Changes between Version 22 and Version 23 of HowTo/ConfigureOVSWithLayer3Routing


Ignore:
Timestamp:
08/27/14 17:41:28 (6 years ago)
Author:
zwang@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified
  • HowTo/ConfigureOVSWithLayer3Routing

    v22 v23  
    1212[[Image(OVS Routing abstract.png, 30%, nolink)]]
    1313
    14 The configuration we want to have is shown in below figure.
     14The configuration we want to have is shown in the figure below.
    1515
    1616[[Image(OVS Routing detail.png, 45%, nolink)]]
    1717
    18 In summary the idea is to create a single OVS bridge for each interface on your machine that you want to assign an IP; pass the packet between the interface and the network stack through the LOCAL port of OVS; and let Linux routing handle the rest of the part.
     18In summary the idea is to create a single OVS bridge for each interface on your machine that you want to assign an IP; pass the packet between the interface and the network stack through the LOCAL port of OVS; and let Linux routing handle the rest.
    1919This wiki page provides step-by-step instructions.
    2020
    21 We've generated a RSpec [http://www.gpolab.bbn.com/exp/NAT/ovs-l3-routing.rspec http://www.gpolab.bbn.com/exp/NAT/ovs-l3-routing.rspec] for you to try it out before applying it to your topology. You need to reserve it and login to host `OVS` to configure.
     21We've generated an RSpec [http://www.gpolab.bbn.com/exp/NAT/ovs-l3-routing.rspec http://www.gpolab.bbn.com/exp/NAT/ovs-l3-routing.rspec] for you to try out this technique before applying it to your topology. You need to reserve it and login to host `OVS` to configure it.
    2222
    23231. Create 2 OVS bridges.
    2424{{{
    25 ovs-vsctl add-br OVSbr1
    26 ovs-vsctl add-br OVSbr2
     25sudo ovs-vsctl add-br OVSbr1
     26sudo ovs-vsctl add-br OVSbr2
    2727}}}
    2828
    29 2. Zero out the IP of interfaces as you will assign it to the OVS bridges (your interface names may vary). On GENI, be careful not to bring down eth0, because it is your control interface, if you bring that interface down you won't be able to login to your host!
     292. Remove the IPs of dataplane interfaces as you will assign them to the OVS bridges (your interface names may vary). On GENI, be careful not to bring down eth0, because it is your control interface, if you bring that interface down you won't be able to login to your host!
    3030{{{
    31 ifconfig eth1 0
    32 ifconfig eth2 0
     31sudo ifconfig eth1 0
     32sudo ifconfig eth2 0
    3333}}}
    3434
    35 3. Attach interfaces to according OVS bridges. Again, don't attach control plane interface.
     353. Attach each interfaces to its own OVS bridge. Again, don't attach control plane interface.
    3636{{{
    37 ovs-vsctl add-port OVSbr1 eth1
    38 ovs-vsctl add-port OVSbr2 eth2
     37sudo ovs-vsctl add-port OVSbr1 eth1
     38sudo ovs-vsctl add-port OVSbr2 eth2
    3939}}}
    4040
    41414.Verify the configurations by:
    4242{{{
    43 ovs-ofctl show OVSbr1
     43sudo ovs-ofctl show OVSbr1
    4444}}}
    4545See the output [wiki:HowTo/ConfigureOVSWithLayer3Routing/outputs#ovs-ofctlshowOVSbr1 here].
    4646{{{
    47 ovs-ofctl show OVSbr2
     47sudo ovs-ofctl show OVSbr2
    4848}}}
    4949See the output [wiki:HowTo/ConfigureOVSWithLayer3Routing/outputs#ovs-ofctlshowOVSbr2 here].
    5050{{{
    51 ovs-vsctl show
     51sudo ovs-vsctl show
    5252}}}
    5353See the output [wiki:HowTo/ConfigureOVSWithLayer3Routing/outputs#ovs-vsctlshow here].
    5454
    55 5. Assign the IP addresses to the OVS bridges, and add routing entries (clean up ones if needed).
     555. Assign the IP addresses to the OVS bridges, and add routing entries.
    5656{{{
    57 ifconfig OVSbr1 10.10.10.1/24 up
    58 ifconfig OVSbr2 10.10.11.1/24 up
     57sudo ifconfig OVSbr1 10.10.10.1/24 up
     58sudo ifconfig OVSbr2 10.10.11.1/24 up
    5959}}}
    6060These will insert the corresponding routes automatically for you, and you can verify it via:
     
    6666Alternatively, you could do:
    6767{{{
    68 ifconfig OVSbr1 10.10.10.1 up
    69 ifconfig OVSbr2 10.10.11.1 up
    70 route add -net 10.10.10.0 netmask 255.255.255.0 dev OVSbr1
    71 route add -net 10.10.11.0 netmask 255.255.255.0 dev OVSbr2
     68sudo ifconfig OVSbr1 10.10.10.1 up
     69sudo ifconfig OVSbr2 10.10.11.1 up
     70sudo route add -net 10.10.10.0 netmask 255.255.255.0 dev OVSbr1
     71sudo route add -net 10.10.11.0 netmask 255.255.255.0 dev OVSbr2
    7272route -n
    7373}}}
     
    7777Let's do an example of how a packet would traverse our network from 10.10.10.2 to 10.10.11.2.
    7878
    79 10.10.10.2 sends the packet with destination 10.10.11.2. The packet arrives at eth1. There is an OpenFlow flow in place on OVSbr1 between eth1 and it's LOCAL port, so the packet will match this flow and be sent out the LOCAL port of OVSbr1 (i.e. port 65534). The packet is then received by the local machine's network stack. It has a destination IP of 10.10.11.2, so the routing table we have established will send the packet to the OVSbr2 network interface. OVSbr2 will receive this packet from the local network stack via it's LOCAL port (i.e. port 65534). There is an OpenFlow flow in place on OVS2 between OVS2's LOCAL port and eth2, so this packet will match that flow and be sent out eth2. From there, it will arrive at 10.10.11.2. The same process will occur in reverse. This assumes though that you insert the flows between the physical interfaces (eth1 and eth2) and the OVS LOCAL ports. That's the key to handing packet to and receiving packets from the local OS.
     79`10.10.10.2` sends the packet with destination `10.10.11.2`. The packet arrives at `eth1`. There is an OpenFlow flow in place on `OVSbr1` between `eth1` and it's `LOCAL` port, so the packet will match this flow and be sent out the `LOCAL` port of `OVSbr1` (i.e. port `65534`). The packet is then received by the local machine's network stack. It has a destination IP of `10.10.11.2`, so the routing table we have established will send the packet to the `OVSbr2` network interface. `OVSbr2` will receive this packet from the local network stack via it's `LOCAL` port (i.e. port `65534`). There is an OpenFlow flow in place on `OVS2` between `OVS2`'s `LOCAL` port and `eth2`, so this packet will match that flow and be sent out through `eth2`. From there, it will arrive at `10.10.11.2`. The same process will occur in reverse. This assumes though that you insert the flows between the physical interfaces (`eth1` and `eth2`) and the OVS `LOCAL` ports. That's the key to handing packet to and receiving packets from the local OS.
    8080
    81817. If you want to insert these flows with OVS itself, you can do something like the following:
    8282{{{
    83 ovs-ofctl add-flow OVSbr1 in_port=port_number_of_eth1,actions=LOCAL
    84 ovs-ofctl add-flow OVSbr1 in_port=LOCAL,actions=output:port_number_of_eth1
    85 ovs-ofctl add-flow OVSbr2 in_port=port_number_of_eth2,actions=LOCAL
    86 ovs-ofctl add-flow OVSbr2 in_port=LOCAL,actions=output:port_number_of_eth2
     83sudo ovs-ofctl add-flow OVSbr1 in_port=port_number_of_eth1,actions=LOCAL
     84sudo ovs-ofctl add-flow OVSbr1 in_port=LOCAL,actions=output:port_number_of_eth1
     85sudo ovs-ofctl add-flow OVSbr2 in_port=port_number_of_eth2,actions=LOCAL
     86sudo ovs-ofctl add-flow OVSbr2 in_port=LOCAL,actions=output:port_number_of_eth2
    8787}}}
    88 You can determine port_number_of_eth1 via:
     88You can determine `port_number_of_eth1` via:
    8989{{{
    90 ovs-ofctl show OVSbr1
     90sudo ovs-ofctl show OVSbr1
    9191}}}
    92 According to the output [wiki:HowTo/ConfigureOVSWithLayer3Routing/outputs#ovs-ofctlshowOVSbr1 here], the port number of eth1 is 1.
     92According to the output [wiki:HowTo/ConfigureOVSWithLayer3Routing/outputs#ovs-ofctlshowOVSbr1 here], the port number of `eth1` is 1.
    9393
    94948. If you want to insert these flows via your controller, you will need to either specify port 65534 explicitly or use whatever convention your controller uses to specify the LOCAL port of a bridge.
    9595Remember to set your controller to all OVS bridges you want to control:
    9696{{{
    97 ovs-vsctl set-controller OVSbr1 tcp:127.0.0.1:6653 ptcp:6634:127.0.0.1
    98 ovs-vsctl set-controller OVSbr2 tcp:127.0.0.1:6653 ptcp:6634:127.0.0.1
     97sudo ovs-vsctl set-controller OVSbr1 tcp:127.0.0.1:6653 ptcp:6634:127.0.0.1
     98sudo ovs-vsctl set-controller OVSbr2 tcp:127.0.0.1:6653 ptcp:6634:127.0.0.1
    9999}}}
    100100
     
    102102{{{
    103103cat /proc/sys/net/ipv4/ip_forward
    104 echo 1 > /proc/sys/net/ipv4/ip_forward
     104sudo echo 1 > /proc/sys/net/ipv4/ip_forward
    105105}}}
    106106