Opendaylight simple Version and Openvswitch

SDN/Openflow

Openvswitch configuration

After starting the Opendaylight controller we need a Openflow network device. Linux has one – the Openvswitch. So we use the Openvswitch.

#
# create a bridge with the name openflow
#
ovs-vsctl add-br openflow
#
# connect the bridge to the opendaylight openflow controller
#
ovs-vsctl set-controller openflow tcp:127.0.0.1:6633

After these to commands, executed as root, the controller has detected a new device. Tab device –> Node Name. Insert here the node name of the created Openvswitch bridge=switch. We use here Openflow-OVS. Do not change other parameters.

Network namespaces (VRFs)

Now we need interfaces on the switch. We use the Linux network namespaces (this is a VRF in Linux) — you may read the article  Linux Network Namespaces .

We create two network namespaces, two openvswitch ports on our openflow bridge and connect each network namespace to one port. Set the ports in the namespaces to up including the loopback interface.

#
# create the network namespaces
#
ip netns add ns1
ip netns add ns2
#
# create the openvswitch ports on the openflow bridge
#
BRIDGE=openflow
#
#### PORT 1
# create an internal ovs port
ovs-vsctl add-port $BRIDGE port1 -- set Interface port1 type=internal
# attach it to namespace
ip link set port1 netns ns1
# set the ports to up
ip netns exec ns1 ip link set dev port1 up
ip netns exec ns1 ip link set dev lo up
#
#### PORT 2
# create an internal ovs port
ovs-vsctl add-port $BRIDGE port2 -- set Interface port2 type=internal
# attach it to namespace
ip link set port2 netns ns2
# set the ports to up
ip netns exec ns2 ip link set dev port2 up
ip netns exec ns2 ip link set dev lo up

Now the Opendaylight controller should see two ports on the Openvswitch.

Now go ahead and open two console windows. Connect to a network namespace in each window and set the prompt to avoid confusion.

#
# Console for Network Namespace ns1 -- you must be root!!!
#
ip netns exec ns1 bash
export PS1="NS 1>"
#
######################################
#
# Console in Network Namespace ns2
#
ip netns exec ns2 bash
export PS1="NS 2>"

Now we configure ip addresses on port* in the network namespaces.

#
# Namespace ns1
#
ip addr add dev port1 10.0.0.1/24
#
################
#
# Namespace ns2
#
ip addr add dev port2 10.0.0.2/24

Now ping from ns2 to ns1 using the command ping 10.0.0.1, when you are connected with one console to the namespace ns2 (–> Console Sessions). Or use ip netns exec ns2 ping 10.0.0.1 when you are connected to the default namespace .

The ping does not work – the flow entries are missing.

In the test setup, port1 has the mac address ce:8d:86:69:01:6e and port2 has the mac address 8e:9b:7d:f4:d7:79

Create Flow Entries

The switch does not forward a paket without flow entries. We need to create them using Flows –> Flow entries –> Add Flow Entry

MAC Learning

How to learn the MAC addresses of connected machines. There is no learning without modules.

ARP

Create arp packet forwarding entries. We create several of them. One for ARP broadcasts and one for unicasts.

Name=ARPBcast , Node=Openflow-OVS , EthernetType=0x806 , Destination MAC Address=ff:ff:ff:ff:ff:ff , Actions=Flood
Name=ARPUcastp1 , Node=Openflow-OVS , EthernetType=0x806 , Destination MAC Address=ce:8d:86:69:01:6e , Actions=Add Output ports port1(1)
Name=ARPUcastp2 , Node=Openflow-OVS , EthernetType=0x806 , Destination MAC Address=8e:9b:7d:f4:d7:79 , Actions=Add Output ports port2(2)

 ICMP

And allow ICMP flows. We add two flows

Name=ICMPp1 , Node=Openflow-OVS , EthernetType=0x800 , Destination MAC Address=ce:8d:86:69:01:6e , Protocol=icmp , Actions=Add Output ports port1(1)
Name=ICMPp2 , Node=Openflow-OVS , EthernetType=0x800 , Destination MAC Address=8e:9b:7d:f4:d7:79 , Protocol=icmp , Actions=Add Output ports port2(2)

Ping

Now ping between the network namespaces works. In Opendaylight the flow statistics can be seen in the Tab Troubleshoot –> Switchname –> Flows or Ports

Openvswitch Openflow entries

The Openflow entries created, are pushed down to the Openvswitch. We can show them using the openvswitch command ovs-ofctl.

ovs-ofctl dump-flows openflow
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=1891.001s, table=0, n_packets=944, n_bytes=39648, idle_age=952, priority=500,arp,dl_dst=ff:ff:ff:ff:ff:ff actions=FLOOD
 cookie=0x0, duration=953.765s, table=0, n_packets=3, n_bytes=126, idle_age=714, priority=500,arp,dl_dst=8e:9b:7d:f4:d7:79 actions=output:2
 cookie=0x0, duration=1005.787s, table=0, n_packets=1, n_bytes=42, idle_age=714, priority=500,arp,dl_dst=ce:8d:86:69:01:6e actions=output:1
 cookie=0x0, duration=9.812s, table=0, n_packets=19, n_bytes=1862, idle_age=0, priority=500,icmp,dl_dst=8e:9b:7d:f4:d7:79 actions=output:2
 cookie=0x0, duration=35.442s, table=0, n_packets=70, n_bytes=6860, idle_age=0, priority=500,icmp,dl_dst=ce:8d:86:69:01:6e actions=output:1

 Conclusion

A MAC leaning mechanism is quite helpful – such helpers are available in Opendaylight. But we do not use them in this example here.

 

Updated: 17/01/2021 — 13:18