Learning OVS (open vswitch) using mininet — Part 5

In previous article we have seen how the flow entries are getting added in switch automatically from SDN controller. In this article I am going to show you how to add them manually. For the purpose of this article I am going to create mininet configuration without using controller.

Step 1 : Creating topology without using controller. Only difference in the command is addition of “–controller=none” option.

root@mininet-vm:~# mn –topo=single,4 –mac –controller=none
*** Creating network
*** Adding controller
*** Adding hosts:
h1 h2 h3 h4
*** Adding switches:
s1
*** Adding links:
(h1, s1) (h2, s1) (h3, s1) (h4, s1)
*** Configuring hosts
h1 h2 h3 h4
*** Starting controller

*** Starting 1 switches
s1 …
*** Starting CLI:
mininet> nodes
available nodes are:
h1 h2 h3 h4 s1
mininet> dump
<Host h1: h1-eth0:10.0.0.1 pid=1717>
<Host h2: h2-eth0:10.0.0.2 pid=1720>
<Host h3: h3-eth0:10.0.0.3 pid=1722>
<Host h4: h4-eth0:10.0.0.4 pid=1724>
<OVSSwitch s1: lo:127.0.0.1,s1-eth1:None,s1-eth2:None,s1-eth3:None,s1-eth4:None pid=1729>

Step 2 : As we have not created a controller hence the hosts are not reachable to each other.

mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
^C
— 10.0.0.2 ping statistics —
5 packets transmitted, 0 received, +3 errors, 100% packet loss, time 4025ms
pipe 3

Step 3 : Before adding the flow table we need to see the mapping between of the port number  and port name, we can do this using below command.

mininet> sh ovs-ofctl show s1
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000000000000001
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE
1(s1-eth1): addr:be:22:14:42:b8:9a
config:     0
state:      0
current:    10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
2(s1-eth2): addr:46:26:0a:c6:78:12
config:     0
state:      0
current:    10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
3(s1-eth3): addr:82:85:b3:ba:68:c8
config:     0
state:      0
current:    10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
4(s1-eth4): addr:66:b0:35:2f:4c:10
config:     0
state:      0
current:    10GB-FD COPPER
speed: 10000 Mbps now, 0 Mbps max
LOCAL(s1): addr:b2:98:b9:65:30:41
config:     0
state:      0
speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0

Step 4 : Simplest way to make hosts reachable to each other is to change the bridge to normal L2 device which can be done using below command. Once we added the flow using “action=normal” keyword switch is changed to L2 device.

mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
mininet> sh ovs-ofctl add-flow s1 action=normal
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=6.631s, table=0, n_packets=0, n_bytes=0, idle_age=6, actions=NORMAL

After that I am able to ping the hosts.

mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=1.69 ms
64 bytes from 10.0.0.2: icmp_seq=2 ttl=64 time=0.069 ms
^C
— 10.0.0.2 ping statistics —
2 packets transmitted, 2 received, 0% packet loss, time 1002ms
rtt min/avg/max/mdev = 0.069/0.884/1.699/0.815 ms

Step 5 : I am going to add two flows to the device manually. I have mentioned the priority and in_port and out_port in the the rules. Higher value in priority means it will overrule any rule with lower value.

mininet> sh ovs-ofctl add-flow s1 priority=1000,in_port=1,actions=output:2
mininet> sh ovs-ofctl add-flow s1 priority=1000,in_port=2,actions=output:1
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=15.544s, table=0, n_packets=0, n_bytes=0, idle_age=15, priority=1000,in_port=1 actions=output:2
cookie=0x0, duration=10.744s, table=0, n_packets=0, n_bytes=0, idle_age=10, priority=1000,in_port=2 actions=output:1

Step 6 : If  I am going to add the flow with higher priority and with action to drop the packets. Again the communication between hosts will stop.

mininet> sh ovs-ofctl add-flow s1 priority=1001,actions=drop
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=126.42s, table=0, n_packets=7, n_bytes=574, idle_age=85, priority=1000,in_port=1 actions=output:2
cookie=0x0, duration=121.62s, table=0, n_packets=7, n_bytes=574, idle_age=85, priority=1000,in_port=2 actions=output:1
cookie=0x0, duration=2.519s, table=0, n_packets=0, n_bytes=0, idle_age=2, priority=1001 actions=drop
mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
^C
— 10.0.0.2 ping statistics —
2 packets transmitted, 0 received, 100% packet loss, time 1006ms

Step  7: Once the delete the “drop” flow again the communication between the hosts resumed.

mininet> sh ovs-ofctl del-flows s1 –strict priority=1001
mininet> sh ovs-ofctl dump-flows s1
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=2092.636s, table=0, n_packets=7, n_bytes=574, idle_age=2051, priority=1000,in_port=1 actions=output:2
cookie=0x0, duration=2087.836s, table=0, n_packets=7, n_bytes=574, idle_age=2051, priority=1000,in_port=2 actions=output:1
mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_seq=1 ttl=64 time=1.07 ms
^C
— 10.0.0.2 ping statistics —
1 packets transmitted, 1 received, 0% packet loss, time 0ms
rtt min/avg/max/mdev = 1.073/1.073/1.073/0.000 ms

Advertisements

2 thoughts on “Learning OVS (open vswitch) using mininet — Part 5

Leave a Reply

Fill in your details below or click an icon to log in:

WordPress.com Logo

You are commenting using your WordPress.com account. Log Out / Change )

Twitter picture

You are commenting using your Twitter account. Log Out / Change )

Facebook photo

You are commenting using your Facebook account. Log Out / Change )

Google+ photo

You are commenting using your Google+ account. Log Out / Change )

Connecting to %s