實驗目的能夠對Open vSwitch進行基本操作能夠通過命令行終端使用OVS命令操作Open vSwitch交換機,管理流表能夠通過Mininet的Python代碼運行OVS命令,控制網絡拓撲中的Open vSwitch交換機(一)基本實驗實驗1 創建OVS交換機創建OVS交換機為OVS交換機配置p0端口創建虛擬空間ns0,將p0移入虛擬網絡空間ns0,並配置IP為OVS交換機配置p1端口創建虛擬空間ns1,將p0移入虛擬網絡空間ns1,並配置IP測試聯通性成功ping通實驗2 Mininet下發流表1. 自定義拓撲運行拓撲2. 劃分VLAN需求: VLAN劃分:聯通性要求: h1-h3 h2-h4,其餘不通為s1配置流表項:查看下發的流表項:這四條命令原理: 1、2條命令:首先對輸入端口進行匹配,如果輸入端口為1(即為h1),執行action:將h1設置為vlan0虛擬局域網的主機,並將數據包向3號端口轉發 如果輸入端口為3(即為h3),執行action:將h2設置為vlan1虛擬局域網的主機,並將數據包向3號端口轉發 3、4條命令: 這兩條命令處理接受到的數據包,匹配域:Vlan標簽 如果Vlan號屬於0,(h3屬於Vlan0),則將數據包往1號端口發,也就是發給主機h1,從而實現h1和h3之間的通信;第四條同理,不再贅述為s2配置流表項: 原理與s1配置類似從1號或2號端口輸入的數據包,則配上Vlan標簽,1號端口輸入的配上Vlan0(和h1在同一虛擬局域網),並向3號端口轉發2號端口輸入的配上Vlan1標簽(和h2在同一局域網),並向3號端口轉發從3號段口輸入的數據包已經打過Vlan標記,對Vlan標記進行匹配,若為0則為發送給h3的數據包,若為1則為發送給h4的數據包驗證結果符合h1和h3聯通,h2和h4聯通,其餘不連通要求。wireshark驗證:(二)進階實驗要求:利用Python代碼實現VlAN劃分分配ip 由於虛擬實現h1和h3在同一局域網,因此分配ip如下code 編寫topo.py文件並運行#!/usr/bin/python
from mininet.net import Mininet
from mininet.node import Node
from mininet.link import Link
from mininet.log import setLogLevel, info
def myNet():
"Create network from scratch using Open vSwitch."
info( "*** Creating nodes\n" )
switch1 = Node( 's1', inNamespace=False )
switch2 = Node( 's2', inNamespace=False )
h1 = Node( 'h1' )
h2 = Node( 'h2' )
h3 = Node( 'h3' )
h4 = Node( 'h4' )
info( "*** Creating links\n" )
Link( h1, switch1)
Link( h2, switch1)
Link( h3, switch2)
Link( h4, switch2)
Link( switch1, switch2)
info( "*** Configuring hosts\n" )
h1.setIP( '192.168.123.1/24' )
h2.setIP( '192.168.124.1/24' )
h3.setIP( '192.168.123.2/24' )
h4.setIP( '192.168.124.2/24' )
info( "*** Starting network using Open vSwitch\n" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.cmd( 'ovs-vsctl add-br dp0' )
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.cmd( 'ovs-vsctl add-br dp1' )
for intf in switch1.intfs.values():
print (intf)
print (switch1.cmd( 'ovs-vsctl add-port dp0 %s' % intf ))
for intf in switch2.intfs.values():
print (intf)
print (switch2.cmd( 'ovs-vsctl add-port dp1 %s' % intf ))
print (switch1.cmd(r'ovs-vsctl show'))
print (switch1.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3'))
print (switch1.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3'))
print (switch1.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=0,actions=pop_vlan,output:1'))
print (switch1.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp0 priority=1,dl_vlan=1,actions=pop_vlan,output:2'))
print (switch2.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3'))
print (switch2.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3'))
print (switch2.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=0,actions=pop_vlan,output:1'))
print (switch2.cmd(r'ovs-ofctl -O OpenFlow13 add-flow dp1 priority=1,dl_vlan=1,actions=pop_vlan,output:2'))
#switch0.cmd('tcpdump -i s0-eth0 -U -w aaa &')
#h0.cmd('tcpdump -i h0-eth0 -U -w aaa &')
info( "*** Running test\n" )
h1.cmdPrint( 'ping -c 3 ' + h3.IP() )
h2.cmdPrint( 'ping -c 3 ' + h4.IP() )
h1.cmdPrint( 'ping -c 3 ' + h4.IP() )
h2.cmdPrint( 'ping -c 3 ' + h3.IP() )
#print switch0.cmd( 'ovs-ofctl show dp0' )
#print switch0.cmd( 'ovs-ofctl dump-tables dp0' )
#print switch0.cmd( 'ovs-ofctl dump-ports dp0' )
#print switch0.cmd( 'ovs-ofctl dump-flows dp0' )
#print switch0.cmd( 'ovs-ofctl dump-aggregate dp0' )
#print switch0.cmd( 'ovs-ofctl queue-stats dp0' )
info( "*** Stopping network\n" )
switch1.cmd( 'ovs-vsctl del-br dp0' )
switch1.deleteIntfs()
switch2.cmd( 'ovs-vsctl del-br dp1' )
switch2.deleteIntfs()
info( '\n' )
if __name__ == '__main__':
setLogLevel( 'info' )
info( '*** Scratch network demo (kernel datapath)\n' )
Mininet.init()
myNet()驗證結果 驗證1:直接在python腳本中驗證 結果:結果符合要求 驗證2:通過wireshark驗證成功打上Vlan標簽錯誤總結忘記為兩臺交換機設置連接,導致ping不通,太蠢瞭TAT總結實驗總結1)此次實驗我學習瞭如何使用OvS命令讓數據包打上Vlan標簽,並學習瞭如何使用控制行實現流表下發。 2)通過進階實驗,我學習瞭如何使用python文件實現流表下發,並能在python文件中進行測試。編寫python文件的過程中遇到不少bug,但通過不斷嘗試最終進行瞭解決,提升瞭我的問題解決能力及創新能力。附:知識總結實驗原理:用VLAN技術可以設計廣播域構成,交換機收到廣播幀後,從而防止廣播風暴命令總結創建ovs交換機過程自動創建類型為internal的ovs-switch000網橋sudo ovs-vsctl add-port ovs-switch000 p0(通過ovs-vsctl show解決報錯) \2. 查詢p0網口相關信息sudo ethtool -i p0創建虛擬網絡空間ns0,把p0接口移入ns0,並配置IPsudo ip netns add ns0
sudo ip link set p0 netns ns0
sudo ip netns exec ns0 ip addr add 192.168.1.100/24 dev p0
sudo ip netns exec ns0 ifconfig p0 promisc up測試sudo ip netns exec ns0 ping 192.168.1.101OVS命令sudo ovs-ofctl show ovs-switch000OVS下發流表命令sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=1,actions=push_vlan:0x8100,set_field:4096-\>vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,in_port=2,actions=push_vlan:0x8100,set_field:4097-\>vlan_vid,output:3
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=0,actions=pop_vlan,output:1
sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=1,dl_vlan=1,actions=pop_vlan,output:2查看流表項命令:sudo ovs-ofctl -O OpenFlow13 dump-flows s1原文鏈接:https://www.cnblogs.com/hhhf/p/16702352.html 原文作者:盒什麼飯