In addition to Weibo, there is also WeChat
Please pay attention
WeChat public account
Shulou
2025-01-18 Update From: SLTechnology News&Howtos shulou NAV: SLTechnology News&Howtos > Servers >
Share
Shulou(Shulou.com)06/02 Report--
In SDN environment, there are a large number of flow table items in every datapath instance of openvswitch. It is very tedious and troublesome to use grep means of various keywords or other methods to confirm whether the expected correct flow table items are sent by the controller, or to see about the matching of specific data packets and the final action. Using ovs-appctl tools combined with linux's tcpdump package grabbing tool can easily and intuitively match the final flow table to complete their own tedious search work, but also avoid their own judgment errors.
The main steps are as follows:
1. Confirm the parameters of the packets you need to track.
2. The description of the match domain that converts it to openflow
3. Use the ofproto/trace function provided by openvswitch to track the matching of flow tables
How to get the package characteristic parameters?
You can find the virtual machine that you need to verify, send out the protocol packets that need to be verified, find the back-end virtual network card of the virtual machine on the physical computing node, use tcpdump to grab the packet on the virtual network card, or obtain it from the existing packet capture file. Of course, you can completely specify the content of the openflow match domain. For example, I read the data packet that was grabbed in advance.
[root@vdc ~] # tcpdump-ennvv-r / home/vnet31.0.pcap reading from file / home/vnet31.0.pcap, link-type EN10MB (Ethernet) 10purge 25ennvv 17.693773 fa:16:3e:8c:eb:5b > fa:16:3e:a5:15:f3, ethertype IPv4 (0x0800), length 74: (tos 0x0, ttl 128, id 8060, offset 0, flags [none], proto ICMP (1), length 60) 20.20.20.104 > 20.20.101: ICMP echo request Id 1, seq 40197, length 40
The description for converting to openflow is:
Dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,ip,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_proto=1
Since the ofport for the virtual Nic to connect to openvswitch is 37, add in_port=37, and the full version is as follows:
In_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,ip,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_proto=1
After determining the characteristic description of the openflow of the packet, you can use the ofproto/trace function provided by ovs-appctl to track it, as follows:
[root@vdc ~] # ovs-appctl ofproto/trace dvs2_dp in_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,ip,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_proto=1-generat
Where dvs2_dp is the name of bridge in my measured environment, and-generate means to construct the data message. At this time, it is true that one of the messages has been processed through ovs. Under the final tracking effect:
[root@vdc ~] # ovs-appctl ofproto/trace dvs2_dp in_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,ip,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_proto=1-generateBridge: dvs2_dpFlow: icmp,metadata=0,in_port=37,vlan_tci=0x0000,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104 Nw_dst=20.20.20.101,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0Rule: table=0 cookie=0xd4 priority=0OpenFlow actions=goto_table:1 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104 Nw_dst=20.20.20.101,nw_frag=no Rule: table=1 cookie=0x616 priority=221,in_port=37 OpenFlow actions=write_metadata:0x3000009c4,goto_table:4 Resubmitted flow: icmp,metadata=0x3000009c4,in_port=37,vlan_tci=0x0000,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0 Icmp_code=0 Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_frag=no Rule: table=4 cookie=0x617 priority=161 Dl_src=fa:16:3e:8c:eb:5b OpenFlow actions=write_metadata:0x3000009c4,goto_table:5 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=37,dl_src=fa:16:3e:8c:eb:5b Dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104,nw_dst=20.20.20.101 Nw_frag=no Rule: table=5 cookie=0xd9 priority=0 OpenFlow actions=goto_table:6 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,metadata=0/0xffffff In_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_frag=no Rule: table=6 cookie=0x5e8 priority=102,metadata=0x9c4/0xffffff,dl_dst=fa:16:3e:a5:15:f3 OpenFlow actions=write_actions (set_field:0x9c4- > tun_id,output:12) Final flow: icmp Tun_id=0x9c4,metadata=0x3000009c4,in_port=37,vlan_tci=0x0000,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3,nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0Megaflow: recirc_id=0,skb_priority=0,icmp,tun_id=0,metadata=0/0xffffff,in_port=37,dl_src=fa:16:3e:8c:eb:5b,dl_dst=fa:16:3e:a5:15:f3 Nw_src=20.20.20.104,nw_dst=20.20.20.101,nw_ecn=0,nw_frag=noDatapath actions: set (tunnel (tun_id=0x9c4,src=172.47.205.45,dst=172.47.205.46,tos=0x0,ttl=64,flags (df,key), 11
The above example is a trace in which the final packet is tun_id and forwarded from the tunnel port. Here is another example where table miss is discarded:
[root@localhost ~] # ovs-appctl ofproto/trace sdn_dvs_dp in_port=127,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,ip,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_proto=1-generateBridge: sdn_dvs_dpFlow: icmp,metadata=0,in_port=127,vlan_tci=0x0000,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d Nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0Rule: table=0 cookie=0x1ea priority=0OpenFlow actions=goto_table:1 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=127,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d Nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_frag=no Rule: table=1 cookie=0x294 priority=221,in_port=127 OpenFlow actions=write_metadata:0xa00000191,goto_table:4 Resubmitted flow: icmp,metadata=0xa00000191,in_port=127,vlan_tci=0x0000,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_tos=0,nw_ecn=0,nw_ttl=0 Icmp_type=0,icmp_code=0 Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=127,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_frag=no Rule: table=4 cookie=0x295 priority=161 Dl_src=fa:16:3e:a5:85:78 OpenFlow actions=write_metadata:0xa00000191,goto_table:5 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=127,dl_src=fa:16:3e:a5:85:78 Dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89 Nw_frag=no Rule: table=5 cookie=0x1ef priority=0 OpenFlow actions=goto_table:6 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0,skb_priority=0,icmp,in_port=127 Dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_frag=no Rule: table=6 cookie=0x1f4 priority=111 Dl_dst=00:d0:d0:1c:3d:2d OpenFlow actions=goto_table:7 Resubmitted flow: unchanged Resubmitted regs: reg0=0x0 reg1=0x0 reg2=0x0 reg3=0x0 reg4=0x0 reg5=0x0 reg6=0x0 reg7=0x0 Resubmitted odp: drop Resubmitted megaflow: recirc_id=0 Skb_priority=0,icmp,metadata=0/0xffffffff00000000,in_port=127,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_frag=no Rule: table=7 cookie=0x1f1 priority=0 OpenFlow actions=CONTROLLER:65535Final flow: icmp,metadata=0xa00000191,in_port=127,vlan_tci=0x0000 Dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2,nw_dst=10.47.159.89,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0Megaflow: recirc_id=0,skb_priority=0,icmp,metadata=0/0xffffffff00000000,in_port=127,dl_src=fa:16:3e:a5:85:78,dl_dst=00:d0:d0:1c:3d:2d,nw_src=192.168.150.2 Nw_dst=10.47.159.89,nw_frag=noDatapath actions: dropThis flow is handled by the userspace slow path because it:-Sends "packet-in" messages to the OpenFlow controller.
Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.
Views: 0
*The comments in the above article only represent the author's personal views and do not represent the views and positions of this website. If you have more insights, please feel free to contribute and share.
Continue with the installation of the previous hadoop.First, install zookooper1. Decompress zookoope
"Every 5-10 years, there's a rare product, a really special, very unusual product that's the most un
© 2024 shulou.com SLNews company. All rights reserved.
12
Report
