                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ) I* @6 j4 |" _+ T8 F- Q
                Resubmitted  odp: drop
1 j( _' H% q2 F) e9 u                Rule: table=2 cookie=0
3 \9 u) B+ H$ z. g& ^                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
( ]: Y* I3 w( f' {* q  C0 ]1 ]9 P/ \4 s9 m( I7 t
                        Resubmitted flow: unchanged
( I: L; S8 ], K& f2 F* f                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0   b, g( t+ Z8 X* w0 M  y
                        Resubmitted  odp: drop
$ E: E2 z0 H) Q' e: h                        Rule: table=3 cookie=0 priority=50 . c4 M3 v* T; m  h, E4 J
                        OpenFlow actions=resubmit(,10),resubmit(,4)
" a" Y1 [3 u9 F5 }) p! f# z0 ]& _- l9 u
                                Resubmitted flow: unchanged
) c6 b% F2 Q7 M6 G                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & ~2 y$ ]8 B) W1 N  X; Y1 n3 }0 B
                                Resubmitted  odp: drop . c9 b: Z0 j  n- p+ S
                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=20:00:00:00:00:01 : H5 o; b5 y) r; p( E( G8 b% i
                                OpenFlow actions=load:0x4->NXM_NX_REG0[0..15], F  P0 p) n* f

0 N  X4 R4 ]0 Y. g, y                                Resubmitted flow: reg0=0x4,metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
) o) c# ^( L/ n1 i+ p0 H                                Resubmitted regs: reg0=0x4 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
( q1 U( o7 |1 e- ?( Q" J                                Resubmitted  odp: drop ) ?/ F' `( y$ T/ d3 c
                                Rule: table=4 cookie=0 reg0=0x4 # g! y! q) j$ t: l9 T& v8 v
                                OpenFlow actions=strip_vlan,output:4# `  X& D, Y& v7 M( H

& o3 }  A& a  b' W$ L* oFinal flow: reg0=0x4,metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
% Y4 U% v; s6 C! f- l5 URelevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no 4 a0 f/ X( k) S! O
Datapath actions: pop_vlan,13
, Y/ ^/ @/ `, d* z3 \* `9 Z5 Z6 n) t8 v1 f+ A$ Z0 Z: s
由于在回复中进行了学习,因而发送的时候,仅仅发送port 4
回复

举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 注册

本版积分规则

返回首页|Archiver|手机版|小黑屋|易陆发现技术论坛 ( 蜀ICP备2026014127号-1 )

GMT+8, 2026-6-12 03:27 , Processed in 0.039069 second(s), 22 queries .

Powered by Discuz! X5.0

© 2001-2026 Discuz! Team.

快速回复 返回顶部 返回列表