目录
一、实验
1.情况
2. OVS 集群 使用VXLAN 流表(单租户)
3. OVS 集群 使用VXLAN 流表(多租户)
二、题目
1.如何添加VXLAN接⼝
2.virsh修改云主机MAC报错
一、实验
1.情况
(1) 主机
表1 宿主机
| 主机 | 架构 | 软件 | IP | 网卡 | 备注 | | ovs_controller | 控制端 | karaf
0.7.3
| 192.168.204.63 | 1个NAT网卡
(204网段)
| 已部署 | | ovs_server01 | 服务端 | OpenvSwitch
v2.5.1
| 192.168.204.61 | 1个NAT网卡
(204网段),
1个仅主机网卡
(88网段)
| 已部署 | | ovs_server02 | 服务端 | OpenvSwitch
v2.5.1
| 192.168.204.62 | 1个NAT网卡
(204网段),
1个仅主机网卡
(88网段)
| 已部署 |
表2 目标云主机
| 云主机 | IP | 备注 | | cloudserver01
| 172.16.1.1 | 宿主机ovs_server01
| | cloudserver02 | 172.16.1.2 | 宿主机ovs_server02
|
(2) 查看IP
ovs_controller
ovs_server01
ovs_server02
(3)查看OVS
ovs_server01
ovs_server02
(4)查看OVS流表节点
ovs_server01
- ovs-ofctl show ovs01
- -O OpenFlow13
ovs_server02
- ovs-ofctl show ovs02 -O OpenFlow13
(5) 查看OVS流表信息
ovs_server01
- ovs-ofctl dump-flows ovs01 -O OpenFlow13
ovs_server02
- ovs-ofctl dump-flows ovs02 -O OpenFlow13
2. OVS 集群 使用VXLAN 流表(单租户)
(1)服务端删除云互换机端口
ovs_server01
- ovs-vsctl del-port vxlan0
- ovs-vsctl show
ovs_server02
- ovs-vsctl del-port ovs02 vxlan0
- ovs-vsctl show
(2)添加端口与VXLAN接⼝
ovs_server01
- ovs-vsctl add-port ovs01 vtep -- set interface vtep type=vxlan option:remote_ip=192.168.204.62 option:key=flow ofport_request=10
- ovs-vsctl show
- ovs-vsctl add-port ovs02 vtep -- set interface vtep type=vxlan option:remote_ip=192.168.204.61 option:key=flow ofport_request=10
- ovs-vsctl show
(3)查看接口
ovs_server01
ovs_server02
(4)查看接口列表
- ovs-vsctl -- --columns=name,ofport list Interface
ovs_server02
(5)添加控制端
ovs_server01
- ovs-vsctl set-controller ovs01 tcp:192.168.204.63:6633
ovs_server02
- ovs-vsctl set-controller ovs02 tcp:192.168.204.63:6633
(6)查看ODL
Nodes节点信息Topology拓扑信息(VXLAN-TRUNK没有毗连线)
(7)查看控制端下发的OVS默认流表
ovs_server01
- ovs-ofctl dump-flows ovs01 -O OpenFlow13
ovs_server02
- ovs-ofctl dump-flows ovs02 -O OpenFlow13
ovs_server01 抓取ens33网卡,发送端口随机,接收端口都为4789
- tcpdump -i ens33 | grep -i vxlan
(9)流量写入本地
ovs_server01
- tcpdump -i ens33 -w vxlan-vni0.pcap
云主机01 ping 云主机02
ovs_server01 结束抓包
(10)流向分析
表3 流向分析
| 云主机cloudserver01 | 流向 | 云主机cloudserver01 | | in_port=1,action=output:10 | → | in_port=10,action=output:1 | | in_port=10,action=output:1 | ← | in_port=1,action=output:10 |
(11)查看下载的流量包
过滤vxlan
所有VNI 都被打上标签0
3. OVS 集群 使用VXLAN 流表(多租户)
(1)初始化流表
ovs_server01
- ovs-ofctl del-flows ovs01 -O Openflow13
ovs_server02
- ovs-ofctl del-flows ovs02 -O Openflow13
(2)查看流表
ovs_server01
- ovs-ofctl dump-flows ovs01 -O openflow13
ovs_server02
- ovs-ofctl dump-flows ovs02 -O openflow13
(3)查看MAC
ovs_server01
- ovs-appctl fdb/show ovs01
ovs_server02
- ovs-appctl fdb/show ovs02
(4)关闭云主机
cloudserver01
cloudserver02
(5)查看MAC
cloudserver01
cloudserver02
(6)查看云主机
ovs_server01
ovs_server02
(7)ovs_server01 修改云主机MAC
- virsh edit cloudserver01
- :/interface
修改前:
修改后:
(8)ovs_server02修改云主机MAC
- virsh edit cloudserver02
- :/interface
修改前:
修改后:
(9)再次查看云主机MAC
cloudserver01已更新
cloudserver02已更新
(10)启动云主机
cloudserver01
cloudserver02
(11)修改云主机网卡
cloudserver01
cloudserver02
(12)网络测试
云主机01 ping 云主机02,目前不通
(13)构建⾃定义多租户VXLAN流表
ovs_server01
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=0,in_port=1,actions=set_field:10001->tun_id,resubmit(,1)"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=0,actions=resubmit(,1)"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=1,tun_id=10001,dl_dst=00:00:00:00:aa:01,actions=output:1"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=1,tun_id=10001,dl_dst=00:00:00:00:aa:02,actions=output:10"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=1,tun_id=10001,arp,nw_dst=172.16.1.1,actions=output:1"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=1,tun_id=10001,arp,nw_dst=172.16.1.2,actions=output:10"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs01 "table=1,priority=100,actions=drop"
ovs_server02
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=0,in_port=1,actions=set_field:10001->tun_id,resubmit(,1)"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=0,actions=resubmit(,1)"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=1,tun_id=10001,dl_dst=00:00:00:00:aa:02,actions=output:1"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=1,tun_id=10001,dl_dst=00:00:00:00:aa:01,actions=output:10"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=1,tun_id=10001,arp,nw_dst=172.16.1.2,actions=output:1"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=1,tun_id=10001,arp,nw_dst=172.16.1.1,actions=output:10"
- sudo ovs-ofctl -O OpenFlow13 add-flow ovs02 "table=1,priority=100,actions=drop"
(14) 查看流表
ovs_server01
- ovs-ofctl dump-flows ovs01 -O openflow13
ovs_server02
- ovs-ofctl dump-flows ovs02 -O openflow13
(15)网络测试
云主机01 ping 云主机02,目前已通
(16)流量抓包下入本地
ovs_server01
- tcpdump -i ens33 -w vxlan-vni10001.pcap
云主机01 ping 云主机02
抓包结束
(17)流量分析
过滤vxlan
VNI为10001
其他LLDP的VNI为0
(18)流量抓包在线获取
- tcpdump -i ens33 | grep -i vxlan
云主机01 ping 云主机02
抓包结束(1口的流量VNI为10001,其他LLDP的VNI为0)
二、题目
1.如何添加VXLAN接⼝
(1)ovs_server01 添加
key=flow表示隧道的VNI是通过流表来指定;ofport_request=10 表示端⼝号码设置为10
- ovs-vsctl add-port ovs01 vtep -- set interface vtep type=vxlan option:remote_ip=192.168.204.62 option:key=flow ofport_request=10
- ovs-vsctl show
key=flow表示隧道的VNI是通过流表来指定;ofport_request=10 表示端⼝号码设置为10
- ovs-vsctl add-port ovs02 vtep -- set interface vtep type=vxlan option:remote_ip=192.168.204.61 option:key=flow ofport_request=10
- ovs-vsctl show
2.virsh修改云主机MAC报错
(1)报错
- 错误:(domain_definition):71: attributes construct error
- <mac address=''00:00:00:00:aa:01'/>
- ---------------------^
- 失败的。 Try again? [y,n,i,f,?]:
(2)缘故原由分析
配置错误,MAC地点前多了1个单引号。
(3)办理方法
修改配置。
输入重新配置
修改前:
修改后:
免责声明:如果侵犯了您的权益,请联系站长,我们会及时删除侵权内容,谢谢合作!更多信息从访问主页:qidao123.com:ToB企服之家,中国第一个企服评测及商务社交产业平台。 |
