設定 OpenvSwitch
查表
ovs-vsctl list bridge ovs-br
關於 Brdige 及 Port
- 新增 Brdige
ovs-vsctl add-br ovs-br
- 在 ovs-br 上對應 interface
ovs-vsctl add-port ovs-br eth0
- (1) + (2) 的寫法可為
ovs−vsctl add−br ovs-br -- add−port ovs-br eth0
- 移除 Bridge
-
ovs-vsctl del-br ovs-br#如果不存在的話, 會有error log ovs-vsctl --if-exists del-br ovs-br
-
- 更改 ofport (openflow port number) 為 100
ovs-vsctl add-port ovs-br eth0 -- set Interface eth0 ofport_request=100
- 設定 port 為 internal
ovs-vsctl set Interface eth0 type=internal
關於 Controller
- 設定 Controller
ovs-vsctl set-controller ovs-br tcp:1.2.3.4:6633
- 設定 multi controller
ovs-vsctl set-controller ovs-br tcp:1.2.3.4:6633 tcp:5.6.7.8:6633
- 查詢 Controller 設定
-
ovs-vsctl show- 如果有成功連到 controller 則會顯示
is_connected:true, 反之則未連上
- 如果有成功連到 controller 則會顯示
ovs-vsctl get-controller ovs-br
-
- 移除 Controller
ovs-vsctl del-controller ovs-br
關於 STP (Spanning Tree Protocol)
- 開啟 STP
ovs-vsctl set bridge ovs-br stp_enable=true
- 關閉 STP
ovs-vsctl set bridge ovs-br stp_enable=false
- 查詢 STP 設定值
ovs-vsctl get bridge ovs-br stp_enable
- 設定 Priority
ovs−vsctl set bridge br0 other_config:stp-priority=0x7800
- 設定 Cost
ovs−vsctl set port eth0 other_config:stp-path-cost=10
- 移除 STP 設定
ovs−vsctl clear bridge ovs-br other_config
關於 Openflow Version
- 支援 OpenFlow Version 1.3
ovs-vsctl set bridge ovs-br protocols=OpenFlow13
- 支援 OpenFlow Version 1.3 1.2
ovs-vsctl set bridge ovs-br protocols=OpenFlow12,OpenFlow13
- 移除 OpenFlow 支援設定
ovs-vsctl clear bridge ovs-br protocols
關於 VLAN
- 設定 VLAN tag
ovs-vsctl add-port ovs-br vlan3 tag=3 -- set interface vlan3 type=internal
- 移除 VLAN
ovs-vsctl del-port ovs-br vlan3
- 查詢 VLAN
ovs-vsctl showifconfig vlan3
- 設定 Vlan trunk
ovs-vsctl add-port ovs-br eth0 trunk=3,4,5,6
- 設定已 add 的 port 為 access port, vlan id 9
ovs-vsctl set port eth0 tag=9
- ovs-ofctl add-flow 設定 vlan 100
ovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=mod_vlan_vid:100,output:3ovs-ofctl add-flow ovs-br in_port=1,dl_vlan=0xffff,actions=push_vlan:0x8100,set_field:100-\>vlan_vid,output:3
- ovs-ofctl add-flow 拿掉 vlan tag
ovs-ofctl add-flow ovs1 in_port=3,dl_vlan=100,actions=strip_vlan,output:1- two_vlan example
- ovs-ofctl add-flow pop-vlan
ovs-ofctl add-flow ovs-br in_port=3,dl_vlan=0xffff,actions=pop_vlan,output:1
關於 GRE Tunnel
- 設定 GRE tunnel
ovs−vsctl add−port ovs-br ovs-gre -- set interface ovs-gre type=gre options:remote_ip=1.2.3.4
- 查詢 GRE Tunnel
ovs-vsctl show
關於 Dump flows
- Dumps OpenFlow flows 不含 hidden flows (常用)
ovs-ofctl dump-flows ovs-br
- Dumps OpenFlow flows 包含 hidden flows
ovs-appctl bridge/dump-flows ovs-br
- Dump 特定 bridge 的 datapath flows 不論任何 type
ovs-appctl dpif/dump-flows ovs-br
- Dump 在 Linux kernel 裡的 datapath flow table (常用)
ovs-dpctl dump-flows [dp]
- Top like behavior for ovs-dpctl dump-flows
ovs-dpctl-top
XenServer 開啓 OpenvSwitch 方式
- 檢查開啟與否
service openvswitch status
- 開啓
xe-switch-network-backend openvswitch
- 關閉
xe-switch-network-backend bridge
關於 Log
- 查詢 log level list
ovs-appctl vlog/list
- 設定 log level (以 stp 設定 file 為 dbg level 為例)
ovs-appctl vlog/set stp:file:dbgovs-appctl vlog/set {module name}:{console, syslog, file}:{off, emer, err, warn, info, dbg}
關於 Fallback
- Controller connection: false 的時候, 會自動調成 legacy switch mode
ovs-vsctl set-fail-mode ovs-br standalone
- 無論 Controller connection status 為何, 都必須通過 OpenFlow 來進行網路行為 (default)
ovs-vsctl set-fail-mode ovs-br secure
- 移除
ovs-vsctl del-fail-mode ovs-br
- 查詢
ovs-vsctl get-fail-mode ovs-br
關於 sFlow
- 查詢
ovs-vsctl list sflow
- 新增
- 刪除
ovs-vsctl -- clear Bridge ovs-br sflow
關於 NetFlow
- 查詢
ovs-vsctl list netflow
- 新增
- 刪除
ovs-vsctl -- clear Bridge ovs-br netflow
設定 Out-of-band 和 in-band
- 查詢
ovs-vsctl get controller ovs-br connection-mode
- Out-of-band
ovs-vsctl set controller ovs-br connection-mode=out-of-band
- In-band (default)
ovs-vsctl set controller ovs-br connection-mode=in-band
- 移除 hidden flow
ovs-vsctl set bridge br0 other-config:disable-in-band=true
關於 ssl
- 查詢
ovs-vsctl get-ssl
- 設定
ovs-vsctl set-ssl sc-privkey.pem sc-cert.pem cacert.pem- OpenvSwitch Lab 6$ TLS SSL
- 刪除
ovs-vsctl del-ssl
關於 SPAN
- 詳細設定
ovs-vsctl add-br ovs-br
ovs-vsctl add-port ovs-br eth0
ovs-vsctl add-port ovs-br eth1
ovs-vsctl add-port ovs-br tap0 \
-- --id=@p get port tap0 \
-- --id=@m create mirror name=m0 select-all=true output-port=@p \
-- set bridge ovs-br mirrors=@m
- 將 ovs-br 上 add-port {eth0,eth1} mirror 至 tap0
- 刪除
-
ovs-vsctl clear bridge ovs-br mirrors# 關於 Table
-
- 查 table
ovs-ofctl dump-tables ovs-br
關於 Group Table
參考 hwchiu - Multipath routing with Group table at mininet
-
建立 Group id 及對應的 bucket
ovs-ofctl -O OpenFlow13 add-group ovs-br group_id=5566,type=select,bucket=output:1,bucket=output:2,bucket=output:3- type 共有 All, Select, Indirect, FastFailover, 詳細規格
-
使用 Group Table
ovs-ofctl -O OpenFlow13 add-flow ovs-br in_port=4,actions=group:5566
關於 VXLAN
參考 rascov - Bridge Remote Mininets using VXLAN
-
建立 VXLAN Network ID (VNI) 和指定的 OpenFlow port number, eg: VNI=5566, OF_PORT=9
ovs-vsctl set interface vxlan type=vxlan option:remote_ip=x.x.x.x option:key=5566 ofport_request=9
-
VNI flow by flow
ovs-vsctl set interface vxlan type=vxlan option:remote_ip=140.113.215.200 option:key=flow ofport_request=9
-
設定 VXLAN tunnel id
ovs-ofctl add-flow ovs-br in_port=1,actions=set_field:5566->tun_id,output:2ovs-ofctl add-flow s1 in_port=2,tun_id=5566,actions=output:1
關於 OVSDB Manager
參考 OVSDB Integration:Mininet OVSDB Tutorial
- Active Listener 設定
ovs-vsctl set-manager tcp:1.2.3.4:6640
- Passive Listener 設定
ovs-vsctl set-manager ptcp:6640
OpenFlow Trace
- Generate pakcet trace
ovs-appctl ofproto/trace ovs-br in_port=1,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:02 -generate
其它
- 查詢 OpenvSwitch 版本
ovs-ofctl -V
- 查詢下過的指令歷史記錄
ovsdb-tool show-log [-mmm]
