环路拓扑

组成拓扑结构的脚本

构成连通脚本

ip netns add ns1

ovs-vsctl add-br br1

ovs-vsctl add-port br1 tap1 -- set Interface tap1 type=internal

ip link set tap1 netns ns1

ip netns exec ns1 ip addr add 1.1.1.1/24 dev tap1

ip netns exec ns1 ip link set tap1 up

ip netns add ns2

ovs-vsctl add-br br2

ovs-vsctl add-port br2 tap2 -- set Interface tap2 type=internal

ip link set tap2 netns ns2

ip netns exec ns2 ip addr add 1.1.1.2/24 dev tap2

ip netns exec ns2 ip link set tap2 up

ip netns add ns3

ovs-vsctl add-br br3

ovs-vsctl add-port br3 tap3 -- set Interface tap3 type=internal

ip link set tap3 netns ns3

ip netns exec ns3 ip addr add 1.1.1.3/24 dev tap3

ip netns exec ns3 ip link set tap3 up

ip link  add br1-br2 type veth peer name br2-br1

ip link  add br1-br3 type veth peer name br3-br1

ip link  add br2-br3 type veth peer name br3-br2

ip link set dev br1-br2  up

ip link set dev br2-br1  up

ip link set dev br1-br3  up

ip link set dev br3-br1  up

ip link set dev br2-br3  up

ip link set dev br3-br2  up

#连接br1 <-> br2

ovs-vsctl add-port br1 br1-br2

ovs-vsctl add-port br2 br2-br1

#连接br1<->br3

ovs-vsctl add-port br1 br1-br3

ovs-vsctl add-port br3 br3-br1

#连接br2<->br3 一半

ovs-vsctl add-port br2 br2-br3

  拓扑清理脚本

ip link  del br1-br2 type veth peer name br2-br1

ip link  del br1-br3 type veth peer name br3-br1

ip link  del br2-br3 type veth peer name br3-br2

ovs-vsctl del-br br1

ovs-vsctl del-br br2

ovs-vsctl del-br br3

ip netns del ns1

ip netns del ns2

ip netns del ns3

上述脚本执行完成后br3 <-> br2 未完全连接,因此还未组成环路

此时测试连通性:

连通脚本的测试命令

ip netns exec ns1 ping -c 3 1.1.1.2

ip netns exec ns1 ping -c 4 1.1.1.3

  

测试结果

root@controller-VirtualBox:~# ip netns exec ns1 ping -c 3 1.1.1.2

PING 1.1.1.2 (1.1.1.2) 56(84) bytes of data.

64 bytes from 1.1.1.2: icmp_seq=1 ttl=64 time=0.225 ms

64 bytes from 1.1.1.2: icmp_seq=2 ttl=64 time=0.049 ms

64 bytes from 1.1.1.2: icmp_seq=3 ttl=64 time=0.051 ms

--- 1.1.1.2 ping statistics ---

3 packets transmitted, 3 received, 0% packet loss, time 2031ms

rtt min/avg/max/mdev = 0.049/0.108/0.225/0.082 ms

root@controller-VirtualBox:~# ip netns exec ns1 ping -c 4 1.1.1.3

PING 1.1.1.3 (1.1.1.3) 56(84) bytes of data.

64 bytes from 1.1.1.3: icmp_seq=1 ttl=64 time=0.219 ms

64 bytes from 1.1.1.3: icmp_seq=2 ttl=64 time=0.051 ms

64 bytes from 1.1.1.3: icmp_seq=3 ttl=64 time=0.046 ms

64 bytes from 1.1.1.3: icmp_seq=4 ttl=64 time=0.050 ms

--- 1.1.1.3 ping statistics ---

4 packets transmitted, 4 received, 0% packet loss, time 3065ms

rtt min/avg/max/mdev = 0.046/0.091/0.219/0.074 ms

  

将br2和br3连通组成二层环路

ovs-vsctl add-port br3 br3-br2

环路后进行ping连通测试结果,时通时不通

root@controller-VirtualBox:~# ip netns exec ns1 ping -c 30 1.1.1.2

PING 1.1.1.2 (1.1.1.2) 56(84) bytes of data.

64 bytes from 1.1.1.2: icmp_seq=1 ttl=64 time=0.436 ms

--- 1.1.1.2 ping statistics ---

18 packets transmitted, 1 received, 94% packet loss, time 17402ms

rtt min/avg/max/mdev = 0.436/0.436/0.436/0.000 ms

  

环路情况下分析

  • 查询接口名称和接口索引的对应关系

    root@controller-VirtualBox:~# ovs-ofctl show br1
    
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000bee79fe0e948
    
n_tables:254, n_buffers:0
    
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
    
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
    
 1(tap1): addr:ff:7f:00:00:36:38
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
 2(br1-br2): addr:b2:86:95:fa:4b:b9
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 3(br1-br3): addr:12:a5:67:28:40:f1
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 LOCAL(br1): addr:be:e7:9f:e0:e9:48
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
    
root@controller-VirtualBox:~# ovs-ofctl show br2
    
OFPT_FEATURES_REPLY (xid=0x2): dpid:00007a10ec6b6942
    
n_tables:254, n_buffers:0
    
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
    
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
    
 1(tap2): addr:ff:7f:00:00:36:38
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
 2(br2-br1): addr:0e:dd:29:5c:73:ec
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 3(br2-br3): addr:4a:73:b5:67:af:fe
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 LOCAL(br2): addr:7a:10:ec:6b:69:42
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0
    
root@controller-VirtualBox:~# ovs-ofctl show br3
    
OFPT_FEATURES_REPLY (xid=0x2): dpid:0000462c85b99a4d
    
n_tables:254, n_buffers:0
    
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
    
actions: output enqueue set_vlan_vid set_vlan_pcp strip_vlan mod_dl_src mod_dl_dst mod_nw_src mod_nw_dst mod_nw_tos mod_tp_src mod_tp_dst
    
 1(tap3): addr:ff:7f:00:00:36:38
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
 2(br3-br1): addr:ca:ed:37:ef:7d:21
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 3(br3-br2): addr:ea:55:a1:2e:d9:d1
    
     config:     0
    
     state:      0
    
     current:    10GB-FD COPPER
    
     speed: 10000 Mbps now, 0 Mbps max
    
 LOCAL(br3): addr:46:2c:85:b9:9a:4d
    
     config:     PORT_DOWN
    
     state:      LINK_DOWN
    
     speed: 0 Mbps now, 0 Mbps max
    
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0 

  • 查看ns1的arp表项,发现已经无法学习到1.1.1.2 mac地址

    root@controller-VirtualBox:~# ip netns exec ns1 arp -n
    
Address                  HWtype  HWaddress           Flags Mask            Iface
    
1.1.1.3                  ether   72:e4:76:db:2e:c5   C                     tap1
    
1.1.1.2                          (incomplete)                              tap1

      

  • 分别查看br1、br2、br3的mac转发表,发现br1和br2表项已经错乱

      

    root@controller-VirtualBox:~# ovs-appctl fdb/show br1
    
 port  VLAN  MAC                Age
    
    2     0  3a:52:a3:d6:67:12    0
    
    3     0  b2:86:95:fa:4b:b9    0
    
    3     0  02:a1:bd:ae:56:75    0
    
root@controller-VirtualBox:~# ovs-appctl fdb/show br2
    
 port  VLAN  MAC                Age
    
    3     0  3a:52:a3:d6:67:12    0
    
    2     0  b2:86:95:fa:4b:b9    0
    
    2     0  02:a1:bd:ae:56:75    0
    
root@controller-VirtualBox:~# ovs-appctl fdb/show br3
    
 port  VLAN  MAC                Age
    
    2     0  3a:52:a3:d6:67:12    0
    
    3     0  b2:86:95:fa:4b:b9    0
    
    2     0  02:a1:bd:ae:56:75    0

      表项错乱说明:

    br1连接ns1的tap1本应该从接口1学习到,结果从接口三学习到
    br2连接ns2的tap2本应该从接口1学习到,结果从接口三学习到

    开启ovs stp解决上述二层环路问题

  ovs-vsctl list bridge查看stp默认是关闭的

开启stp

ovs-vsctl set Bridge br1 stp_enable=true

ovs-vsctl set Bridge br2 stp_enable=true

ovs-vsctl set Bridge br3 stp_enable=true

经过测试网络恢复正常

root@controller-VirtualBox:~# ip netns exec ns1 ping -c 2 1.1.1.2

PING 1.1.1.2 (1.1.1.2) 56(84) bytes of data.

64 bytes from 1.1.1.2: icmp_seq=1 ttl=64 time=0.272 ms

64 bytes from 1.1.1.2: icmp_seq=2 ttl=64 time=0.057 ms

--- 1.1.1.2 ping statistics ---

2 packets transmitted, 2 received, 0% packet loss, time 1023ms

rtt min/avg/max/mdev = 0.057/0.164/0.272/0.108 ms

root@controller-VirtualBox:~# ip netns exec ns1 ping -c 3 1.1.1.3

PING 1.1.1.3 (1.1.1.3) 56(84) bytes of data.

64 bytes from 1.1.1.3: icmp_seq=1 ttl=64 time=0.463 ms

64 bytes from 1.1.1.3: icmp_seq=2 ttl=64 time=0.068 ms

64 bytes from 1.1.1.3: icmp_seq=3 ttl=64 time=0.050 ms

  

stp研究

ovs-vsctl list bridge 获取到如下信息

br3 stp_root_path_cost=”0”
br2 stp_root_path_cost=”2”
br1 stp_root_path_cost=”2”‘

在br3-br1处抓包,并且令开窗口ns1 ping ns2

窗口1: ns1 ping ns2

root@controller-VirtualBox:~# ping 1.1.1.2

PING 1.1.1.2 (1.1.1.2) 56(84) bytes of data.

64 bytes from 1.1.1.2: icmp_seq=1 ttl=64 time=0.502 ms

64 bytes from 1.1.1.2: icmp_seq=2 ttl=64 time=0.078 ms

  窗口2:抓取到报文流量经过了br3

tcpdump: verbose output suppressed, use -v or -vv for full protocol decode

listening on br3-br1, link-type EN10MB (Ethernet), capture size 262144 bytes

15:08:46.538492 IP 1.1.1.1 > 1.1.1.2: ICMP echo request, id 4525, seq 3, length 64

15:08:46.538524 IP 1.1.1.2 > 1.1.1.1: ICMP echo reply, id 4525, seq 3, length 64

  通过测试得知上述环形网络,已经被逻辑修剪为如下拓扑图,从此解决了ovs二层环路问题

组成拓扑结构的脚本

stp相关命令总结

  • 开启br1 stp

    ovs-vsctl set bridge br1 tp_enable=ture 

  • 关闭br1 stp

    ovs-vsctl set Bridge br1 stp_enable=false

  • 设置br1 stp cost

    ovs-vsctl set Port br2-br1 other_config:stp-path-cost=100

  • 查询br1 stp状态

    ovs-vsctl get bridge br1 stp_enable

  • 设置br1的stp优先级

    ovs-vsctl set bridge br1 other_config:stp-priority=0x7800

  • 移除br1 stp设置

    ovs-vsctl clear bridge br100 other_config

      

ovs stp的更多相关文章

  1. OVS操作总结

    转载:http://www.aboutyun.com/thread-11777-1-1.html Open vSwitch(下面简称为 OVS)是由 Nicira Networks 主导的,运行在虚拟 ...

  2. ubuntu 14.04设备OVS虚拟OpenFlow交换机配置汇总

    一.设备OVS sudo apt-get install openvswitch-controller openvswitch-switch openvswitch-datapath-source ( ...

  3. [cloud][ovs][sdn] 安装 openvswitch-dpdk

    [cloud][OVS][sdn] Open vSwitch 初步了解 继之前的内容,安装基于dpdk的ovs https://docs.openvswitch.org/en/latest/intro ...

  4. [cloud][OVS][sdn] Open vSwitch 初步了解

    What is Open vSwitch? Open vSwitch is a production quality, multilayer virtual switch licensed under ...

  5. OVS

    基于 OpenvSwitch的OpenFlow实践 Open vSwitch 概述 OpenvSwitch(简称OVS)是由NiciraNetworks主导的,运行在虚拟化平台(例如 KVM,Xen) ...

  6. ubuntu 14.04安装OVS虚拟OpenFlow交换机配置总结

    一.安装OVS sudo apt-get install openvswitch-controller openvswitch-switch openvswitch-datapath-source ( ...

  7. OVS处理upcall流程分析

    处理upcall总体框架: 1.由函数handle_upcalls()批量处理(in batches)的是由内核传上来的dpif_upcalls,会解析出upcall的类型.这里主要看在内核中匹配流表 ...

  8. Docker容器跨主机通信之:OVS+GRE

    一.概述 由于docker自身还未支持跨主机容器通信,需要借助docker网络开源解决方案 OVS OpenVSwich即开放式虚拟交换机实现,简称OVS,OVS在云计算领域应用广泛,值得我们去学习使 ...

  9. 创建 OVS flat network - 每天5分钟玩转 OpenStack(134)

    上一节完成了 flat 的配置工作,今天创建 OVS flat network.Admin -> Networks,点击 "Create Network" 按钮. 显示创建页 ...

随机推荐

  1. Java SE学习【三】——JDBC

    最近学到了数据库与java的jdbc方面,还有个DAO模式,写一下自己的理解,后期有什么不对的再改. 一.数据库三范式的理解 记得以前上课时,也上了一学期的“数据库系统原理”,给我们上课的老师算是渣渣 ...

  2. spring学习 十四 注解AOP 通知传递参数

    我们在对切点进行增强时,不建议对切点进行任何修改,因此不加以使用@PointCut注解打在切点上,尽量只在Advice上打注解(Before,After等),如果要在通知中接受切点的参数,可以使用Jo ...

  3. DOM-查找和修改

    1. 查找: 按HTML查找: 问题: 每次只能按一个条件查找,如果查找条件复杂,则步骤很繁琐 解决: 选择器: 按选择器查找: 2个API 1. 只查找一个元素: var elem=parent.q ...

  4. css中元素的位置

    一.display 1.display:none 隐藏标签 2.display:inline 将块级标签改为内联标签 3.display:block 将内联标签改为块级标签 4.display:inl ...

  5. tomat修改启动路径

    https://blog.csdn.net/axela30w/article/details/76546735

  6. vs2015转到定义没反应

    开始菜单 -->所有程序-->Visual Studio 文件夹 --> Visual Studio Tools -->VS2015开发人员命令提示输入DOS命令: CD Co ...

  7. CodeForces 235E Number Challenge (莫比乌斯反演)

    题意:求,其中d(x) 表示 x 的约数个数. 析:其实是一个公式题,要知道一个结论 知道这个结论就好办了. 然后就可以解决这个问题了,优化就是记忆化gcd. 代码如下: #pragma commen ...

  8. java并发控制工具类和集合等

    转载自:https://my.oschina.net/hosee/blog/607677 摘要: 本系列基于炼数成金课程,为了更好的学习,做了系列的记录. 本文主要介绍: 1.各种同步控制工具的使用 ...

  9. 腾讯云 centos 一键安装nginx环境

    这里测试centos版本为7.4 进入命令行直接敲入一下代码 $ yum install nginx 根据提示 进行确认 下一步 即可安装完毕: 服务器默认根目录为 : /usr/share/ngin ...

  10. 启动Android App时,动态将Sqlite数据库文件导入到手机中类方法

    package com.aqioo.db; import java.io.File; import java.io.FileOutputStream; import java.io.InputStre ...