📉
Linux 网络 和 SDN 入门实践
  • 概述
  • linux 网络
    • bridge
    • veth pair
    • tun/tap
    • macvlan
    • macvtap
    • ipvlan
    • ipvtap
  • Open vSwitch
    • 编译
    • 启动
    • bridge
    • port
  • 进阶
    • 使用 OVS 打通多节点上的容器通信(Overlay)
    • 使用 OVS 打通多节点上的容器通信(Underlay)
    • 同主机同vlan的容器通信
    • 同主机不同 vlan 的容器通信
    • 不同主机同 vlan 的容器通信
    • 不同主机不同 vlan 的容器通信
    • ovs 使用 OpenFlow
    • iptables 模拟 service
  • 名词解释
    • 生成树协议(STP)
    • hairpin
    • ingress/egress filtering
    • ip address spoofing
    • CIDR
    • BGP(边界网关协议)
    • arp
    • ipip
    • LLDP
    • MPLS
    • in-band 和 out-band
    • TOR
  • 常用命令参考
    • ip
    • arp 和 arping
    • iptables
  • 参考资料
    • bridege
Powered by GitBook
On this page

Was this helpful?

  1. 进阶

ovs 使用 OpenFlow

Previous不同主机不同 vlan 的容器通信Nextiptables 模拟 service

Last updated 4 years ago

Was this helpful?

官方的文档比较全面,推荐阅读:

1.ovs 启用 OpenFlow

$ ovs-vsctl set bridge br0 \
    protocols=OpenFlow10,OpenFlow11,OpenFlow12,OpenFlow13

2. ovs drop 目的地址的 arp 包

$ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop

A: The term “normalization” in the log message means that a flow cannot match on an L3 field without saying what L3 protocol is in use. The “ovs-ofctl” command above didn’t specify an L3 protocol, so the L3 field match was dropped.

In this case, the L3 protocol could be IP or ARP. A correct command for each possibility is, respectively:

$ ovs-ofctl add-flow br0 ip,nw_dst=192.168.0.1,actions=drop

and:

$ ovs-ofctl add-flow br0 arp,nw_dst=192.168.0.1,actions=drop

Similarly, a flow cannot match on an L4 field without saying what L4 protocol is in use. For example, the flow match tp_src=1234 is, by itself, meaningless and will be ignored. Instead, to match TCP source port 1234, write tcp,tp_src=1234, or to match UDP source port 1234, write udp,tp_src=1234.

http://docs.openvswitch.org/en/latest/faq/openflow/