将设为首页浏览此站
收藏本站联系我们相册切换到窄版

易陆发现互联网技术论坛

 找回密码
 开始注册
易陆发现互联网技术论坛»首页 云计算开源区 neutron网络 ovs-ofctl dump-ports 输出交换机的端口统计信息,包括 ...
查看: 4306|回复: 3
收起左侧

ovs-ofctl dump-ports 输出交换机的端口统计信息,包括收发包、丢包、错误包等数量。

[复制链接]
admin
发表于 2019-10-25 10:00:33 | 显示全部楼层 |阅读模式

马上注册,结交更多好友,享用更多功能,让你轻松玩转社区。

您需要 登录 才可以下载或查看,没有账号?开始注册

x
ovs-ofctl dump-ports 输出交换机的端口统计信息,包括收发包、丢包、错误包等数量。 ovs-ofctl dump-flows alubr0  - [1 y& \& G% d& M
OFPST_FLOW reply (xid=0x2): flags=[more]
0 i! `+ S: `" |& {# P: } cookie=0x1, duration=1263.439s, table=0, n_packets=572, n_bytes=27498, priority=1 actions=move:NXM_OF_VLAN_TCI[0..11]->NXM_NX_REG1[! |* W8 G  P7 U% @# J
0..11],strip_vlan,resubmit(,22),resubmit(,23),move:NXM_OF_IN_PORT[]->NXM_NX_REG4[0..15],move:NXM_NX_REG1[0..15]->NXM_OF_IN_PORT[],re
: L2 Y/ Z6 \" ^& @) F& Ssubmit(,4)) t. o( ^+ A6 `7 N' E: w
cookie=0x1, duration=1263.439s, table=4, n_packets=36175, n_bytes=26587191, priority=0 actions=resubmit(,27)
2 E/ [! I$ `. F cookie=0x1, duration=1263.439s, table=5, n_packets=35646, n_bytes=26564073, priority=0 actions=resubmit(,7)  ~5 Z0 v6 f+ ]
cookie=0x1, duration=1193.636s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=18038,dl_src=fa:16:3e:83:4c:69 actions=drop+ `) e( A+ S4 \- f9 G
cookie=0x1, duration=1253.085s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=3575,dl_src=fa:16:3e:e8:53:ed actions=drop: z# M. M# C2 a4 i% J& p2 f  f
cookie=0x1, duration=1190.175s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=291,dl_src=fa:16:3e:b2:1c:91 actions=drop
- p2 W8 W2 j0 D& I cookie=0x1, duration=1176.930s, table=7, n_packets=522, n_bytes=21924, priority=32769,in_port=21588,dl_src=fa:16:3e:f7:f2:b0 action
% u5 f2 h  v! t; H) I) ]; Zs=drop
" u$ w* n/ ^, s) f3 N" w) C cookie=0x1, duration=1256.088s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=5670,dl_src=fa:16:3e:35:a6:e0 actions=drop
; A$ |/ i' ]; S: ~" o. C cookie=0x1, duration=1197.461s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=29064,dl_src=fa:16:3e:82:2c:2c actions=drop
% U" X4 i" X9 R) I cookie=0x1, duration=1196.999s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=249,dl_src=fa:16:3e:83:aa:df actions=drop
( E3 u$ l/ ?% a& p% ] cookie=0x1, duration=1195.700s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=422,dl_src=fa:16:3e:c9:6d:72 actions=drop/ B+ F: r( O6 f+ O
cookie=0x1, duration=1198.286s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=19360,dl_src=fa:16:3e:95:46:90 actions=drop& b0 a3 y. b/ t+ Z( b% G
cookie=0x1, duration=1195.371s, table=7, n_packets=246, n_bytes=22388, priority=32769,in_port=440,dl_src=fa:16:3e:21:d3:7c actions=
, G! V% m: K8 q, mdrop
5 @! z8 p! C3 L/ q1 C& ~5 k cookie=0x1, duration=1214.428s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=417,dl_src=fa:16:3e:ca:06:53 actions=drop( s4 `0 |# y( q/ v) w
cookie=0x1, duration=1207.443s, table=7, n_packets=22, n_bytes=3454, priority=32769,in_port=386,dl_src=fa:16:3e:34:aa:b7 actions=dr
( r9 U: v! W3 t" A/ D! Dop) K1 `! m  E2 d% Z, y* w8 B- r( c
cookie=0x1, duration=1185.017s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=29117,dl_src=fa:16:3e:ec:aa:39 actions=drop/ t& ], J$ ?8 i8 @' ~
cookie=0x1, duration=1204.103s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=15250,dl_src=fa:16:3e:d7:f6:f5 actions=drop
1 W, U) i# s, v2 L9 n; M9 P cookie=0x1, duration=1197.818s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=28265,dl_src=fa:16:3e:f4:c0:f1 actions=drop3 q9 ]: e! [$ n# n5 `# l2 p" y1 H
cookie=0x1, duration=1185.573s, table=7, n_packets=283, n_bytes=28562, priority=32769,in_port=275,dl_src=fa:16:3e:ed:7d:60 actions=- \  h- i! L& Q( m2 m( E
drop
' ^1 m7 N0 p/ S; J0 a. C6 q: ` cookie=0x1, duration=1191.564s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=185,dl_src=fa:16:3e:55:06:7c actions=drop
3 B' {: p( y8 V cookie=0x1, duration=1210.767s, table=7, n_packets=8553, n_bytes=549905, priority=32769,in_port=526,dl_src=fa:16:3e:62:2a:1b action# U$ c8 L& T/ z/ ~
s=drop
) W' g% K6 q& m& }: b) E cookie=0x1, duration=1231.485s, table=7, n_packets=5, n_bytes=450, priority=32769,in_port=8163,dl_src=fa:16:3e:cd:48:42 actions=dro
6 K1 k  K; J, M4 B  W( E% ]" y# Ip% @3 [. ?/ p# z; ?8 K; p
cookie=0x1, duration=1254.538s, table=7, n_packets=0, n_bytes=0, priority=32769,in_port=799,dl_src=fa:16:3e:da:fe:ec actions=drop$ v( h; w4 H% n

1 A) o& Y; |8 b" E4 |( w# ^- N; z3 p2 w# B! Z$ e4 Q
如果设为fail-secure mode,则初始情况下flow table是空的,否则会有normal$ sudo ovs-vsctl add-br helloworld1
1 G7 _* C( `% M$ sudo ovs-ofctl show helloworld1
7 a) I5 H3 C- m$ sudo ovs-ofctl dump-flows helloworld1 2 Y: s3 |$ a0 C# [  Z. e" E
NXST_FLOW reply (xid=0x4):
! j" T& u; v: [6 c) _cookie=0x0, duration=31.467s, table=0, n_packets=8, n_bytes=648, idle_age=21, priority=0 actions=NORMAL接下来,创建四个veth pairsudo ip link add first_br type veth peer name first_if * F: Z- {& G& S* u# T: b  Y$ K
sudo ip link add second_br type veth peer name second_if    * v) g. k( H$ s# k. S: F
sudo ip link add third_br type veth peer name third_if      
, s' {2 ^( ?: l$ A3 \8 [sudo ip link add forth_br type veth peer name forth_ifxxx_br将是添加到bridge上的。我们添加四个端口portsudo ovs-vsctl add-port helloworld first_br -- set Interface first_br ofport_request=1
( ], @6 H+ {9 S& I& t6 ?sudo ovs-vsctl add-port helloworld second_br -- set Interface second_br ofport_request=2
1 a7 o+ Z8 w9 I; psudo ovs-vsctl add-port helloworld third_br -- set Interface third_br ofport_request=3
5 R! `% H; X+ Z+ Msudo ovs-vsctl add-port helloworld forth_br -- set Interface forth_br ofport_request=4ofport_request是指定端口号新添加的port都是出于DOWN的状态' {) _( E9 ]# m! t) k
回复

使用道具 举报

admin
 楼主| 发表于 2019-10-25 10:00:34 | 显示全部楼层
把它们设为UP
# O9 t3 Z, e* J
+ R) `3 ]3 j9 C. v9 N: F* jsudo ip link set first_if up 5 e# l7 f+ O7 T
sudo ip link set first_br up 2 x: N: G6 _% r8 Z+ C
sudo ip link set second_br up     2 y/ e! S9 D6 I
sudo ip link set second_if up 1 f, q7 B7 N  x; V# f: K
sudo ip link set third_if up      
0 R+ s* _4 ^' ]* @! d0 [sudo ip link set third_br up     
( G1 K4 N5 z; j* Z! l5 ^sudo ip link set forth_br up         
1 a0 K& K+ c0 o1 A% {3 B5 Bsudo ip link set forth_if up; d, m7 A' Y7 ^3 {7 ?
" T% i! a$ c8 c
也可以用下面的命令/ {# R8 Y' E2 f& B  P% x, Y
$ _% S% U, H- w, U8 Z. M7 B
ovs-ofctl mod-port helloworld first_br up
回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2019-10-25 10:00:35 | 显示全部楼层
实现第一个Table 0,Admission control0 m9 F  O# p, f8 w( A; s9 D5 ?
% l4 O! z, P# d8 e5 |6 G
包进入vswitch的时候首先进入Table 0,我们在这里可以设定规则,控制那些包可以进入,那些包不可以进入。. o, z' Z" K* s, l5 E5 L. O

( L( j! C( T0 Q7 b" O, s2 \比如,如果source address是multicast的就不允许进入。# N$ o. w9 P5 j" N" v* a' T
' u7 Q5 Z" w# Y6 \
01:00:00:00:00:00/01:00:00:00:00:00是广播地址
0 R. H4 H2 D# E( {. R00:00:00:00:00:00/01:00:00:00:00:00是单播地址6 s1 t% z6 F; e
这种表示形式类似CIDR
9 M! W- v" v. T. K% G于是我们添加下面的规则:% Q3 ]/ d# B" H' J8 q
sudo ovs-ofctl add-flow helloworld "table=0, dl_src=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"& H& q7 c+ P; ]- e6 m
STP的也不接受" Z* y/ t( y8 j' u3 n5 L% q8 N
sudo ovs-ofctl add-flow helloworld "table=0, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"
+ ~/ D2 u7 f/ Q我们在添加最后一个flow,这个flow的priority低于default,如果上面两个不匹配,则我们进入table 1
$ N  K2 F( ?: ^; r% i1 c4 msudo ovs-ofctl add-flow helloworld "table=0, priority=0, actions=resubmit(,1)"5 A; M: H9 h" n# C" n+ f" c
我们查看一下所有的flow
4 ^: p- g  R1 X; h2 H- f$ sudo ovs-ofctl dump-flows helloworld        , Q5 d& W& l% l4 i6 {
NXST_FLOW reply (xid=0x4):
  ^: r; ?* K, e9 d+ V; @cookie=0x0, duration=42.162s, table=0, n_packets=0, n_bytes=0, idle_age=42, priority=0 actions=resubmit(,1)
  r* v! j- z0 q6 [' P/ w; E( @& i' qcookie=0x0, duration=232.121s, table=0, n_packets=0, n_bytes=0, idle_age=232, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
5 E: U0 u8 Z2 I! X! Vcookie=0x0, duration=167.636s, table=0, n_packets=0, n_bytes=0, idle_age=167, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
9 P7 ~+ ~  d4 v
# r' Y3 D9 s; Z测试Table 0
1 T3 J- q( R+ W2 K% j3 M$ K8 l; E/ K4 n, h# X  S7 g3 c
有个很好的工具ovs-appctl ofproto/trace
. r9 u" d  r* r2 j% h' k
5 z! I9 D3 }: q) y7 {不满足条件DROP8 P8 w/ D; @4 {3 E! |& S1 v" j
, Z6 l* t8 ~* ]& l& z
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:05
) u! d; g& G$ M' oFlow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:05,dl_type=0x0000
! {# [4 W- Z0 P9 Y! gRule: table=0 cookie=0 dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 , g1 J- [1 A& T* q; ?( D0 R9 d2 s
OpenFlow actions=drop' U' I( f3 R8 \! W% W, i
$ m& Y2 ]8 r' u- c
Final flow: unchanged ; f& u/ W7 |& t. N
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
& i3 b* V: H) p, |% ]Datapath actions: drop; N/ ]8 m) i# x, N3 }( g

9 r6 d8 t. ^6 `* j满足条件RESUBMIT
# W1 V/ A& g/ v4 Z  H0 D& C$ D- O# d, x% h
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:10 ) C' q( u: N' A  m
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:10,dl_type=0x0000
! ~: g9 R7 W+ Y. l8 q2 D  V3 a: sRule: table=0 cookie=0 priority=0 3 Z/ H, z* ]- Z1 |; }3 G
OpenFlow actions=resubmit(,1)
5 E6 @7 `+ r" A2 g7 O1 s: i0 x# P  \" i3 I# g5 K. o
        Resubmitted flow: unchanged   m! [" w0 k. q# k, _
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 8 R0 m- A( _* P3 E) R
        Resubmitted  odp: drop # C& n, Q' O( ~- @/ `: H
        No match
. H0 w; X0 O7 l* B2 P# h& U1 b0 `2 c" }7 _) V# [0 x. C( V
Final flow: unchanged
+ w- u5 A3 E) C4 o4 I$ ~2 \Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:10/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no   d. v5 a7 n9 F. n
Datapath actions: drop# R4 O- j" ]' ^$ c  i6 e( F4 \7 r
6 T9 c/ G: b$ M7 `  _* m
实现第二个Table 1:VLAN Input Processing
; k: q" S2 Y$ q6 e0 |1 |8 A/ l  [9 v" g+ o
首先添加一个最低优先级的DROP的规则
! \3 U1 w8 _( w& r) x
  N% l# S+ b$ y- `! s: O: U, Gsudo ovs-ofctl add-flow helloworld "table=1, priority=0, actions=drop"
8 x& F+ }% Q: z+ Q" D2 L  T9 K5 w, }2 X" S
对于port 1,是trunk口,无论有没有VLAN Header都接受。9 K& F/ K8 E% R8 I

( o7 A& R3 ?0 d% z2 H  X+ Osudo ovs-ofctl add-flow helloworld "table=1, priority=99, in_port=1, actions=resubmit(,2)"3 w# ~* |, A+ b6 g- O; b! S
4 T5 u' t, `- l
对于port 2, 3, 4, 我们希望没有VLAN Tag,然后我们给打上VLAN Tag
: D, z, D* t& B/ H' R4 T$ H; r/ K) c1 d2 L
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'
& I1 D  O! \1 j6 Y! ?9 Ptable=1, priority=99, in_port=2, vlan_tci=0, actions=mod_vlan_vid:20, resubmit(,2) : |; O& U8 P3 O5 }4 H% f( i
table=1, priority=99, in_port=3, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) 7 H. K& _0 e$ t0 g8 W
table=1, priority=99, in_port=4, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) 3 U/ x5 W' g$ f4 j9 x3 K
EOF! C2 N" y$ m8 L0 t. x
5 G$ l& k+ G2 E) s
$ sudo ovs-ofctl dump-flows helloworld
6 O3 M7 ^5 {; K, s; KNXST_FLOW reply (xid=0x4):
0 t9 r+ |/ ]" v' y6 E  L! Ecookie=0x0, duration=4478.582s, table=0, n_packets=0, n_bytes=0, idle_age=4478, priority=0 actions=resubmit(,1) * ^- ^  E3 T1 N$ z8 O) D9 e
cookie=0x0, duration=4668.541s, table=0, n_packets=0, n_bytes=0, idle_age=4668, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 8 J0 d: {+ B) Q+ p5 [- z# N
cookie=0x0, duration=4604.056s, table=0, n_packets=0, n_bytes=0, idle_age=4604, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
2 S+ S! m8 n* Z' qcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
% r7 j% I) ~3 Y1 c7 R" L- r' bcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) " ]7 q8 }( [+ v7 Q$ Z, u$ B
cookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) 3 F8 I" @5 _1 R, C4 A* [' @/ `6 V
cookie=0x0, duration=220.318s, table=1, n_packets=0, n_bytes=0, idle_age=220, priority=99,in_port=1 actions=resubmit(,2)
- p/ u/ V( Z7 _1 R- Ycookie=0x0, duration=298.739s, table=1, n_packets=0, n_bytes=0, idle_age=298, priority=0 actions=drop+ f# U( j7 h% t6 t5 z  U

  Q" Z5 e8 K( X) }. {测试一个从port 1进入,tag为5的; Z+ ~. G3 ?0 k- y) m

; R2 c+ W" }2 z4 A$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=5 / G! @0 J0 O5 i0 D* u9 k8 r9 D
Flow: metadata=0,in_port=1,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 ! j- `5 A  [: ~. \7 `
Rule: table=0 cookie=0 priority=0 % J* n$ \. B: M9 j
OpenFlow actions=resubmit(,1)
3 e9 ?4 E  L, m& C; w* }; f
. W9 }! R* J2 d# w1 @# J        Resubmitted flow: unchanged
; N5 y1 K  i, E' N6 I3 m* }        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
  @0 C  j% \- M! r' J! g+ D        Resubmitted  odp: drop
% @: `8 u: L- T) B, N8 j& E        Rule: table=1 cookie=0 priority=99,in_port=1
0 p; I0 M& T, ]/ }        OpenFlow actions=resubmit(,2)* i, o6 q+ _2 S+ J
$ y* Q# y' P2 j  P2 g9 G& c
                Resubmitted flow: unchanged , Q) c! y# H( S% ]. x" B/ [
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
/ R* w6 D* M1 N  V                Resubmitted  odp: drop
7 }3 b2 c" l4 S                No match7 [: N2 E6 s* _- V9 P& H9 f
* N! X" e( t; L
Final flow: unchanged 7 D: H7 R' j- J# D$ M( ^& K( I( A
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no , k. {% r  O1 X9 C4 O
Datapath actions: drop
1 Q* W1 s' |4 A! {, W" _: m
' p. v) J3 D7 o1 c4 X1 @测试二,从port 2进入,没有打Tag的
8 }$ J; W- j* n2 _8 |. Y: {; ^; m3 W0 Q5 k# p( U3 c
$ sudo ovs-appctl ofproto/trace helloworld in_port=2 3 b! H& U+ }$ k: J. ~0 M1 U
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 ; f) M9 }2 O: k5 P2 J" X
Rule: table=0 cookie=0 priority=0
, m& O  u2 w8 o9 b% W- h) MOpenFlow actions=resubmit(,1)
0 b7 n# G8 L- r9 m/ S. c9 }# W# l: G% e8 x) K3 I0 Z" r
        Resubmitted flow: unchanged
- a2 P9 N1 R1 a3 }. T, l' l# z. g        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ! T0 N1 w: Q. [$ i5 s! x" }
        Resubmitted  odp: drop 1 t8 n# E4 {3 U3 A9 S6 {
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000
  v& L+ B; Y8 G        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
% z$ g! ?+ ?& Y. e8 V
; i" P" Z" ~, O1 B1 y, s  w1 a. h                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20这里被打上了Tag,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
8 R9 ^+ H! e/ _* h  V  k8 ^, v                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
% S9 H7 O, |" t0 S0 {                Resubmitted  odp: drop $ V& k; l; o8 ?# _2 j0 |, s; C3 _2 V
                No match7 M0 y+ ?3 r2 s9 s
* g9 _+ E" M) M6 A
Final flow: unchanged
2 F" P; g5 x$ Q/ A$ V) YRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no . I$ O; ^1 v8 F; T; M6 G/ k, L
Datapath actions: drop
& P# m! `  c# p  l
1 d! e( H& {1 d) G# j- L测试三:从port进入,带Tag 5的
# M7 f/ f, c5 \: j  s1 V" E
/ a. ?& \( C3 G4 }" u% b3 G$ sudo ovs-appctl ofproto/trace helloworld in_port=2,vlan_tci=5 & p7 o8 ]0 t* v6 f7 ?
Flow: metadata=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
& H7 a. u, \) D, m& cRule: table=0 cookie=0 priority=0
9 g: ^2 N2 k7 `/ s% nOpenFlow actions=resubmit(,1)
6 B6 n  |! M' w7 Y  S
+ N, ^$ ?- _! W3 r        Resubmitted flow: unchanged
* s* r7 b9 i/ z3 ]8 k        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 / c# Z" S" P2 X- l
        Resubmitted  odp: drop ; _  V# j  k5 t
        Rule: table=1 cookie=0 priority=0 + M" z/ _5 H( \6 r7 w- N  n
        OpenFlow actions=drop! i6 {3 I2 M' a8 [0 ~5 c# C
& b" k* c/ k( q9 Y! h. ?. M
Final flow: unchanged
  N( J' b4 t+ J- A- O9 pRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
2 \3 W3 b/ A  X, P$ }. b" y  HDatapath actions: drop  E; S% @& m( m6 Z: [

* b; }0 a3 h3 _  z1 x实现第三个Table 2: MAC, VLAN learning for ingress port; F, D& Y) c- v* Q4 T+ }; l

# S/ p3 E/ O* s3 _* A: @对于普通的switch,都会有这个学习的过程,当一个包到来的时候,由于包里面有MAC,VLAN Tag,以及从哪个口进来的这个信息。于是switch学习后,维护了一个表格port –> MAC –> VLAN Tag。
! e: x" R) H1 M1 R7 j7 D$ j% H: W- F" _
这样以后如果有需要发给这个MAC的包,不用ARP,switch自然之道应该发给哪个port,应该打什么VLAN Tag。
+ y) r! h! E) M9 T( h0 v0 D
3 w4 k$ T& J0 Q8 |  ~OVS也要学习这个,并维护三个之间的mapping关系。5 ~0 h' h' f. |4 Z6 o
! w- p3 E5 F! c" t1 \4 v
在我们的例子中,无论是从port进来的本身就带Tag的,还是从port 2, 3, 4进来的后来被打上Tag的,都需要学习。6 F; w8 T. k) E9 B! d" B8 l* m
5 K6 T. L: M, c6 z; q, g
sudo ovs-ofctl add-flow helloworld "table=2 actions=learn(table=10, NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]), resubmit(,3)"
+ e% j% U5 j+ u/ k
4 i% ?- l4 f" x! g这一句比较难理解。! @% ^0 g4 L. z, Z
+ r0 J, X' Z9 d2 h- T( R
learn表示这是一个学习的action' s# A6 t" h  f$ X" ?" T3 T5 F

/ Y) m5 \5 [9 ]1 t3 ]4 v2 Stable 10,这是一个MAC learning table,学习的结果会放在这个table中。  x2 |8 D& u" `% h' a

/ e* B. H6 }& ^5 r* n; bNXM_OF_VLAN_TCI这个是VLAN Tag,在MAC Learning table中,每一个entry都是仅仅对某一个VLAN来说的,不同VLAN的learning table是分开的。在学习的结果的entry中,会标出这个entry是对于哪个VLAN的。, `6 y& Y) ]2 A' J) L( G

" D* O' n, M% V2 DNXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]这个的意思是当前包里面的MAC Source Address会被放在学习结果的entry里面的dl_dst里面。这是因为每个switch都是通过Ingress包来学习,某个MAC从某个port进来,switch就应该记住以后发往这个MAC的包要从这个port出去,因而MAC source address就被放在了Mac destination address里面,因为这是为发送用的。  @+ t; \4 b5 m, D; F" T3 B
1 K% ?3 J8 w6 F. o  Z
NXM_OF_IN_PORT[]->NXM_NX_REG0将portf放入register.  L2 ^6 N$ y+ y8 z/ V; J$ J

2 e, x6 g# V) Z; K% t+ o一般对于学习的entry还需要有hard_timeout,这是的每个学习结果都会expire,需要重新学习。
# I1 j/ A4 [& A* k
3 v' P2 k% |& X$ ^8 [+ y我们再来分析一个实践中,openstack中使用openvswitch的情况,这是br-tun上的规则。
# o6 l  J2 t+ w; n; a& E! D: |4 e3 o# M! u) {" X, w1 l" {3 g
cookie=0x0, duration=802188.071s, table=10, n_packets=4885, n_bytes=347789, idle_age=730, hard_age=65534, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1 # M$ F$ D) u5 `/ P) a# M
cookie=0x0, duration=802187.786s, table=20, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,21) ' l  \' z7 J# p9 _9 m. f5 L4 P
cookie=0x0, duration=802038.514s, table=20, n_packets=1239, n_bytes=83620, idle_age=735, hard_age=65534, priority=2,dl_vlan=1,dl_dst=fa:16:3e:7e:ab:cc actions=strip_vlan,set_tunnel:0x3e9,output:2 6 T: m3 w! T* v9 V  d# L; }
cookie=0x0, duration=802187.653s, table=21, n_packets=17, n_bytes=1426, idle_age=65534, hard_age=65534, priority=0 actions=drop
$ Y' A6 y4 J  v9 x- Q2 Y1 Ucookie=0x0, duration=802055.878s, table=21, n_packets=40, n_bytes=1736, idle_age=65534, hard_age=65534, dl_vlan=1 actions=strip_vlan,set_tunnel:0x3e9,output:2
7 c9 u) w9 S5 M) A4 e
% T# x! l4 T( y; t/ P" ?这里table 10是用来学习的。table 20是learning table。如果table 20是空的,也即还没有学到什么,则会通过priority=0的规则resubmit到table 21.3 D! T9 r  j- p2 _

9 Y0 u" x- P6 h+ N* L/ R, gtable 21是发送规则,将br-int上的vlan tag消除,然后打上gre tunnel的id。
  n1 c* Q* _8 N5 K' o' Q4 R5 {4 Y- g
- M* k1 {% L1 _; W上面的情况中,table 20不是空的,也即发送给dl_dst=fa:16:3e:7e:ab:cc的包不用走默认规则,直接通过table 20就发送出去了。- A9 e- W0 {2 @: y& j6 \. J

0 \, @0 I( y. c* W' D- ptable 20的规则是通过table 10学习得到的,table 10是一个接受规则。最终output 1,发送给了br-int
1 u! T3 \4 u8 B2 \& t& t3 K8 g
, Z$ \% v3 T( I& d2 F- q7 \NXM_OF_VLAN_TCI[0..11]是记录vlan tag,所以学习结果中有dl_vlan=1
  l$ X9 m  Z1 f
" Q. i0 D5 H# [) A( p* f  y& H9 t& z: wNXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]是将mac source address记录,所以结果中有dl_dst=fa:16:3e:7e:ab:cc# }4 p% s3 ~6 N

2 F" r! k% p1 x! I. i9 W! B$ c5 nload:0->NXM_OF_VLAN_TCI[]意思是发送出去的时候,vlan tag设为0,所以结果中有actions=strip_vlan8 [# z* s$ u* Y1 U
, J; x' S6 t4 Y6 z* T- [' V
load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[]意思是发出去的时候,设置tunnul id,所以结果中有set_tunnel:0x3e9. Q2 C0 |7 h; N* X6 J  T
- c' Q2 F, p, L( A
output:NXM_OF_IN_PORT[]意思是发送给哪个port,由于是从port2进来的,因而结果中有output:2
0 g2 s- \8 h; A$ `( O1 N- y# D- ], Y; ]. ~- F: D
测试一:从port 1来一个vlan为20的mac为50:00:00:00:00:01的包
( w. W6 s* o8 t! L
3 y1 ]# r" s3 J& |& {$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=20,dl_src=50:00:00:00:00:01 -generate   5 j% n$ O" O% d7 @
Flow: metadata=0,in_port=1,vlan_tci=0x0014,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
- M- F5 l- Z9 @* {8 ?( u, CRule: table=0 cookie=0 priority=0
0 o. c6 C4 K' l/ EOpenFlow actions=resubmit(,1)
- Y8 ~: ~( C1 {; p$ b7 ^/ {
/ K' f5 P. N& J- j# T) d        Resubmitted flow: unchanged
* h4 M+ W5 W3 s! p' x9 D) @        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 * L) ]2 B0 O8 m) z9 o
        Resubmitted  odp: drop , g$ C! b9 Z4 `5 l
        Rule: table=1 cookie=0 priority=99,in_port=1
; @5 E! S1 Y5 u1 V; z: S        OpenFlow actions=resubmit(,2)0 v8 I/ B% O$ p. q, E

* C  ?2 B5 T% F% n" j" c                Resubmitted flow: unchanged
- G5 _2 V) Y' N9 D; B                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ k. O" p4 K1 s: q& E. f  S- X% \                Resubmitted  odp: drop 8 Y0 ?, O, D0 s3 ]
                Rule: table=2 cookie=0 $ V& b( O( C: B9 N! c) y
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
( s* c) k2 z; U0 `. t4 d/ z% j* E- L9 Y  A0 c. i2 a) q
                        Resubmitted flow: unchanged 7 A0 T: j* q  I5 R
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0   C: u$ G+ O, c  |4 o
                        Resubmitted  odp: drop ' [- ]* n  j6 B
                        No match
! F9 @1 r% C, E7 W, e$ ?' ]9 ]$ B; q7 a2 E
Final flow: unchanged ) m4 w$ ?* B; b+ j" S
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 5 Y& e# ]$ F+ c5 i' W
Datapath actions: drop
2 W$ g1 h1 p9 _, e9 q5 [& ]3 L( ?: L- y$ g) T7 Z" u
$ sudo ovs-ofctl dump-flows helloworld " [% M$ M+ M; Y+ ?7 A
NXST_FLOW reply (xid=0x4): ( w$ r6 H) Q9 C5 j
cookie=0x0, duration=90537.25s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) : \8 b6 `' W2 g' |7 J
cookie=0x0, duration=90727.209s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 3 j) V# o. A- S: q0 c; U1 t
cookie=0x0, duration=90662.724s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop ; Q2 p; e4 c7 R; Z2 Q
cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
/ g4 a* r0 o4 H1 Dcookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
* d8 D8 _0 a' i+ vcookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) 0 k$ Y. X- D0 U4 J
cookie=0x0, duration=86278.986s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) : V9 K& h9 |- I# z. p5 O/ {/ f
cookie=0x0, duration=86357.407s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop ; \" ]  i0 A2 B( r& N
cookie=0x0, duration=83587.281s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
3 {1 o( l" d# j3 O5 v- v cookie=0x0, duration=31.258s, table=10, n_packets=0, n_bytes=0, idle_age=31, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
7 e7 e% s; F  T+ H2 o5 @7 V6 G- ^! j) Y, I7 l: `) E3 \
table 10多了一条,vlan为20,dl_dst为50:00:00:00:00:01,发送的时候从port 1出去。9 l" G9 Y# I+ X% J) y3 M2 r2 f

* @) u4 U5 K9 S. _# H/ [1 u( R测试二:从port 2进来,被打上了vlan 20,mac为50:00:00:00:00:02
: n* C8 t: ]  l! h7 s1 b  _. G6 b# _" R2 A
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=50:00:00:00:00:02 -generate   
0 }# l0 B6 d* @& y5 D- _Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000 : j9 R, \2 V2 d) {$ Y- D1 E) m+ u
Rule: table=0 cookie=0 priority=0
! t0 A  k% P- y& @OpenFlow actions=resubmit(,1)
+ f. c% a; @2 h' u6 o) _& c" J# \5 H2 e8 T
        Resubmitted flow: unchanged : p4 B. T; u* `* @& {+ a
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 6 c0 A* S: q, I1 W6 l# T, m7 W. W4 Q
        Resubmitted  odp: drop
% g% I. o9 A4 k9 F: W& ~. g7 K' i/ G        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 " i' S6 r% T6 e$ y
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)  W% S4 a/ }# p7 m& Z& `% I

  D" V5 o, e# [+ }8 K                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000 6 U7 K+ P( W4 l$ \  e/ [8 @0 |3 W* i
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
  K) Y; e" n6 z0 {& H                Resubmitted  odp: drop # ~3 C' m1 R$ \
                Rule: table=2 cookie=0 - E' r0 ?+ [4 {8 e; z
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
1 p  @( C( j$ M$ ?8 f1 [; c# B2 A7 N
3 J: Y/ o3 H  r7 u' q                        Resubmitted flow: unchanged
( M6 j: E! }7 u4 k                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ! t6 r; d. T1 ~! d" ~" T7 c; w# R3 I; S
                        Resubmitted  odp: drop
/ l8 G0 D( I8 z3 i3 j: F! R                        No match0 j- z( `' |/ D+ m( y
8 r, K5 m  P& s6 y3 K/ z- u3 V
Final flow: unchanged
% ]( q2 w7 n0 J( B' W* i! {. vRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no / y3 O2 b3 T, J
Datapath actions: drop/ L9 l# D; n$ g  q
* f# q$ ]1 \7 e9 Y, I0 f8 R
$ sudo ovs-ofctl dump-flows helloworld                                                 ) B, Q% ~; c" O+ @7 E
NXST_FLOW reply (xid=0x4):
8 f% r4 Z& @. k! R$ B) ocookie=0x0, duration=90823.14s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
% d; A5 Q0 o* A3 O  p) Lcookie=0x0, duration=91013.099s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop . @  O: `6 S# N5 V
cookie=0x0, duration=90948.614s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
8 q3 f" y0 P; J/ Qcookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) ; W" e* q% f# @/ P4 x0 I3 P6 [
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) * m# G- `6 A' H; s. N! n& j
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
9 O3 h5 E7 t8 `cookie=0x0, duration=86564.876s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
% n  J( A2 L8 r+ d; Pcookie=0x0, duration=86643.297s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
* [2 O- m7 x" X- O$ Mcookie=0x0, duration=83873.171s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) 8 G/ }/ [2 H0 \& f
cookie=0x0, duration=4.472s, table=10, n_packets=0, n_bytes=0, idle_age=4, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
! {# h+ ]$ C  t# }$ B( z- X  fcookie=0x0, duration=317.148s, table=10, n_packets=0, n_bytes=0, idle_age=317, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]7 e% o8 s8 U5 S; V& r

8 ^7 I  w& v9 M$ Z3 j实现第四个table 3: Look Up Destination Port
8 o- G- G" ~$ Z3 [! R& X. c
) y, D4 L' M0 e在table 2中,vswtich通过进入的包,学习了vlanid –> mac –> port的映射后,对于要发送的包,可以根据学习到的table 10里面的内容,根据destination mac和vlan,来找到相应的port发送出去,而不用每次都flood
/ r4 L3 }% Q$ `# _9 F/ Z. S# [
  h7 L! _( u3 |1 x, A$ T# _! Nsudo ovs-ofctl add-flow helloworld "table=3 priority=50 actions=resubmit(,10), resubmit(,4)"
1 C' o. c$ a& l# q1 g% B, w3 Z
, L* }4 n* M4 M/ I添加这条规则,首先到table 10中查找learn table entry,如果找不到则到table 4, j; \9 k8 O3 x
0 @; Z6 t; F4 M7 {; P+ `" S7 E' Y
如果包本身就是multicast的或者broadcast的,则不用去table 10里面取查找。8 _8 e8 l  l- {' @6 H8 A! n

3 w3 F$ N6 a" ]" q, Bsudo ovs-ofctl add-flow helloworld "table=3 priority=99 dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4)"
4 E. Z9 V- m0 h; j1 }4 ^
3 a+ M3 M  Y3 u8 d) c  T' q我们进行一项测试
& m# B7 l5 s  _0 ~" a) F
5 j% b9 f1 }$ z3 h6 b$ `* r$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate   
# I  U. A) i0 ^% e  w9 Z0 ^8 jFlow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 ( o8 R! J/ }& e4 O
Rule: table=0 cookie=0 priority=0 ' B( _9 w8 z; j; J. f# d
OpenFlow actions=resubmit(,1)
" {& j8 D1 Z" ]
5 c0 t1 t2 ?; q        Resubmitted flow: unchanged
+ f8 X- @$ q, r        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ( Q  R# _3 |, |8 J# k% m
        Resubmitted  odp: drop
& z1 y* w2 d( `" b        Rule: table=1 cookie=0 priority=99,in_port=1
/ _1 V" n, ?% b/ E& W# T; Z        OpenFlow actions=resubmit(,2)
3 K- ~: f0 J. q' U0 @- ?. @. ?4 U/ N2 ?( N1 w
                Resubmitted flow: unchanged : M0 f5 s; f7 B- w' |
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
9 }( N$ U& n: t* |  P  `                Resubmitted  odp: drop
& {, ^$ _; I1 h                Rule: table=2 cookie=0 7 b) T, ]9 g! z$ W
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
) {! y* d) \- P8 r- F6 }& x4 v6 u
0 k- _1 _2 m- J: l) P* L                        Resubmitted flow: unchanged ; U' }( X6 K& _( v; T/ m, i
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 3 t8 }; F0 h( N% h) n7 q
                        Resubmitted  odp: drop   `6 @5 Z8 w8 h  t0 Q
                        Rule: table=3 cookie=0 priority=50
# F; t( }. _, L9 C0 N4 x                        OpenFlow actions=resubmit(,10),resubmit(,4)
7 O$ r9 j. Z+ Y& a% m- I% t* h5 b& d0 A* V1 e
                                Resubmitted flow: unchanged , z2 w5 F! p1 `& x; b0 [* }
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 * ^1 @, y+ E3 p; c: Y5 H/ ~- w; g
                                Resubmitted  odp: drop 5 u3 y; s/ o) ]) l: ]/ L6 f
                                No match
. o, W% k  c9 u! ]$ a+ n3 }( }; S# m8 c5 B* t: v9 `6 q+ _, Z: }
                                Resubmitted flow: unchanged 8 p& w, t( k0 f6 J
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 / [5 N5 N( {8 E( [/ I+ ]
                                Resubmitted  odp: drop 6 o- ?* j7 s6 o( ^7 m9 B
                                No match
1 d0 ?- F: Q' I! M) I
: O& j6 p1 e! [$ E/ T4 FFinal flow: unchanged ) N7 m5 x% U+ r5 Z9 S- [' P& S: z
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no
7 _" x' v" \+ `Datapath actions: drop& b4 b# c& l$ w3 }4 j4 ?  `

- \4 p8 E5 R1 g2 w. {# X由于目标地址f0:00:00:00:00:01没有在table 10中找到,因而到达table 4.
4 T2 o! i; H$ z( h& y, ?% S0 y+ t8 f5 e
但是这次测试使得table 10中学习到了mac地址90:00:00:00:00:01
) d5 J1 G; c! @% N* x' b" J% B3 S' J9 r) `5 ~; q
$ sudo ovs-ofctl dump-flows helloworld & T) a5 E1 [+ E4 s7 v0 V, x6 `: {2 j
NXST_FLOW reply (xid=0x4): 5 c" N; @0 \0 Q7 d- @7 Y9 E- y- ~
cookie=0x0, duration=91588.452s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) / _7 }/ X9 j8 D' O! |
cookie=0x0, duration=91778.411s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
2 u' l  Y$ O( y- @( J) jcookie=0x0, duration=91713.926s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
1 t' ~9 x# X, j0 Jcookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) ) ^  o3 R$ F" R- G, J/ ^
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) & V3 i0 r0 n& h* Y, W
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
. k1 j* n- _" b/ }! P0 `4 f6 Dcookie=0x0, duration=87330.188s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) . h! ?8 t  a) h# [
cookie=0x0, duration=87408.609s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
0 Y7 q( @/ r2 A* G1 Z# j1 kcookie=0x0, duration=84638.483s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) ) B7 J' ^5 V6 C1 y0 v
cookie=0x0, duration=352.841s, table=3, n_packets=0, n_bytes=0, idle_age=352, priority=50 actions=resubmit(,10),resubmit(,4)
, F- R9 H$ y9 J5 t* _, T" lcookie=0x0, duration=212.704s, table=3, n_packets=0, n_bytes=0, idle_age=212, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) # P: f% W2 r9 g. t
cookie=0x0, duration=117.364s, table=10, n_packets=0, n_bytes=0, idle_age=117, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15] 9 I' `! O, h. I- Q% ]0 U4 p
cookie=0x0, duration=769.784s, table=10, n_packets=0, n_bytes=0, idle_age=769, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] : m9 T1 U5 a, P2 A, Z( @
cookie=0x0, duration=1082.46s, table=10, n_packets=0, n_bytes=0, idle_age=1082, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]6 i, a* N# w& z+ t' n) c: H; C
- z& M" G1 k% V3 W+ R; u& O1 x
下面我们进行另一个测试
% }0 y" @. b1 H4 @
/ ^1 O0 ?$ ^) j, u" K' m0 ^. r$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01 -generate   - ]. Z) y0 ]2 t% s2 t' V. V; V
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
' H3 g  n4 p# k$ {Rule: table=0 cookie=0 priority=0 5 a* c9 O" G7 i) u/ F
OpenFlow actions=resubmit(,1)( ~' l) _# o5 u9 S+ d5 M

+ v" K" c9 d- u4 v7 B        Resubmitted flow: unchanged
  _4 ~8 b: u- D) y! O        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
5 v: {& l' L! u        Resubmitted  odp: drop 1 z: _1 o* L9 u; l- A
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000
5 A; U6 \* a( ?! k6 P1 @6 N        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
; q4 Y5 p! f, W2 f1 Z! s0 x5 O- j5 x: X$ f4 |6 J" @% P! d, P: Y
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000 + b) p5 v: O: P" p- B3 ]
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 + u0 m# f# [, t" p/ ?. k! w% v
                Resubmitted  odp: drop
, K& ?$ X! @4 K5 t7 R                Rule: table=2 cookie=0 ( U* m( v7 n% x1 n3 J- F0 [, A+ H8 [- I
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
3 ~- ~* Z2 H# T. T8 l* B' ]  x+ s: O2 x. E  {1 ]& _4 L
                        Resubmitted flow: unchanged
) Y2 `8 J" x8 F& m. U3 O                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & o9 F0 X" t4 C* v) r4 z
                        Resubmitted  odp: drop - Y" M/ A% o% V. {8 U
                        Rule: table=3 cookie=0 priority=50
4 n/ M6 b5 B8 b- g' `                        OpenFlow actions=resubmit(,10),resubmit(,4)5 x1 Y: D/ @# y1 K
. p2 E( A  _4 I9 n$ i
                                Resubmitted flow: unchanged
' s' K" c9 g9 T& o3 |: V  o# x                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
5 m; i7 a/ m# e# H                                Resubmitted  odp: drop
6 H6 l5 i% E' a                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 % C; G! L; G3 K$ V- x
                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]2 N6 i; g! g; {2 @1 a5 O6 d" Q
% g9 d- b% c$ O8 E
                                Resubmitted flow: reg0=0x1,metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
: t  J, x0 W$ m  m5 v7 Y                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 7 l2 L" ]% b% ~0 J2 P
                                Resubmitted  odp: drop 0 Q, H# y* ]( k+ a/ w
                                No match7 ^: i2 B( t8 L( \8 R5 w

. y7 X* }) M! L9 f- W* j# s1 xFinal flow: unchanged % n. N. O' M7 {
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000,nw_frag=no * A, J) u$ y5 g) X8 I
Datapath actions: drop
: o$ b; D" k6 m0 Z6 E( J2 u
$ j* a  s& q. G, ^9 M8 S因为刚才学习到了mac地址f0:00:00:00:00:01,所以这次在table 10中找到了这条记录,这次同时也学习到了mac地址90:00:00:00:00:01
& E! w! ~9 x5 T  V$ Y. T7 {3 {! }  C% @8 r6 i' h& t7 B4 Z
下面我们再发送第一次的包3 _- U+ b9 C' a2 |# J+ g3 Z

# E  e4 o8 j5 K$ {& o$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate 5 x0 C# ?  B8 o& t& W7 ~
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 " Z1 M( E2 E8 P7 E9 [
Rule: table=0 cookie=0 priority=0 0 l3 H  g( q( I+ C
OpenFlow actions=resubmit(,1)
5 J+ ]- U. Q; u, g* J0 a9 s# J9 i1 b. ^+ c5 _; A
        Resubmitted flow: unchanged
/ T# O# A9 T( B: x% e        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . C! g, i% J# k; [* {& S
        Resubmitted  odp: drop
; l/ K* y  O. V7 Z) G        Rule: table=1 cookie=0 priority=99,in_port=1
: ~& J. j9 V, U) b/ ?$ o6 p        OpenFlow actions=resubmit(,2)
; k+ K7 h6 K$ J/ E4 }; {+ I& H' P6 T
                Resubmitted flow: unchanged
! K. E. M. X& j6 O3 Y                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& {3 C) @- M7 M                Resubmitted  odp: drop   H# m+ A7 j1 F; q% S
                Rule: table=2 cookie=0
. d3 `0 t; S0 ?* I# w& P                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
. K. m6 r$ ^# X9 C* w# e1 ^7 Q$ J- h7 e
                        Resubmitted flow: unchanged
$ W* G. J) T' n                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
9 q2 }2 |! o2 }                        Resubmitted  odp: drop
7 D# s2 d, G; q7 p* y4 J% \3 B                        Rule: table=3 cookie=0 priority=50 - _0 i" Q) E0 J# m
                        OpenFlow actions=resubmit(,10),resubmit(,4)
1 a& ~, x+ v; k- T, e) [  o
/ D1 k4 v* _/ C3 X                                Resubmitted flow: unchanged - O2 p* ?8 q' G% [$ a3 n1 G' k
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
0 c7 ?& J0 w' q; s/ L8 `                                Resubmitted  odp: drop : u9 z2 ~1 Z  b9 P" E* [( e$ S
                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01
0 C! s+ \/ |/ d( \3 a                                OpenFlow actions=load:0x2->NXM_NX_REG0[0..15]
1 o6 H, p  {# ~- B0 x2 |0 F& F! j+ h, S6 m
                                Resubmitted flow: reg0=0x2,metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
2 g. b6 Z9 h/ T1 J                                Resubmitted regs: reg0=0x2 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ' q  i2 }* V% |( J2 P- f
                                Resubmitted  odp: drop
9 T; b* f' z* @4 x* ~) m4 D& J                                No match
; D* F8 _7 G4 z
1 b$ j- G. i0 S8 e1 jFinal flow: unchanged
' Y# B0 ]3 j/ h/ T. [Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no 5 F" s& ~% q) l2 b1 m
Datapath actions: drop, X. l' s4 Z- d; O
0 H+ G  P+ N1 |! x+ F
发现也在table 10中找到了记录$ l: _" Q+ m* {' p7 Z9 G

+ s. `9 t* Q' z  I实现第五个table 4: Output Processing, B7 ?! p& C. P* ^9 D( @6 o

) R( v0 d- k/ I; D这个时候,register 0中包含了output port,如果是0则说明是flood。
( j, ?; ~1 ?8 _4 S; [# f7 P" w2 o: }7 |
对于port 1来讲,是trunk port,所以携带的vlan tag就让他带着,从port 1出去。  t1 m$ ^5 d9 O' [$ @3 S/ |

% W+ o5 a3 ?# j( m; L' V* l' isudo ovs-ofctl add-flow helloworld "table=4 reg0=1 actions=1"
3 ]' U8 o: s) f4 Z# V1 @5 R# g0 P
( C+ I" i! S* m% R* t7 B; G# C对于port 2来讲,是vlan 20的,然而出去的时候,vlan tag会被抹掉,从port 2发出去1 X# q3 }; L6 l& r- k; U2 ~3 W

  f* u3 I0 z  v2 K- Q6 U对于port 3, 4来讲,是vlan 30的,然而出去的时候,vlan tag会被抹掉,从port 3, 4出去
& h* I. e/ O3 r0 P$ m7 @! v1 N! d/ E9 u9 l5 P9 {4 |' v
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   ' b3 C; P; m+ O  y$ ^9 Q- r, e9 E
        table=4 reg0=2 actions=strip_vlan,2 0 U& U7 C& F2 j1 V) N# j# |; }9 F
        table=4 reg0=3 actions=strip_vlan,3 6 }5 A8 A. t, n3 Y4 c
        table=4 reg0=4 actions=strip_vlan,4 , o: [! v+ a6 J. Y0 A7 T( \. u
EOF. J4 w4 ^! A# J* q9 C# u

; i8 K2 ]2 {' T3 L( m对于broadcast来讲,我们希望一个vlan的broadcast仅仅在这个vlan里面发送,不影响其他的vlan。6 ]. m8 T8 z0 ~5 O) p

1 H9 p4 Z+ q% r/ w) n# T& m7 }$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   
& U1 n& R* N0 ^( k        table=4 reg0=0 priority=99 dl_vlan=20 actions=1,strip_vlan,2
- {3 c  r+ _& Z7 t* x        table=4 reg0=0 priority=99 dl_vlan=30 actions=1,strip_vlan,3,4
- L- H! N/ \6 V# T1 Z# Z0 s, }1 R        table=4 reg0=0 priority=50            actions=1 # m$ Q$ A: m( v1 o2 i5 k9 q
EOF
( T) _7 b# Y& G  h# p! h. k6 ~# S2 a0 C4 ?0 _
所以对于register = 0的,也即是broadcast的,属于vlan 20的,则从port 1, 2出去,属于vlan 30的,则从port 1, 3, 4出去。
# [5 n- a8 `2 x6 D$ @$ _. X5 \* Z
% q; U- t; |6 {) z. n; Y6 g4 t$ d$ sudo ovs-ofctl dump-flows helloworld + t( \7 @# A8 `' r
NXST_FLOW reply (xid=0x4): 3 f" ]. G  ~5 }
cookie=0x0, duration=92909.119s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) - C/ P3 e$ d7 F6 c0 W/ N2 v
cookie=0x0, duration=93099.078s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 0 {1 J( s* M3 G+ @
cookie=0x0, duration=93034.593s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
' O/ v$ y4 c/ U$ r: ~$ d9 Acookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 8 ~2 O; P" d* o6 ]1 R% {* a
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) % k8 b; n, J; v3 V
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
2 G) b# N: Z( r/ _1 X% \( Jcookie=0x0, duration=88650.855s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) * z2 K: y. g2 s' L+ f. s% H
cookie=0x0, duration=88729.276s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
) ^, s* t5 F1 ]cookie=0x0, duration=85959.15s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
0 \) g! m& w: }% z3 Q8 fcookie=0x0, duration=1673.508s, table=3, n_packets=0, n_bytes=0, idle_age=1673, priority=50 actions=resubmit(,10),resubmit(,4)
6 Y+ f% ^' {& y- p4 U# z+ kcookie=0x0, duration=1533.371s, table=3, n_packets=0, n_bytes=0, idle_age=1533, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) . b. ^& ]9 e8 P% c0 s: l
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x3 actions=strip_vlan,output:3 ( m' P' u6 F* _8 u' X2 c; R
cookie=0x0, duration=228.839s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=50,reg0=0x0 actions=output:1
. t4 a. O4 A; {" ?cookie=0x0, duration=483.068s, table=4, n_packets=0, n_bytes=0, idle_age=483, reg0=0x1 actions=output:1
5 b1 i+ T: g! b7 N( x; f6 {cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x4 actions=strip_vlan,output:4
0 m( d% S$ U; J+ i* C+ k* f/ _cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x2 actions=strip_vlan,output:2
3 U3 \/ ^6 T8 o( K  @# g: ocookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=30 actions=output:1,strip_vlan,output:3,output:4 0 X/ _- H& f3 S. p  q2 l
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=20 actions=output:1,strip_vlan,output:2
3 h! F5 P% i( hcookie=0x0, duration=1438.031s, table=10, n_packets=0, n_bytes=0, idle_age=1438, hard_age=1109, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
# C& M1 f$ I8 O4 g5 K/ ^. K# \% Ecookie=0x0, duration=2090.451s, table=10, n_packets=0, n_bytes=0, idle_age=2090, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] , C# |$ K( h1 G  b
cookie=0x0, duration=1258.881s, table=10, n_packets=0, n_bytes=0, idle_age=1258, vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15] & I6 ]4 W! x' r  _, V3 Z
cookie=0x0, duration=2403.127s, table=10, n_packets=0, n_bytes=0, idle_age=2403, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
: X: V# Q# H5 r: N& c$ f
% i3 p! q) c5 m. P2 T首先来测试一个multicast和broadcast% U* U; ?& q0 ]6 X+ E
# S. A; k0 _* v
如果是一个port 1来的vlan 30的broadcast. G5 r1 D2 j1 a/ B

' J0 G& X$ P: U. u3 U$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=30 " e" W  b+ Q; m, T
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
' a9 A, _% Z* oRule: table=0 cookie=0 priority=0 6 d( q9 w5 _) I5 D
OpenFlow actions=resubmit(,1)
) U% m3 ?) `8 B8 L
9 U; B6 l/ |; Q# Y6 L- U9 K        Resubmitted flow: unchanged 2 v) H  J1 [& q$ p
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
2 q1 X* O: A6 b" d        Resubmitted  odp: drop 5 H/ H7 g* f7 O1 y$ h
        Rule: table=1 cookie=0 priority=99,in_port=1
5 C  K, I$ l0 S  X( i, S+ P        OpenFlow actions=resubmit(,2)* R, A8 [5 M1 Y3 t* H

; c7 V) X: _& u3 e- Y                Resubmitted flow: unchanged ) X: d7 l) O$ t& d( E  k
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
! I" M' K7 `  N7 W; R                Resubmitted  odp: drop 5 b6 B) G# y' r8 |$ z% L- {
                Rule: table=2 cookie=0 ( C- i* [  E# S2 g0 [5 o
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
. T9 L3 M% I7 H1 t3 o6 C
* J1 p/ u" }+ _                        Resubmitted flow: unchanged / Z, Z6 G; }5 K; o
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ |( t) d  m* \' f1 g                        Resubmitted  odp: drop $ r( Y! u0 l7 [2 z9 n
                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 3 _' U/ M0 [8 s/ P9 D4 X( r" V
                        OpenFlow actions=resubmit(,4)
3 w# ^; K6 c. z3 R( p+ V; N
: N' j( H3 u* i) \3 |( ]                                Resubmitted flow: unchanged 5 h1 w- a, A% t9 @/ @3 w6 F% ?
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
4 T0 u! k. a( l4 ^                                Resubmitted  odp: drop
! B% m# ^. Z, Z* g4 y8 [# s. \  S                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
5 N. {# {( c: K                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 ' W! M: @2 y* ?, `4 V
                                skipping output to input port1 W6 `# i+ Y/ s
. F/ v8 Y5 r1 k  G. t
Final flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 0 n; `8 R- N. H; D( y3 u* E
Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
+ E5 E5 A, k2 }0 C8 S: oDatapath actions: pop_vlan,12,13
5 a* K+ y5 S! A# P1 P
& `( h& Y6 s/ e/ B5 H, V. M/ k! R结果是port 1就不发送了,发送给了port 3, 44 ^) a4 Z  }/ @" G$ f; d
% R0 v) N/ y, P4 s7 Z. j
$ sudo ovs-appctl ofproto/trace helloworld in_port=3,dl_dst=ff:ff:ff:ff:ff:ff 5 q; s% x; p5 B0 W) h2 [
Flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
, D! \2 K3 a7 M! s; A7 `Rule: table=0 cookie=0 priority=0
/ r7 \$ g7 w1 _; s8 POpenFlow actions=resubmit(,1)
8 g! a4 h' t8 b; j1 w( ?& N
( x' a- p. V; L1 Z% h+ F% S        Resubmitted flow: unchanged - `8 a9 R9 ]+ [( F6 M& Q
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
; c+ a: z! l% r3 E6 o        Resubmitted  odp: drop % d, i4 _6 o% h
        Rule: table=1 cookie=0 priority=99,in_port=3,vlan_tci=0x0000 # Y. [4 t4 b8 j0 C
        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)- g' r0 I; g4 S0 b, V& F6 a
5 n) V+ B' G7 D0 ]4 y! M1 N  o
                Resubmitted flow: metadata=0,in_port=3,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 6 s- V7 w6 B9 A: {$ b/ V) h
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 # q. b) K. G9 |) _: D2 f
                Resubmitted  odp: drop
/ h( Y1 _# Q6 ?% C  n) D! f                Rule: table=2 cookie=0 $ _- q8 y$ l- i+ o$ B
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3). v5 j( t9 n! _' U, S& |

* M$ ?8 P( J3 m                        Resubmitted flow: unchanged   u) R# C$ q9 R+ n3 C- s  A# P& K% u. [
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 * S* `2 W9 X8 y( ]$ t& p8 J
                        Resubmitted  odp: drop
0 ?. _: ]& [9 _; u8 O3 E8 Z, `- _                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 7 o  l0 y, Z0 t6 ~6 t% X
                        OpenFlow actions=resubmit(,4)! h3 u3 U3 |* s2 V- b
& s$ C4 y9 K# w$ f) L
                                Resubmitted flow: unchanged
+ N* ~. M5 Y" ~6 n" u) U( C) {; B                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ F! A" `6 ?, ?! Y6 J4 ^& X0 A7 q
                                Resubmitted  odp: drop
( z2 B9 S% C) S" y7 f* b                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
5 \% x; K9 a) @( A1 l/ U                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 , X) L- Y' a* ^5 t& r- g5 C
                                skipping output to input port
1 \( z4 P: m* |  V; |/ y- K. P1 t9 b0 _& {4 g) k
Final flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 ) i. P" Y' k* M7 I* z
Relevant fields: skb_priority=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 2 S( e8 j# f3 H% M% N
Datapath actions: push_vlan(vid=30,pcp=0),10,pop_vlan,13
6 M  N2 U) z/ h. I0 [" |
0 f3 @: ~* N* J4 i" v9 y3 @接着我们测试mac learning4 E2 N2 c  h: O* T0 |! L

9 x+ T! x9 [4 B. s5 y3 Z$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate   
( d# b% V8 S  ^' WFlow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 $ j( ^5 g! x! q1 k, |
Rule: table=0 cookie=0 priority=0
# r$ w/ _' |/ OOpenFlow actions=resubmit(,1)" H- `( s& P; p  B8 e, P8 f5 i

' h+ C! M$ R. d4 T7 ?        Resubmitted flow: unchanged ; m' a& U9 [5 x+ [+ l
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
. \, r- _8 D" p/ p# `/ k: `- J* N        Resubmitted  odp: drop
* `  S  I2 m0 {3 ?* c) f0 F: {' [        Rule: table=1 cookie=0 priority=99,in_port=1 2 A, L4 @( c$ Q# W& h
        OpenFlow actions=resubmit(,2)
0 W% n" Y. Z! Y- W% M8 A9 Q3 W7 t7 f. t+ r
                Resubmitted flow: unchanged : h, L9 K" D+ Y6 @! Y" H. Y2 H
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 1 ]$ S0 D# x6 G  s
                Resubmitted  odp: drop 9 C$ D, \9 x& _" |8 k  s+ n
                Rule: table=2 cookie=0
' X# r$ Q1 q& I( E: t" n9 v                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
, H2 y; h4 B2 ^  e7 _3 }' Y( C# a, z6 c/ u
                        Resubmitted flow: unchanged
6 X6 @  ?- b& b+ d& e                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
5 ?1 `3 K# Q/ `4 x* |                        Resubmitted  odp: drop - b/ U( f3 X* s
                        Rule: table=3 cookie=0 priority=50 & g8 p0 }6 k( F. R8 u& r* @# y
                        OpenFlow actions=resubmit(,10),resubmit(,4)
8 y3 s. E) ]; m1 P" S; i! V* m% l- o5 E1 t% Y0 \  V
                                Resubmitted flow: unchanged
9 k8 b% K- h  d! g                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 8 H2 e. M' l7 [4 H
                                Resubmitted  odp: drop 7 T  w* h! B: ]) e3 F0 u
                                No match/ `# I% Y9 x5 b
7 R/ v# B+ r; @1 W
                                Resubmitted flow: unchanged , N9 z9 e: p8 T* h( V  c) [
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 7 m/ s3 s7 u/ [+ t) U3 X$ f
                                Resubmitted  odp: drop
1 E  }: i% v+ L. O' D                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
2 D$ }  P: {- I1 W                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 . R1 z* ]6 }3 t8 _$ ?+ ?
                                skipping output to input port
4 l9 J7 g9 E7 _
8 A* W( D" E( Q+ e: AFinal flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 7 ^5 P3 o" r( f$ S: h
Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no   ^5 t* ?3 |7 h. l  Z  ]( Y4 ?: C
Datapath actions: pop_vlan,12,13) C+ v$ _6 R: B/ r- E9 G) S
! w5 R; s0 E$ H- N! K3 ]4 [
由于这两个地址没有出现过,则除了进行学习以外,广播发送给port 3,46 e( d! F+ f7 F5 S& ^

# y: ^3 k% `6 j7 }# I- \# p/ M$ sudo ovs-appctl ofproto/trace helloworld in_port=4,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01 -generate   3 X1 S  H% b- w0 A' A0 q) g
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
' @/ [" F3 o! I# Z7 g+ d; @/ NRule: table=0 cookie=0 priority=0 6 [3 H( D8 s+ o0 e1 z: N" ?) f
OpenFlow actions=resubmit(,1)$ p; p7 t4 s+ i( {4 v3 y

8 a& _3 q/ U7 E6 O' L) o% h2 S        Resubmitted flow: unchanged 1 @3 M/ |0 t7 Q2 d- E# ^
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . _) D& e; z2 z: E" M& ]8 X
        Resubmitted  odp: drop + ~, j+ T8 A# E9 C$ K, B
        Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
* I# N; y1 z0 J  T: f7 W6 v- A8 K% k        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)
# R( d6 J* j: F" z5 [# g" j, K5 i* b/ N* j8 r8 ?8 P" I
                Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 1 [3 C9 w, g' w8 M( j2 C: N5 `  J
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ p0 N* ^; w5 B' ]( H                Resubmitted  odp: drop
9 h3 r. F3 z! _# n                Rule: table=2 cookie=0 7 C. R% b( \% U; g& p
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)! l( O) I$ X" k  U. l; S

4 j) W( }  t& a4 [) t                        Resubmitted flow: unchanged
- f0 V8 `3 ^5 M                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 3 y+ m  p& Z- ]) V6 w
                        Resubmitted  odp: drop % r7 I4 O( ~+ v$ j; u6 }& ]8 t
                        Rule: table=3 cookie=0 priority=50 ! v) f0 v5 o4 a" D
                        OpenFlow actions=resubmit(,10),resubmit(,4)
/ m1 x' `8 O8 i8 p6 P3 R" j0 M& }# @7 I) |8 c" m
                                Resubmitted flow: unchanged
# t) I: K  D0 t1 x7 q                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" r  q% {; M6 h& x5 Q- {5 A                                Resubmitted  odp: drop
5 d$ Z) P0 o! _  x( |                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=10:00:00:00:00:01 7 Q( f& L1 E' e' \* K
                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]1 p& |/ a. w% ^4 Q* g+ ]* a% u- @% s

- k* e( g2 G) s) E                                Resubmitted flow: reg0=0x1,metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 ( ^+ \0 R" [# M1 I
                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
5 Y/ Q. w3 F& H% e                                Resubmitted  odp: drop
. g7 V: i; p0 a" f6 H                                Rule: table=4 cookie=0 reg0=0x1 * e9 P3 _1 s: v5 q1 ]: V
                                OpenFlow actions=output:1
! U1 n. T( T1 b0 ]2 S+ T1 B* \! u: R: e5 {9 ?- k" {
Final flow: unchanged 7 @7 {( G7 M' c+ ]1 J% p
Relevant fields: skb_priority=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000,nw_frag=no
' r+ c. b: `# SDatapath actions: push_vlan(vid=30,pcp=0),107 u3 S; o/ T- }: D0 H1 n1 M" S) K+ }

0 _3 u/ J6 L! r* l回复的时候,由于学习过了,则仅仅从port 1发送出去。: e0 e' p: J& J8 N( z" Q! `. x
  g1 T( H) u+ g8 a, q. j+ s
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate 9 n0 o& m: H3 e) J4 _
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
- a1 b4 N9 X( m, L1 |( @; m  u+ nRule: table=0 cookie=0 priority=0
/ u* F& X: }+ L9 ^& N* hOpenFlow actions=resubmit(,1)
4 x/ f, Q' o- z, v
2 I! m, R/ i: x4 Q        Resubmitted flow: unchanged 7 m+ Y! R$ x9 `
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ O, }+ I& v4 w( E" m) B        Resubmitted  odp: drop & L: l# m" U: c: W
        Rule: table=1 cookie=0 priority=99,in_port=1
3 x* i% G3 D2 J/ o1 s        OpenFlow actions=resubmit(,2)
( g. i+ K" Q. s7 i8 |
" n( u4 l! C$ w4 Q& r2 O                Resubmitted flow: unchanged
' C1 V" A/ R" k# `, }# ^/ `                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
8 V2 Y: b& E, k! h& E& X6 W: g                Resubmitted  odp: drop / l# ?5 W. S/ C: _8 ^- `1 c
                Rule: table=2 cookie=0
3 }6 S  Y- `/ l0 T" }" L3 P3 a                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
) y! {' o6 K. Y: x- j0 S) j& O4 ?+ r! W& ?, L3 d- e
                        Resubmitted flow: unchanged
% C% K' Z; f- q( Y* }  y                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 1 ?) S& I- B; _8 G9 _! b$ U9 P
                        Resubmitted  odp: drop * v/ I1 p. g, t
                        Rule: table=3 cookie=0 priority=50
; ]' n3 e7 t# Y) I* \/ z                        OpenFlow actions=resubmit(,10),resubmit(,4)% F* A: o- {! n5 y* x1 T; m6 m

$ n$ P2 s6 |& M6 n) F6 z: B% ~                                Resubmitted flow: unchanged 8 d% Q: ~, d, R5 z+ A
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ R$ y/ G% T/ v6 K1 D2 H1 ?4 v                                Resubmitted  odp: drop
, H9 f6 K- g2 W  t, w+ F6 D                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=20:00:00:00:00:01 . H% A0 \% s% E' G: Q
                                OpenFlow actions=load:0x4->NXM_NX_REG0[0..15]% `6 `' R0 L3 L  y& H* k+ X1 m
* E/ ~2 h( u; e. C* X+ F/ @
                                Resubmitted flow: reg0=0x4,metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
" Z! e- \* e+ T                                Resubmitted regs: reg0=0x4 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
4 [( \9 s& M  ^                                Resubmitted  odp: drop & p8 z# L, {& Z/ N$ _5 T
                                Rule: table=4 cookie=0 reg0=0x4 * W' K7 q- E7 z$ m* K
                                OpenFlow actions=strip_vlan,output:4. k5 [5 N. R2 Z0 J, [8 u2 ]* ^

2 j0 K; C) h/ O& l6 M" j3 S$ m0 @Final flow: reg0=0x4,metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
1 Y2 l; E- |; ^$ M6 }9 `" X# {Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no
' _3 r, A8 ?# S% ~' M+ P- [, F" LDatapath actions: pop_vlan,13
) x% T4 {. z. M0 v
4 x, T& w3 A' h/ w$ _由于在回复中进行了学习,因而发送的时候,仅仅发送port 4
回复 支持 反对

使用道具 举报

admin
 楼主| 发表于 2019-10-25 10:00:36 | 显示全部楼层
实现第一个Table 0,Admission control
# U+ t, P% t+ H
3 d& }2 {% P; M/ P: _0 n包进入vswitch的时候首先进入Table 0,我们在这里可以设定规则,控制那些包可以进入,那些包不可以进入。
; G( V, H3 H6 M' I/ H! Q' o6 ^' l
比如,如果source address是multicast的就不允许进入。
* X/ t0 y0 J) z& E' O) B+ f
/ n0 h4 D2 T8 e! E2 i  D# }; w01:00:00:00:00:00/01:00:00:00:00:00是广播地址
6 Z- ]' J: W: [; @7 ^! u" m00:00:00:00:00:00/01:00:00:00:00:00是单播地址
  ?, q" x" F. g+ H* T这种表示形式类似CIDR
( X: q' t% a* Z, z0 U于是我们添加下面的规则:' m( r1 n. Y4 M' t2 r2 ^5 s
sudo ovs-ofctl add-flow helloworld "table=0, dl_src=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"
4 k& l# J) X: a9 l6 C2 x3 USTP的也不接受
9 T/ _0 s( u( q* Y# J1 Ssudo ovs-ofctl add-flow helloworld "table=0, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"; r9 h) D/ P2 l2 X9 W
我们在添加最后一个flow,这个flow的priority低于default,如果上面两个不匹配,则我们进入table 1
8 F! X1 |) T! B. v  L3 a  zsudo ovs-ofctl add-flow helloworld "table=0, priority=0, actions=resubmit(,1)"1 {6 I. y, @4 g# H. L
我们查看一下所有的flow4 T/ P: H/ H0 E3 g2 c. K
$ sudo ovs-ofctl dump-flows helloworld        
6 T7 j. V( D! H2 NNXST_FLOW reply (xid=0x4):
) |% J3 S0 n- W7 s8 K* b5 o, ?0 scookie=0x0, duration=42.162s, table=0, n_packets=0, n_bytes=0, idle_age=42, priority=0 actions=resubmit(,1) . A+ V# Q7 A. ?5 C
cookie=0x0, duration=232.121s, table=0, n_packets=0, n_bytes=0, idle_age=232, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop 6 ]; |* H: Q3 @- {/ u0 P
cookie=0x0, duration=167.636s, table=0, n_packets=0, n_bytes=0, idle_age=167, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop3 b0 k0 d$ _+ Y. L: X) q

+ _0 g3 H, p( ]; [. u4 M测试Table 0; u; @& p1 T# ]
. N/ b4 y3 c$ P
有个很好的工具ovs-appctl ofproto/trace* B2 o1 o+ c$ ]4 q9 T# M5 T
) n  G# g# t8 K
不满足条件DROP
6 O8 }+ O) ], g' ^1 c! x: S& `" a0 h8 o+ n' @: I4 T
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:05
4 p+ L0 j: y/ R# }, i2 V5 eFlow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:05,dl_type=0x0000 9 U1 I5 ?3 L! e' F; V. G
Rule: table=0 cookie=0 dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 ! j  k% ]  d# ~
OpenFlow actions=drop
- {6 E7 Y7 B0 g% w2 H
; f+ a, p, s+ \& y, b5 F" N8 [Final flow: unchanged - M6 C+ \( U5 F- O
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 5 F/ ~  U  |! N( `' H; h$ w1 d
Datapath actions: drop4 C* L* ~" V& X
6 E( ]) y/ y) o  ]
满足条件RESUBMIT/ N8 k; v/ _9 y7 C0 `% S3 r

) H; E& s8 o3 j. ^$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=01:80:c2:00:00:10 3 i; _) s6 P- P/ @$ u* N
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:10,dl_type=0x0000
: F) @0 C% @4 d$ n& e) x- G' ^Rule: table=0 cookie=0 priority=0 6 p- _4 G! j* k( t: J* i5 N
OpenFlow actions=resubmit(,1)  D& b. C! z# h
/ ?' {9 o- G, a* A& u& e
        Resubmitted flow: unchanged
5 x2 w& [$ O: g: b9 f* D( U$ H        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 / a* J" M2 D  n; F+ ?+ a
        Resubmitted  odp: drop ; }8 |1 {, k4 J
        No match* b7 L5 G5 z  G# j& J* C* P

5 u2 }1 _! e$ M' d% TFinal flow: unchanged 5 t8 s! A1 [% v5 J! c9 Q
Relevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=01:80:c2:00:00:10/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
+ ?" l9 o( D# q2 N: f1 NDatapath actions: drop
$ i, x1 H0 v+ d8 x% \2 \
3 T7 ]# \2 }7 W1 t5 C实现第二个Table 1:VLAN Input Processing8 e# P8 A+ Q- f% u" Q& V: O

. N- [0 p0 G! T7 }" ]- i, c1 v- D首先添加一个最低优先级的DROP的规则
  C; W& D4 D# \4 ]( }: @$ \
( _6 o/ `+ q: R$ m: U1 }0 [sudo ovs-ofctl add-flow helloworld "table=1, priority=0, actions=drop"
2 {' Q; u, f) n+ w8 |1 ]8 i; y7 v& C' m
对于port 1,是trunk口,无论有没有VLAN Header都接受。
; U, X! b& Q, q* S2 C& R1 Q; O. G; v# @2 B  b. h$ r4 {2 N/ |
sudo ovs-ofctl add-flow helloworld "table=1, priority=99, in_port=1, actions=resubmit(,2)"2 T1 O( |1 k6 H* O0 r8 C
$ g: ^0 f$ ]& f- g$ i5 d7 x
对于port 2, 3, 4, 我们希望没有VLAN Tag,然后我们给打上VLAN Tag, w/ w  `. X  |& J; d
1 b& \  _+ ?2 y
$ sudo ovs-ofctl add-flows helloworld - <<'EOF' / j+ N! Z4 N, v1 q) u
table=1, priority=99, in_port=2, vlan_tci=0, actions=mod_vlan_vid:20, resubmit(,2) . y% V5 \- Z  N7 \0 g8 j$ n
table=1, priority=99, in_port=3, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) , D' J# `8 i" u3 {% y3 c
table=1, priority=99, in_port=4, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2) ' ^/ Z+ p0 K2 ]$ M; M8 e
EOF
2 r0 H, k4 A/ [# K& r0 n/ q- W2 Z! u( V6 e* N
$ sudo ovs-ofctl dump-flows helloworld $ [  w! O* l$ s; Y/ [
NXST_FLOW reply (xid=0x4):
5 S& p* y+ l1 e# ^0 V: N2 D! scookie=0x0, duration=4478.582s, table=0, n_packets=0, n_bytes=0, idle_age=4478, priority=0 actions=resubmit(,1)
5 B& O8 O0 W, O, T7 fcookie=0x0, duration=4668.541s, table=0, n_packets=0, n_bytes=0, idle_age=4668, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
/ b* _, z/ @+ |3 R0 gcookie=0x0, duration=4604.056s, table=0, n_packets=0, n_bytes=0, idle_age=4604, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop
% M6 Z( y3 v" ?0 P4 qcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
$ Q: g5 E6 [" {) v* R+ xcookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)   G& x, ?( E# d
cookie=0x0, duration=89.273s, table=1, n_packets=0, n_bytes=0, idle_age=89, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
* j. N# Y8 d0 O2 G$ scookie=0x0, duration=220.318s, table=1, n_packets=0, n_bytes=0, idle_age=220, priority=99,in_port=1 actions=resubmit(,2) 5 S5 @8 J/ z: `) F* A! z% V
cookie=0x0, duration=298.739s, table=1, n_packets=0, n_bytes=0, idle_age=298, priority=0 actions=drop1 Z0 }" f1 M. y7 |+ H

4 A, z: }3 C! i$ t1 \% ]  a测试一个从port 1进入,tag为5的( `3 C2 Q# Z5 ]* ]0 v& b  \. G
& R2 Y  N, I8 R3 D, |
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=5
" u* m$ B9 `, `: x0 {7 ], i9 o) GFlow: metadata=0,in_port=1,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
" k9 Q' X, A0 b' Y8 rRule: table=0 cookie=0 priority=0 3 X# f# g/ y  G1 I
OpenFlow actions=resubmit(,1)
9 `9 H% w  |- F; L7 B, `% f! ~
* d4 T+ z8 s/ s        Resubmitted flow: unchanged 2 Y4 A% h; y% N% r: d9 O
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
# W+ m1 p! `3 B, `- I        Resubmitted  odp: drop
+ J( P* u* c4 \9 k& q        Rule: table=1 cookie=0 priority=99,in_port=1 7 z6 o3 w9 ^- w# C8 \7 F
        OpenFlow actions=resubmit(,2)2 n- @: T/ t9 U* Y9 I( B
" Z* b8 x& ~+ o. ]3 I7 a
                Resubmitted flow: unchanged . ?! _$ P+ H* Z
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 3 @4 f5 u  N3 U5 }8 Y+ y
                Resubmitted  odp: drop & ?, Q) I% e6 }& k' [6 {! B
                No match9 x1 c' h, P0 E! Q' R9 b( K

- t# e9 p3 d' k2 [3 [7 L2 @Final flow: unchanged
+ r, c3 L. X* s  WRelevant fields: skb_priority=0,in_port=1,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no ' n* S  F. ?5 E% Y" S
Datapath actions: drop* c; T( U' b9 a% S8 J4 T

8 T/ C1 k1 r, w测试二,从port 2进入,没有打Tag的% O$ |+ h2 ?7 L# Y3 ^7 I7 I" m  @
: ^# {+ _* A. k2 v% \0 h
$ sudo ovs-appctl ofproto/trace helloworld in_port=2 6 d$ L& h* m' a6 w
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
- P( H  @9 i0 v3 ~' e" U  wRule: table=0 cookie=0 priority=0 2 P' |/ U, j8 r/ {
OpenFlow actions=resubmit(,1)
# `! @; K$ W3 z! d' e% i9 t! E
1 A' C0 ^) |/ G5 t9 M: t        Resubmitted flow: unchanged
, T1 r- J# s& o9 J  j: O: Y        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 % l  U1 w& S  `$ y' j
        Resubmitted  odp: drop 3 j* N5 j! B2 F: t% [% L4 q8 o5 ]
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000
( o. V6 \+ ~. P, u8 X6 Z$ @        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)0 }7 p$ S1 e) ?; f& b/ E
; T8 o. l3 q3 s0 u  f% A; r* ^  o
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20这里被打上了Tag,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 7 ~3 ]6 ?' |; I2 ^
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 3 c/ O( |8 v/ b  a/ _* T( a8 k3 ?
                Resubmitted  odp: drop 0 h# S5 u, E* f3 f, T" \: R
                No match
, ^* S8 \6 j& a" J& e! b# X% [' C. A5 `9 {* [9 s
Final flow: unchanged
% w9 P/ Y: ~9 Z8 e6 e+ A/ j, FRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
/ F2 y" |6 A  e* v3 W/ O# ~Datapath actions: drop
2 E. T) y' t0 Y0 i
: a2 p, d1 I4 m3 u测试三:从port进入,带Tag 5的
8 ^' e" z+ d: o8 j2 a" |# S. k5 T- `& B( C$ P/ R
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,vlan_tci=5
4 E7 \  B& }' O2 x. ]+ d5 sFlow: metadata=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000 1 v. i2 Q7 K7 N" O
Rule: table=0 cookie=0 priority=0
6 t; z1 S( N$ \' d* LOpenFlow actions=resubmit(,1)0 d" P- a  j/ T& F0 c
  T: m% q( D+ d" A
        Resubmitted flow: unchanged
/ N3 g  y7 r* x5 f        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
6 Q! |5 X! y# }, l  |& ?& s8 {0 X        Resubmitted  odp: drop
3 A; E& X; ~. M, d" I2 D1 [        Rule: table=1 cookie=0 priority=0
  ^% A2 K7 O* F. w        OpenFlow actions=drop$ Y5 d# ^4 ]: u4 x1 X

( }/ Y6 e+ S1 @' T4 sFinal flow: unchanged 5 d# `/ c' l5 p8 {9 N5 C
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00/01:00:00:00:00:00,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no . Y4 D9 e5 l% t/ q# d6 J/ Z: }
Datapath actions: drop) k2 `% z/ U. W' a3 N4 Z1 b6 }0 D. [5 N

; i4 S! j# K  W; O0 B- q实现第三个Table 2: MAC, VLAN learning for ingress port
" O2 L- `+ u9 P
1 A9 r; y; [7 z7 x对于普通的switch,都会有这个学习的过程,当一个包到来的时候,由于包里面有MAC,VLAN Tag,以及从哪个口进来的这个信息。于是switch学习后,维护了一个表格port –> MAC –> VLAN Tag。# ?, J& \; k2 s! |- t4 V
* T0 Z7 t! M0 E) j+ f
这样以后如果有需要发给这个MAC的包,不用ARP,switch自然之道应该发给哪个port,应该打什么VLAN Tag。6 i. H7 g; w6 Y, G. N; p' R/ `, Z

& k2 @  O- T+ C( @8 N* N: @3 i5 f! e* LOVS也要学习这个,并维护三个之间的mapping关系。5 c9 L; S& @1 W& F8 I% S1 j2 n
: w. z4 e: A6 b  `& S3 l
在我们的例子中,无论是从port进来的本身就带Tag的,还是从port 2, 3, 4进来的后来被打上Tag的,都需要学习。
0 E6 b" c5 g. j& S
' T4 [. O& V& [% ksudo ovs-ofctl add-flow helloworld "table=2 actions=learn(table=10, NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]), resubmit(,3)"6 V9 w6 B& ]6 L9 c+ E7 s

" {% k, H* J. I4 H1 ?0 o8 A这一句比较难理解。
1 w: p/ n! C" N+ a- ^
8 _9 ?; p7 k+ C0 Z4 c! d, D  olearn表示这是一个学习的action
2 ~- M  k5 Q& ~! D1 P2 y- q
* \7 V& T- [& q# e2 itable 10,这是一个MAC learning table,学习的结果会放在这个table中。# p8 g( c0 C) d/ ], r
  F: H. d- @  K6 A
NXM_OF_VLAN_TCI这个是VLAN Tag,在MAC Learning table中,每一个entry都是仅仅对某一个VLAN来说的,不同VLAN的learning table是分开的。在学习的结果的entry中,会标出这个entry是对于哪个VLAN的。
8 n2 j: m) n$ G
( e9 m9 v/ }  |* m6 q) A/ A% ONXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]这个的意思是当前包里面的MAC Source Address会被放在学习结果的entry里面的dl_dst里面。这是因为每个switch都是通过Ingress包来学习,某个MAC从某个port进来,switch就应该记住以后发往这个MAC的包要从这个port出去,因而MAC source address就被放在了Mac destination address里面,因为这是为发送用的。
! \' {7 E4 R- x: _
6 {+ ~  q! q* g, D# C* R. MNXM_OF_IN_PORT[]->NXM_NX_REG0将portf放入register.$ T1 y- [1 l7 ^; o7 `

4 G' j) X- E! K6 {; s# K' W' q一般对于学习的entry还需要有hard_timeout,这是的每个学习结果都会expire,需要重新学习。
% c6 r$ B# d0 O/ e& ^! f- i
9 D4 z( B6 B, e' P: Y& I8 d! O我们再来分析一个实践中,openstack中使用openvswitch的情况,这是br-tun上的规则。( `# M; |. t0 r& t/ q

4 N) A8 ?0 ~0 t. acookie=0x0, duration=802188.071s, table=10, n_packets=4885, n_bytes=347789, idle_age=730, hard_age=65534, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
5 }7 K. u/ S  x% icookie=0x0, duration=802187.786s, table=20, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,21)
9 f2 G* \) `2 Z8 W' k' d cookie=0x0, duration=802038.514s, table=20, n_packets=1239, n_bytes=83620, idle_age=735, hard_age=65534, priority=2,dl_vlan=1,dl_dst=fa:16:3e:7e:ab:cc actions=strip_vlan,set_tunnel:0x3e9,output:2 5 k/ |  Q/ d0 h
cookie=0x0, duration=802187.653s, table=21, n_packets=17, n_bytes=1426, idle_age=65534, hard_age=65534, priority=0 actions=drop 8 C6 M9 {& P8 E( o( T# P. O4 e1 b
cookie=0x0, duration=802055.878s, table=21, n_packets=40, n_bytes=1736, idle_age=65534, hard_age=65534, dl_vlan=1 actions=strip_vlan,set_tunnel:0x3e9,output:2
9 l7 i. d( l9 q7 i3 F* j' G# Q" P1 u8 K7 _# f
这里table 10是用来学习的。table 20是learning table。如果table 20是空的,也即还没有学到什么,则会通过priority=0的规则resubmit到table 21.
6 ~' K! p$ m% f9 m5 N3 u& S+ k% F; @" ^7 y
table 21是发送规则,将br-int上的vlan tag消除,然后打上gre tunnel的id。
  |& l2 z0 P& Q- b: b+ q
/ Z& C! [* ]2 x! H8 |) H: P上面的情况中,table 20不是空的,也即发送给dl_dst=fa:16:3e:7e:ab:cc的包不用走默认规则,直接通过table 20就发送出去了。* u4 n4 [2 v! U5 [
7 p9 @' C% {2 W/ F) Y! ]/ T
table 20的规则是通过table 10学习得到的,table 10是一个接受规则。最终output 1,发送给了br-int$ _4 ~+ P6 t" [* ]" ^3 `" r1 d6 Q

- _7 `6 c8 c. I; ~& A; JNXM_OF_VLAN_TCI[0..11]是记录vlan tag,所以学习结果中有dl_vlan=19 b4 ~' x7 {7 ]/ T/ O: O2 u, ~

3 n7 i5 _" P1 y' H8 }. H5 ]7 MNXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]是将mac source address记录,所以结果中有dl_dst=fa:16:3e:7e:ab:cc0 P) f- ^( j7 }8 }: P6 f
- I7 }# T# A" r0 j6 X! ?% c' q) B- _
load:0->NXM_OF_VLAN_TCI[]意思是发送出去的时候,vlan tag设为0,所以结果中有actions=strip_vlan
. R3 C& ]. F# d4 t# i9 c! P' I8 Y4 }8 N6 W# [. G' W( I) `+ M! Y& I
load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[]意思是发出去的时候,设置tunnul id,所以结果中有set_tunnel:0x3e9
2 K) Q1 O- R7 J( y) s# `1 b
# d! ]- n0 x: B6 f* d5 noutput:NXM_OF_IN_PORT[]意思是发送给哪个port,由于是从port2进来的,因而结果中有output:2# H! l0 C4 R2 U3 w2 C) f

7 J: O9 m2 o& h测试一:从port 1来一个vlan为20的mac为50:00:00:00:00:01的包5 M' W) U: b7 U# C
: }7 {. o# d1 _$ V" H
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,vlan_tci=20,dl_src=50:00:00:00:00:01 -generate   
2 K6 e& v( s8 d/ _$ P# c* ?Flow: metadata=0,in_port=1,vlan_tci=0x0014,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
2 W, d8 l: i4 j2 B! c$ D+ d- WRule: table=0 cookie=0 priority=0
* ^/ g# o5 w9 }. i; I9 Q: WOpenFlow actions=resubmit(,1). I: O8 Y4 D" Q9 X( i8 C6 L
- Z, A! J+ y, i) Q, l
        Resubmitted flow: unchanged * D- _+ U& l) z5 \- F2 V
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ A0 b' R2 A7 O  D6 b        Resubmitted  odp: drop
# y" \0 \$ ]4 g8 S& V2 [, p        Rule: table=1 cookie=0 priority=99,in_port=1 ) U% B8 N* s- b3 G  p
        OpenFlow actions=resubmit(,2)
& r1 s) {! K6 }) a% P, |* Y3 A1 k) e. T( C
                Resubmitted flow: unchanged 6 O4 R0 s& b! T6 j
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 , u8 E, L; i# s  ^' U" j% Q
                Resubmitted  odp: drop * N& t! r2 i- R- e+ |4 U8 H
                Rule: table=2 cookie=0
% M6 E+ r; c" U# n) K                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
5 o  _0 U2 P6 S& J/ T- R9 N% B% I$ i
) n; e5 x0 d( M8 Z; f5 W) Y1 v                        Resubmitted flow: unchanged % w1 i  x. d, m: }# [
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
6 f, b, P+ L9 d1 \- T) {                        Resubmitted  odp: drop
; m  g& X, {- A) W                        No match6 `9 N! S* w& `7 G! Y4 N6 p& G

' G% h' s* z1 y6 |6 u. cFinal flow: unchanged 7 J9 f2 {3 E( {: g
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
( I# e+ _( e) a. gDatapath actions: drop
7 n  t. S( I) `( b8 R+ f% R
% K' J- _, K3 ^, F( g( |; W" ?3 T$ sudo ovs-ofctl dump-flows helloworld : v9 f' R- B& x; _) s$ a
NXST_FLOW reply (xid=0x4): ) k! {& e* F4 c2 U
cookie=0x0, duration=90537.25s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) 6 f. @+ }  a- W; d- U
cookie=0x0, duration=90727.209s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
& S6 U9 A( J! c. n- O) Vcookie=0x0, duration=90662.724s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop 6 T" c5 o; Q/ A. m/ ~( A% t8 |( S
cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)   u! _0 y# e  }4 T7 r
cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
  L7 O4 o) `! Z4 H+ o& ]( v9 }cookie=0x0, duration=86147.941s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) 7 R# `" A9 |, o
cookie=0x0, duration=86278.986s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
& n) l+ i) X; ^' e! ^cookie=0x0, duration=86357.407s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop * g6 p% y, z! |- A6 p
cookie=0x0, duration=83587.281s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
) Z( d8 B& ~8 ^" q cookie=0x0, duration=31.258s, table=10, n_packets=0, n_bytes=0, idle_age=31, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]2 x; a' `8 `( }9 J# ?5 k& x6 I) e

5 l3 n% i) o; R4 [table 10多了一条,vlan为20,dl_dst为50:00:00:00:00:01,发送的时候从port 1出去。
* X% b1 I" F* w1 O$ S8 \+ q0 l3 Q
# C& m7 Q4 k5 u- R- O测试二:从port 2进来,被打上了vlan 20,mac为50:00:00:00:00:02
( w6 w/ o6 z( K+ I4 M) |/ _5 U7 d2 J9 A
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=50:00:00:00:00:02 -generate   ' S1 G  d' e8 g' x. X  f
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000 0 P3 P0 q) z( Y9 u
Rule: table=0 cookie=0 priority=0 ; S4 y( I/ F! O
OpenFlow actions=resubmit(,1)
8 B; B' R5 A! \; k, \
% u+ a" T2 M+ x5 [$ J/ E& H        Resubmitted flow: unchanged + y# A. t8 D3 h. ?3 C
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ; k, ]$ @4 x$ l
        Resubmitted  odp: drop 7 ^2 d+ h' Z+ M. L( t
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 ) `3 C* P# v" {
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)
8 c, a5 ]( X/ u7 k9 I2 C( c' F" s* R; e
                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00,dl_type=0x0000
0 r: o) }) [: G7 Z" _% i                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 $ {& B2 g' y5 L- Z  O8 W, J
                Resubmitted  odp: drop
+ ?; y4 h1 `( e6 D1 m3 c                Rule: table=2 cookie=0 % P8 O' {" m) u( H4 I; Z+ U4 j
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)8 _" [, t8 h) ~  a. C
* t: f7 r* s7 t# {/ h5 x
                        Resubmitted flow: unchanged
5 |: L- j' W0 V9 d! h3 x! m: C                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 " h& g* O+ [1 o3 R) p+ L
                        Resubmitted  odp: drop - R: P& L: S3 F' G6 p" T$ X
                        No match+ v' i2 q; A: D3 ]+ A! P" |
7 K  V+ k1 W( g4 Q# g
Final flow: unchanged $ i$ Y' `2 _$ g
Relevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:02,dl_dst=00:00:00:00:00:00/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no 2 f6 m# u+ P1 z- b9 S
Datapath actions: drop3 {: l1 l8 H# K% w

4 V3 p( ]. v: ]& s  d$ sudo ovs-ofctl dump-flows helloworld                                                
" f9 O$ H/ q: T' }) M9 u' a; `0 R8 \NXST_FLOW reply (xid=0x4): ( q3 O3 e" ]5 h, Z4 Y" A3 z& J
cookie=0x0, duration=90823.14s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
& C, F0 g; B- Y9 bcookie=0x0, duration=91013.099s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
0 C( i7 [# ?: j3 ?2 zcookie=0x0, duration=90948.614s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop . _( y$ S( j; c' m$ T9 t# w! _8 F8 r
cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2)
. _, v7 `$ u4 Q' Z+ d+ fcookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
! R  F3 l/ [( K! @cookie=0x0, duration=86433.831s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) : }; e- S: `3 {9 O2 t7 Y
cookie=0x0, duration=86564.876s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) 1 h9 g' x6 |- Z8 ^
cookie=0x0, duration=86643.297s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
7 ]+ L7 p. r3 K) Scookie=0x0, duration=83873.171s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
1 h2 d% B7 f$ N cookie=0x0, duration=4.472s, table=10, n_packets=0, n_bytes=0, idle_age=4, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] 0 o! \2 ]3 g2 z* d+ B3 p$ M
cookie=0x0, duration=317.148s, table=10, n_packets=0, n_bytes=0, idle_age=317, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
$ C; L5 |  ?$ J- E4 K: R6 I) S7 b8 n; M+ S+ l/ r( k, o. J3 |
实现第四个table 3: Look Up Destination Port
+ C" O5 x( k* i% @+ Y0 Z7 I3 w5 G7 n9 a) d7 {& _9 {
在table 2中,vswtich通过进入的包,学习了vlanid –> mac –> port的映射后,对于要发送的包,可以根据学习到的table 10里面的内容,根据destination mac和vlan,来找到相应的port发送出去,而不用每次都flood
0 ?: P9 o4 X! J: b
9 U% K2 a% K! A, Zsudo ovs-ofctl add-flow helloworld "table=3 priority=50 actions=resubmit(,10), resubmit(,4)"
! j& X" [* |3 ?8 L3 N) f
* Y% Q: n+ b$ h0 p1 T. E$ h添加这条规则,首先到table 10中查找learn table entry,如果找不到则到table 4/ o- W& D* `) }3 R: L) t2 ?3 {! c

, L/ @$ ?4 _6 h8 W/ x如果包本身就是multicast的或者broadcast的,则不用去table 10里面取查找。
! j* _/ s) ]' B5 S4 Z$ s5 g
  q- D" l  W% }; l  H1 Z) }6 f# r- Zsudo ovs-ofctl add-flow helloworld "table=3 priority=99 dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4)"& b) W- r- K7 U( N2 e

2 M+ J9 c& \3 `我们进行一项测试
0 ~& o; a1 k6 x- X+ H* L, x# H9 K9 G% ?* z& z- p0 j
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate   
/ U+ T0 \# v2 J3 i& ~% l' HFlow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 : Z) ?' }0 M* W; W8 O  Q5 O' \
Rule: table=0 cookie=0 priority=0
+ x8 |* P8 O; l! v8 hOpenFlow actions=resubmit(,1)
$ H" q& H! h2 `$ K$ S) [; V
) v7 ]& k/ n4 @2 X8 [( Y0 {        Resubmitted flow: unchanged 6 j" N% z( E  U, C
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & M( h, C" b: }( H4 d
        Resubmitted  odp: drop 4 W" [0 l, A# n" h# j
        Rule: table=1 cookie=0 priority=99,in_port=1
' w4 `& d. B3 m2 k" n# n1 Y        OpenFlow actions=resubmit(,2)
" g$ E: |3 h# a% f, C; `( C/ u) b! W; `" o! B4 f  T0 R
                Resubmitted flow: unchanged
* r: y0 G( [) h9 G2 t                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ' [( m/ N/ j, e) ^8 j+ S, {
                Resubmitted  odp: drop
, w4 E: E* w& g& i) l2 O) S. W                Rule: table=2 cookie=0
9 e& X6 j: Q6 h5 r3 j* g0 e, ?- B                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)  B+ ^3 V; ~1 @

/ c3 {, z( O  G4 u$ u% m' B                        Resubmitted flow: unchanged
8 i# a0 c) O# |( T+ V5 c                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
8 @2 [. e. l- ?9 C' f" _4 Q                        Resubmitted  odp: drop
" ~# |. V  }9 }% j                        Rule: table=3 cookie=0 priority=50
+ E, q8 z: F2 \$ O* n# ~4 T                        OpenFlow actions=resubmit(,10),resubmit(,4)8 t" Q8 \+ Q# i+ Y3 X
" e7 i- b. i, F/ z4 h, a1 v, P
                                Resubmitted flow: unchanged : g. v  U% k) o  G, |! _+ E
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ L4 ^0 ^: W; R8 {! F7 K                                Resubmitted  odp: drop
0 V% }7 R3 Y: S: j8 x# `                                No match
6 o5 W) i) }$ V' W% d- H4 V! O. P  v$ S/ T1 y( y
                                Resubmitted flow: unchanged
/ c' N) k) ?: t0 ~! ^5 X3 d1 K                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ) N+ f' x& Y/ Q. A3 C( O" O6 r
                                Resubmitted  odp: drop # @2 K$ n' r" v
                                No match! i. X0 ?8 Y$ S" u

) f7 g* b3 ?, v! ]% @! e1 LFinal flow: unchanged 2 G! B8 E9 B1 A
Relevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no
! z( m& [$ \0 FDatapath actions: drop7 f! u  L6 ?" b+ U
, P4 }8 H' t* k( m* d
由于目标地址f0:00:00:00:00:01没有在table 10中找到,因而到达table 4.8 O. O. Z8 \- S9 Q3 Z# i
  w) T! a2 i5 ^& K" {
但是这次测试使得table 10中学习到了mac地址90:00:00:00:00:01
+ p9 A$ t" q% m/ Y( L8 o: ~+ t/ p( C- A, u
$ sudo ovs-ofctl dump-flows helloworld
) ?. E$ }* F( T, E5 }NXST_FLOW reply (xid=0x4): ! S6 H/ k$ _4 }, {% L. J$ i6 ^
cookie=0x0, duration=91588.452s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1)
" m, f& c0 G. ~cookie=0x0, duration=91778.411s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
8 E3 H0 E8 {/ B4 h: k+ icookie=0x0, duration=91713.926s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop ) ]* q6 B! \4 [5 {$ q. @
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) 3 i' }; S; T4 y1 A0 f. ~
cookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
9 z6 v9 L5 D2 [+ }/ `$ V9 rcookie=0x0, duration=87199.143s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
; m& w. u' e7 W) o. Z# E3 Bcookie=0x0, duration=87330.188s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2)
# J( E0 Z( a/ B# J) Q: @1 b8 G6 bcookie=0x0, duration=87408.609s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
, U# X; l* p! F' c$ A; ^cookie=0x0, duration=84638.483s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3) ( V2 N6 D* X: [
cookie=0x0, duration=352.841s, table=3, n_packets=0, n_bytes=0, idle_age=352, priority=50 actions=resubmit(,10),resubmit(,4)
- i$ h4 r1 ?4 y( G$ Q+ U. gcookie=0x0, duration=212.704s, table=3, n_packets=0, n_bytes=0, idle_age=212, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) ' C8 [3 j+ ?4 J- g
cookie=0x0, duration=117.364s, table=10, n_packets=0, n_bytes=0, idle_age=117, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15] 9 s1 {. F( `6 Q0 u3 Y, n6 H. U! ^9 b
cookie=0x0, duration=769.784s, table=10, n_packets=0, n_bytes=0, idle_age=769, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15] 8 v/ c# C" g) {8 l
cookie=0x0, duration=1082.46s, table=10, n_packets=0, n_bytes=0, idle_age=1082, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]! Y; H3 ^* X/ f7 D% k

9 M9 q* `6 U* }! r, A下面我们进行另一个测试& @- B9 d$ X* A
$ R4 V, t+ Y, M/ g- |2 g
$ sudo ovs-appctl ofproto/trace helloworld in_port=2,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01 -generate   
+ g4 }+ M/ j$ I+ cFlow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
( x. g! q3 `% j$ o" [9 xRule: table=0 cookie=0 priority=0 / B8 S# V( [# F& G( O. i% M
OpenFlow actions=resubmit(,1), f" O& `4 [8 T+ b0 e: x
  f0 ], R' _# s4 I% y) `* O
        Resubmitted flow: unchanged
% V9 i- K2 P: S6 s        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 . O3 V1 u! O$ k) I) c6 R; C
        Resubmitted  odp: drop 7 x* A; o; ^) B' m- j/ a& u, g
        Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000 " d# O* V* M' }6 i! [; t+ ?
        OpenFlow actions=mod_vlan_vid:20,resubmit(,2)+ O5 j1 r0 |: ]6 n. O

# q3 b" L+ K. i6 h0 ?$ O  s( F                Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000 : C* ~. O7 I" y0 t# E8 K
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ' V. [1 Z) j* `( g
                Resubmitted  odp: drop
! A8 ]! B6 e) Z5 \! t                Rule: table=2 cookie=0
- h2 Q3 [; n) U6 j                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)" y" ~. s( h9 G- Q
+ p, N( {% z( {& v
                        Resubmitted flow: unchanged 2 Q- `6 ^) x$ l! v9 h
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 / D, K" O* H2 ?2 s2 R
                        Resubmitted  odp: drop $ K8 p* R; c/ _0 T7 e# Q, q+ r
                        Rule: table=3 cookie=0 priority=50 1 k7 i  z6 J) t  F
                        OpenFlow actions=resubmit(,10),resubmit(,4)* d: k& ~$ d* b
8 _6 ]% ?9 z# Z# d  m
                                Resubmitted flow: unchanged
( Z; m( v. I% r% B; i. r                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 % M, F5 W0 q7 J
                                Resubmitted  odp: drop
- F, d. O0 @: b2 Y4 L* ?                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01
* S- a& s- v& x3 _                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]/ [' d8 h4 x6 I' b
2 ~+ ^, {2 B* O' t/ E
                                Resubmitted flow: reg0=0x1,metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000
3 b/ _5 m2 ^! z* e: j. O                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 8 H( R. t. \# |- K4 n, K! O$ v
                                Resubmitted  odp: drop
8 c& {+ R& g' z$ P& y                                No match4 `- J; _. z4 \" k% s8 C
, u, b* o( X4 {: R2 i% h
Final flow: unchanged
1 v4 P: M- }5 V% A$ L& LRelevant fields: skb_priority=0,in_port=2,vlan_tci=0x0000,dl_src=90:00:00:00:00:01,dl_dst=f0:00:00:00:00:01,dl_type=0x0000,nw_frag=no 7 `  o; s& ^1 N$ p% y4 R9 m
Datapath actions: drop
9 Y9 j  |& a2 Y: `
& t8 b4 b! p1 I2 s因为刚才学习到了mac地址f0:00:00:00:00:01,所以这次在table 10中找到了这条记录,这次同时也学习到了mac地址90:00:00:00:00:01. K; ]% x! a1 `$ t" w" W
4 Z, V/ X# ?  W% J/ l! Z
下面我们再发送第一次的包
2 ]" i1 w& i9 V' A
! n% a9 o4 N6 H1 G, `/ k- q+ i$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate
( o0 V) r3 K; `9 w& Y% w  aFlow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000 ; E  b+ W  i) R! r2 W4 \: _/ |# I
Rule: table=0 cookie=0 priority=0
" e2 ]+ n/ W, iOpenFlow actions=resubmit(,1)( I* A* {. h" ]$ e: J! w, H
: t2 K: V+ g9 R2 D7 [
        Resubmitted flow: unchanged
* P9 H! [  C, Q# V& Z        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' z# R' b% Q7 g2 l$ x2 [        Resubmitted  odp: drop 8 B7 U% g# @7 c9 n
        Rule: table=1 cookie=0 priority=99,in_port=1 5 I; L1 ]! P+ j) K$ H: O: N% z4 w
        OpenFlow actions=resubmit(,2)
) v( d1 Y( |" z" I! @7 L3 V  G  w. P, [
                Resubmitted flow: unchanged
- ]' l# H1 r/ Z+ @4 U                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
) j* _0 m2 o7 r9 k                Resubmitted  odp: drop 4 ^! g3 ^, D" ^7 g
                Rule: table=2 cookie=0 / _+ z; X2 K: I7 Y# E# Y/ s/ [
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
% {9 [+ W6 U1 E  [3 I, M
' z: i& t1 I* t# _6 {0 O3 C                        Resubmitted flow: unchanged & Z5 S* P  b  A+ z9 h
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0   G+ q" R) {0 h0 r. x3 t
                        Resubmitted  odp: drop : J  B8 K# @4 w/ u
                        Rule: table=3 cookie=0 priority=50
* i, I7 Y: I  L) l2 N                        OpenFlow actions=resubmit(,10),resubmit(,4)
# `7 P9 u( U: p2 ~! S+ R- p7 o% a, n1 _' V5 L% C
                                Resubmitted flow: unchanged
6 K) \, J& L4 l* [4 f                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
: |* @% b4 r3 A$ a                                Resubmitted  odp: drop
- t! p2 v! V; \: `/ A8 p: l" m& I                                Rule: table=10 cookie=0 vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01 ) u! x# M2 U* x, ^
                                OpenFlow actions=load:0x2->NXM_NX_REG0[0..15]: F5 \. y* U& c6 w; S
- X" @3 z/ |! S
                                Resubmitted flow: reg0=0x2,metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
0 y( V& H' D6 `" p# l                                Resubmitted regs: reg0=0x2 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
7 E6 t7 Q. T) @1 W" s( |3 m0 o                                Resubmitted  odp: drop
) d1 b# S8 Z+ K. A& b7 ^3 l                                No match
# F0 @2 }6 s* F1 R. t8 R; f$ m6 h" n) n% Z$ k% }
Final flow: unchanged
! L" W9 k7 |4 c8 NRelevant fields: skb_priority=0,in_port=1,vlan_tci=0x0014/0x0fff,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000,nw_frag=no
& H1 G5 T1 e7 o! V% R$ _# O7 ADatapath actions: drop
: u7 p# x; d% C9 @- M. Q9 f7 O8 e% t0 N! w1 U+ p, @
发现也在table 10中找到了记录
: I! L" ^# q5 j/ D: S
  U! t' W# O( j% e4 }4 F; D实现第五个table 4: Output Processing
7 ^! M1 {+ G3 C" w8 d& [0 m1 B. g  a
这个时候,register 0中包含了output port,如果是0则说明是flood。% I9 F) w, S6 h0 E" W4 D

& q8 C7 N  y2 L+ W; v# L对于port 1来讲,是trunk port,所以携带的vlan tag就让他带着,从port 1出去。
4 i2 E7 \- b) Y" O( w
7 `4 X+ M0 T- k1 T8 gsudo ovs-ofctl add-flow helloworld "table=4 reg0=1 actions=1"
  K1 E+ o2 E3 ~
6 d/ b3 N9 P, o$ ]5 M3 Z* ^$ t对于port 2来讲,是vlan 20的,然而出去的时候,vlan tag会被抹掉,从port 2发出去( v6 [" M8 k/ S. O1 K& L
0 q  H( y5 q6 y' @  V
对于port 3, 4来讲,是vlan 30的,然而出去的时候,vlan tag会被抹掉,从port 3, 4出去  j8 N5 Q* ^6 j- D* r) ~1 m9 F  I
# h  l: [# y0 U0 B
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   
; p5 o; `4 ~6 a. R        table=4 reg0=2 actions=strip_vlan,2
% ]% f4 G3 M2 ~, P0 C+ s        table=4 reg0=3 actions=strip_vlan,3
2 J. Q1 `' Z# Y        table=4 reg0=4 actions=strip_vlan,4 " \7 l7 X6 G- Y
EOF
3 s) m3 Q4 r1 {5 o
% _1 k$ d2 I7 a; ~对于broadcast来讲,我们希望一个vlan的broadcast仅仅在这个vlan里面发送,不影响其他的vlan。
6 F4 Y, ?5 n/ g. t% l" ^5 s: U4 L; J! m! J5 P7 F
$ sudo ovs-ofctl add-flows helloworld - <<'EOF'   
* h3 U/ G  Z3 G  E6 @0 Y5 M- l        table=4 reg0=0 priority=99 dl_vlan=20 actions=1,strip_vlan,2 2 {# Q& h8 a; q$ N' S! f( b
        table=4 reg0=0 priority=99 dl_vlan=30 actions=1,strip_vlan,3,4
: ]1 s: f" w7 _7 z& A        table=4 reg0=0 priority=50            actions=1
) a4 d8 n" _6 W8 {6 KEOF; ]( b# D* u5 J: `! {' X
0 U- N, i7 ]. ^
所以对于register = 0的,也即是broadcast的,属于vlan 20的,则从port 1, 2出去,属于vlan 30的,则从port 1, 3, 4出去。
. X8 ]9 e+ f% L4 t2 U" ^# `) U8 `5 P; U; T% w3 @" M
$ sudo ovs-ofctl dump-flows helloworld
2 M. N/ e) Q8 e$ B) n& a; [4 m' fNXST_FLOW reply (xid=0x4): , o3 e8 G9 s  \* z: Q; l# o" o; B
cookie=0x0, duration=92909.119s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=resubmit(,1) 1 l6 q5 N( Y7 [5 E3 j6 m7 S; ^. p
cookie=0x0, duration=93099.078s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_src=01:00:00:00:00:00/01:00:00:00:00:00 actions=drop
' `8 I3 W  w" G; J2 V7 Ccookie=0x0, duration=93034.593s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0 actions=drop " e/ V8 f8 g! ?- B
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=2,vlan_tci=0x0000 actions=mod_vlan_vid:20,resubmit(,2) ( i8 F: ?/ \8 @% `
cookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=4,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2)
  f, D+ b# z+ n: Qcookie=0x0, duration=88519.81s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=3,vlan_tci=0x0000 actions=mod_vlan_vid:30,resubmit(,2) ' B5 d- r" Q8 R4 _2 U. x
cookie=0x0, duration=88650.855s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=99,in_port=1 actions=resubmit(,2) 4 l' G4 v, Q* ]4 M* O2 c* C7 a
cookie=0x0, duration=88729.276s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
1 Q% o! C0 y! H4 bcookie=0x0, duration=85959.15s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)
" |; H: T# ?7 i% ecookie=0x0, duration=1673.508s, table=3, n_packets=0, n_bytes=0, idle_age=1673, priority=50 actions=resubmit(,10),resubmit(,4)
' D# C  F' k0 p9 ]7 }1 {cookie=0x0, duration=1533.371s, table=3, n_packets=0, n_bytes=0, idle_age=1533, priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,4) 5 j5 a/ K1 R* K8 J$ z6 P. x# w
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x3 actions=strip_vlan,output:3 - _3 i6 O5 W* t6 l2 z
cookie=0x0, duration=228.839s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=50,reg0=0x0 actions=output:1 $ j2 j! H- g* R9 H% A- U! U
cookie=0x0, duration=483.068s, table=4, n_packets=0, n_bytes=0, idle_age=483, reg0=0x1 actions=output:1 1 w& B9 n' ], W
cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x4 actions=strip_vlan,output:4
1 J! X! S/ \, g* e6 |( O6 R- \cookie=0x0, duration=332.478s, table=4, n_packets=0, n_bytes=0, idle_age=332, reg0=0x2 actions=strip_vlan,output:2   Q, T  `+ J$ w  w- m" E6 d; B. t
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=30 actions=output:1,strip_vlan,output:3,output:4 ) U" D7 x1 x, c% m- ]/ p
cookie=0x0, duration=228.84s, table=4, n_packets=0, n_bytes=0, idle_age=228, priority=99,reg0=0x0,dl_vlan=20 actions=output:1,strip_vlan,output:2
* m2 m/ S- J/ D0 z) D; w1 kcookie=0x0, duration=1438.031s, table=10, n_packets=0, n_bytes=0, idle_age=1438, hard_age=1109, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
  E5 [, N% _5 zcookie=0x0, duration=2090.451s, table=10, n_packets=0, n_bytes=0, idle_age=2090, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:02 actions=load:0x2->NXM_NX_REG0[0..15]
+ P2 x" v  A' ^/ M- T( u/ r0 W0 hcookie=0x0, duration=1258.881s, table=10, n_packets=0, n_bytes=0, idle_age=1258, vlan_tci=0x0014/0x0fff,dl_dst=90:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15]
# g* _# ?& u1 @7 a5 @3 Jcookie=0x0, duration=2403.127s, table=10, n_packets=0, n_bytes=0, idle_age=2403, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]
$ J" c5 ^0 t, N6 N3 T1 d; \3 p$ G9 H4 w0 ~
首先来测试一个multicast和broadcast2 K" l) o/ X" ~+ ^
8 X: R* W) X  G! d# t1 F: ~7 j$ ~4 b
如果是一个port 1来的vlan 30的broadcast: z% d* m7 x* c7 k9 q3 T7 o$ ^7 k2 w

: S, B9 T" b* E. y) c0 C$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=30 * X  D: ^) l* u( U! \2 d8 j
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
9 _! z" {' F: N( f5 V2 b$ j1 WRule: table=0 cookie=0 priority=0
0 m8 l! _9 |/ I# {, p& Q# rOpenFlow actions=resubmit(,1)
4 k" M9 ?1 O' ^( S' d/ w, J" G' w0 @: V; Q7 Z: |
        Resubmitted flow: unchanged % o1 O% V  ^! s
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
0 M" N* d% @3 L' \1 S2 F! G- q3 l        Resubmitted  odp: drop
" K% p2 z* T2 r        Rule: table=1 cookie=0 priority=99,in_port=1
( E) x  x* V" u4 G- ^' J# g/ ~        OpenFlow actions=resubmit(,2)
9 w+ i, G9 e9 m, d2 \. _) u7 g7 c3 @
                Resubmitted flow: unchanged / k- L7 x% b5 C( Z
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" \4 J# q# C5 d9 C                Resubmitted  odp: drop
, z$ P- S& T3 i5 ~$ ^1 H/ F& P4 p                Rule: table=2 cookie=0
+ i) j- G  [8 v) d8 Y                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3), s& U7 |$ s1 s1 }
, W3 U2 _( @/ ~. C
                        Resubmitted flow: unchanged
9 ^, ^( `" u2 T- L: \) L+ v+ K; K                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& W+ V- h9 a' ?6 v8 e                        Resubmitted  odp: drop
! T/ Z+ }( G5 \                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
% {, E4 N, V" T+ Y* H                        OpenFlow actions=resubmit(,4)  A+ {, K: ]$ p9 X; W) W

2 [3 k5 B; N: S3 U) K! \                                Resubmitted flow: unchanged 0 S  {) o# O5 F6 S
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
4 Y# r3 t5 P/ t" y                                Resubmitted  odp: drop 0 V+ t) }7 p$ J) I. l/ r0 C
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
6 E1 {, p9 y5 \" V                                OpenFlow actions=output:1,strip_vlan,output:3,output:4
  D2 x1 i. f$ X2 ~                                skipping output to input port8 Q$ x& K$ E" ]$ u! x/ |

* C7 K( A& g+ d5 N* l1 ?4 B# f; wFinal flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
1 Z' p5 v. R, t8 z6 CRelevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
7 {' A+ P1 ~2 `( b& j2 jDatapath actions: pop_vlan,12,13+ y: O2 {" B. L/ X3 e9 Q
7 U% }- m6 Q4 O; [  [/ z
结果是port 1就不发送了,发送给了port 3, 4- `6 l0 d% C/ K

# C  B& ^. n7 k* b2 L) Z$ sudo ovs-appctl ofproto/trace helloworld in_port=3,dl_dst=ff:ff:ff:ff:ff:ff
' R% E* D1 ?2 WFlow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 , u9 }! v! w( z) V; W- d
Rule: table=0 cookie=0 priority=0
" B1 U: p6 W& l: a+ b' w% L, S, KOpenFlow actions=resubmit(,1)
6 C% ]9 ^& O) K$ @' I8 l7 W  ~  b
; a: @( ^' T9 J5 o& T  X  f# V- }        Resubmitted flow: unchanged ( \' M: P8 E, a) U% T* M
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 : M' o& V: d6 W2 L, L4 q( w5 V
        Resubmitted  odp: drop ) X$ b: o1 r1 I7 V7 O
        Rule: table=1 cookie=0 priority=99,in_port=3,vlan_tci=0x0000 7 k+ M( n, F9 w9 ~. a
        OpenFlow actions=mod_vlan_vid:30,resubmit(,2)1 o5 H/ v4 ?+ d" e0 ^) ?

, S$ k% L2 N/ S( {# u2 c1 g* {                Resubmitted flow: metadata=0,in_port=3,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
5 l0 E, v6 Z$ S+ V1 o; O                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 & a8 z- h4 y! F
                Resubmitted  odp: drop 0 e4 Y* b7 ~- E) i8 B3 n* f1 X
                Rule: table=2 cookie=0 , \3 ?) x6 I# D+ }( L
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)7 d! B0 M- S7 a( c
$ q- U/ @! W  \% x( D0 [
                        Resubmitted flow: unchanged / W% C) {4 R4 q; o4 @; k# D& C
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
# P: r/ `& n$ V0 k1 S9 n                        Resubmitted  odp: drop 4 m5 B1 S3 ?" i- ]+ L/ L
                        Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 $ X8 ^! n* T; y
                        OpenFlow actions=resubmit(,4)4 D! C! I7 A' [- ]. m4 P
2 W  b0 m1 N6 D% C6 O
                                Resubmitted flow: unchanged
4 l6 a+ n& n7 @1 k: m                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" R6 G+ T6 B1 H! S- h# d                                Resubmitted  odp: drop , q% ^7 R) y7 {
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30 * c9 g! }: ^8 C% d: A
                                OpenFlow actions=output:1,strip_vlan,output:3,output:4 * g! L3 q0 @' c: w0 a4 ]1 d8 k
                                skipping output to input port8 s4 q' k! G  j( _+ F
6 o# o; I& I1 Y/ o" H0 S3 ?
Final flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000 7 A, U8 T0 u8 ?0 @" `: }7 Y3 A
Relevant fields: skb_priority=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:f0/ff:ff:ff:ff:ff:f0,dl_type=0x0000,nw_frag=no
9 \. `4 n2 y9 KDatapath actions: push_vlan(vid=30,pcp=0),10,pop_vlan,13
5 }5 [6 r3 \( z7 h
' p/ X0 w6 \( a" a+ l8 Z接着我们测试mac learning
& v( g3 r% g, N% k; z/ d1 Y' o* c& a7 g& |! T9 X
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate   7 k/ S* d) k! U8 Z6 }  i
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 6 P3 U5 H* S) h! x+ [6 `; s( D
Rule: table=0 cookie=0 priority=0
) D  v! J/ l- i" H) IOpenFlow actions=resubmit(,1)* Y# o4 t7 W6 g* X( Z- ^

# J( ?+ B, ~' C& n        Resubmitted flow: unchanged 8 u& r2 M3 Q4 U
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 : X3 u7 x# n6 l/ g: t
        Resubmitted  odp: drop . z$ f. Y+ I% v1 N
        Rule: table=1 cookie=0 priority=99,in_port=1 ( y5 Z% g. C8 Y- k, N, \% G7 n
        OpenFlow actions=resubmit(,2)
, ]+ y  A. }; B  B, X, I/ B7 k  v1 X& L2 \4 N4 r" E
                Resubmitted flow: unchanged 6 E" D: ~% e9 T) B$ |7 x' R5 m$ z
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
' L! h3 p: B& N! h  ?6 p                Resubmitted  odp: drop
( x: f! Q8 c1 _" \: n( m                Rule: table=2 cookie=0 : L; ]1 T1 H1 x! R7 z5 ]
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)7 ^0 {' t! \9 |( r# Z" x- Q

0 e8 m- G  E+ r+ W                        Resubmitted flow: unchanged
% r, |' `! h2 P& e6 ?) \* @                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& X) ?7 E3 _2 j+ t4 F7 s* o9 d                        Resubmitted  odp: drop " s' R% V3 \9 j7 N# l, a
                        Rule: table=3 cookie=0 priority=50 9 z  Q- z: e, E- K1 S
                        OpenFlow actions=resubmit(,10),resubmit(,4)  d) n* \2 o- q" d

' I) Z) U" q& f* _" }" c0 H                                Resubmitted flow: unchanged , C+ x9 T: r- m; G- J, D$ H7 P
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 " b7 s8 |8 ?( n
                                Resubmitted  odp: drop / O8 P" e5 H) p& w" u/ C% \# ^
                                No match0 b7 H" P6 [! c, z

$ n, X$ A& A) G! i% m4 d6 q) N- F4 P                                Resubmitted flow: unchanged 0 I3 t( s7 H& h' k7 x/ Y
                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ M4 t! D6 e; F$ R3 L  k9 N                                Resubmitted  odp: drop / b# ?- m/ i; ?! E  w( \4 A
                                Rule: table=4 cookie=0 priority=99,reg0=0x0,dl_vlan=30
+ k: h3 [: l% f2 G7 Z5 ?8 \                                OpenFlow actions=output:1,strip_vlan,output:3,output:4
6 }: |& K+ n: \4 |* t  k8 y' [. m( t                                skipping output to input port  w/ b/ A  n9 u# \+ q

% ^# u5 \; X8 a3 _! R* p* EFinal flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
% p8 {+ ?/ M4 l" Y  d( e4 ^Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no
) p4 `: n8 f) \& N( K5 ~; _Datapath actions: pop_vlan,12,13/ s. b1 J1 m  B0 O, u2 U5 c+ S

1 F" V9 b* B8 n- N1 T& i由于这两个地址没有出现过,则除了进行学习以外,广播发送给port 3,4
! u3 k( A6 o) B. L. x5 z9 L1 ^) |" V7 A6 R  {. o
$ sudo ovs-appctl ofproto/trace helloworld in_port=4,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01 -generate   5 ~+ a1 S# x# Z6 o! K
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
" D% @+ R/ D4 {( |+ VRule: table=0 cookie=0 priority=0
$ o$ [* ^3 a( hOpenFlow actions=resubmit(,1)
2 H  A( T# B, v9 Y. i& f0 {0 I- y2 e5 L% |; {
        Resubmitted flow: unchanged 4 q% G; [0 ^. a1 w+ v) Q% a
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
. O' `- t9 j& [% ^3 ^        Resubmitted  odp: drop
8 z  {: ]+ C  y$ l- w% J4 a* N: f3 S        Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
' b7 U( z1 r: M/ H4 d        OpenFlow actions=mod_vlan_vid:30,resubmit(,2). R; ~# C, K! c+ O; S+ J
3 a5 M9 \$ g+ }8 o
                Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 * z$ w! N; ]% |; r9 q9 q7 h$ }
                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
( m2 V# z+ g4 h7 c4 Q, q                Resubmitted  odp: drop
; w, j0 l6 g% @0 ^5 T* n( _) l" e                Rule: table=2 cookie=0 . d! `0 l+ f+ w, q; U2 ^6 J
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)6 K" y7 N% \9 N8 s: L- s  B

6 r: K5 S1 P' n, }/ T                        Resubmitted flow: unchanged , v3 c6 u3 D. ~9 }& D+ t+ n. G1 p
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
/ n4 O8 w9 O# m; P# ~# b3 `) i3 [7 j                        Resubmitted  odp: drop $ e- a  V7 x/ R* ^# k3 M
                        Rule: table=3 cookie=0 priority=50 # R% I- e4 F1 J
                        OpenFlow actions=resubmit(,10),resubmit(,4)6 P4 a0 l0 P# f$ D5 Y
! _4 _' `* C9 b
                                Resubmitted flow: unchanged
5 i, ^" |$ v2 Z) B$ Q                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 ; I2 u$ ]) L6 y0 p: E+ |- K
                                Resubmitted  odp: drop 5 A" p% o# T3 O& n& s' y' P) m
                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=10:00:00:00:00:01 5 I7 J0 ~, O% [  r2 u7 v
                                OpenFlow actions=load:0x1->NXM_NX_REG0[0..15]3 P8 o# e7 F0 ^/ h, X$ u. A

1 F3 K- ?& C8 B# t% m; o7 q- V  d% o                                Resubmitted flow: reg0=0x1,metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000 * P; |1 k7 d% ]1 G2 t3 F" d
                                Resubmitted regs: reg0=0x1 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 , r+ m  E  r2 x. A" k
                                Resubmitted  odp: drop ) o! H# y- I. _7 Q' c
                                Rule: table=4 cookie=0 reg0=0x1 2 }+ c5 e/ l; \0 o" [
                                OpenFlow actions=output:1
" J+ H% }9 M  Q7 M# y
! K) x) `- Z$ Q$ y4 L/ lFinal flow: unchanged : k0 t/ ~& f# L" j
Relevant fields: skb_priority=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000,nw_frag=no   w/ E( ]0 D3 @  F* T: n
Datapath actions: push_vlan(vid=30,pcp=0),10
' y3 e2 i1 Q8 _# I* e" N7 @4 Z
回复的时候,由于学习过了,则仅仅从port 1发送出去。
( P4 M/ S  W" ?, T! ]7 r1 x2 V8 s% `9 ~* a1 I: v1 F
$ sudo ovs-appctl ofproto/trace helloworld in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate
9 h/ A' F7 ~+ AFlow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
  l2 t; }8 `( z* qRule: table=0 cookie=0 priority=0 2 V3 f5 @' _. u+ ]
OpenFlow actions=resubmit(,1)
0 W- c' c  m6 o  L
5 q. H6 r# n* j3 V9 ~5 I& p        Resubmitted flow: unchanged 3 _+ L, h7 h8 I* ~4 z
        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
& g3 ?/ I) [, `8 t' w8 j        Resubmitted  odp: drop
7 \3 Z5 {  G8 ~( i! E! U% c0 d        Rule: table=1 cookie=0 priority=99,in_port=1
6 Z' J+ w9 @) v. p        OpenFlow actions=resubmit(,2)
' O5 q$ S( _* Q# E' ^+ ~0 ]  m) l# ]# v9 |
                Resubmitted flow: unchanged
# c/ A8 W6 Y& R" Z                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
" W* t9 X/ o) |1 o7 O0 z                Resubmitted  odp: drop
5 ^% C. R3 ~9 H8 M( H4 }: A3 b                Rule: table=2 cookie=0 9 J# l5 F& w8 r1 }
                OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)% I" z+ A, i; g- Y) L1 S+ Q. M
! h% D9 @4 N! H: P
                        Resubmitted flow: unchanged 8 ?# J1 Y8 O( @0 l* {
                        Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
: I1 i3 |& D4 u                        Resubmitted  odp: drop 4 V1 [2 x9 d( X* l! o* ?1 j
                        Rule: table=3 cookie=0 priority=50
3 \$ M( D8 K+ Q9 Z# Y- ?  N                        OpenFlow actions=resubmit(,10),resubmit(,4)/ u1 _- C, ?3 c" q
6 f- v# q0 F% ~  U9 w
                                Resubmitted flow: unchanged
) i% H5 V4 T. o3 J0 Y% Z; h' B                                Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
) k7 T* R2 J: J" \  Y; ^                                Resubmitted  odp: drop / ^% I- I: t3 }5 X7 u, P
                                Rule: table=10 cookie=0 vlan_tci=0x001e/0x0fff,dl_dst=20:00:00:00:00:01 - p; U! b- @0 x( }9 z, j& s" W0 J
                                OpenFlow actions=load:0x4->NXM_NX_REG0[0..15]: j8 O- I' o6 {) Q. s  \
! V+ P) H2 u! j2 |$ q2 i+ [
                                Resubmitted flow: reg0=0x4,metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
/ w6 n! T8 @6 ?" s* I8 p- B9 o$ z                                Resubmitted regs: reg0=0x4 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
+ \% a8 n' [: H6 G# H# ^$ Y' `# l                                Resubmitted  odp: drop
; f% w& A7 k) p+ T                                Rule: table=4 cookie=0 reg0=0x4 1 l9 ]6 B! p' N0 z$ H% S
                                OpenFlow actions=strip_vlan,output:4  S/ n) g2 d) z' l* F/ [2 \
& n9 G1 E! Y0 j$ r* g
Final flow: reg0=0x4,metadata=0,in_port=1,vlan_tci=0x0000,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000 ' t, u/ m8 l' g' j9 n0 ~
Relevant fields: skb_priority=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000,nw_frag=no / K7 x6 [1 {. y2 n7 J! |
Datapath actions: pop_vlan,13
' Y7 S0 f# j2 c& T" i+ i
4 I( _$ T# j, ]+ H/ v# j; Y由于在回复中进行了学习,因而发送的时候,仅仅发送port 4
回复 支持 反对

使用道具 举报

返回列表 发新帖
高级模式
B Color Image Link Quote Code Smilies
您需要登录后才可以回帖 登录 | 开始注册

本版积分规则

关闭

站长推荐上一条 /4 下一条

北京云银创陇科技有限公司以云计算运维,代码开发

QQ|返回首页|Archiver|小黑屋|易陆发现技术论坛 点击这里给我发消息

GMT+8, 2026-4-8 10:41 , Processed in 0.063331 second(s), 22 queries .

Powered by Discuz! X3.4 Licensed

© 2012-2025 Discuz! Team.

快速回复 返回顶部 返回列表