ovs流表机制(四)用vxlan实现多个节点的vm通信(二)

其他 2020-04-12 17:17:56 阅读次数: 0

 新增一个节点10.10.18.227

 

 

10.10.16.82通过vxlan vni=48和vxlan vni=32分别连接10.10.18.227和10.10.18.216

10.10.28.227网络配置如下

#/bin/bash
set -e
#添加ovs网桥: br-tun/br-int
#ovs-vsctl add-br br-tun
#ovs-vsctl add-br br-int
#ovs-vsctl set-fail-mode br-tun secure
#ovs-vsctl set-fail-mode br-int standalone
#添加patch口,连接br-tun,br-int
ovs-vsctl add-port br-tun patch-int -- set interface patch-int type=patch -- set interface patch-int options:peer=patch-tun
ovs-vsctl add-port br-int patch-tun -- set interface patch-tun type=patch -- set interface patch-tun options:peer=patch-int
#添加linux bridge
brctl addbr qbr1
ip link set qbr1 up
#添加veth口,连接br-int,qbr1
ip link add name qvo1 type veth peer name qvb1
ip link set qvo1 up
ip link set qvb1 up
ovs-vsctl add-port br-int qvo1
brctl addif qbr1 qvb1
#设置qvo1的vlan tag
ovs-vsctl set port qvo1 tag=100
#添加namespace:
ip netns add ns1
ip link add name veth1 type veth peer name veth1_br
ip link set dev veth1 netns ns1
brctl addif qbr1 veth1_br
ip link set veth1_br up
ip netns exec ns1 ip link set veth1 up
ip netns exec ns1 ip addr add 192.168.10.32/24 dev veth1


ovs-vsctl add-port br-tun vxlan-01 -- set interface vxlan-01 type=vxlan options:remote_ip=10.10.16.82 options:key=0x30  ofport_request=2

10.10.28.227流表配置如下

 ## patch-int port =1 
 ## vxlan-01 port =2
 ##================== table 0
 #处理patch-int包,虚机出流量
 ovs-ofctl add-flow br-tun 'cookie=0x79, table=0,  priority=1,in_port=1 actions=resubmit(,2)'
 #处理vxlan包,从vxlan tunnel进入的数据包
 ovs-ofctl add-flow br-tun 'cookie=0x79, table=0,  priority=1,in_port=2 actions=resubmit(,4)'
 #默认规则
 ovs-ofctl add-flow br-tun 'cookie=0x79, table=0, priority=0 actions=drop'
#处理patch-int包,虚机出流量 table 0 --> resubmit 2

#===========table 2
 #单播包
 ovs-ofctl add-flow br-tun 'cookie=0x79,  table=2, priority=0,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)'

 #广播包
 ovs-ofctl add-flow br-tun 'cookie=0x79,  table=2, priority=0,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,22)'
#=================== table 3
ovs-ofctl add-flow br-tun 'cookie=0x79,  table=3, priority=0 actions=drop'
#处理vxlan包,从vxlan tunnel进入的数据包会resubmit(4)
#vxlan id =0x30, 10.10.18.227节点 vlan id =10
#=================== table 4
#######vxlan_id=0X30
 ovs-ofctl add-flow br-tun 'cookie=0x79,  table=4,  priority=1,tun_id=0x30 actions=mod_vlan_vid:10,resubmit(,10)'
 ovs-ofctl add-flow br-tun 'cookie=0x79,  table=4,  priority=0 actions=drop'

#=================== table 6
ovs-ofctl add-flow br-tun 'cookie=0x79,  table=6, priority=0 actions=drop'

#处理vxlan包,从vxlan tunnel进入的数据包会resubmit(4)
# table 4 mod_vlan_id --> resubmit(10)
#==================== table 10
ovs-ofctl add-flow br-tun 'cookie=0x79, table=10, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,cookie=0xa9eb8f9011f7e038,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1'

## table 10 learn --> table 20 saves learning  resuslt 
#处理patch-int包,虚机出流量 table 0 --> resubmit 2
# table 2 unicast --> table 20
##===================== table 20 没有match则跳转到 table 22
# table 20
ovs-ofctl add-flow br-tun 'cookie=0x79, table=20, priority=0 actions=resubmit(,22)'

#处理patch-int包,虚机出流量 table 0 --> resubmit 2
# table 2 broadcast --> table 22
##========================  table 22  flood
 ovs-ofctl add-flow br-tun 'cookie=0x79, table=22, dl_vlan=100 actions=strip_vlan,set_tunnel:0x30,output:2'
 ovs-ofctl add-flow br-tun 'cookie=0x79, table=22,priority=0 actions=drop'

10.10.16.82新增的流表配置如下



ovs-vsctl add-port br-tun vxlan-02 -- set interface vxlan-02 type=vxlan options:remote_ip=10.10.18.227 options:key=0x30
table 0处理vxlan vni=48收到的包
ovs-ofctl add-flow br-tun 'cookie=0x79, table=0, priority=1,in_port=4 actions=resubmit(,4)'

table 4

ovs-ofctl add-flow br-tun 'cookie=0x79, table=4, priority=1,tun_id=0x30 actions=mod_vlan_vid:22,resubmit(,10)'

table 22

ovs-ofctl add-flow br-tun 'cookie=0x79, table=22, dl_vlan=22 actions=strip_vlan,set_tunnel:0x30,output:4'

10.10.16.82上执行:

[root@kunpeng82 devuser]# ip netns exec ns1 ping 192.168.10.32
PING 192.168.10.32 (192.168.10.32) 56(84) bytes of data.
64 bytes from 192.168.10.32: icmp_seq=1 ttl=64 time=1.20 ms
64 bytes from 192.168.10.32: icmp_seq=2 ttl=64 time=0.340 ms
64 bytes from 192.168.10.32: icmp_seq=3 ttl=64 time=0.766 ms
64 bytes from 192.168.10.32: icmp_seq=4 ttl=64 time=0.343 ms
^C
--- 192.168.10.32 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3047ms
rtt min/avg/max/mdev = 0.340/0.663/1.204/0.357 ms
[root@kunpeng82 devuser]# 
[root@kunpeng82 devuser]# ovs-ofctl dump-flows br-tun
 cookie=0x79, duration=97548.746s, table=0, n_packets=3563, n_bytes=161602, priority=1,in_port="patch-int" actions=resubmit(,2)
 cookie=0x79, duration=97548.740s, table=0, n_packets=171, n_bytes=13734, priority=1,in_port="vxlan-01" actions=resubmit(,4)
 cookie=0x79, duration=65887.029s, table=0, n_packets=91, n_bytes=7966, priority=1,in_port="vxlan-02" actions=resubmit(,4)
 cookie=0x79, duration=97548.734s, table=0, n_packets=1850, n_bytes=79492, priority=0 actions=drop
 cookie=0x79, duration=97548.728s, table=2, n_packets=199, n_bytes=17430, priority=0,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)
 cookie=0x79, duration=97548.723s, table=2, n_packets=3364, n_bytes=144172, priority=0,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,22)
 cookie=0x79, duration=97548.717s, table=3, n_packets=0, n_bytes=0, priority=0 actions=drop
 cookie=0x79, duration=97548.711s, table=4, n_packets=171, n_bytes=13734, priority=1,tun_id=0x20 actions=mod_vlan_vid:22,resubmit(,10)
 cookie=0x79, duration=70260.958s, table=4, n_packets=91, n_bytes=7966, priority=1,tun_id=0x30 actions=mod_vlan_vid:22,resubmit(,10)
 cookie=0x79, duration=97548.706s, table=4, n_packets=0, n_bytes=0, priority=0 actions=drop
 cookie=0x79, duration=97548.700s, table=6, n_packets=0, n_bytes=0, priority=0 actions=drop
 cookie=0x79, duration=97548.695s, table=10, n_packets=262, n_bytes=21700, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,cookie=0xa9eb8f9011f7e038,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:"patch-int"
 cookie=0xa9eb8f9011f7e038, duration=271.640s, table=20, n_packets=32, n_bytes=2744, hard_timeout=300, priority=1,vlan_tci=0x0016/0x0fff,dl_dst=d2:68:22:61:55:7c actions=load:0->NXM_OF_VLAN_TCI[],load:0x30->NXM_NX_TUN_ID[],output:"vxlan-02"
 cookie=0x79, duration=97548.689s, table=20, n_packets=25, n_bytes=2058, priority=0 actions=resubmit(,22)
 cookie=0x79, duration=70260.964s, table=22, n_packets=3273, n_bytes=140042, dl_vlan=22 actions=strip_vlan,set_tunnel:0x30,output:"vxlan-02"
 cookie=0x79, duration=97548.678s, table=22, n_packets=26, n_bytes=1820, priority=0 actions=drop
[root@kunpeng82 devuser]#
 

猜你喜欢

转载自www.cnblogs.com/dream397/p/12682791.html
今日推荐
NetBSD 禁止提交由 AI 生成的代码
Apache Doris 2.0.10 版本正式发布!
开源日报 | 大模型开战;大模型独角兽被曝卖身;周鸿祎建议谷歌开源所有产品;最大开源AI社区提供1000万美元共享GPU
开源日报 | Chrome内置Gemini的意义不在于Gemini;中国AI追随之路的五大误区;ECharts创始人“下海”养鱼;谷歌I/O开发者大会什么都有,只是没有惊喜
微软回应中国区AI团队“打包赴美”传闻
基于大语言模型的开源知识库问答系统 MaxKB GitHub Star 数量突破 5,000 个!
周排行
static方法和非static方法的区别(java)
如何查找计算机专业paper
java.lang.ClassFormatError: Incompatible magic value 0 in class file com/sitecha
跳跃游戏II
stm32_之【建立工程】
TeaWeb v0.0.9 发布,统计底层优化、主机监控功能改进
事件分发 -----控制字体大小
JavaScript DOM练习(动态表格添加) December 25,2019
JSF Scope & CDI
实现从零搭建一个登录注册页面(附源代码)
每日归档
更多
2024-05-19(0)
2024-05-18(4)
2024-05-17(34)
2024-05-16(6)
2024-05-15(24)
2024-05-14(0)
2024-05-13(18)
2024-05-12(0)
2024-05-11(38)
2024-05-10(38)

代码天地 © 2018 codetd.com

境外服务器   最新电视剧2022