• ovs流表机制(五)

    1、ovs-vsctl set port tap0_br tag=100

    [root@kunpeng82 devuser]# ovs-vsctl list port tap0_br
    _uuid : f8b41259-a1b3-4226-bd25-afb7c0dfe9e1
    bond_active_slave : []
    bond_downdelay : 0
    bond_fake_iface : false
    bond_mode : []
    bond_updelay : 0
    cvlans : []
    external_ids : {}
    fake_bridge : false
    interfaces : [202a2f21-c8f3-4f23-8a64-5dc5de6c6e72]
    lacp : []
    mac : []
    name : "tap0_br"
    other_config : {}
    protected : false
    qos : []
    rstp_statistics : {}
    rstp_status : {}
    statistics : {}
    status : {}
    tag : 100
    trunks : []
    vlan_mode : []



    2、添加几条flow

    [root@kunpeng82 devuser]# ovs-ofctl dump-flows vswitch0
 cookie=0x0, duration=2352.210s, table=0, n_packets=407, n_bytes=17262, priority=3,in_port="tap4_br",vlan_tci=0x0000 actions=mod_vlan_vid:100,NORMAL
 cookie=0x0, duration=2155.729s, table=0, n_packets=111, n_bytes=4858, priority=3,in_port="tap3_br",vlan_tci=0x0000 actions=mod_vlan_vid:100,NORMAL
 cookie=0x0, duration=2499.930s, table=0, n_packets=387, n_bytes=16422, priority=1,in_port="tap0_br" actions=strip_vlan,output:"tap3_br"
 cookie=0x0, duration=8697.389s, table=0, n_packets=114, n_bytes=6244, priority=0 actions=NORMAL

    但是ip netns exec ns2 ping 192.168.1.100 ping通

    [root@kunpeng82 devuser]# ip netns exec ns4 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
^C
--- 192.168.1.100 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2058ms

    但是ip netns exec ns4 ping 192.168.1.100无法ping通

    [root@kunpeng82 devuser]# ip netns exec ns2 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.306 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.023 ms
^C
--- 192.168.1.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1048ms
rtt min/avg/max/mdev = 0.023/0.164/0.306/0.142 ms

    tcpdump竟然在tap3_br上发现了arp 回应报文,在tap4_br上没发发现arp 回应报文

    [root@kunpeng82 devuser]# tcpdump -i tap3_br
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap3_br, link-type EN10MB (Ethernet), capture size 262144 bytes
14:21:53.729020 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:21:53.729147 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
14:21:54.787148 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:21:54.787173 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
14:21:55.827157 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:21:55.827176 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
14:21:56.867251 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:21:56.867270 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
14:21:57.907144 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:21:57.907163 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
^C
10 packets captured
10 packets received by filter
0 packets dropped by kernel
[root@kunpeng82 devuser]# tcpdump -i tap4_br
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on tap4_br, link-type EN10MB (Ethernet), capture size 262144 bytes
14:22:09.598737 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:22:10.627128 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
14:22:11.667130 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
^C
3 packets captured
3 packets received by filter
0 packets dropped by kernel
    ovs-appctl ofproto/trace vswitch0 in_port=1诊断
    [root@kunpeng82 devuser]# ovs-appctl ofproto/trace vswitch0 in_port=1
Flow: in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,dl_type=0x0000

bridge("vswitch0")
------------------
 0. in_port=1, priority 1
    strip_vlan
    output:2

Final flow: unchanged
Megaflow: recirc_id=0,eth,in_port=1,dl_type=0x0000
Datapath actions: 3
     删除 这条flow: cookie=0x0, duration=2499.930s, table=0, n_packets=387, n_bytes=16422, priority=1,in_port="tap0_br" actions=strip_vlan,output:"tap3_br"
    [root@kunpeng82 devuser]# ovs-ofctl del-flows vswitch0 in_port="tap0_br"
[root@kunpeng82 devuser]#  ovs-ofctl add-flow vswitch0 priority=1,in_port=1,actions=strip_vlan,normal
[root@kunpeng82 devuser]# ip netns exec ns4 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
From 192.168.1.44 icmp_seq=1 Destination Host Unreachable
From 192.168.1.44 icmp_seq=2 Destination Host Unreachable
From 192.168.1.44 icmp_seq=3 Destination Host Unreachable
From 192.168.1.44 icmp_seq=4 Destination Host Unreachable
From 192.168.1.44 icmp_seq=5 Destination Host Unreachable

    tcpdump能抓到包了

    [root@kunpeng82 devuser]# tcpdump -i tap4_br
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on tap4_br, link-type EN10MB (Ethernet), capture size 262144 bytes
    14:28:26.387130 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:26.387165 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:27.427221 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:27.427245 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:28.467130 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:28.467165 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:29.507129 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:29.507169 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:30.547224 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:30.547247 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:31.587131 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:31.587162 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    14:28:32.627130 ARP, Request who-has 192.168.1.100 tell 192.168.1.44, length 28
    14:28:32.627164 ARP, Reply 192.168.1.100 is-at ca:03:87:45:02:90 (oui Unknown), length 28
    ^C
    14 packets captured
    14 packets received by filter
    0 packets dropped by kernel
    [root@kunpeng82 devuser]# 

    还是不通哦
    [root@kunpeng82 devuser]# ip netns exec ns4 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
^C
--- 192.168.1.100 ping statistics ---
3 packets transmitted, 0 received, 100% packet loss, time 2118ms

[root@kunpeng82 devuser]#

     删除流表,重新添加两条

    root@kunpeng82 devuser]#  ovs-ofctl del-flows vswitch0 in_port="tap0_br"

[root@kunpeng82 devuser]#  ovs-ofctl add-flow vswitch0 priority=1,ip,in_port=1,nw_dst=192.168.1.200/32,actions=strip_vlan,output:2

[root@kunpeng82 devuser]#  ovs-ofctl add-flow vswitch0 priority=1,ip,in_port=1,nw_dst=192.168.1.44/32,actions=strip_vlan,output:4
[root@kunpeng82 devuser]# ip netns exec ns4 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.268 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.035 ms
^C
--- 192.168.1.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1038ms
rtt min/avg/max/mdev = 0.035/0.151/0.268/0.117 ms
[root@kunpeng82 devuser]# ovs-ofctl dump-flows vswitch0
 cookie=0x0, duration=4618.262s, table=0, n_packets=848, n_bytes=35812, priority=3,in_port="tap4_br",vlan_tci=0x0000 actions=mod_vlan_vid:100,NORMAL
 cookie=0x0, duration=4421.781s, table=0, n_packets=157, n_bytes=7518, priority=3,in_port="tap3_br",vlan_tci=0x0000 actions=mod_vlan_vid:100,NORMAL
 cookie=0x0, duration=361.150s, table=0, n_packets=10, n_bytes=756, priority=1,in_port="tap0_br" actions=strip_vlan,output:"tap3_br"
 cookie=0x0, duration=90.099s, table=0, n_packets=0, n_bytes=0, priority=1,in_port="tap0_br" actions=strip_vlan,output:"tap3_br"
 cookie=0x0, duration=26.201s, table=0, n_packets=0, n_bytes=0, priority=1,ip,in_port="tap0_br",nw_dst=192.168.1.200 actions=strip_vlan,output:"tap3_br"
 cookie=0x0, duration=8.072s, table=0, n_packets=0, n_bytes=0, priority=1,ip,in_port="tap0_br",nw_dst=192.168.1.44 actions=strip_vlan,output:"tap4_br"
 cookie=0x0, duration=10963.441s, table=0, n_packets=114, n_bytes=6244, priority=0 actions=NORMAL
[root@kunpeng82 devuser]#

    [root@kunpeng82 devuser]# ip netns exec ns2 ping 192.168.1.100
    PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
    From 192.168.1.200 icmp_seq=1 Destination Host Unreachable
    From 192.168.1.200 icmp_seq=2 Destination Host Unreachable
    From 192.168.1.200 icmp_seq=3 Destination Host Unreachable
    From 192.168.1.200 icmp_seq=4 Destination Host Unreachable
    From 192.168.1.200 icmp_seq=5 Destination Host Unreachable


    ip netns exec ns2 ping 192.168.1.100 和ip netns exec ns4 ping 192.168.1.100都没成功

    抓包发现没收到arp reply
    

    [root@kunpeng82 devuser]# tcpdump -i tap4_br
    tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
    listening on tap4_br, link-type EN10MB (Ethernet), capture size 262144 bytes
    15:12:49.267241 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:50.307154 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:51.347151 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:52.387235 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:53.427156 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:54.467152 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:55.507229 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:56.547151 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:57.587144 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:58.627214 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:12:59.667148 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    15:13:00.707148 ARP, Request who-has 192.168.1.100 tell 192.168.1.200, length 28
    ^C
    12 packets captured
    12 packets received by filter
    0 packets dropped by kernel
    [root@kunpeng82 devuser]# 
    

     
    

    

     再添加两条arp的flow
    

    

    [root@kunpeng82 devuser]# ovs-ofctl add-flow vswitch0 priority=1,arp,in_port=1,nw_dst=192.168.1.200/32,actions=strip_vlan,output:2
[root@kunpeng82 devuser]# ovs-ofctl add-flow vswitch0 priority=1,arp,in_port=1,nw_dst=192.168.1.44/32,actions=strip_vlan,output:4
[root@kunpeng82 devuser]# ip netns exec ns2 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.587 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.024 ms
^C
--- 192.168.1.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1038ms
rtt min/avg/max/mdev = 0.024/0.305/0.587/0.282 ms
[root@kunpeng82 devuser]# ip netns exec ns4 ping 192.168.1.100
PING 192.168.1.100 (192.168.1.100) 56(84) bytes of data.
64 bytes from 192.168.1.100: icmp_seq=1 ttl=64 time=0.528 ms
64 bytes from 192.168.1.100: icmp_seq=2 ttl=64 time=0.025 ms
^C
--- 192.168.1.100 ping statistics ---
2 packets transmitted, 2 received, 0% packet loss, time 1008ms
rtt min/avg/max/mdev = 0.025/0.276/0.528/0.252 ms
[root@kunpeng82 devuser]# 
    

    


    
    
          
    • 

          
  • 

            相关阅读:
    
            
              C++ using namespace std详解 
                
    FlexEdit强大的文本编辑器(免费的!) 
                
    串口扩展方案总结 
                
    LED数码引脚图 
                
    串口扩展方案总结 
                
    C++ using namespace std详解 
                
    Digital Mars Compiler简介及使用 
                
    Digital Mars Compiler简介及使用 
                
    poj1018 
                
    poj3536 
                
                    
          
    • 
          
  • 
            原文地址:https://www.cnblogs.com/dream397/p/12634866.html
          
    • 

        

      



      
      

        

        

      

    

  


  

  
Copyright © 2020-2023 
  润新知