ovs trace 机制

1、ping

[root@kunpeng82 devuser]# ip netns exec ns7 ping 192.168.1.200
PING 192.168.1.200 (192.168.1.200) 56(84) bytes of data.
64 bytes from 192.168.1.200: icmp_seq=1 ttl=64 time=0.293 ms
64 bytes from 192.168.1.200: icmp_seq=2 ttl=64 time=0.038 ms
64 bytes from 192.168.1.200: icmp_seq=3 ttl=64 time=0.026 ms
64 bytes from 192.168.1.200: icmp_seq=4 ttl=64 time=0.030 ms
64 bytes from 192.168.1.200: icmp_seq=5 ttl=64 time=0.013 ms
64 bytes from 192.168.1.200: icmp_seq=6 ttl=64 time=0.013 ms

2、 抓包分析src_mac 、src_ip、 dst_mac、 dst_ip

[root@kunpeng82 devuser]# tcpdump -i tap3_br -eennvv
tcpdump: listening on tap3_br, link-type EN10MB (Ethernet), capture size 262144 bytes
07:48:46.518783 8a:74:77:07:f2:fc > 8a:6a:5f:bb:b0:9a, ethertype IPv4 (0x0800), length 98: (tos 0x0, ttl 64, id 57627, offset 0, flags [DF], proto ICMP (1), length 84)
192.168.1.117 > 192.168.1.200: ICMP echo request, id 8267, seq 1, length 64

3、查看tap7_br的ofport

[root@kunpeng82 devuser]# ovs-vsctl    --columns=external_ids,name,ofport list interface tap7_br
external_ids        : {}
name                : "tap7_br"
ofport              : 9
[root@kunpeng82 devuser]# 

4、ovs-appctl ofproto/trace发送报文

[root@kunpeng82 devuser]# ovs-appctl ofproto/trace vswitch1 in_port=9,dl_src=8a:6a:5f:bb:b0:9a,dl_dst=8a:74:77:07:f2:fc,ip,nw_src=192.168.1.117,nw_dst=192.168.1.200,nw_proto=1 -generate
Flow: icmp,in_port=9,vlan_tci=0x0000,dl_src=8a:6a:5f:bb:b0:9a,dl_dst=8a:74:77:07:f2:fc,nw_src=192.168.1.117,nw_dst=192.168.1.200,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0

bridge("vswitch1")
------------------
 0. priority 0
    NORMAL
     -> no learned MAC for destination, flooding

bridge("vswitch0")
------------------
 0. priority 0
    NORMAL
     -> learned that 8a:6a:5f:bb:b0:9a is on port patch_to_vswitch1 in VLAN 200
     -> no learned MAC for destination, flooding
     -> output to kernel tunnel

Final flow: unchanged
Megaflow: recirc_id=0,eth,ip,in_port=9,vlan_tci=0x0000,dl_src=8a:6a:5f:bb:b0:9a,dl_dst=8a:74:77:07:f2:fc,nw_ecn=0,nw_frag=no
Datapath actions: push_vlan(vid=200,pcp=0),6,1,pop_vlan,3,set(tunnel(tun_id=0x0,dst=10.10.18.216,ttl=64,tp_dst=4789,flags(df|key))),push_vlan(vid=200,pcp=0),4

查看mac表

[root@kunpeng82 devuser]# ovs-appctl fdb/show vswitch1
 port  VLAN  MAC                Age
    9   200  fa:16:3e:8c:eb:5b  283
    9   200  8a:6a:5f:bb:b0:9a  263
[root@kunpeng82 devuser]# ovs-appctl fdb/show vswitch0
 port  VLAN  MAC                Age
    6   200  fa:16:3e:8c:eb:5b  290
    6   200  8a:6a:5f:bb:b0:9a  270
[root@kunpeng82 devuser]# 

 语法：ip,后面有空格

[root@host-10-10-18-216 ~]#  ovs-appctl ofproto/trace br-int  in_port=2,dl_src=7e:53:2a:70:ac:48,dl_dst=2e:6b:9b:c1:f9:2d,ip, nw_src=192.168.10.12,nw_dst=192.168.10.22,nw_proto=1 -generate
Syntax error
ovs-appctl: ovs-vswitchd: server returned an error

dl_dst=48:57:02:64:ea:1e,后面有空格

[root@kunpeng82 devuser]# ovs-appctl ofproto/trace arp_sw in_port=1,ip,dl_src=02:ac:10:ff:01:01,dl_dst=48:57:02:64:ea:1e, nw_src=192.168.2.210,nw_dst=192.168.1.81,nw_proto=1  -generate
Syntax error
ovs-appctl: ovs-vswitchd: server returned an error
[root@kunpeng82 devuser]# ovs-appctl ofproto/trace arp_sw in_port=1,ip,dl_src=02:ac:10:ff:01:01,dl_dst=48:57:02:64:ea:1e,nw_src=192.168.2.210,nw_dst=192.168.1.81,nw_proto=1  -generate
Flow: icmp,in_port=1,vlan_tci=0x0000,dl_src=02:ac:10:ff:01:01,dl_dst=48:57:02:64:ea:1e,nw_src=192.168.2.210,nw_dst=192.168.1.81,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0

bridge("arp_sw")
----------------
 0. priority 0
    NORMAL
     -> learned that 02:ac:10:ff:01:01 is on port tap0_br in VLAN 0
     -> no learned MAC for destination, flooding

Final flow: unchanged
Megaflow: recirc_id=0,eth,ip,in_port=1,vlan_tci=0x0000/0x1fff,dl_src=02:ac:10:ff:01:01,dl_dst=48:57:02:64:ea:1e,nw_frag=no
Datapath actions: 7,9

arp trace

[root@kunpeng82 devuser]# ovs-appctl ofproto/trace br-tun in_port=2,dl_src=7e:53:2a:70:ac:48,dl_dst=ff:ff:ff:ff:ff:ff,arp,tun_id=0X20 -generate
Flow: arp,tun_id=0x20,in_port=2,vlan_tci=0x0000,dl_src=7e:53:2a:70:ac:48,dl_dst=ff:ff:ff:ff:ff:ff,arp_spa=0.0.0.0,arp_tpa=0.0.0.0,arp_op=0,arp_sha=00:00:00:00:00:00,arp_tha=00:00:00:00:00:00

bridge("br-tun")
----------------
 0. in_port=2, priority 1, cookie 0x79
    resubmit(,4)
 4. tun_id=0x20, priority 1, cookie 0x79
    mod_vlan_vid:22
    resubmit(,10)
10. priority 1, cookie 0x79
    learn(table=20,hard_timeout=300,priority=1,cookie=0xa9eb8f9011f7e038,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[])
     -> table=20 vlan_tci=0x0016/0x0fff,dl_dst=7e:53:2a:70:ac:48 priority=1 cookie=0xa9eb8f9011f7e038 hard=300 actions=load:0->NXM_OF_VLAN_TCI[],load:0x20->NXM_NX_TUN_ID[],output:2
    output:1

bridge("br-int")
----------------
 0. priority 0
    NORMAL
     -> learned that 7e:53:2a:70:ac:48 is on port patch-tun in VLAN 22
     -> no learned MAC for destination, flooding

Final flow: arp,tun_id=0x20,in_port=2,dl_vlan=22,dl_vlan_pcp=0,vlan_tci1=0x0000,dl_src=7e:53:2a:70:ac:48,dl_dst=ff:ff:ff:ff:ff:ff,arp_spa=0.0.0.0,arp_tpa=0.0.0.0,arp_op=0,arp_sha=00:00:00:00:00:00,arp_tha=00:00:00:00:00:00
Megaflow: recirc_id=0,eth,arp,tun_id=0x20,in_port=2,vlan_tci=0x0000,dl_src=7e:53:2a:70:ac:48,dl_dst=ff:ff:ff:ff:ff:ff,arp_op=0
Datapath actions: push_vlan(vid=22,pcp=0),2,pop_vlan,3

[root@kunpeng82 devuser]# ovs-appctl ofproto/trace arp_sw in_port=1,arp,arp_spa=192.168.2.210,arp_sha=2e:a9:be:9e:4d:07,arp_tpa=192.168.1.81,arp_tha=ff:ff:ff:ff:ff:ff,arp_op=1 -generate
Flow: arp,in_port=1,vlan_tci=0x0000,dl_src=00:00:00:00:00:00,dl_dst=00:00:00:00:00:00,arp_spa=192.168.2.210,arp_tpa=192.168.1.81,arp_op=1,arp_sha=2e:a9:be:9e:4d:07,arp_tha=ff:ff:ff:ff:ff:ff

bridge("arp_sw")
----------------
0. arp,in_port=1,arp_tpa=192.168.1.81,arp_op=1, priority 32768
move:NXM_OF_ETH_SRC[]->NXM_OF_ETH_DST[]
-> NXM_OF_ETH_DST[] is now 00:00:00:00:00:00
mod_dl_src:48:57:02:64:ea:1e
load:0x2->NXM_OF_ARP_OP[]
move:NXM_NX_ARP_SHA[]->NXM_NX_ARP_THA[]
-> NXM_NX_ARP_THA[] is now 2e:a9:be:9e:4d:07
load:0x2ac10ff0101->NXM_NX_ARP_SHA[]
move:NXM_OF_ARP_SPA[]->NXM_OF_ARP_TPA[]
-> NXM_OF_ARP_TPA[] is now 192.168.2.210
load:0xa000001->NXM_OF_ARP_SPA[]
IN_PORT

Final flow: arp,in_port=1,vlan_tci=0x0000,dl_src=48:57:02:64:ea:1e,dl_dst=00:00:00:00:00:00,arp_spa=10.0.0.1,arp_tpa=192.168.2.210,arp_op=2,arp_sha=02:ac:10:ff:01:01,arp_tha=2e:a9:be:9e:4d:07
Megaflow: recirc_id=0,eth,arp,in_port=1,dl_src=00:00:00:00:00:00,arp_spa=192.168.2.210,arp_tpa=192.168.1.81,arp_op=1,arp_sha=2e:a9:be:9e:4d:07,arp_tha=ff:ff:ff:ff:ff:ff
Datapath actions: set(eth(src=48:57:02:64:ea:1e)),set(arp(sip=10.0.0.1,tip=192.168.2.210,op=2/0xff,sha=02:ac:10:ff:01:01,tha=2e:a9:be:9e:4d:07)),8
This flow is handled by the userspace slow path because it:
- Uses action(s) not supported by datapath.