OpenFlow flow entries on Open vSwitch (OVS)
HTML-код
- Опубликовано: 8 сен 2024
- This video looks at how flow entries work in an OpenFlow enabled switch. In this video its done with Open vSwitch and adding flow entries via the ovs-ofctl command. The network is emulated with Mininet.
Links
Me: / davidmahler
Open vSwitch: openvswitch.org/
ovs-ofctl documentation: openvswitch.org...
Mininet: mininet.org/
Open Networking Foundation (OpenFlow): www.opennetwor...
Check my RUclips channel for introduction videos on
OpenFlow: • Introduction to OpenFlow
Open vSwitch: • Introduction to Open v...
Mininet: • Introduction to Mininet
dl_type, nw_proto values and keywords (from ovs-ofctl MAN page):
ip: dl_type=0x800
arp: dl_type=0x806
(nw_proto=1 for requests,nw_proto=2 for replies)
rarp: dl_type=0x8035
icmp: dl_type=0x800,nw_proto=1
tcp: dl_type=0x0800,nw_proto=6
udp: dl_type=0x0800,nw_proto=17
ipv6: dl_type=0x86dd
tcp6: dl_type=0x86dd,nw_proto=6
udp6: dl_type=0x86dd,nw_proto=17
icmp6: dl_type=0x86dd,nw_proto=58
David, your OF videos are the best introductory OF videos on the Internet. I'm sure I speak for many people in saying thanks for sharing and please keep adding new material as your time permits.
Thanks so much Jeff for that kind feedback! I definitely will!
David Mahler Hi David. I already sent you an email through youtube. I am using dpctl add-flow in a fat-tree topology and I want to install the flows in the switches manually with dpctl. I am following your videos and since I have so many switches in the path I am using 0_2_1 instead of S1 as your video has. I am getting errors regarding dpctl take 2 arguments, I fix that I do not see the rules installed in the right switch, all of the rules are installed in the 1st Switch. ANy help, please, I really need your guidance.
David Mahler
I am sorry if you could send me an email to farp80@gmail.com it will be more than appreciated. Thank you.
I completely agree wiht Jeff , "David, your OF videos are the best introductory OF videos on the Internet. I'm sure I speak for many people in saying thanks for sharing and please keep adding new material as your time permits."
Thanks *****
these are the only openflow videos i found worth watching
very humble thank you....
Greatly explained how to implement OpenFlow entries to the Open vSwitches flow table (single flow table). Can be done many different ways, such as by certain interface, by layer1 method (in_port), by layer2 method (MAC address), by layer3 method (ip address), by layer4 method (TCP). Also, there are also many other parameters that can affect to flow entry contents. These can be done in Mininet CLI but I believe it is also possible to do by Python scripts. This shows why centralized routing is so useful.
Thanks, David. Your videos are amazing for newbies to OVS :-)
+Rinku Shah You're welcome!
Thanks David! Your videos are saving my life.
Happy to help!
Many thanks for the videos, I have successfully managed to add flow entries on multiple switches for load balancing in my assignment. Your information has made my concept clear. Thank you
Excellent! Thanks!
David, thank you for your video. It is very useful. There is the simplest explanation of the hardest things. I hope you will do more video in network or related technologies
You're very welcome, I will definitely do them as time permits (day job/family/etc ;-) )
Wanted to make a general comment about all your mininet and OpenFlow videos. I appreciate all these videos, as I am new to this area. You have given me a great start... Keep it up !!!
Thanks Michael! We all are new to this area :-). It will be very interesting to see it develop.
Amazing! Thanks a lot David.
Awesome video on OVS switches. Really helpful in understanding manual entries in OpenFlow.
Hello Vishlesh, thanks I'm glad they helped!
Hi David! All of your videos are AWESOME. Everything is logically connected and very Crisp Clear.
I could not expect complicated concepts like SDN, Openflow, OVS etc to be explained in simpler way than your videos. Looking out for more of your videos.
YOU ROCKKK !!! :-)
David, you're my hero from now on.
Ha, thanks a lot!
You are my hero . Thanks a lot . Learning with practice is the best way , and you did it brilliantly.
+Aymen That's quite an endorsement! Thanks!!
@sandeep R - Thanks a lot, your comment rocks!
Easy to follow and understand, this is helping me a lot! Thank you!
+Magne I'm glad it helped you! Thanks for commenting!
Thank you very much.
Very helpful.
🙏🙏🙏🙏🙏🙏
So nice of you
Learning so much from your videos. Thanks a lot .
+Sunil Jakhwal You're very welcome!
Brilliant content!
Thanks!
Wonderful. Thank you. Have been fighting to understand this.
You're welcome!
Excellent video :)
ty!
Thanks for the video David, I want to go one step further I have single topology with 3 hosts. I want to block tcp port 5568 while keep other ports active while communicating in h1 and h2. I am trying this but no luck. del-flows command deletes all the flows.
Excellent work. Can you point me to examples of implementing full mesh and flooding broadcast and multicast traffic to different tenants on each host? I'm just thirsty for more detailed overlay flows. I love the granular control just would like to know how to support different types of traffic and see some examples.
Replied by linkedin - but copied here:
Some more details on flows on my vids here:
ruclips.net/video/tnSkHhsLqpM/видео.html (overlay network in ovs w. VXLAN)
ruclips.net/video/TD5wmoD7XOE/видео.html
(multiple flow tables, shows more OF flow entry examples, not overlay net. specific though)
Also perhaps Brent Salisbury's blog post here:
networkstatic.net/setting-overlays-open-vswitch/
This blog looks interesting too haven't dug into it much yet....
assafmuller.wordpress.com/
Other than that probably digging around openstack documentation may be fruitful (neutron w. ovs).... docs.openstack.org/
***** Hello - Not really - but here are research papers being submitted to ONS 2014... www.opennetsummit.org/research-track.html maybe there you can see something useful or find contacts....
Hello David , Is there any video which shows how to add flow entries manually in the controller or check flow entries in the controller not in the OVS ?
Good comment not at the moment no, maybe in the future I'll do something like that!
are there any good tutorials which explain the same?
How can we configure the switch to have a layer 3 forwarding, but we want the HTTP traffic destined to host h3 to be blocked, while the HTTP traffic destined to hosts h1 and h2 stays allowed?
thanks ,David Mahler ,
may i ask you a question ? about Opendaylight
you know how to use Action Set VLAN ID in Opendaylight?
Thanx David, this is really awesome video. Can you tell me how to add processing rate of Switch/links
I don't know off hand, sorry! Thanks for commenting!
i love how you call "control" "kettle" lol
Ya, when I first learned it I heard it pronounced that way, I still do sometimes but there are like at least 3 different ways I've heard people pronounce ctl.
Hey , can you make a video on POX controller. I want to work on POX controller having issues starting it itself . Appreciate your efforts :)
yes its really helpful
Hi David ,
Is Open Flow table is something similar to Forwarding database typically used in bridge or Is like Filtering Database available In IEEE 802.1Q protocol
Please give your views on that .
Regards
Rakesh
Amazingg!!
Thanks again!
Great video
For me last command curl is not working..
It sends html doc.
Can u plz tell me where I am doing wrong?
Thanks David for the video. I would like to know whether you have any experience working with wireless and OpenFlow?
Maryam Tanha Hi, no I don't. Try arxiv.org/pdf/1406.0440.pdf theres references to papers on it.
David Mahler
thank you.
Thank U
yw!
Hi .. this is great,,, How do you add Vlans and trunks ports to your switch? and how do you save the configuration so as you do not loose them?
+Adam Abu-Amara github.com/openvswitch/ovs/blob/master/FAQ.md#q-how-do-i-configure-a-port-as-an-access-port
It should be saved and persistent across reboots already....
+Adam Abu-Amara Thanks by the way.
dear David, it would be better to upload some videos related to SDN security.thanks
Hello Yawar - thanks for the suggestion. I'll think about some security focused videos and add it to my list of potential future videos.
Yawar Abbas
GREAT!
Thanks Alex!
for EF last two bits has been considered
Hi, is there an error in the video you saw?
Hi David, for layer 4 matching, my python web server is not giving the same output that you have when doing a 'h1 curl h3'. I get a bunch of hyperlinks and not the statistical info you have. I did a tcpdump on h3 and 3 way handshake is established. I also tried 'h3 sudo python -m SimpleHTTPServer 80 &' and got the same results. Here is curl output, any ideas why my simplehttpserver is not working?
mininet> h1 curl h3
Directory listing for /
Directory listing for /
.bash_history
.bash_logout
.bashrc
.cache/
.config/
.dbus/
.gitconfig
.lesshst
.local/
.mininet_history
.profile
.rnd
.viminfo
.wireshark/
.Xauthority
distributions-virtualization-0.1.1-osgipackage.zip
install-mininet-vm.sh
loxigen/
mininet/
oflops/
oftest/
opendaylight/
openflow/
openflow1-cap.pcapng
pox/
hello sir,
how to set flow table size limitation to support only 5 flow entries..pls reply me...
Hai sir can u please help me with how to make a network topology with 30 nodes in mininet
How add a queue in between controller and switch
Thanks, David. Question: when you 'sh ovs-ofctl show s1', it shows the local port (s1) is PORT_DOWN, LINK_DOWN. But it seems this does not matter? Because when I try to add-port to one of my bridge (wlan0), the status of this port is down, and I cannot control this port then.
ZHEN CAO Hi, I didn't try to get a wireless port to work, so I can't comment on it really!
How can we add static IP to vport 1 and vport 2?
I am trying to learn OVS on my Ubuntu box with KVM.
I have single NIC connected to Internet and I want to create 2 Vport with different IP address for my VM's
Like my single NIC have IP :172.16.1.18/16 and gatway 171.16.1.1 I want to have Vport1 =172.16.1.160 and vport 2= 10.10.0.20 and both vport should get internet access from my gatway 172.16.1.1.
pls let me know how it is possible.
Hi David, mininet> h1 curl h3
curl: No such file or directory
How can we enable Curl?
Hey - you probably have to install it "sudo apt-get install curl" on Ubuntu, or "whereis curl" to see the path to run it
Thanks David I learn so much going thru all your videos today! Thanks for great lessons... #SDN still want to see more from you soon.
Are you writing a blog for this?
I'm not I should though
@@DavidMahler because your knowledge about OVS really nice. Have you ever tried OVN?
Hi David, the command:
sh ovs-ofctl add-flow s1 dl_type=0x800, nw_src=10.0.0.1, nw_dst=10.0.0.2, actions=normal
is giving me the error - 'add-flow' command takes at most 2 arguments.
What do you think might be causing this error?
Ah okay, I just realized! There shouldn't be any spaces after the commas! Wow! That's something. Anyways, your videos are really useful! Thank you so much for your efforts David. Really appreciate it!
Thanks for solving it and posting your results!!
Please update the links. Some links don't work.
Thanks - I saw the ovs-ofctl one didn't work and updated it, that was it right?
yes. thanks a lot. :)
Why h2 can't connect to h3?
mininet> h3 netstat -ntpl
Active Internet connections (only servers)
Proto Recv-Q Send-Q Local Address Foreign Address State PID/Program name
tcp 0 0 0.0.0.0:80 0.0.0.0:* LISTEN 8755/python
mininet> h2 curl h3
curl: (7) Couldn't connect to server
+Flz Huang I figure it out. I have set a http_proxy in previous cmd.
Hi David, is it possible to implement the OpenFlow flow entries with another VM?? Like in your previous video called "Introduction to Open vSwitch (OVS)" on ruclips.net/video/rYW7kQRyUvA/видео.html
using openflow makes me want to kms
lol
Thank you David, that's awesome!
You're welcome!