Open vSwitch系列之十 调用北向接口下发流表

Open vSwitch系列之一 Open vSwitch诞生
Open vSwitch系列之二 安装指定版本ovs
Open vSwitch系列之三 ovs-vsctl命令使用
Open vSwitch系列之四 ovs-ofctl命令使用
Open vSwitch系列之五 网桥特性功能配置
Open vSwitch系列之六 vlan隔离
Open vSwitch系列之七 meter表限速
Open vSwitch系列之八 vxlan隧道
Open vSwitch系列之九 Group表
Open vSwitch系列之十 调用北向接口下发流表
OpenvSwitch系列之十一 ovs-dpdk

1|0postman介绍


在开发中,前端和后端是分开开发的,当后端开发完成之后会测试接口。Postman就是一个后端接口的测试工具,通过postman可以发送GET、POST、DELETE等请求。通过Postman可以调用控制器的北向接口,下发流表到交换机

GET请求
Get请求需要注意两点,第一请求方法是get,第二是URL

POST请求
POST请求需要注意三点:第一 请求方式是POST,第二URL,第三请求的body体。

2|0Postman下发流表的标准格式


postman下发一条流表需要准备4个部分,分别是:

  1. 动作
  2. URL
  3. 身份认证
  4. body体

动作:PUT
URL:替换自己控制器的ip和交换机switch_id,还要注意flow_id即url最后一个参数,该参数要和body体中一致。
控制器ip:8181/restconf/config/opendaylight-inventory:nodes/node/你的交换机switch_id/flow-node-inventory:table/0/flow/flow6
认证信息:Basic Auth, username: admin password:admin

body体:格式为 raw --> Json。body体里的内容就是流表的信息。

body体具体内容:
body体就是一个流表的具体内容,分为三大块:流表元数据、匹配、动作。
元数据:流表名字,id,优先级等
匹配:流表匹配规则,如经典匹配十二元组
动作:标准动作转发和丢弃

3|0物理端口匹配


匹配进端口为1,动作是转发到222端口

ovs-ofctl add-flow br0 in_port=1,action=output:222
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/demo_14
 
{
  "flow": [
    {
      "id": "demo_14",
      "flow-name": "demo_14",
      "table_id": 0,
      "match": {
        "in-port": "1",
        "ethernet-match": {
          
        }
      },
      "instructions": {
        "instruction": [
          {
            "order": "0",
            "apply-actions": {
              "action": [
                {
                  "order": "0",
                  "output-action": {
                    "output-node-connector": "222"
                  }
                }
              ]
            }
          }
        ]
      }
    }
  ]
}

4|0mac地址匹配


匹配源mac地址:78:45:c4:1c:ba:b9,目的mac地址:00:50:56:c0:00:08,动作是丢弃

ovs-ofctl add-flow br0 dl_src=78:45:c4:1c:ba:b9,dl_dst=00:50:56:c0:00:08,aciton=drop
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/demo_four
 
{
  "flow": [
    {
      "id": "demo_four",
      "flow-name": "demo_four",
      "table_id": 0,
      "match": {
        "ethernet-match": {
          "ethernet-source": {
            "mask": "ff:ff:ff:ff:ff:ff",
            "address": "78:45:c4:1c:ba:b9"
          },
          "ethernet-destination": {
            "mask": "ff:ff:ff:ff:ff:ff",
            "address": "00:50:56:c0:00:08"
          }
        }
      },
      "instructions": {
        "instruction": [
          {
            "order": "0",
            "apply-actions": {
              "action": [
                {
                  "order": "0",
                  "drop-action": {
                    
                  }
                }
              ]
            }
          }
        ]
      }
    }
  ]
}

5|0ip地址匹配


匹配源ip地址为30.0.0.1/32,目的ip为30.0.0.2/32的流表,动作是转发到222端口

ovs-ofctl add-flow br0 ip,nw_src=30.0.0.1/32,nw_dst=30.0.0.2/32,aciton=output:222
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/demo_14
 
{
  "flow": [
    {
      "id": "demo_14",
      "flow-name": "demo_14",
      "table_id": 0,
      "match": {
        "ethernet-match": {
          "ethernet-type": {
            "type": "0x0800"
          }
        },
        "ipv4-source": "30.0.0.1/32",
        "ipv4-destination": "30.0.0.2/32"
      },
      "instructions": {
        "instruction": [
          {
            "order": "0",
            "apply-actions": {
              "action": [
                {
                  "order": "0",
                  "output-action": {
                    "output-node-connector": "222"
                  }
                }
              ]
            }
          }
        ]
      }
    }
  ]
}

6|0udp端口匹配


匹配 源端口为112,目的端口为2321的UDP数据包,动作是转发到222端口。

ovs-ofctl add-flow br0 udp,udp_src=112,udp_dst=2321,action=output:222
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/demo_13
 
{
  "flow": [
    {
      "id": "demo_13",
      "flow-name": "demo_13",
      "table_id": 0,
      "match": {
        "ethernet-match": {
          "ethernet-type": {
            "type": "0x0800"
          }
        },
        "ip-match": {
          "ip-protocol": 17
        },
        "udp-destination-port": "2321",
        "udp-source-port": "112"
      },
      "instructions": {
        "instruction": [
          {
            "order": "0",
            "apply-actions": {
              "action": [
                {
                  "order": "0",
                  "output-action": {
                    "output-node-connector": "222"
                  }
                }
              ]
            }
          }
        ]
      }
    }
  ]
}

7|0tcp端口匹配


匹配源端口是888,目的端口是999的TCP流量,动作是转发到222端口

ovs-ofctl add-flow br0 tcp,tcp_src=888,tcp_dst=999,action=output:222
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/demo_14
 
{
  "flow": [
    {
      "id": "demo_14",
      "flow-name": "demo_14",
      "table_id": 0,
      "match": {
        "ethernet-match": {
          "ethernet-type": {
            "type": "0x0800"
          }
        },
        "ip-match": {
          "ip-protocol": 6
        },
        "tcp-destination-port": "999",
        "tcp-source-port": "888"
      },
      "instructions": {
        "instruction": [
          {
            "order": "0",
            "apply-actions": {
              "action": [
                {
                  "order": "0",
                  "output-action": {
                    "output-node-connector": "222"
                  }
                }
              ]
            }
          }
        ]
      }
    }
  ]
}

8|0meter表


meter表,限速为10k,超过限制的流量丢弃。

ovs-ofctl add-meter s1 meter=1,kbps,band=type=drop,rate=10 -O OpenFlow13
 
控制器ip:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/meter/1
 
{
  "meter": {

    "meter-id": "1",
    "meter-name": "guestMeter",
    "flags": "meter-kbps",

    "meter-band-headers": {
      "meter-band-header": {
        "band-id": "0",
        "meter-band-types": { "flags": "ofpmbt-drop" },
        "drop-burst-size": "0",
        "drop-rate": "10"
      }
    }
  }
}

匹配进端口为1的流量,经过meter表限速,然后转发到2端口

ovs-ofctl add-flow s1 priority=200,in_port=1,action=meter:1,output:2 -O OpenFlow13
 
控制器ip地址:8181/restconf/config/opendaylight-inventory:nodes/node/交换机switch_id/flow-node-inventory:table/0/flow/flow1
 
{
  "flow": {
  "id": "flow1",   
  "table_id": "0",
  "priority": "120",
  "name":"flow_name"


  "match": {
    "in-port":"1"
    },
   

    "instructions": {
      "instruction": [
        {
          "order": "0",
          "meter": { "meter-id": "1" }
        },
        {
          "order": "1",
          "apply-actions": {
            "action": {
              "order": "1",
              "output-action": {
                "output-node-connector": "2"
              }
            }
          }
        }
      ]
    }
  }
}

__EOF__

本文作者goldsunshine
本文链接https://www.cnblogs.com/goldsunshine/p/14486056.html
关于博主:评论和私信会在第一时间回复。或者直接私信我。
版权声明:本博客所有文章除特别声明外,均采用 BY-NC-SA 许可协议。转载请注明出处!
声援博主:如果您觉得文章对您有帮助,可以点击文章右下角推荐一下。您的鼓励是博主的最大动力!
posted @   金色旭光  阅读(4179)  评论(4编辑  收藏  举报
编辑推荐:
· AI与.NET技术实操系列:向量存储与相似性搜索在 .NET 中的实现
· 基于Microsoft.Extensions.AI核心库实现RAG应用
· Linux系列:如何用heaptrack跟踪.NET程序的非托管内存泄露
· 开发者必知的日志记录最佳实践
· SQL Server 2025 AI相关能力初探
阅读排行:
· winform 绘制太阳,地球,月球 运作规律
· 震惊!C++程序真的从main开始吗?99%的程序员都答错了
· AI与.NET技术实操系列(五):向量存储与相似性搜索在 .NET 中的实现
· 超详细:普通电脑也行Windows部署deepseek R1训练数据并当服务器共享给他人
· 【硬核科普】Trae如何「偷看」你的代码?零基础破解AI编程运行原理
点击右上角即可分享
微信分享提示
AI IDE Trae