- 积分
- 16840
在线时间 小时
最后登录1970-1-1
|
楼主 |
发表于 2019-10-18 10:50:26
|
显示全部楼层
关于 VLAN
6 l. Y; c/ l' z7 r7 F0 w' ]设置 VLAN tag/ X3 j& E9 y$ c7 E) S) Z- `5 } v
+ w' l, u* O+ [" oovs-vsctl add-port ovs-br vlan3 tag=3 -- set interface vlan3 type=internal2 G( K2 T* W0 l. P$ K3 G. x& m
移除 VLAN1 u c0 K% l% w4 v1 H2 s& r; @
4 G/ p# m8 u4 B3 N0 S$ z% N
ovs-vsctl del-port ovs-br vlan3
9 I! d4 [. R# z% _+ v8 @) ]) _1 n) x查询 VLAN
2 I" }8 W# x0 }1 \! t
, \) S& f- q! ~5 T* R( ?# Movs-vsctl show. r+ x6 I7 R* g% S& s
ifconfig vlan3
! f, [# K- M4 A8 k3 {8 j! o$ y1 L设置 Vlan trunk( V$ @. d& T+ ?: S+ w
ovs-vsctl add-port ovs-br eth0 trunk=3,4,5,6
; l1 R k+ j9 o: @% g- {, J4 Z+ d
设置已 add 的 port 为 access port, vlan id 9
! L- O) b+ N7 y( x3 G" T' t, V( ?$ W" t& H6 z
ovs-vsctl set port eth0 tag=98 z0 L* p( }, u0 X6 p
ovs-ofctl add-flow 设置 vlan 100" ?6 k2 C+ K2 y$ C4 i) Q2 e, d
6 i& s8 ^! p+ I6 U9 @. j( m
ovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=mod_vlan_vid:100,output:3
: z8 v: |1 K' _ovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=push_vlan:0x8100,set_field:100-\>vlan_vid,output:3
$ Y/ _7 U, `- sovs-ofctl add-flow 拿掉 vlan tag; h5 c q' g0 Y4 L0 V
0 s1 m: Y: ?+ A0 wovs-ofctl add-flow ovs1 in_port=3,dl_vlan=100,actions=strip_vlan,output:1
' [$ r! X( w( ztwo_vlan example" t: v% J) v4 c1 m4 V
ovs-ofctl add-flow pop-vlan
, _/ z5 v8 R3 |* }5 r* Y4 k
, h+ M9 L, C6 ]9 H$ eovs-ofctl add-flow ovs-br in_port=3,dl_vlan=0xffff,actions=pop_vlan,output:1
# A/ _" a% u8 y+ |# y
9 M! u% c0 X, G- d! ~2 d1 d
$ @, q. q- W1 \9 ]" A关于 GRE Tunnel
# {" [4 Q# ^7 d( r: q( k7 `设置 GRE tunnel
- e! x6 m3 ^0 B; I* @
7 x; x8 l3 x/ iovs−vsctl add−port ovs-br ovs-gre -- set interface ovs-gre type=gre options:remote_ip=1.2.3.4
8 Y- K- @8 y5 \5 Z查询 GRE Tunnel
4 A, ]$ g0 A; {. `+ [& I9 O3 p4 e* p4 ?& ^3 S4 b. X- X; a+ m
ovs-vsctl show& K( D& \0 Q- W3 Q
* h( h% R# H' ^$ V4 \
0 i9 r8 {- G' q0 V关于 Dump flows0 h- ?) u$ p9 J/ m( Y( S
Dumps OpenFlow flows 不含 hidden flows (常用)
# C7 P4 T8 _* d+ B; V% E, k6 `; G) w/ v0 | X) @
ovs-ofctl dump-flows ovs-br
& |. M8 b$ H: H: g8 `& @! ]- `Dumps OpenFlow flows 包含 hidden flows
4 a( k% j) g% c7 v2 y' j, I
& G" ?/ x2 W. J/ f- I) Povs-appctl bridge/dump-flows ovs-br
u7 p4 S- j/ P6 m( [6 K' o; D/ t8 ODump 特定 bridge 的 datapath flows 不論任何 type
- ^# U: B1 H8 f$ f
/ T# |* {# q- {2 Zovs-appctl dpif/dump-flows ovs-br
% _ ^1 r0 e; m {) sDump 在 Linux kernel 裡的 datapath flow table (常用)
0 F) {: | U7 ?- w; Y
/ s% a! n6 N7 y' `% eovs-dpctl dump-flows [dp]
+ I2 D6 B# T' _4 f4 u PTop like behavior for ovs-dpctl dump-flows" F. f9 E! q0 |) i! T( a5 Y* ]
) _ ]# Y# F4 }
ovs-dpctl-top
8 X0 |8 |* l4 V: g2 e# s3 [, U4 C9 d0 t* E) @9 M
}3 h* }# Y3 ~8 P1 R$ ~; C+ Y# U4 }
- b* X# s; v' v/ i# P1 UXenServer 开启 OpenvSwitch 方式- q3 m, ?* p, P; p+ O
检查是否启动openvswitch服务:8 S+ D9 c# n# I9 c1 |2 G7 F* |
$ q* b* P9 X p. [: K# e, A! |# uservice openvswitch status. d) u8 c1 |" h0 w* \4 E. [
启动服务2 W2 K* a7 x# H
x, k% x' i: \3 n
xe-switch-network-backend openvswitch5 z9 w8 m! J, K- R" J: X J% q
关闭服务
% j( z( R( T! U& F; f* D1 w
* `4 {2 X' d# Z9 yxe-switch-network-backend bridge( X6 ~$ T4 U% q5 S: O, s$ y2 [
' J5 m; D0 p$ O6 F* M# D5 P" k1 I# u/ {3 }# T7 r
关于 Log* r1 z) `# M/ L) {' d
查询 log level list; J! T& K. A1 h2 L5 ^1 r
( ~8 _* E% h/ C, Yovs-appctl vlog/list
4 p, Y' W- {1 V. o8 @; X" R设置 log level (以 stp 设置 file 为 dbg level 为例)
: O5 u5 `& j2 x6 Z V: c& a
# V, @# w6 Y T# Lovs-appctl vlog/set stp:file:dbg
+ G, r, [9 \* I& m$ u F% N% dovs-appctl vlog/set {module name}:{console, syslog, file}:{off, emer, err, warn, info, dbg}( j# F% R, g& v5 J
- B2 v3 L: |! ]! a% y: z$ ]
2 w, `& H2 J% d" S; F% _7 L 关于 Fallback9 ?" J, t4 i1 R( N, T
Controller connection: false 的时候, 会自动调成 legacy switch mode0 r. V( K$ L, a3 s1 _
# e* C- h7 E0 S8 y `+ wovs-vsctl set-fail-mode ovs-br standalone
" v2 o' K- w; r& ~4 }. n6 o# k无论 Controller connection status 为何, 都必须通过 OpenFlow 进行网络行为 (default)
6 X% E# h( p0 p$ E
5 F& R) K* N D8 j6 j: _ovs-vsctl set-fail-mode ovs-br secure" I" m. K3 T! n; ~5 b
移除$ X7 b% i8 n- p. f
- ]6 P, y5 m, y0 W4 |, f' D
ovs-vsctl del-fail-mode ovs-br! |- e% J F/ v; O/ B1 M
查询+ R" a7 u- y! [4 u" c' W( u
0 h; |0 p. Q: Govs-vsctl get-fail-mode ovs-br
7 V% Y7 n* ?/ E( ]( _
1 Q0 f6 p+ b+ u0 X4 l% z' U; H0 Y5 g) B, ]8 ]
关于 sFlow
& p6 E7 B1 }) F9 ]7 t查询
. O( ]6 m6 g- a. I. c% ]
4 G- M8 X! q U/ y" E2 R* T3 xovs-vsctl list sflow
4 ?! | G- @& R" R9 M新增
8 J7 ?( P1 L3 E A0 q d3 c
, M* h+ s1 g4 @Set sFlow 缺
0 Q+ L3 I: P% y- z* z刪除
( ?8 X. o, ~) \# U. ?2 D3 ^, v
% x5 a9 Z2 ^& _, T8 @( oovs-vsctl -- clear Bridge ovs-br sflow
; y/ x( X! {7 X7 M" a1 e* _- @7.13关于 NetFlow
7 V8 n3 \9 I4 W, p0 c查询
/ C. n, n# w1 M
* u+ \8 c1 R6 b& i- s( _2 I- Uovs-vsctl list netflow/ [ g/ h0 s3 M& c; I; L; b3 K* j
新增
6 ^. G y2 h \8 M* {9 {- i* F* q5 u, y ^2 Z
Set NetFlow 缺% n, n) d) ?4 i
刪除2 X) j. I% ~* Z) X. ~7 ]: O6 Z
! K& G/ w$ K; m! C' n
ovs-vsctl -- clear Bridge ovs-br netflow
; U1 D4 d5 B* d9 i$ v' M8 e7.14 设置 Out-of-band 和 in-band7 N% [8 J' n9 ]
查询! Q- K" x0 B# y# V! @
4 A) u* o7 M8 G2 _ovs-vsctl get controller ovs-br connection-mode$ ~9 p n( h5 b
Out-of-band5 m! v0 g6 f8 B3 x' ?) P. J
. P; n" h. ?. B5 n' y
ovs-vsctl set controller ovs-br connection-mode=out-of-band3 C1 ]( m/ w( q! U7 z
In-band (default)
! {8 Q% p0 K5 R/ z
. G, L3 w. F& W9 Lovs-vsctl set controller ovs-br connection-mode=in-band
7 W. n1 @* A' [* V移除 hidden flow [$ a: T# N: W
- _2 @. k! l3 t! P ?
ovs-vsctl set bridge br0 other-config:disable-in-band=true! t" Q+ f1 r* w
7.15 关于 ssl7 M" O5 r" _/ P# P8 a: B( R/ e
查询* |) e7 ?6 @7 P$ n% J
5 N2 D/ {, w& e( K5 F+ m! S
ovs-vsctl get-ssl4 e% m" x4 @8 J7 k9 p
设置
# {% `/ k: r+ B' C% u" d
$ K9 m K& ]$ Qovs-vsctl set-ssl sc-privkey.pem sc-cert.pem cacert.pem
' ^/ x/ m0 ^3 H o/ q4 i" YOpenvSwitch Lab 6$ TLS SSL : http://roan.logdown.com/posts/208707-openvswitch-lab-6-ssl% U: d+ @+ ]2 e3 r: P
刪除
8 Y# u% O7 f+ I
- d9 [! b& o, }- |ovs-vsctl del-ssl, {" q8 S. K! S/ G
7.16 关于 SPAN! T3 _9 n2 q+ e# L) k
详细设置, k$ [! _3 ^. ]' D! R( R7 t
0 b* A c; I1 x+ a& |ovs-vsctl add-br ovs-br
/ g7 K& ~* k v; Z" M! C2 c' W8 G" Zovs-vsctl add-port ovs-br eth0
8 L9 n. m/ S7 p* r( {3 }ovs-vsctl add-port ovs-br eth1
9 g0 t$ ]9 a, S7 `: X+ K# Z/ zovs-vsctl add-port ovs-br tap0 \; {) N9 H# L! b s0 ]$ B& l
-- --id=@p get port tap0 \' L2 P `' P+ e
-- --id=@m create mirror name=m0 select-all=true output-port=@p \
9 J" K v# b5 c7 v: W -- set bridge ovs-br mirrors=@m
/ d" h/ d- H5 n0 _# o$ z; X将 ovs-br 上 add-port {eth0,eth1} mirror 至 tap04 |! x g0 f0 N5 t+ T
$ V9 T9 ~% q% R$ m
刪除
) h: D- m: r: W( g1 v# q, n1 K% U- @
ovs-vsctl clear bridge ovs-br mirrors # 關於 Table
/ s2 ?2 z& R( I' R/ U2 l5 J查 table ovs-ofctl dump-tables ovs-br
! m% T$ n5 b. S" ] f
( C, J1 R5 b, V* F5 e$ I7.17 关于 Group Table
3 e8 ]* h+ S2 _, i8 b参考 hwchiu – Multipath routing with Group table at mininet; G- e+ ^4 p7 ^6 t3 q
( B* E7 a9 f5 h, Q2 {8 j% {
建立 Group id 及对应的 bucket
4 l+ q% J! a7 Q8 E) ]2 |) C, _6 z( e: j7 e2 }9 V, o& ?$ X7 z
ovs-ofctl -O OpenFlow13 add-group ovs-br group_id=5566,type=select,bucket=output:1,bucket=output:2,bucket=output:3) w! n0 ~& j, k
type 共有 All, Select, Indirect, FastFailover, 详细规格:http://flowgrammable.org/sdn/ope ... upmod/#GroupMod_1.3& `2 j% B9 z- Q/ [, o; c/ V; m+ K
7 b6 D v1 M) A% \) G% ^
使用 Group Table
# L+ b; O3 F; I6 ?8 t; p, j5 ?* P( ]: Z7 G) W
ovs-ofctl -O OpenFlow13 add-flow ovs-br in_port=4,actions=group:5566
C! X. }8 I5 N/ X8 W- N5 @3 E% a7.18 关于 VXLAN/ O3 Z* ~! t. J/ `$ t
参考 rascov – Bridge Remote Mininets using VXLAN% _2 x7 p; o+ g( w# q r3 Q" P; Z/ U
4 p; K9 _% Y: Y. Q
建立 VXLAN Network ID (VNI) 和指定的 OpenFlow port number, eg: VNI=5566, OF_PORT=95 W0 p p# k0 m3 w
2 p8 F% x2 m/ I6 Q7 sovs-vsctl set interface vxlan type=vxlan option:remote_ip=x.x.x.x option:key=5566 ofport_request=9
8 Q8 `+ `! p" D) eVNI flow by flow
. V, _4 n5 c; Q0 q5 l
6 y& `! m# t; @6 `ovs-vsctl set interface vxlan type=vxlan option:remote_ip=140.113.215.200 option:key=flow ofport_request=9
8 y f( | @$ ~; M/ d设置 VXLAN tunnel id4 e$ Q$ f5 e" A
5 {* ?) P, F: Z! A% O, movs-ofctl add-flow ovs-br in_port=1,actions=set_field:5566->tun_id,output:2
5 v$ a# r$ ~6 r7 l2 Q# |6 N. H7 yovs-ofctl add-flow s1 in_port=2,tun_id=5566,actions=output:1# ]' i5 G' `" B5 L
7.19 关于 OVSDB Manager& p2 B" l9 Z9 u5 w) c3 u# J0 r! Y& s
参考 OVSDB Integration:Mininet OVSDB Tutorial
3 O6 w; Z% U* j1 N& m
4 P; _$ E; O2 W' CActive Listener 设置! E/ U6 n, r( u
* d$ A4 s+ f$ B8 h1 M
ovs-vsctl set-manager tcp:1.2.3.4:6640
7 I* K/ s7 `; Y! f5 m$ Q/ }. t' X! H7 RPassive Listener 设置
5 B& l) S6 }7 |, H9 T2 g
. c* p- O5 N/ O) m! x; sovs-vsctl set-manager ptcp:6640
2 N/ _" r- v6 L# ~9 \; [7.20 OpenFlow Trace: b" F' e2 M: S: E% m+ b* I
Generate pakcet trace
0 c- Y, O4 S" I q9 l/ C
) V" k9 L, i$ `1 D! novs-appctl ofproto/trace ovs-br in_port=1,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:02 -generate" k6 ^- W2 f2 r |- l
7.21 其它. X% C) A+ d5 |% C
查询 OpenvSwitch 版本; Q8 I% Y1 X" r# V( ]6 h
. P, u- P0 g3 S0 Z/ y& L$ y: b# i. ~
ovs-ofctl -V+ ?1 P- f1 i# N" p& U% h7 Z6 O- }
查询指令历史记录8 z: G# ^! O3 s+ e
# _; I1 J$ r, Q' T+ D
ovsdb-tool show-log [-mmm]- ~6 l+ n0 m* m9 `, I/ D5 {
|
|
/4 
窥视卡
雷达卡
发表于 2019-10-18 10:38:50
提升卡
置顶卡
沉默卡
喧嚣卡
变色卡
千斤顶
照妖镜
