Dockernet Open vSwitch-1

Create topo

[email protected]:~$ sudo mn --topo single,2        

Basic operation:

dockernet>sh ovs-ofctl dump-flows s1 -->（显示规则）      dockernet>sh ovs-ofctl del-flows s1 -->(删除规则)       dockernet>sh ovs-ofctl add-flow s1 -->（新增规则）       

Note

1. Idle-timeout This rule does not conform to this packet pass, this rule is idle for how long it will be deleted (sec)
2. Hard-timeout whether or not a packet has passed, as long as the set time is up, delete the rule directly (SEC)
3. Priority value, which is the rank of the rule, the minimum is 1, the highest is 65535
4. DL_SRC (DL = Data Link layer) This is the network card number representing the source end
5. DL_DST This network card number that represents the destination
6. Dl_type This expression kind (0x0800 =ip 0x0806 =arp)
7. Ip_proto =1 ICMP (simplified to inport= 1 when setting rules)
8. Ip_proto =6 TCP
9. Ip_proto =17 UDP

Experiment One:

We now practice manually setting the rules:
First, when we create the topo, because there is a controller, he will automatically default rules, so that H1, H2 can communicate with each other.
At this point, we must first kill the Contorller, manually write the rules (delete the rules H1, H2 will not be able to communicate)

[email protected]:~$ sudo ps -ef | grep controller[email protected]:~$ sudo kill -9 （这边写contorller的进程号）

dockernet>sh ovs-ofctl add-flow s1 in_port=1,actions=output:2

When we're done adding,
We can open a different terminal and then enter the following instructions to see the rules for the current S1

[email protected]:~$ sudo ovs-ofctl show s1

In the, you will see:

1. DPID = Data Path ID (This is the identification code for each switch, presented in the simplest way in a virtual environment)
2. N_buffers size of buffer
3. Actions supported action Enqueue (mainly in QoS) when we drop the packet, we can drop the packet into a predetermined queue and set a different bandwidth for the different queues (one output can support 8 queues Q0=default queue. , the higher the value the higher the priority)
4. Set_vlan_vid to set a VLAN to tag a packet

In the same vein, the rules for new replies

dockernet>sh ovs-ofctl add-flow s1 in_port=2,actions=output:1

dockernet>xterm h1 h2进到h1 h2 arp -n --->(查看目前有的arp)arp -d 10.0.0.2(这里要看目前有哪一个arp的纪录，就删除哪一个，这样才方便下面做通讯的观察)在h2:tcpdump -i h2-eht0在h1:ping -c 3 10.0.0.2

From the H2 monitoring process will find that ARP Request,arp reply, three groups of ICMP (go back) packets (because Ping-c 3), plus the subsequent persistent ARP Request and ARP reply, a total of 10 packets.

We open another terminal to see:

Of these, two rules of the n_packets are equal to 5, so just can match the above monitoring transmission 10 packets (two-way transmission, each direction five)

Special note: After each experiment, execute sudo mn-c to completely clean up the rules of the previous experiment to avoid problems

Experiment Two

[email protected]:~$ sudo mn --topo single,2 --macdockernet> sh ovs-ofctl add-flow s1 priority=1,in_port=1,action=output:2dockernet> sh ovs-ofctl add-flow s1 priority=2,in_port=1,action=output:1dockernet> sh ovs-ofctl dump-flows s1

dockernet> sh ovs-ofctl add-flow s1 priority=10,ip,nw_dst=10.0.0.1,actions=output:1dockernet>sh ovs-ofctl add-flow s1 priority=10,dl_type=0x0800,nw_dst=10.0.0.2,actions=output:2    (dl_type=0x0800  等于 ip )

dockernet>xterm h1 h2进到h1 h2 arp -n --->(查看目前有的arp)arp -d 10.0.0.2(这里要看目前有哪一个arp的纪录，就删除哪一个，这样才方便下面做通讯的观察)在h2:tcpdump -i h2-eht0在h1:ping -c 3 10.0.0.2

Dockernet Open vSwitch-1