centos ovn 搭建测试(二:逻辑路由器)

逻辑路由功能测试

 

 

 # 配置逻辑交换机及逻辑路由器

# 创建逻辑路由器
ovn-nbctl lr-add r1
ovn-nbctl ls-add ls1
ovn-nbctl ls-add ls2

# 创建逻辑路由器port
ovn-nbctl lrp-add r1 r1-ls1 00:00:00:00:10:00 192.168.100.1/24
ovn-nbctl lrp-add r1 r1-ls2 00:00:00:00:20:00 192.168.200.1/24

# 创建逻辑交换机port并关联路由器port
ovn-nbctl lsp-add ls1 ls1-p1
ovn-nbctl lsp-add ls2 ls1-p2
ovn-nbctl lsp-set-type ls1-p1 router
ovn-nbctl lsp-set-type ls1-p2 router

ovn-nbctl lsp-set-addresses ls1-p1 "00:00:00:00:10:00 192.168.100.1"
ovn-nbctl lsp-set-addresses ls1-p2 "00:00:00:00:20:00 192.168.200.1"
ovn-nbctl lsp-set-options ls1-p1 router-port=r1-ls1
ovn-nbctl lsp-set-options ls1-p2 router-port=r1-ls2

# 创建ns需要用到的port
ovn-nbctl lsp-add ls1 ls1-veth1
ovn-nbctl lsp-set-addresses ls1-veth1 "aa:aa:aa:11:11:aa 192.168.100.100"
ovn-nbctl lsp-set-port-security ls1-veth1 aa:aa:aa:11:11:aa

ovn-nbctl lsp-add ls2 ls1-veth3
ovn-nbctl lsp-set-addresses ls1-veth3 "aa:aa:aa:11:11:bb 192.168.200.200"
ovn-nbctl lsp-set-port-security ls1-veth3 aa:aa:aa:11:11:bb

#查看配置

[root@master ~]# ovn-nbctl show
switch bc7f5d6d-1867-445d-a54b-342981bbc304 (ls1)
    port ls1-p1
        type: router
        addresses: ["00:00:00:00:10:00 192.168.100.1"]
        router-port: r1-ls1
    port ls1-veth1
        addresses: ["aa:aa:aa:11:11:aa 192.168.100.100"]
switch 4d205d4b-3512-4359-b8ff-ed64e009bacf (ls2)
    port ls1-veth3
        addresses: ["aa:aa:aa:11:11:bb 192.168.200.200"]
    port ls1-p2
        type: router
        addresses: ["00:00:00:00:20:00 192.168.200.1"]
        router-port: r1-ls2
router d90ac06e-3e28-48f9-9a68-b71379d5464e (r1)
    port r1-ls2
        mac: "00:00:00:00:20:00"
        networks: ["192.168.200.1/24"]
    port r1-ls1
        mac: "00:00:00:00:10:00"
        networks: ["192.168.100.1/24"]

 

 # 配置命名空间

# master:
ip netns add ns1
ip link add veth1 type veth peer name veth2
ifconfig veth1 up
ifconfig veth2 up
ip link set veth2 netns ns1
ip netns exec ns1 ip link set veth2 address aa:aa:aa:11:11:aa
ip netns exec ns1 ip addr add 192.168.100.100/24 dev veth2
ip netns exec ns1 ip link set veth2 up
ip netns exec ns1 ip r add default via 192.168.100.1

ovs-vsctl add-port br-int  veth1
ovs-vsctl set Interface veth1 external_ids:iface-id=ls1-veth1 

ip netns exec ns1 ip addr show

# slaver:
ip netns add ns2
ip link add veth3 type veth peer name veth4
ifconfig veth3 up
ifconfig veth4 up
ip link set veth4 netns ns2
ip netns exec ns2 ip link set veth4 address aa:aa:aa:11:11:bb
ip netns exec ns2 ip addr add 192.168.200.200/24 dev veth4
ip netns exec ns2 ip link set veth4 up
ip netns exec ns2 ip r add default via 192.168.200.1

ovs-vsctl add-port br-int  veth3 
ovs-vsctl set Interface veth3 external_ids:iface-id=ls1-veth3 

ip netns exec ns2 ip addr show

 

# 连通性测试

[root@slaver ~]# ip netns exec ns2 ping 192.168.100.100
PING 192.168.100.100 (192.168.100.100) 56(84) bytes of data.
64 bytes from 192.168.100.100: icmp_seq=1 ttl=63 time=1.15 ms
64 bytes from 192.168.100.100: icmp_seq=2 ttl=63 time=0.252 ms
64 bytes from 192.168.100.100: icmp_seq=3 ttl=63 time=0.268 ms
64 bytes from 192.168.100.100: icmp_seq=4 ttl=63 time=0.259 ms
64 bytes from 192.168.100.100: icmp_seq=5 ttl=63 time=0.249 ms
64 bytes from 192.168.100.100: icmp_seq=6 ttl=63 time=0.269 ms
^C
--- 192.168.100.100 ping statistics ---
6 packets transmitted, 6 received, 0% packet loss, time 5000ms
rtt min/avg/max/mdev = 0.249/0.408/1.156/0.335 ms

 

# 流量trace,流表分析

[root@slaver ~]# ovs-appctl ofproto/trace br-int in_port=veth3,icmp,dl_src=aa:aa:aa:11:11:bb,dl_dst=00:00:00:00:20:00,nw_src=192.168.200.200,nw_dst=192.168.100.100
Flow: icmp,in_port=3,vlan_tci=0x0000,dl_src=aa:aa:aa:11:11:bb,dl_dst=00:00:00:00:20:00,nw_src=192.168.200.200,nw_dst=192.168.100.100,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0

bridge("br-int")
----------------
 0. in_port=3, priority 100
    set_field:0x7->reg13
    set_field:0x2->reg11
    set_field:0x5->reg12
    set_field:0x7->metadata
    set_field:0x2->reg14
    resubmit(,8)
 8. reg14=0x2,metadata=0x7,dl_src=aa:aa:aa:11:11:bb, priority 50, cookie 0xe9e907ee
    resubmit(,9)
 9. metadata=0x7, priority 0, cookie 0xc9981822
    resubmit(,10)
10. metadata=0x7, priority 0, cookie 0xa37a7c82
    resubmit(,11)
11. metadata=0x7, priority 0, cookie 0x16633c73
    resubmit(,12)
12. metadata=0x7, priority 0, cookie 0x49cf093b
    resubmit(,13)
13. metadata=0x7, priority 0, cookie 0x491e8ab
    resubmit(,14)
14. metadata=0x7, priority 0, cookie 0x8d8276af
    resubmit(,15)
15. metadata=0x7, priority 0, cookie 0xa739edd7
    resubmit(,16)
16. metadata=0x7, priority 0, cookie 0xddf67286
    resubmit(,17)
17. metadata=0x7, priority 0, cookie 0x4ba0b76c
    resubmit(,18)
18. metadata=0x7, priority 0, cookie 0xd1e476f6
    resubmit(,19)
19. metadata=0x7, priority 0, cookie 0xaa69bc28
    resubmit(,20)
20. metadata=0x7, priority 0, cookie 0x80cde449
    resubmit(,21)
21. metadata=0x7, priority 0, cookie 0x927d4077
    resubmit(,22)
22. metadata=0x7, priority 0, cookie 0x9abe4626
    resubmit(,23)
23. metadata=0x7, priority 0, cookie 0xa6e53d7d
    resubmit(,24)
24. metadata=0x7, priority 0, cookie 0x8da35b42
    resubmit(,25)
25. metadata=0x7,dl_dst=00:00:00:00:20:00, priority 50, cookie 0xbf8a1e04
    set_field:0x1->reg15
    resubmit(,32)
32. priority 0
    resubmit(,33)
33. reg15=0x1,metadata=0x7, priority 100
    set_field:0x2->reg11
    set_field:0x5->reg12
    resubmit(,34)
34. priority 0
    set_field:0->reg0
    set_field:0->reg1
    set_field:0->reg2
    set_field:0->reg3
    set_field:0->reg4
    set_field:0->reg5
    set_field:0->reg6
    set_field:0->reg7
    set_field:0->reg8
    set_field:0->reg9
    resubmit(,40)
40. metadata=0x7, priority 0, cookie 0xa50f0c2f
    resubmit(,41)
41. metadata=0x7, priority 0, cookie 0x8e84f321
    resubmit(,42)
42. metadata=0x7, priority 0, cookie 0x25a738f5
    resubmit(,43)
43. metadata=0x7, priority 0, cookie 0xc3568671
    resubmit(,44)
44. metadata=0x7, priority 0, cookie 0x9677da5f
    resubmit(,45)
45. metadata=0x7, priority 0, cookie 0x44f44b28
    resubmit(,46)
46. metadata=0x7, priority 0, cookie 0xd488d87c
    resubmit(,47)
47. metadata=0x7, priority 0, cookie 0x8702e8d2
    resubmit(,48)
48. metadata=0x7, priority 0, cookie 0x49dd2336
    resubmit(,49)
49. reg15=0x1,metadata=0x7, priority 50, cookie 0xa77e9042
    resubmit(,64)
64. priority 0
    resubmit(,65)
65. reg15=0x1,metadata=0x7, priority 100
    clone(ct_clear,set_field:0->reg11,set_field:0->reg12,set_field:0->reg13,set_field:0x4->reg11,set_field:0x3->reg12,set_field:0x5->metadata,set_field:0x2->reg14,set_field:0->reg10,set_field:0->reg15,set_field:0->reg0,set_field:0->reg1,set_field:0->reg2,set_field:0->reg3,set_field:0->reg4,set_field:0->reg5,set_field:0->reg6,set_field:0->reg7,set_field:0->reg8,set_field:0->reg9,set_field:0->in_port,resubmit(,8))
    ct_clear
    set_field:0->reg11
    set_field:0->reg12
    set_field:0->reg13
    set_field:0x4->reg11
    set_field:0x3->reg12
    set_field:0x5->metadata
    set_field:0x2->reg14
    set_field:0->reg10
    set_field:0->reg15
    set_field:0->reg0
    set_field:0->reg1
    set_field:0->reg2
    set_field:0->reg3
    set_field:0->reg4
    set_field:0->reg5
    set_field:0->reg6
    set_field:0->reg7
    set_field:0->reg8
    set_field:0->reg9
    set_field:0->in_port
    resubmit(,8)
 8. reg14=0x2,metadata=0x5,dl_dst=00:00:00:00:20:00, priority 50, cookie 0xae2439ea
    resubmit(,9)
 9. ip,reg14=0x2,metadata=0x5,nw_ttl=0,nw_frag=not_later, priority 40, cookie 0xa62b13e
    controller(userdata=00.00.00.0a.00.00.00.00.ff.ff.00.18.00.00.23.20.00.1b.00.00.00.00.04.06.00.30.00.00.00.00.00.00.ff.ff.00.18.00.00.23.20.00.1b.00.00.00.00.02.06.00.30.00.00.00.00.00.00.ff.ff.00.18.00.00.23.20.00.1c.00.00.00.00.04.06.00.30.00.00.00.00.00.00.ff.ff.00.18.00.00.23.20.00.1c.00.00.00.00.02.06.00.30.00.00.00.00.00.00.00.19.00.10.80.00.26.01.0b.00.00.00.00.00.00.00.00.19.00.10.80.00.28.01.00.00.00.00.00.00.00.00.ff.ff.00.18.00.00.23.20.00.06.00.20.00.00.00.00.00.00.0e.04.00.00.10.04.00.19.00.10.80.00.16.04.c0.a8.c8.01.00.00.00.00.00.19.00.10.00.01.3a.01.ff.00.00.00.00.00.00.00.ff.ff.00.10.00.00.23.20.00.0e.ff.f8.0a.00.00.00)

Final flow: icmp,reg11=0x2,reg12=0x5,reg13=0x7,reg14=0x2,reg15=0x1,metadata=0x7,in_port=3,vlan_tci=0x0000,dl_src=aa:aa:aa:11:11:bb,dl_dst=00:00:00:00:20:00,nw_src=192.168.200.200,nw_dst=192.168.100.100,nw_tos=0,nw_ecn=0,nw_ttl=0,icmp_type=0,icmp_code=0
Megaflow: recirc_id=0,eth,ip,in_port=3,vlan_tci=0x0000/0x1000,dl_src=aa:aa:aa:11:11:bb,dl_dst=00:00:00:00:20:00,nw_src=192.168.200.192/27,nw_dst=192.168.100.64/26,nw_ttl=0,nw_frag=no
Datapath actions: ct_clear,userspace(pid=4294963132,controller(reason=1,dont_send=1,continuation=0,recirc_id=5,rule_cookie=0xa62b13e,controller_id=0,max_len=65535))

 

# 对端抓包

[root@master ~]# tcpdump -nn -i eth0 -e port 6081
tcpdump: verbose output suppressed, use -v or -vv for full protocol decode
listening on eth0, link-type EN10MB (Ethernet), capture size 262144 bytes
20:40:38.799036 ee:ff:ff:ff:ff:ff > 00:16:3e:05:19:46, ethertype IPv4 (0x0800), length 156: 192.168.1.199.29752 > 192.168.1.200.6081: Geneve, Flags [C], vni 0x6, proto TEB (0x6558), options [8 bytes]: 00:00:00:00:10:00 > aa:aa:aa:11:11:aa, ethertype IPv4 (0x0800), length 98: 192.168.200.200 > 192.168.100.100: ICMP echo request, id 27097, seq 61, length 64
20:40:38.799120 00:16:3e:05:19:46 > ee:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 156: 192.168.1.200.31970 > 192.168.1.199.6081: Geneve, Flags [C], vni 0x7, proto TEB (0x6558), options [8 bytes]: 00:00:00:00:20:00 > aa:aa:aa:11:11:bb, ethertype IPv4 (0x0800), length 98: 192.168.100.100 > 192.168.200.200: ICMP echo reply, id 27097, seq 61, length 64
20:40:39.799025 ee:ff:ff:ff:ff:ff > 00:16:3e:05:19:46, ethertype IPv4 (0x0800), length 156: 192.168.1.199.29752 > 192.168.1.200.6081: Geneve, Flags [C], vni 0x6, proto TEB (0x6558), options [8 bytes]: 00:00:00:00:10:00 > aa:aa:aa:11:11:aa, ethertype IPv4 (0x0800), length 98: 192.168.200.200 > 192.168.100.100: ICMP echo request, id 27097, seq 62, length 64
20:40:39.799111 00:16:3e:05:19:46 > ee:ff:ff:ff:ff:ff, ethertype IPv4 (0x0800), length 156: 192.168.1.200.31970 > 192.168.1.199.6081: Geneve, Flags [C], vni 0x7, proto TEB (0x6558), options [8 bytes]: 00:00:00:00:20:00 > aa:aa:aa:11:11:bb, ethertype IPv4 (0x0800), length 98: 192.168.100.100 > 192.168.200.200: ICMP echo reply, id 27097, seq 62, length 64

 

posted @ 2022-07-19 15:05  salami_china  阅读(483)  评论(0编辑  收藏  举报