20210412 Openvswitch ( 一 )

課堂資料

課堂練習

Openvswitch

mkdir ovs-test

cd ovs-test

lab1

terminal 01

mkdir lab1

cd lab1

gedit lab1.py &

mn

h1 ping h2 -c 5

exit

gedit

lab1.py

#!/usr/bin/env python
from mininet.cli import CLI
from mininet.net import Mininet
from mininet.link import Link,TCLink,Intf
from mininet.node import Controller,RemoteController
 
if '__main__' == __name__:
  net = Mininet(link=TCLink)
  h1 = net.addHost('h1')
  h2 = net.addHost('h2')
  s1 = net.addSwitch('s1')
  s2 = net.addSwitch('s2')
  s3 = net.addSwitch('s3')
  c0 = net.addController('c0', controller=RemoteController)
  net.addLink(h1, s1)
  net.addLink(s1, s2)
  net.addLink(s1, s3)
  net.addLink(s3, s2)
  net.addLink(s2, h2)
  net.build()
  c0.start()
  s1.start([c0])
  s2.start([c0])
  s3.start([c0])
  # rules for s1
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:2")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:2")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:3")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0,actions=output:1")
  
  # rules for s2
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:3")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:3")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1")
  s2.cmd("ovs-ofctl add-flow s2 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:3")
  s2.cmd("ovs-ofctl add-flow s2 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0,actions=output:1")
 
  # rules for s3
  s3.cmd("ovs-ofctl add-flow s3 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:2")

  CLI(net)
  net.stop()

terminal 02

ovs-ofctl dump-flows s1

terminal 01

mn --controller=remote

h1 ping h2

h1 arp -n

h1 ping h2 -c 5

h1 arp -n

h2 arp -n

h1 ping h2 -c 5

terminal 02

ovs-ofctl add-flow s1 arp,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,arp_op=1,actions=output:2

ovs-ofctl add-flow s1 arp,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,arp_op=1,actions=output:1

ovs-ofctl dump-flows s1

ovs-ofctl add-flow s1 icpm,nw_src=10.0.0.1,nw_dst=10.0.0.2,icpm_type=8,icpm_code=0,actions=output:2

ovs-ofctl add-flow s1 icpm,nw_src=10.0.0.2,nw_dst=10.0.0.1,icpm_type=0,icpm_code=0,actions=output:1

ovs-ofctl dump-flows s1

python lab1.py

lab1

Ruler S1

ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:2

ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1

ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:2

ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1

ovs-ofctl add-flow s1 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:3

ovs-ofctl add-flow s1 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0,actions=output:1

ovs-ofctl dump-flows s1

Ruler S2

ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:3

ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1

ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=10.0.0.1,arp_tpa=10.0.0.2,actions=output:3

ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=10.0.0.2,arp_tpa=10.0.0.1,actions=output:1

ovs-ofctl add-flow s2 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:3

ovs-ofctl add-flow s2 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0,actions=output:2

ovs-ofctl dump-flows s2

Ruler S3

ovs-ofctl add-flow s3 icmp,nw_src=10.0.0.1,nw_dst=10.0.0.2,icmp_type=8,icmp_code=0,actions=output:2

ovs-ofctl dump-flows s3

xterm s3 s2

s3

wireshark

s3-eth1

s2

wireshark

s2-eth1

h1 ping h2 -c 5

h1 ping s2

h1 ping h2 -c 5

ovs-ofctl dump-flows s2

ovs-ofctl del-flows s2 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0

ovs-ofctl add-flow s2 icmp,nw_src=10.0.0.2,nw_dst=10.0.0.1,icmp_type=0,icmp_code=0,actions=output:1

ovs-ofctl dump-flows s2

h1 ping h2 -c 5

cd ..

mkdir lab2

cd lab2

lab2

terminal 01

gedit lab2.py

lab2.py

#!/usr/bin/env python
from mininet.cli import CLI
from mininet.net import Mininet
from mininet.link import Link,TCLink,Intf
from mininet.node import Controller,RemoteController
 
if '__main__' == __name__:
  net = Mininet(link=TCLink)
  h1 = net.addHost('h1', ip="10.0.0.1/24", mac="00:00:00:00:00:01")
  h2 = net.addHost('h2', ip="10.0.0.2/24", mac="00:00:00:00:00:02")
  h3 = net.addHost('h3', ip="10.0.0.3/24", mac="00:00:00:00:00:03")
  s1 = net.addSwitch('s1')
  c0 = net.addController('c0', controller=RemoteController)
  net.addLink(h1, s1)
  net.addLink(h2, s1)
  net.addLink(h3, s1)
  net.build()
  c0.start()
  s1.start([c0])
  h1.cmd("arp -s 10.0.0.2 00:00:00:00:00:02")
  h1.cmd("arp -s 10.0.0.3 00:00:00:00:00:03")
  h2.cmd("arp -s 10.0.0.1 00:00:00:00:00:01")
  h2.cmd("arp -s 10.0.0.3 00:00:00:00:00:03")
  h3.cmd("arp -s 10.0.0.1 00:00:00:00:00:01")
  h3.cmd("arp -s 10.0.0.2 00:00:00:00:00:02")
  #rules for s1
  #ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.1,actions=output:1
  #ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.2,actions=output:2
  #ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.3,actions=output:3
  #ovs-ofctl add-flow s1 priority=10,udp,nw_dst=10.0.0.2,actions=output:2,mod_dl_dst=00:00:00:00:00:03,mod_nw_dst=10.0.0.3,output:3
  CLI(net)
  net.stop()

python lab2.py

terminal 02

ovs-ofctl add-flow s1 ip,nw_src=10.0.0.1,actions=output:2,output:3

ovs-ofctl del-flows s1

ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.1,actions=output:1

ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.2,actions=output:2

ovs-ofctl add-flow s1 priority=1,ip,nw_dst=10.0.0.3,actions=output:3

xterm h1 h2 h3

h2

iperf -s -i 1 -u

h3

wireshark

h3-eth0

h1

ping 10.0.0.2

iperf -c 10.0.0.2 -u -b 1M -t 1000

terminal 01

pingall

terminal 02

ovs-ofctl add-flow s1 priority=10,ip,nw_src=10.0.0.1,nw_dst=10.0.0.2,actions=output:2,output:3

ovs-ofctl dump-flows s1

ovs-ofctl dump-flows s1

ovs-ofctl show s1

ovs-ofctl add-flow s1 priority=10,ip,nw_src=10.0.0.1,nw_dst=10.0.0.2,actions=output:2,mod_nw_dst=10.0.0.3,output:3

ovs-ofctl dump-flows s1

ovs-ofctl add-flow s1 priority=100,ip,nw_src=10.0.0.1,nw_dst=10.0.0.2,actions=output:2,mod_nw_dst=10.0.0.3,mod_dl_dst=00:00:00:03,output:3

h2

iperf -s -i 1

iperf -s -i 1

h1

iperf -c 10.0.0.2 -t 100

iperf -c 10.0.0.2 -t 100 -i 1

期中考題練習

ICPM Request / ICPM Reply

mkdir exam

cd exam

Switch

gedit switch.py

switch.py

#!/usr/bin/env python
from mininet.cli import CLI
from mininet.net import Mininet
from mininet.link import Link,TCLink,Intf
from mininet.node import Controller,RemoteController
 
if '__main__' == __name__:
  net = Mininet(link=TCLink)
  h1 = net.addHost('h1', ip="192.168.10.1")
  h2 = net.addHost('h2', ip="192.168.20.1")
  s1 = net.addSwitch('s1')
  s2 = net.addSwitch('s2')
  s3 = net.addSwitch('s3')
  s4 = net.addSwitch('s4')
  c0 = net.addController('c0', controller=RemoteController)
  net.addLink(h1, s1)
  net.addLink(s1, s2)
  net.addLink(s1, s3)
  net.addLink(s2, s4)
  net.addLink(s3, s4)
  net.addLink(s4, h2)
  net.build()
  c0.start()
  s1.start([c0])
  s2.start([c0])
  s3.start([c0])
  s4.start([c0])
  # rules for s1
  # h1 ping h2
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:2")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=1,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:2")
  s1.cmd("ovs-ofctl add-flow s1 arp,arp_op=2,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=8,icmp_code=0,actions=output:2")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=0,icmp_code=0,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=8,icmp_code=0,actions=output:1")
  s1.cmd("ovs-ofctl add-flow s1 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=0,icmp_code=0,actions=output:3")

  # rules for s2
  # h1 ping h2
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:2")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=1,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:2")
  s2.cmd("ovs-ofctl add-flow s2 arp,arp_op=2,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s2.cmd("ovs-ofctl add-flow s2 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=8,icmp_code=0,actions=output:2")
  s2.cmd("ovs-ofctl add-flow s2 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=8,icmp_code=0,actions=output:1")

  # rules for s3
  s3.cmd("ovs-ofctl add-flow s3 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=0,icmp_code=0,actions=output:2")
  s3.cmd("ovs-ofctl add-flow s3 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=0,icmp_code=0,actions=output:1")

  # rules for s4
  s4.cmd("ovs-ofctl add-flow s4 arp,arp_op=1,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:3")
  s4.cmd("ovs-ofctl add-flow s4 arp,arp_op=1,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s4.cmd("ovs-ofctl add-flow s4 arp,arp_op=2,arp_spa=192.168.10.1,arp_tpa=192.168.20.1,actions=output:3")
  s4.cmd("ovs-ofctl add-flow s4 arp,arp_op=2,arp_spa=192.168.20.1,arp_tpa=192.168.10.1,actions=output:1")
  s4.cmd("ovs-ofctl add-flow s4 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=8,icmp_code=0,actions=output:3")
  s4.cmd("ovs-ofctl add-flow s4 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=0,icmp_code=0,actions=output:2")
  s4.cmd("ovs-ofctl add-flow s4 icmp,nw_src=192.168.20.1,nw_dst=192.168.10.1,icmp_type=8,icmp_code=0,actions=output:1")
  s4.cmd("ovs-ofctl add-flow s4 icmp,nw_src=192.168.10.1,nw_dst=192.168.20.1,icmp_type=0,icmp_code=0,actions=output:3")


  CLI(net)
  net.stop()

Router ( 因系統無法使用 )

gedit router.py

router.py

#!/usr/bin/env python
from mininet.cli import CLI
from mininet.net import Mininet
from mininet.link import Link,TCLink
 
if '__main__' == __name__:
  net = Mininet(link=TCLink)
  h1 = net.addHost('h1')
  h2 = net.addHost('h2')
  r1 = net.addHost('r1')
  r2 = net.addHost('r2')
  r3 = net.addHost('r3')
  r4 = net.addHost('r4')
  net.addLink(h1, r1)
  net.addLink(r1, r2)
  net.addLink(r1, r3)
  net.addLink(r2, r4)
  net.addLink(r3, r4)
  net.addLink(r4, h2)
  net.build()
  h1.cmd("ifconfig h1-eth0 0")
  h1.cmd("ip addr add 192.168.10.1/24 brd + dev h1-eth0")
  #h1.cmd("ip route add default via 192.168.10.254")
  h1.cmd("ip route add 12.1.1.0/24 via 192.168.10.254")
  h1.cmd("ip route add 13.1.1.0/24 via 192.168.10.254")
  h1.cmd("ip route add 23.1.1.0/24 via 13.1.1.3")
  h1.cmd("ip route add 34.1.1.0/24 via 12.1.1.2")
  h1.cmd("ip route add 192.168.20.0/24 via 34.1.1.4")
  h1.cmd("ip route add 192.168.20.0/24 via 23.1.1.4")
  h2.cmd("ifconfig h2-eth0 0")
  h2.cmd("ip addr add 192.168.20.1/24 brd + dev h2-eth0")
  #h2.cmd("ip route add default via 192.168.20.254")
  h2.cmd("ip route add 12.1.1.0/24 via 34.1.1.2")
  h2.cmd("ip route add 13.1.1.0/24 via 23.1.1.3")
  h2.cmd("ip route add 23.1.1.0/24 via 192.168.20.254")
  h2.cmd("ip route add 34.1.1.0/24 via 192.168.20.254")
  h2.cmd("ip route add 192.168.10.0/24 via 34.1.1.2")
  h2.cmd("ip route add 192.168.10.0/24 via 23.1.1.3")
  r1.cmd("ifconfig r1-eth0 0")
  r1.cmd("ifconfig r1-eth1 0")
  r1.cmd("ifconfig r1-eth2 0")
  r1.cmd("ip addr add 192.168.10.254/24 brd + dev r1-eth0")
  r1.cmd("ip addr add 12.1.1.1/24 brd + dev r1-eth1")
  r1.cmd("ip addr add 13.1.1.1/24 brd + dev r1-eth2")
  r1.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")
  r1.cmd("ip route add 34.1.1.0/24 via 12.1.1.2")
  r1.cmd("ip route add 23.1.1.0/24 via 13.1.1.3")
  r1.cmd("ip route add 192.168.20.0/24 via 23.1.1.4")
  r1.cmd("ip route add 192.168.20.0/24 via 34.1.1.4")
  r2.cmd("ifconfig r2-eth0 0")
  r2.cmd("ifconfig r2-eth1 0")
  r2.cmd("ip addr add 12.1.1.2/24 brd + dev r2-eth0")
  r2.cmd("ip addr add 34.1.1.2/24 brd + dev r2-eth1")
  r2.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")
  r2.cmd("ip route add 13.1.1.0/24 via 12.1.1.1")
  r2.cmd("ip route add 23.1.1.0/24 via 34.1.1.4")
  r2.cmd("ip route add 192.168.10.0/24 via 12.1.1.1")
  r2.cmd("ip route add 192.168.20.0/24 via 34.1.1.4")
  r3.cmd("ifconfig r3-eth0 0")
  r3.cmd("ifconfig r3-eth1 0")
  r3.cmd("ip addr add 13.1.1.3/24 brd + dev r3-eth0")
  r3.cmd("ip addr add 23.1.1.3/24 brd + dev r3-eth1")
  r3.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")
  r3.cmd("ip route add 12.1.1.0/24 via 13.1.1.1")
  r3.cmd("ip route add 34.1.1.0/24 via 23.1.1.4")
  r3.cmd("ip route add 192.168.10.0/24 via 13.1.1.1")
  r3.cmd("ip route add 192.168.20.0/24 via 23.1.1.4")
  r4.cmd("ifconfig r4-eth0 0")
  r4.cmd("ifconfig r4-eth1 0")
  r4.cmd("ifconfig r4-eth2 0")
  r4.cmd("ip addr add 34.1.1.4/24 brd + dev r4-eth0")
  r4.cmd("ip addr add 23.1.1.4/24 brd + dev r4-eth1")
  r4.cmd("ip addr add 192.168.20.254/24 brd + dev r4-eth2")
  r4.cmd("echo 1 > /proc/sys/net/ipv4/ip_forward")
  r4.cmd("ip route add 12.1.1.0/24 via 34.1.1.2")
  r4.cmd("ip route add 13.1.1.0/24 via 23.1.1.3")
  r4.cmd("ip route add 192.168.10.0/24 via 12.1.1.1")
  r4.cmd("ip route add 192.168.10.0/24 via 13.1.1.1")
  CLI(net)
  net.stop()

加分題