MISTERY

How to create a serial console log of a system panic.

You'll need another server to act as the logging machine. Any machine will do as long as it has a serial port and won't be rebooted more often than the server you're monitoring. If it runs Linux, you will need the application minicom. If it runs Windows, you'll need HyperTerm.

On the machine that has the problem, add "console=tty0 console=ttyS0,115200n8" to the kernel command line in /boot/grub/menu.lst or/etc/lilo.conf depending on your boot loader. (If you're using lilo, don't forget to run "lilo" to copy the config changes to the boot manager.) You may also want to remove "rhgb" which turns on "Red Hat Graphical Boot" and "quiet" which reduces the kernel messages during startup. Leave any other options on the line.

For example, in /boot/grub/menu.lst this:

title Fedora Core (2.6.5-1.358)
        root (hd0,0)
        kernel /vmlinuz-2.6.5-1.358 ro root=LABEL=/ rhgb quiet
        initrd /initrd-2.6.5-1.358.img

becomes:

title Fedora Core w/Serial Console (2.6.5-1.358)
        root (hd0,0)
        kernel /vmlinuz-2.6.5-1.358 ro root=LABEL=/ console=tty0 console=ttyS0,115200n8
        initrd /initrd-2.6.5-1.358.img

Specifying "console=" multiple times causes kernel output (printk) to be mirrored to all devices listed. The last device mentioned will be used as/dev/console which is where syslog and the /etc/init.d startup scripts send their output. The typical keyboard and monitor are tty0. The first serial port is ttyS0 (COM1), the second serial port is ttyS1 (COM2). You can use either one. 115200 is the baud rate for the serial port. You can set it slower if you need to. Other popular baud rates are 9600, 19200, 38400 and 57600.

If you boot with the above kernel command line, Red Hat will generally detect this and prompt you to configure serial console for login. If not, do the following to enable login on the serial port.

Add the following lines to /etc/inittab:

 
# Serial console login
S0:2345:respawn:/sbin/agetty -L ttyS0 115200

Change "S0" to "S1" in two places on the line if you're using ttyS1 as your console. Change "115200" to match your baud rate if you changed it on the kernel command line.

Allow root login on this new port by adding "ttyS0" and "ttyS1" to/etc/securettys.

The system process named "init" manages logins and needs to be told to reread the /etc/inittab file. There are many ways to do this -- "telinit q" is one.

That completes the setup of the machine to be monitored.

Verify the setup

To verify your setup, you'll need the program "minicom" on the monitoring machine. If you have a Windows machine available, you can also use HyperTerm to record the kernel output.

1. Start by running "minicom -s -o" and then select "Serial Port Setup." Configure the "A - Serial device," "E - Bps/Par/Bits" and set both hardware (F) and software (G) flow control to off. Press return to get back to the main config menu. Select "Modem and Dialing" and delete the "A - Init string," "B - Reset string" and "K - Hang up string" since there is no modem in this situation. Return to the main menu and "Save setup as..." You should name the config to match the name of the serial port (eg. ttyS0). Exit minicom.

2. Next, start minicom using the config you saved. Run "minicom ttyS0" and after it starts, press "return" a couple of times. If everything is working, you should get a "login:" prompt from your monitored system.

3. Tell minicom to start logging everything by pressing "CTRL-A" and then "L" Select a filename for the log. Leave minicom running.

4. Try rebooting the target system. You should see the kernel messages and init.d scripts as the system boots.

5. Now duplicate the problem, or wait for the kernel panic. The kernel messages will be captured to the log file.

6. To close the log file, press "CTRL-A" and "L" again. Choose "Close" to end the existing log file.

You can start another log file by doing "CTRL-A" and "L" again. Be sure to use a different name.







출처 : http://searchenterpriselinux.techtarget.com/tip/System-panic-Get-a-serial-console-log







신고

'Skill > OpenvSwitch' 카테고리의 다른 글

System panic: Get a serial console log  (0) 2014.08.06
VLANs  (0) 2014.08.06
openvswitch-1.1.0 Directory Reference  (0) 2014.07.31
OpenVswitch Advanced Tutioral  (0) 2014.07.31
OpenvSwitch v2.1.2 on Ubuntu 12.04 LTS  (0) 2014.07.29
[ovs-discuss] installing ovs2 on ubuntu 12.04  (0) 2014.07.29

Comment +0

VLANs

Skill/OpenvSwitch2014.08.06 14:25

VLANs

Topic:

Isolating VM traffic using VLANs

Setup:

Two Physical Networks:

  • Data Network:  Ethernet network for VM data traffic, which will carry VLAN tagged traffic between VMs.  Your physical switch(es) must be capable of forwarding VLAN tagged traffic and the physical switch ports should be VLAN trunks (Usually this is default behavior.  Configuring your physical switching hardware is beyond the scope of this document).
  • Management Network: This network is not strictly required, but it is a simple way to give the physical host an IP address for remote access, since an IP address cannot be assigned directly to eth0.  

Two Physical Hosts:

Host1, Host2.  Both hosts are running Open vSwitch.  Each host has two NICs:

  • eth0 is connected to the Data Network.  No IP address can be assigned on eth0.
  • eth1 is connected to the Management Network (if necessary).   eth1 has an IP address that is used to reach the physical host for management.

Four VMs:

VM1,VM2 run on Host1.  VM3,VM4 run on Host2.

Each VM has a single interface that appears as a Linux device (e.g., “tap0″) on the physical host.  (Note: for Xen/XenServer, VM interfaces appears as Linux devices with names like “vif1.0″)



Goal:

Isolate VMs using VLANs on the Data Network.
VLAN 1: VM1,VM3
VLAN 2: VM2,VM4

Configuration:

Perform the following configuration on Host 1:

Create an OVS bridge:

ovs-vsctl add-br br0

Add eth0 to the bridge (by default, all OVS ports are VLAN trunks, so eth0 will pass all VLANs):

ovs-vsctl add-port br0 eth0

Add VM1 as an “access port” on VLAN 1:

ovs-vsctl add-port br0 tap0 tag=1

Add VM2 on VLAN 2:

ovs-vsctl add-port br0 tap1 tag=2

On Host 2, repeat the same configuration to setup a bridge with eth0 as a trunk:

ovs-vsctl add-br br0

ovs-vsctl add-port br0 eth0

Add VM3 to VLAN 1:

ovs-vsctl add-port br0 tap0 tag=1

Add VM4 to VLAN 2:

ovs-vsctl add-port br0 tap1 tag=2

Trouble-Shooting:

Ping from VM1 to VM3, this should succeed.

Ping from VM2 to VM4, this should succeed.

Ping from VM1/VM3 to VM2/VM4, this should not succeed (unless you have a router configured to forward between the VLANs, in which case, packets arriving at VM3 should have the source MAC address of the router, not of VM1).

If you have problems with this cookbook entry, please send them to the OVS discuss email list.


























출처 : http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/




















신고

'Skill > OpenvSwitch' 카테고리의 다른 글

System panic: Get a serial console log  (0) 2014.08.06
VLANs  (0) 2014.08.06
openvswitch-1.1.0 Directory Reference  (0) 2014.07.31
OpenVswitch Advanced Tutioral  (0) 2014.07.31
OpenvSwitch v2.1.2 on Ubuntu 12.04 LTS  (0) 2014.07.29
[ovs-discuss] installing ovs2 on ubuntu 12.04  (0) 2014.07.29

Comment +0

openvswitch-1.1.0 Directory Reference

Directory dependency graph for openvswitch-1.1.0/:
openvswitch-1.1.0/

Directories

directory  datapath
directory  include
directory  lib
directory  ofproto
directory  ovsdb
directory  python
directory  tests
directory  utilities
directory  vswitchd
directory  xenserver


















출처 : http://openvswitch.sourcearchive.com/documentation/1.1.0-1/dir_24c15f024ccd68aa52576c2484e84416.html















신고

'Skill > OpenvSwitch' 카테고리의 다른 글

System panic: Get a serial console log  (0) 2014.08.06
VLANs  (0) 2014.08.06
openvswitch-1.1.0 Directory Reference  (0) 2014.07.31
OpenVswitch Advanced Tutioral  (0) 2014.07.31
OpenvSwitch v2.1.2 on Ubuntu 12.04 LTS  (0) 2014.07.29
[ovs-discuss] installing ovs2 on ubuntu 12.04  (0) 2014.07.29

Comment +0

Goal

The goal of this tutorial is to demonstrate the power of Open vSwitchflow tables. The tutorial works through the implementation of a MAC-learning switch with VLAN trunk and access ports.

Introduction

  • Open vSwitch is a production quality open source software switch designed to be used as a vswitch in virtualized server environments.
  • A vswitch forwards traffic between different VMs on the same physical host and also forwards traffic between VMs and the physical network.
  • Open vSwitch supports standard management interfaces (e.g. sFlow, NetFlow, IPFIX, RSPAN, CLI), and is open to programmatic extension and control using OpenFlow and the OVSDB management protocol.
  • We are constructing a software simulated network environment based on Open vSwitch.
  • We are using “ovs-sandbox”and Firstly installed Open vSwitch on your system ,then you should be able to just run “ovs-sandbox” from this directory without any options.

We will construct Open vSwitch flow tables for a VLAN-capable,MAC-learning switch that has four ports:

  • p1, a trunk port that carries all VLANs, on OpenFlow port 1.
  • p2, an access port for VLAN 20, on OpenFlow port 2.
  • p3 and p4, both access ports for VLAN 30, on OpenFlow ports 3 and 4, respectively.

Our switch design will consist of five main flow tables, each of which implements one stage in the switch pipeline:

  • Table 0: Admission control.
  • Table 1: VLAN input processing.
  • Table 2: Learn source MAC and VLAN for ingress port.
  • Table 3: Look up learned port for destination MAC and VLAN.
  • Table 4: Output processing.

The following are the steps for the exercise:

Getting Started

1. Install Openvswitch Package
#apt-get install -y openvswitch-switch openvswitch-datapath-dkms
2. Download the ovs-sandbox script file
#cd /opt/
#git clone git://git.openvswitch.org/openvswitch
3. Run ovs-sandbox

When We run ovs-sandbox script file, it creates following:

  • Deletes any subdirectory of the current directory named “sandbox” and any files in that directory.
  • Creates a new directory “sandbox” in the current directory.
  • Sets up special environment variables that ensure that OpenvSwitch programs will look inside the “sandbox” directory instead of in the OpenvSwitch installation directory.
  • Creates an empty Open vSwitch configuration database under “sandbox”.
  • Starts ovsdb-server running under “sandbox”.
  • Starts ovs-vswitchd running under “sandbox”, passing special options that enable a special “dummy” mode for testing.
  • Starts a nested interactive shell inside “sandbox”.
#/opt/openvswitch/tutorial/
#./ovs-sandbox
4. Creates a bridge

In this step, a bridge is created. The command creates new bridge “br0” and puts “br0” into so-called “fail-secure” mode.

#cd sandbox/
#ovs-vsctl add-br br0 -- set Bridge br0 fail-mode=secure
5. Add ports to the bridge

The command below addes ports p1, p2,p3 and p4 to the bridge.

# for i in 1 2 3 4; do
        ovs-vsctl add-port br0 p$i -- set Interface p$i ofport_request=$i
        ovs-ofctl mod-port br0 p$i up
    done
6. Verify the bridge with ports
#ovs-vsctl show
  Bridge "br0"
        fail_mode: secure
        Port "p1"
            Interface "p1"
        Port "p2"
for i in 1 2 3 4; do
        ovs-vsctl add-port br0 p$i -- set Interface p$i ofport_request=$i
        ovs-ofctl mod-port br0 p$i up
    done
            Interface "p2"
        Port "p3"
            Interface "p3"
        Port "br0"
            Interface "br0"
                type: internal
        Port "p4"
            Interface "p4"
    ovs_version: "1.10.2"

Admission Control

In this step, we add a flow into Table 0, where the STP packets are dropped. If the rule does not match, resubmit the packet to Table 1 with prioroty 0. Table 0 is where packets enter the switch. We use this stage to discard packets that for one reason or another are invalid.

1. Add a flow to drop them at ingress to the switch with
#ovs-ofctl add-flow br0 "table=0, dl_src=01:00:00:00:00:00/01:00:00:00:00:00, actions=drop"
2. Adding a flow to drop IEEE 802.1D Spanning Tree Protocol (STP) packets, and other packets with reserved multicast protocols:
#ovs-ofctl add-flow br0  "table=0, dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0, actions=drop"
3. Adding flows with priority and resubmit to table1
#ovs-ofctl add-flow br0 "table=0, priority=0, actions=resubmit(,1)"
4. Testing Table 0
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=01:80:c2:00:00:05
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:05,dl_type=0x0000
Rule: table=0 cookie=0 dl_dst=01:80:c2:00:00:00/ff:ff:ff:ff:ff:f0
OpenFlow actions=drop

Final flow: unchanged
Datapath actions: drop
Packet come from p1 and check in table0, then drop it

import

Note:

  • The first block of lines describes an OpenFlow table lookup
  • Thesecond line gives the OpenFlow flow that the fields matched (called a “rule” because that is the name used inside Open vSwitch for an OpenFlow flow).
  • The third line gives the rule’s OpenFlow actions.
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=01:80:c2:00:00:10
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:80:c2:00:00:10,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	No match

Final flow: unchanged
Datapath actions: drop
Packet come from p1 and check in Table0 and Resubmit to Table1, then drop it

import

Note:

  • This time the flow we handed to “ofproto/trace” doesn’t match any of our “drop” rules, so it falls through to the low-priority “resubmit” rule, which we see in the rule and the actions selected in the first block.
  • The “resubmit” causes a second lookup in OpenFlow table 1, described by the additional block of indented text in the output.
  • We haven’t yet added any flows to OpenFlow table 1, so no flow actually matches in the second lookup. Therefore, the packet is still actually dropped, which means that the externally observable results would be identical to our first testing.

VLAN Input Processing

In this step,firstly, We are adding flow on table 1 with priority 0 .If packets are not matched then dropped, secondly adding flow on table 1 with priority 99, if packets are not matched then resubmitted to table 2.

  • A packet that enters table 1 has already passed basic validation in table 0.
  • The purpose of table 1 is validate the packet’s VLAN, based on the VLAN configuration of the switch port through which the packet entered the switch.
  • We will also use it to attach a VLAN header to packets that arrive on an access port, which allows later processing stages to rely on the packet’s VLAN always being part of the VLAN header, reducing special cases.
1. Adding flow on table1 with priority 0
#ovs-ofctl add-flow br0 "table=1, priority=0, actions=drop"

Note:

  • We are adding a low-priority flow that drops all packets, before we add flows that pass through acceptable packets.
  • You can think of this as a “default drop” rule.
2. Add flow on Table 1 and Resubmit to Table 2
#ovs-ofctl add-flow br0 "table=1, priority=99, in_port=1, actions=resubmit(,2)"

Note:

  • Our trunk port p1, on OpenFlow port 1, is an easy case.
  • p1 accepts any packet regardless of whether it has a VLAN header or what the VLAN was, so we can add a flow that resubmits everything on input port 1 to the next table
3. Adding flows with priority on port2,port3, port4 and submit Packet to next table
#ovs-ofctl add-flows br0 - <<'EOF'
	table=1, priority=99, in_port=2, vlan_tci=0, actions=mod_vlan_vid:20, resubmit(,2)
	table=1, priority=99, in_port=3, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2)
	table=1, priority=99, in_port=4, vlan_tci=0, actions=mod_vlan_vid:30, resubmit(,2)
EOF 

Note:

  • On the access ports, we want to accept any packet that has no VLAN header, tag it with the access port’s VLAN number, and then pass it along to the next stage.
  • We don’t write any rules that match packets with 802.1Q that enter this stage on any of the access ports, so the “default drop” rule we added earlier causes them to be dropped, which is ordinarily what we want for access ports.
  • Another variation of access ports allows ingress of packets tagged with VLAN 0 (aka 802.1p priority tagged packets). To allow such packets, replace “vlan_tci=0” by “vlan_tci=0/0xfff” above.
4. Testing Table 1

Packet on Trunk Port

Run command
#ovs-appctl ofproto/trace br0 in_port=1,vlan_tci=5
Flow: metadata=0,in_port=1,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		No match

Final flow: unchanged
Datapath actions: drop
Packet come from p1 and check in Table 0 and resubmit Table 1, Table 2, then drop it

import

Valid Packet on Access Port2
  • Here valid packet (a packet without an 802.1Q header) coming in on access port p2
Testing 2 the packet on port2
# ovs-appctl ofproto/trace br0 in_port=2,vlan_tci=5
Flow: metadata=0,in_port=2,vlan_tci=0x0005,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=0
	OpenFlow actions=drop

Final flow: unchanged
Datapath actions: drop
Packet come from port 2 and check on Table 0 and resubmit to Table 1, then drop it

import

Learn source MAC and VLAN for ingress port

  • This table allows the switch we’re implementing to learn that the packet’s source MAC is located on the packet’s ingress port in the packet’s VLAN.
1. Adding single flow on table2
#ovs-ofctl add-flow br0 "table=2 actions=learn(table=10, NXM_OF_VLAN_TCI[0..11], NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[], load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]), resubmit(,3)"

Note:

  • table=10: Modify flow table 10.
  • NXM_OF_VLAN_TCI[0..11]: Make the flow that we add to flow table 10 match the same VLAN ID that the packet we’re currently processing contains.This effectively scopes the MAC learning entry to a single VLAN,which is the ordinary behavior for a VLAN-aware switch.
  • NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[]: Make the flow that we add to flow table 10 match, as Ethernet destination, the Ethernet source address of the packet we’re currently processing.
  • load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]: Whereas the preceding parts specify fields for the new flow to match, this specifies an action for the flow to take when it matches. The action is for the flow to load the ingress port number of the current packet into register 0 (a special field that is an Open vSwitch extension to OpenFlow).
  • A real use of “learn” for MAC learning would probably involve two additional elements.
  • Firstly, the “learn” action would specify a hard_timeout for the new flow, to enable a learned MAC to eventually expire if no new packets were seen from a given source within a reasonable interval.
  • Second, one would usually want to limit resource consumption by using the Flow_Table table in the Open vSwitch configuration database to specify a maximum number of flows in table 10.
2. Testing Table 2
Run command
#ovs-appctl ofproto/trace br0 in_port=1,vlan_tci=20,dl_src=50:00:00:00:00:01 -generate
Flow: metadata=0,in_port=1,vlan_tci=0x0014,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-ofctl dump-flows br0 table=10
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=147.465s, table=10, n_packets=0, n_bytes=0, idle_age=147, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]

Note:

  • You can see that the packet coming in on VLAN 20 with source MAC 50:00:00:00:00:01 became a flow that matches VLAN 20 (written in hexadecimal) and destination MAC 50:00:00:00:00:01. The flow loads port number 1, the input port for the flow we tested, into register 0.
Run command
#ovs-appctl ofproto/trace br0 in_port=2,dl_src=50:00:00:00:00:01 -generate
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000
	OpenFlow actions=mod_vlan_vid:20,resubmit(,2)

		Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=50:00:00:00:00:01,dl_dst=00:00:00:00:00:00,dl_type=0x0000
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-ofctl dump-flows br0 table=10
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=530.999s, table=10, n_packets=0, n_bytes=0, idle_age=530, hard_age=71, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15]

Note:

  • You can see that the packet coming in on VLAN 20 with source MAC 50:00:00:00:00:01 became a flow that matches VLAN 20 (written in hexadecimal) and destination MAC 50:00:00:00:00:01. The flow loads port number 2, the input port for the flow we tested, into register 0
  • actions=load:0x2: It identify the flow loads on port 2

Look up learned port for destination MAC and VLAN

In this step, We are adding flow on table3 with priority 50 and priority 99. If packets are not matched then resubmitted to table 10 , table 4

1. Adding flow on Table3 and Resubmit to Table 10 ,Table 4
#ovs-ofctl add-flow br0  "table=3 priority=50 actions=resubmit(,10), resubmit(,4)"

Note:

  • The flow’s first action resubmits to table 10, the table that the “learn” action modifies. As you saw previously, the learned flows in this table write the learned port into register 0.
  • If the destination for our packet hasn’t been learned, then there will be no matching flow, and so the “resubmit” turns into a no-op. Because registers are initialized to 0, we can use a register 0 value of 0 in our next pipeline stage as a signal to flood the packet.
2. Adding flow on table3 with priority 99 if not matches then resubmit to table 4
#ovs-ofctl add-flow br0 "table=3 priority=99 dl_dst=01:00:00:00:00:00/01:00:00:00:00:00  actions=resubmit(,4)"
  • The second action resubmits to table 4, continuing to the next pipeline stage. (In turn,that’s because we put a flow into table 0 to drop packets that have a multicast source address.)
3. Testing Table 3
command that should cause OVS to learn that f0:00:00:00:00:01 is on p1 in VLAN 20
#ovs-appctl ofproto/trace br0 in_port=1,dl_vlan=20,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01 -generate
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=f0:00:00:00:00:01,dl_dst=90:00:00:00:00:01,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=50
			OpenFlow actions=resubmit(,10),resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Packet come from port 1 and check in Table 0 and resubmit in Table 1, Table 2, Table 3, Table 10, Table 4 then drop it

import

Run command
#ovs-ofctl dump-flows br0 table=10
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=4437.937s, table=10, n_packets=0, n_bytes=0, idle_age=4437, hard_age=3978, vlan_tci=0x0014/0x0fff,dl_dst=50:00:00:00:00:01 actions=load:0x2->NXM_NX_REG0[0..15]
 cookie=0x0, duration=347.72s, table=10, n_packets=0, n_bytes=0, idle_age=347, vlan_tci=0x0014/0x0fff,dl_dst=f0:00:00:00:00:01 actions=load:0x1->NXM_NX_REG0[0..15]

Output Processing

In this step, We are adding flows on table 4 with reg0 2,3,4 respectively and priority 99,99,50 respectively and actions are strip_vlan 2,3,4 respectively.

  • At entry to stage 4, we know that register 0 contains either the desired output port or is zero if the packet should be flooded.
  • We also know that the packet’s VLAN is in its 802.1Q header, even if the VLAN was implicit because the packet came in on an access port.
  • The job of the final pipeline stage is to actually output packets.
  • The job is trivial for output to our trunk port p1.
1. Adding flow on table 4
#ovs-ofctl add-flow br0 "table=4 reg0=1 actions=1"
2. Adding Flow on table 4
#ovs-ofctl add-flows br0 - <<'EOF'
        table=4 reg0=2 actions=strip_vlan,2
        table=4 reg0=3 actions=strip_vlan,3
        table=4 reg0=4 actions=strip_vlan,4
EOF
3. Adding Flow on table 4
#ovs-ofctl add-flows br0 - <<'EOF'
        table=4 reg0=0 priority=99 dl_vlan=20 actions=1,strip_vlan,2
        table=4 reg0=0 priority=99 dl_vlan=30 actions=1,strip_vlan,3,4
        table=4 reg0=0 priority=50            actions=1
EOF
4. Testing Table 4
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=30
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=3,dl_dst=ff:ff:ff:ff:ff:ff
Flow: metadata=0,in_port=3,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=3,vlan_tci=0x0000
	OpenFlow actions=mod_vlan_vid:30,resubmit(,2)

		Resubmitted flow: metadata=0,in_port=3,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=ff:ff:ff:ff:ff:ff
Flow: metadata=0,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=55
Flow: metadata=0,in_port=1,dl_vlan=55,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=ff:ff:ff:ff:ff:ff,dl_vlan=20
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=2,dl_dst=ff:ff:ff:ff:ff:ff
Flow: metadata=0,in_port=2,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=2,vlan_tci=0x0000
	OpenFlow actions=mod_vlan_vid:20,resubmit(,2)

		Resubmitted flow: metadata=0,in_port=2,dl_vlan=20,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=4,dl_dst=ff:ff:ff:ff:ff:ff
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
	OpenFlow actions=mod_vlan_vid:30,resubmit(,2)

		Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=ff:ff:ff:ff:ff:ff,dl_type=0x0000
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=4,dl_dst=01:00:00:00:00:00
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=01:00:00:00:00:00,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=4,vlan_tci=0x0000
	OpenFlow actions=mod_vlan_vid:30,resubmit(,2)

		Resubmitted flow: metadata=0,in_port=4,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=01:00:00:00:00:00,dl_type=0x0000
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=99,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00
			OpenFlow actions=resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=90:12:34:56:78:90,dl_vlan=20
Flow: metadata=0,in_port=1,dl_vlan=20,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=90:12:34:56:78:90,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=50
			OpenFlow actions=resubmit(,10),resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_dst=90:12:34:56:78:90,dl_vlan=30
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=00:00:00:00:00:00,dl_dst=90:12:34:56:78:90,dl_type=0x0000
Rule: table=0 cookie=0 priority=0
OpenFlow actions=resubmit(,1)

	Resubmitted flow: unchanged
	Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
	Resubmitted  odp: drop
	Rule: table=1 cookie=0 priority=99,in_port=1
	OpenFlow actions=resubmit(,2)

		Resubmitted flow: unchanged
		Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
		Resubmitted  odp: drop
		Rule: table=2 cookie=0 
		OpenFlow actions=learn(table=10,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:NXM_OF_IN_PORT[]->NXM_NX_REG0[0..15]),resubmit(,3)

			Resubmitted flow: unchanged
			Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
			Resubmitted  odp: drop
			Rule: table=3 cookie=0 priority=50
			OpenFlow actions=resubmit(,10),resubmit(,4)

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

				Resubmitted flow: unchanged
				Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0
				Resubmitted  odp: drop
				No match

Final flow: unchanged
Datapath actions: drop

1. MAC Learning

Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
Rule: table=0 cookie=0 priority=0,reg0=0x1
OpenFlow actions=controller(reason=no_match)

No match, flow generates "packet in"s.

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=4,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01 -generate
Flow: metadata=0,in_port=4,vlan_tci=0x0000,dl_src=20:00:00:00:00:01,dl_dst=10:00:00:00:00:01,dl_type=0x0000
Rule: table=0 cookie=0 priority=0,reg0=0x1
OpenFlow actions=controller(reason=no_match)

No match, flow generates "packet in"s.

Final flow: unchanged
Datapath actions: drop
Run command
#ovs-appctl ofproto/trace br0 in_port=1,dl_vlan=30,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01 -generate
Flow: metadata=0,in_port=1,dl_vlan=30,dl_vlan_pcp=0,dl_src=10:00:00:00:00:01,dl_dst=20:00:00:00:00:01,dl_type=0x0000
Rule: table=0 cookie=0 priority=0,reg0=0x1
OpenFlow actions=controller(reason=no_match)

No match, flow generates "packet in"s.

Final flow: unchanged
Datapath actions: drop















































































































































































































































































































































































































































































































































































































































출처 : http://vlabs.cfapps.io/openvswitch/openvswitch_tutorial.html











신고

'Skill > OpenvSwitch' 카테고리의 다른 글

VLANs  (0) 2014.08.06
openvswitch-1.1.0 Directory Reference  (0) 2014.07.31
OpenVswitch Advanced Tutioral  (0) 2014.07.31
OpenvSwitch v2.1.2 on Ubuntu 12.04 LTS  (0) 2014.07.29
[ovs-discuss] installing ovs2 on ubuntu 12.04  (0) 2014.07.29
2013 Wheezy source  (0) 2014.07.15

Comment +0

更新記錄

安裝過程

環境

  • OS: Ubuntu 12.04.4 Server LTS X86_64
  • Kernel version: 3.11.0-20-generic

預先安裝

aptitude install dh-autoreconf libssl-dev openssl

編譯 OpenvSwitch

wget http://openvswitch.org/releases/openvswitch-2.1.2.tar.gz
tar zxvf openvswitch-2.1.2.tar.gz && cd openvswitch-2.1.2
./boot.sh
./configure --with-linux=/lib/modules/`uname -r`/build
make -j && sudo make install
sudo make modules_install
sudo modprobe gre
sudo modprobe openvswitch
sudo modprobe libcrc32c
  • 使用 lsmod |grep openvswitch 確認ovs正確地掛載起來
  • ./configure 部份其實還可以下一個 --prefix= 參數, 可以讓openvswitch 完全裝在該目錄底下而不會亂掉

設定 ovsdb

ovsdb-tool create /usr/local/etc/openvswitch/conf.db /usr/local/share/openvswitch/vswitch.ovsschema
  • 建立一次即可, 如果設定有問題的話可以把conf.db砍掉重建

(二選一) 開啟 ovsdb-server (no ssl)

ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,Open_vSwitch,manager_options \
--pidfile --detach --log-file
  • cat /usr/local/var/log/openvswitch/ovsdb-server.log 可查到 ovsdb log

(二選一) 開啟 ovsdb-server (ssl)

ovsdb-server --remote=punix:/usr/local/var/run/openvswitch/db.sock \
--remote=db:Open_vSwitch,Open_vSwitch,manager_options \
--private-key=db:Open_vSwitch,SSL,private_key \
--certificate=db:Open_vSwitch,SSL,certificate \
--bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \
--pidfile --detach --log-file
  • 若要使用 ssl 連線, 務必在編譯前要先準備好 libssl-dev 及 openssl, 否則會噴出Private key specified but Open vSwitch was built without SSL support 的錯誤
  • OpenvSwitch Lab 6$ TLS SSL

開啟 ovs-vsctl

ovs-vsctl --no-wait init

開啟 ovs-switchd 功能

ovs-vswitchd --pidfile --detach --log-file
  • /usr/local/var/log/openvswitch/ovs−vswitchd.log 可查到 ovs-vswitchd log

觀察

  • ps aux |grep ovs

ovs_install_complete.pngovs_install_complete.png

開機自動化

設定開機自動 load module

echo "openvswitch " >> /etc/modules
echo "gre" >> /etc/modules
echo "libcrc32c" >> /etc/modules

設定開機自動啟動

  1. vim /etc/init.d/openvswitch
    #!/bin/sh
    start-stop-daemon -q -S -x /usr/local/sbin/ovsdb-server -- --remote=punix:/usr/local/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,Open_vSwitch,manager_options --pidfile --detach --log-file
    sleep 3 # waiting ovsdb-server 
    start-stop-daemon -q -S -x /usr/local/bin/ovs-vsctl -- --no-wait init
    start-stop-daemon -q -S -x /usr/local/sbin/ovs-vswitchd -- --pidfile --detach --log-file
    
  2. chmod +x /etc/init.d/openvswitch
  3. update-rc.d -f openvswitch defaults

設定 interface

  1. ovs-vsctl add-br ovs-br
  2. vim /etc/network/interfaces
    # The loopback network interface
    auto lo
    iface lo inet loopback
    # The primary network interface
    auto eth0
    iface eth0 inet manual
    up ifconfig $IFACE 0.0.0.0 up
    down ifconfig $IFACE down
    # OpenvSwitch Interface
    auto ovs-br
    iface ovs-br inet static
    address x.x.x.x
    netmask 255.255.255.0
    gateway o.o.o.o
    dns-nameservers 168.95.1.1
    

修改 Failsafe

vim /etc/init/failsafe.conf

$PLYMOUTH message --text="Waiting for network configuration..." || :
sleep 1 
$PLYMOUTH message --text="Waiting up to 60 more seconds for network configuration..." || :
sleep 1 
$PLYMOUTH message --text="Booting system without full network configuration..." || :

OpenvSwitch kernel 支援列表

Open vSwitchLinux kernel
1.4.x2.6.18 to 3.2
1.5.x2.6.18 to 3.2
1.6.x2.6.18 to 3.2
1.7.x2.6.18 to 3.3
1.8.x2.6.18 to 3.4
1.9.x2.6.18 to 3.8
1.10.x2.6.18 to 3.8
1.11.x2.6.18 to 3.8
2.0.x2.6.32 to 3.10
2.1.x2.6.32 to 3.11
2.2.x2.6.32 to 3.13

小計

  1. ovs 2.1.0 已支援 Linux kernel 3.10 以上
  2. 如果沒有 /lib/modules/x.x.x/build 資料夾, 找一下關鍵字 "linux-header"
  3. 12.04.4 kernel 太新了, 要降級. 參考: Ubuntu 12.04 LTS Kernel 降級
  4. 設定OpenvSwitch
  5. OpenvSwitch OverView - hwchiu
  6. OpenVSwitch - NSRC












출처 : http://roan.logdown.com/posts/165399-compile-openvswitch-on-ubuntu-1204-lts



























신고

'Skill > OpenvSwitch' 카테고리의 다른 글

VLANs  (0) 2014.08.06
openvswitch-1.1.0 Directory Reference  (0) 2014.07.31
OpenVswitch Advanced Tutioral  (0) 2014.07.31
OpenvSwitch v2.1.2 on Ubuntu 12.04 LTS  (0) 2014.07.29
[ovs-discuss] installing ovs2 on ubuntu 12.04  (0) 2014.07.29
2013 Wheezy source  (0) 2014.07.15

Comment +0