目次
一、实验
1.情况
2.Linux 部署 OVS 集群(服务端)
3.Linux 部署VXLAN
一、实验
1.情况
(1) 主机
表1 宿主机
| 主机 | 架构 | 软件 | IP | 备注 | | ovs_controller | 控制端 | | 192.168.204.63 | 1个NAT网卡
(204网段)
| | ovs_server01 | 服务端 | OpenvSwitch
v2.5.1
| 192.168.204.61 | 1个NAT网卡
(204网段),
1个仅主机网卡
(88网段)
| | ovs_server02 | 服务端 | OpenvSwitch
v2.5.1
| 192.168.204.62 | 1个NAT网卡
(204网段),
1个仅主机网卡
(88网段)
|
表2 目的云主机
| 云主机 | IP | 备注 | | cloudserver01
| 172.16.1.1 | 宿主机ovs_server01
| | cloudserver02 | 172.16.1.2 | 宿主机ovs_server02
|
(2) 查看IP
ovs_controller
ovs_server01
ovs_server02
(3)修改hostname
- [root@localhost ~]# vim /etc/hostname
ovs_controller
ovs_server01
ovs_server02
(4) 修改hosts
- [root@localhost ~]# vim /etc/hosts
修改前:
修改后:
ovs_controller
ovs_server01ovs_server02
2.Linux 部署 OVS 集群(服务端)
(1)查阅
- 1)官网
- https://www.openvswitch.org/download/
- 2)GitHub
- https://github.com/openvswitch/ovs
- yum install -y openssl-devel kernel-devel
- yum groupinstall -y "Development Tools"
ovs_server02
(2)添加用户
- adduser ovswitch
- su - ovswitch
ovs_server02
(3)下载并解压
选择一个稳固版
- wget https://www.openvswitch.org/releases/openvswitch-2.5.1.tar.gz
- tar xfz openvswitch-2.5.1.tar.gz
ovs_server02
(4) 源码包⽅式⽣成RPM包
- mkdir -p ~/rpmbuild/SOURCES
- sed 's/openvswitch-kmod, //g' openvswitch-2.5.1/rhel/openvswitch.spec > openvswitch-2.5.1/rhel/openvswitch_no_kmod.spec
- cp openvswitch-2.5.1.tar.gz rpmbuild/SOURCES
- rpmbuild -bb --without=check ~/openvswitch-2.5.1/rhel/openvswitch_no_kmod.spec
ovs_server02
(5)查看并退出用户
- ls /home/ovswitch/rpmbuild/RPMS/x86_64/
- exit
ovs_server02
(6)RPM包安装
- yum localinstall -y /home/ovswitch/rpmbuild/RPMS/x86_64/openvswitch-2.5.1-1.x86_64.rpm
ovs_server02
(7)设置开机自启
- 1)查看
- systemctl status openvswitch.service
- 2)启动
- systemctl start openvswitch.service
-
- 3)开机自启
- systemctl enable openvswitch.service
-
- 4)再次查看
- systemctl status openvswitch.service
ovs_server02
(7)安装virt-manager与virsh(libvrit-client)
- yum install -y virt-manager libvirt-client
ovs_server02
(8)关闭防⽕墙
- systemctl stop firewalld.service
- systemctl disable firewalld.service
ovs_server02
(9)查看
ovs_server01
ovs_server02
3.Linux 部署VXLAN
(1)添加OVS
ovs_server01
ovs_server02
(2)添加OVS internal
ovs_server01
- ovs-vsctl add-port ovs01 if01 -- set interface if01 type=internal
ovs_server02
- ovs-vsctl add-port ovs02 if02 -- set interface if02 type=internal
(3)查看
ovs_server01
ovs_server02
(4)ovs_server01创建云主机
新建虚拟机
前进
使用镜像
修改内存
选择网络if01
强制关机
挂载镜像
修改启动项为光驱
开机选择第3个命令行
(5)ovs_server02创建云主机
新建虚拟机
前进
使用镜像
修改内存
选择网络if01
强制关机
挂载镜像
修改启动项为光驱
开机选择第3个命令行
(7)查看云主机网卡并修改
cloudserver01
- sudo ifconfig
- sudo ifconfig eth0 172.16.1.1 netmask 255.255.255.0
cloudserver02
- sudo ifconfig
- sudo ifconfig eth0 172.16.1.2 netmask 255.255.255.0
(8) 测试网络
云主机1 ping 云主机2 ,目前不通
(9)部署VXLAN端⼝
ovs_server01
- ovs-vsctl add-port ovs01 vxlan0 -- set interface vxlan0 type=vxlan options:remote_ip=192.168.204.62 options:key=10001
ovs_server02
- ovs-vsctl add-port ovs02 vxlan0 -- set interface vxlan0 type=vxlan options:remote_ip=192.168.204.61 options:key=10001
(10)查看
ovs_server01
ovs_server02
(11) 测试网络
云主机1 ping 云主机2 ,目前已通
(12)流量抓包(tcpdump)
ovs_server01
云主机1 ping 云主机2
观察抓取的流量(源端口一直在变化,目的端口都为4789)
(13) 流量抓包(Wireshark)
云主机1 ping 云主机2
观察抓取的流量
(14)流量分析(Wireshark)
原始数据:
VXLAN隧道封装了VNI (实现多租户隔离)
原始数据(二层包)封装在UDP,原端口随机,目的端口为4789
新IP头:
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |
