Shulou(Shulou.com)06/01 Report--

This article introduces the relevant knowledge of "introduction of openvswitch principles and common commands". In the operation of actual cases, many people will encounter such a dilemma, so let the editor lead you to learn how to deal with these situations. I hope you can read it carefully and be able to achieve something!

I. how Openvswitch works

OpenvSwitch is a high-quality, multi-layer virtual switch, using open source Apache2.0 license agreement, developed by Nicira Networks, the main implementation code is portable C code. It aims to make large-scale network automation programmatically extensible while still supporting standard management interfaces and protocols (such as NetFlow, sFlow, SPAN, RSPAN, CLI, LACP, 802.1ag). In addition, it is designed to support distributed environments across multiple physical servers, similar to VMware's vNetwork distributed vswitch or Cisco Nexus 1000 V. Open vSwitch supports a variety of linux virtualization technologies, including Xen/XenServer, KVM and VirtualBox.

Openvswitch is a virtual switching software, which is mainly used in virtual machine VM environment. As a virtual switch, it supports a variety of virtualization technologies such as Xen/XenServer,KVM and virtualBox. In this virtualized environment, a virtual switch has two main functions: to transfer traffic between virtual machines, and to realize the communication between virtual machines and external networks.

The kernel module implements multiple "data paths" (similar to bridges), each of which can have multiple "vports" (similar to ports within the bridge). Each data path also sets the operation by associating a flow table (flow table), and the flows in these flow tables are the key information mapped by the user space based on the header and metadata, and the general operation is to forward the packet to another vport. When a packet arrives at a vport, what the kernel module does is extract the key information of its flow and look up the key information in the flow table. When there is a matching stream, it performs the corresponding operation. If there is no match, it sends the packet to the processing queue in user space (as part of the processing, user space may set up a stream to perform operations in the kernel when it encounters packets of the same type later).

Composition of 1.OpenvSwitch #

The ovs-vswitchd:OVS daemon is the core component of OVS, which implements the switching function and, together with the Linux kernel compatible modules, implements stream-based switching (flow-based switching). It communicates with the upper controller in accordance with the OPENFLOW protocol, it communicates with the ovsdb-server using the OVSDB protocol, it communicates with the kernel module through netlink, it supports multiple independent datapath (bridges), it realizes the functions of binding and VLAN by changing the flow table.

Ovsdb-server: a lightweight database service that mainly stores the configuration information of the entire OVS, including interfaces, exchange content, VLAN, and so on. Ovs-vswitchd works based on the configuration information in the database. It uses OVSDB (JSON-RPC) to exchange information between manager and ovs-vswitchd.

Ovs-dpctl: a tool for configuring switch kernel modules to control forwarding rules.

Ovs-vsctl: the main purpose is to obtain or change the configuration information of ovs-vswitchd. This tool will update the database in ovsdb-server when it is operated.

Ovs-appctl: mainly sends commands to the OVS daemon, which is generally not needed.

Ovsdbmonitor:GUI tool to display data information in ovsdb-server.

Ovs-controller: a simple OpenFlow controller

Ovs-ofctl: used to control the contents of the flow table when OVS works as an OpenFlow switch.

2. Workflow of OpenvSwitch #

The 1.VM instance instance generates a packet and sends it to the virtual network interface VNIC in the instance. In the figure, it is eth0 in instance.

two。 This packet is sent to the VNIC interface on the physical machine, as shown in the figure vnet interface.

3. The packet comes out of the vnet NIC and arrives at the bridge (virtual switch) br100.

4. The packet is processed by the switch and sent out from the physical interface on the physical node, such as eth0 on the physical machine in the figure.

5. When the packet leaves the eth0, it operates according to the route on the physical node and the default gateway. At this time, the data packet is no longer under your control.

Note: generally, the port of L2 switch to eth0 is a trunk port, because the VNET corresponding to the virtual machine often sets VLAN TAG, and the webcast domain of the virtual machine can be controlled by VALN TAG the corresponding vnet of the virtual machine. If you run multiple virtual machines, the corresponding vnet of multiple virtual machines can set different vlan tag, so the packets of these virtual machines will be marked with TAG when they leave eth0 (4). In this way, trunk must be eloquent.

3.OpenvSwitch simple application example #

This can be achieved with the following command:

Root [@ localhost] (https://my.oschina.net/u/570656):~# ovs-vsctl add-br br0 root [@ localhost] (https://my.oschina.net/u/570656):~# ovs-vsctl add-port br0 eth0 root [@ localhost]) (https://my.oschina.net/u/570656):~# ovs-vsctl add-port br0 eth24.Openvswitch common operations

Add a bridge:

Ovs-vsctl add-br br0

List all bridges:

Ovs-vsctl list-br

Determine if the bridge exists:

Ovs-vsctl br-exists br0

Mount the physical network card to the bridge:

Ovs-vsctl add-port br0 eth0

List all ports in the bridge:

Ovs-vsctl list-ports br0

List all bridges mounted to the network card:

Ovs-vsctl port-to-br eth0

View the network status of ovs:

Ovs-vsctl show

Delete the ports that have been mounted on the bridge:

Ovs-vsctl del-port br0 eth0

Delete the bridge:

Ovs-vsctl del-br br0

Set up the controller:

Ovs-vsctl set-controller br0 tcp:ip:6633

Delete the controller:

Ovs-vsctl del-controller br0

The setting supports OpenFlow Version 1.3:

Ovs-vsctl set bridge br0 protocols=OpenFlow13

Delete OpenFlow support settings:

Ovs-vsctl clear bridge br0 protocols

Set the vlan tag:

Ovs-vsctl add-port br0 vlan3 tag=3-set interface vlan3 type=internal

Delete the vlan tag:

Ovs-vsctl del-port br0 vlan3

Query VLAN:

Ovs-vsctl show ifconfig vlan3

View the status of all switch ports on the bridge:

Ovs-ofctl dump-ports br0

View all the flow rules on the bridge:

Ovs-ofctl dump-flows br0

View the version of ovs:

This is the end of the introduction of ovs-ofctl-V "introduction to openvswitch principles and common commands". Thank you for your reading. If you want to know more about the industry, you can follow the website, the editor will output more high-quality practical articles for you!

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.