ovs设置开机启动,创建两个名空间用户主机ping,使用scapy发包
1. 在 /etc/init.d 目录下修改rsC文件,添加要执行的启动脚本
#!/bin/sh # Start all init scripts in /etc/init.d # executing them in numerical order. # for i in /etc/init.d/S??* ;do # Ignore dangling symlinks (if any). [ ! -f "$i" ] && continue case "$i" in *.sh) # Source shell script for speed. ( trap - INT QUIT TSTP set start . $i ) ;; *) # No sh extension, so fork subprocess. $i start ;; esac done chmod u+x /etc/swp-mac-set.sh /etc/swp-mac-set.sh /etc/start-ovs.sh start //启动脚本
2. 创建文件夹
#事先如果没有配置 mkdir -p /home/zj/swj/openil_1_9/openil/output/target/usr/var/run/openvswitch mkdir -p /usr/local/etc/openvswitch/ mkdir -p /usr/local/var/run/openvswitch ovsdb-tool create /usr/local/etc/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema
3. 编辑OVS启动脚本,创建一个bridge,绑定4个端口
#!/bin/bash ENO0_IP=$(ip addr show eno0 | grep inet | head -1 | awk '{print $2}') MAC_ID=${ENO0_IP:7-12:2} BR0_MAC=bc:8d:bf:7c:5b:$MAC_ID OVSDB_PID_FILE=/usr/local/var/run/openvswitch/ovsdb-server.pid OVSDB_LOG_FILE=/usr/local/var/run/openvswitch/ovsdb-server.log OVSSW_PID_FILE=/usr/local/var/run/openvswitch/ovs-vswitchd.pid OVSDB_CONF_FILE=/usr/local/etc/openvswitch/conf.db OVSDB_SOCK=unix:/usr/local/var/run/openvswitch/db.sock ovs_start() { ovsdb-server ${OVSDB_CONF_FILE} --remote=p${OVSDB_SOCK} \ --remote=db:Open_vSwitch,Open_vSwitch,manager_options \ --private-key=db:Open_vSwitch,SSL,private_key \ --certificate=db:Open_vSwitch,SSL,certificate \ --bootstrap-ca-cert=db:Open_vSwitch,SSL,ca_cert \ --log-file=${OVSDB_LOG_FILE} \ --pidfile=${OVSDB_PID_FILE} --detach ovs-vsctl --db=${OVSDB_SOCK} --no-wait init ovs-vswitchd unix:/usr/local/var/run/openvswitch/db.sock \ --pidfile=${OVSSW_PID_FILE} --detach ovs-vsctl --db=${OVSDB_SOCK} list-br | xargs -r ovs-vsctl --db=${OVSDB_SOCK} del-br ovs-vsctl --db=${OVSDB_SOCK} add-br br0 -- set bridge br0 other-config:hwaddr=\"$BR0_MAC\" ovs-vsctl --db=${OVSDB_SOCK} add-port br0 swp0 ovs-vsctl --db=${OVSDB_SOCK} add-port br0 swp1 ovs-vsctl --db=${OVSDB_SOCK} add-port br0 swp2 ovs-vsctl --db=${OVSDB_SOCK} add-port br0 swp3 ovs-vsctl --db=${OVSDB_SOCK} set bridge br0 protocols=OpenFlow13 ovs-vsctl --db=${OVSDB_SOCK} set-controller br0 tcp:192.168.0.241:6653 tcp:192.168.0.112:6653 tcp:192.168.0.243:6653 #ovs-vsctl --db=${OVSDB_SOCK} set-controller br0 tcp:192.168.0.112:6653 return 0 } ovs_stop() { [ -f $OVSDB_PID_FILE ] &&{ kill $(cat $OVSDB_PID_FILE) } [ -f $OVSSW_PID_FILE ] &&{ kill $(cat $OVSSW_PID_FILE) } return 0 } case "$1" in start) printf "Starting openvswitch: " ovs_start [ $? = 0 ] && echo "OK" || echo "FAIL" ;; stop) printf "Stopping openvswitch: " ovs_stop [ $? = 0 ] && echo "OK" || echo "FAIL" ;; restart|reload) "$0" stop "$0" start ;; *) echo "Usage: $0 {start|stop|restart}" exit 1 esac exit $?
4.创建2个名空间,绑定主机端口,用于收发包测试
#!/bin/sh #创建2个ns ip netns add host1 ip netns add host2 #将2个端口添加到对应的ns ip link set enp1s0f0 netns host1 ip link set enp1s0f1 netns host2 ip netns exec host1 ip addr add dev enp1s0f0 192.167.0.11/24 ip netns exec host2 ip addr add dev enp1s0f1 192.167.0.12/24 ip netns exec host1 ip link set enp1s0f0 up ip netns exec host2 ip link set enp1s0f1 up ip netns exec host1 ifconfig ip netns exec host2 ifconfig ip netns exec host1 /bin/bash
5.进入名空间后,执行发包脚本发送vlan数据包
ip netns exec host1 bash
#!/usr/bin/python3 from scapy.all import * #三层转发 #L2=Ether(src="b4:05:5d:a7:e4:6b",dst="BC:8D:BF:3C:5B:00") #二层 L2=Ether(src="b4:05:5d:a7:e4:6b",dst="b4:05:5d:a7:e4:6c") # 定义 VLAN 标记为 2 的 VLAN 标签头 vlan = Dot1Q(vlan=2, prio=3) #L3=IP(dst="192.168.1.12",src="192.167.0.11") L3=IP(dst="192.167.0.12",src="192.167.0.11") # 定义负载数据 payload = "Hello, world!"packet=L2/vlan/L3/UDP(sport=12345,dport=23456)/payload cnt = 100000 # iface 为ifconfig中查询到的网卡名字 while cnt > 0: sendp(packet, iface='enp1s0f0') cnt = cnt - 1
6. 在另一个名空间抓包
ip netns exec host2 bash
tcpdump -i enp1s0f1 -ee host 192.167.0.11
