Constructing the Vxlan tunnel experiment based on open vswitch

Https://www.sdnlab.com/5365.html

1. Vxlan Introduction

VXLAN is the acronym for Virtual Extensible LANs, an extension of the VLAN, a very new tunnel technology, and a lot of applications in open vswitch. The Linux kernel upstream has just joined the Vxlan implementation. It has a good scalability compared to the GRE tunnel and solves many other problems.

In quantitative terms, it extends the bit's VLAN tag to a bit. From the implementation, it is L2 over UDP, it utilizes the UDP is also IPv4 unicast and multicast, can cross the L3 boundary, cleverly solve the GRE tunnel and VLAN existing deficiencies, so that the network become more flexible. 2. Experimental environment

The Linux kernel module, which supports the open vswitch, is joined by tunneling, but some kernel versions of Linux may only support open vswitch rather than tunneling technology. The corresponding minimum Linux kernel version supporting tunneling technology is as follows:

This experimental operating system is installed in two virtual machines based on the 3.13Linux kernel version of the Ubuntu 14.04.1 to meet the conditions of Vxlan normal operation. At the same time need to install the Open VSwitch, this experiment is installed open VSwitch 2.3.0 version, the specific installation steps detailed in the "open vSwitch2.3.0 version of the installation and deployment and basic operations." 3. Vxlan Tunnel construction based on open vswitch

This experiment created two virtual machines and started the Openvswitch service, and finally created the Vxlan tunnel and validated it. The network topology used in the experiment is as follows:

Note: Because the experiment itself is operating in a virtual environment, so in the experiment BR1 Bridge actually did not hang any host again, in the experiment we are to two virtual machine's BR1 to specify two different network segment IP, then through constructs the Vxlan tunnel lets these two different network segments bridge to realize the communication. 3.1 Configuration Host1

After starting a good OvS service, we first configure the Host1.

Add two bridges named Br0 and BR1 on Host1: Shell # ovs-vsctl ADD-BR br0 # ovs-vsctl ADD-BR BR1 1 2 # ovs-vsctl add-br br0 # ovs-vsctl ADD-BR Br1

Add a port on the br0 and mount the eth0 onto the br0. The purpose of this is to facilitate us to add multiple end statements to the virtual bridge we use so that we do not have to be limited to eth0 finite ports. Shell # ovs-vsctl Add-port br0 eth0 1 # ovs-vsctl Add-port br0 eth0

At this time we will be the original eth0 allocated IP cleared and assigned to BR0, so that the virtual machine network can continue to work through BR0. Shell # ifconfig eth0 0 up && ifconfig br0 192.168.146.131/24 ' 1 # ifconfig eth0 0 up && ifconfig br0 19 2.168.146.131/24 up

Configure the Br0 gateway according to the actual situation. Shell # route Add default GW 192.168.146.2 br0 1 # route add default GW 192.168.146.2 BR0

Assign an IP to the BR1 Network Bridge. Shell # ifconfig BR1 10.0.0.1/24 up 1 # ifconfig BR1 10.0.0.1/24 up 3.2 configuration Host2

Follow the same steps as Host1 to configure the Host2. Shell # ovs-vsctl ADD-BR br0 # ovs-vsctl add-br br1 # ovs-vsctl Add-port br0 eth0 # ifconfig eth0 0 up && ifconfig Br0 192.168.146.136/24 Up # route add default GW 192.168.146.2 BR0 1 2 3 4 5 # Ovs-vsctl ADD-BR br0 # ovs-vsctl ADD-BR BR 1 # ovs-vsctl Add-port br0 eth0 # ifconfig eth0 0 up && ifconfig br0 192.168.146.136/24 up # route add default GW 192.168.146.2 br0

Assign a BR1 Network bridge to the HOST2 and Host1 the IP of a different network segment in the BR1. Shell # ifconfig BR1 10.0.1.1/24 up 1 # ifconfig BR1 10.0.1.1/24 3.3 build Vxlan Tunnel

Before building the tunnel, let's test the communication between the BR0 and BR1 22 on both virtual machines Host1 and Host2. Shell root@ubuntu:~# Ping 192.168.146.136 # # Host1 ping Host2 br0 ping 192.168.146.136 (192.168.146.136) bytes of D Ata. Bytes from 192.168.146.136:icmp_seq=1 ttl=64 time=1.88 ms bytes from 192.168.146.136:icmp_seq=2 ttl=64 Ms...... 1 2 3 4 5 root @ Ubuntu: ~ # ping 192.168.146.136        ## Host1 ping Host2 br0 PING 192.168.146.136 (192.168.146.136) bytes of data. 192.168.146.136:icmp_seq = 1 ttl = bytes = 1.88 ms bytes from 192.168.146.136:icmp_seq = 2 ttl = 64 Time = 0.703 ms ... Shell root@ubuntu:~# Ping 10.0.1.1 # # Host1 ping Host2 br1 ping 192.168.146.136 (192.168.146.136) bytes of data. ...... 1 2 3 4 root @ Ubuntu: ~ # ping 10.0.1.1        ## Host1 ping Host2 br1 ping 192. 168.146.136 (192.168.146.136) bytes of data.   ...

BR1 and the other side of the BR1 can not communicate, we built the tunnel is to enable the two machines BR1 (data level) to achieve communication.

1. Set the Vxlan on the Host1, the remote IP is set to Host2 the BR0 IP that can communicate with the external. Shell # ovs-vsctl Add-port BR1 vx1--set interface vx1 Type=vxlan options:remote_ip=192.168.146.136 1 # ovs-vsctl Add-por T BR1 vx1--set interface vx1 Type=vxlan options:remote_ip=192.168.146.136

2. Set the Vxlan on the HOST2, the remote IP is set to Host1 the BR0 IP that can communicate with the external. Shell # ovs-vsctl Add-port BR1 vx1--set interface vx1 Type=vxlan options:remote_ip=192.168.146.131 1 # ovs-vsctl Add-por T BR1 vx1--set interface vx1 Type=vxlan options:remote_ip=192.168.146.131
3.4 Verifying Vxlan Tunnel

BR1 between the two machines enables normal communication: Shell root@ubuntu:~# ping 10.0.1.1 ping 10.0.1.1 (10.0.1.1) bytes of data. Bytes from 10.0.1.1:icmp_seq=1 ttl=64 time=15.4 ms-bytes from 10.0.1.1:icmp_seq=2 ttl=64-time=0.715 ms ... Root@ubu ntu:~# Ping 10.0.1.1 Ping 10.0.1.1 (10.0.1.1) bytes of data. Bytes from 10.0.1.1:icmp_seq=1 ttl=64 time=15.4 ms-bytes from 10.0.1.1:icmp_seq=2 ttl=64-time=0.715 ms ... 1 2 3 4 5 6 7 8 9 each root @ Ubuntu: ~ # ping 10.0.1.1 ping 10.0.1.1 (10.0.1.1) bytes of data. 10.0.1.1:icmp_seq = 1 ttl = bytes = 15.4 ms bytes from 10.0.1.1:ICMP_SEQ = 2 ttl = = 0.715 Ms ... root @ Ubuntu: ~ # ping 10.0.1.1 ping 10.0.1.1 (10.0.1.1) bytes of data. 10.0.1.1:icmp_seq = 1 ttl = bytes = 15.4 ms bytes from 10.0.1.1:ICMP_SEQ = 2 ttl = = 0.715 Ms......

At the same time through the bag to prove that the use of packet protocol is indeed Vxlan, see the following figure: 4. Conclusion

This experiment constructs the Vxlan tunnel based on open Vswitch, realizes the communication of the Intranet machine in different network segment. The experiment is based on open vswitch Virtual Switch, conditional friends can experiment in real environment.