- 產品與解決方案
- 行業解決方案
- 服務
- 支持
- 合作夥伴
- 關於我們
56-OpenFlow典型配置舉例
本章節下載: 56-OpenFlow典型配置舉例 (197.64 KB)
H3C S6800&S6860&S6861產品OpenFlow典型配置舉例
Copyright © 2019 bobty下载软件 版權所有,保留一切權利。
非經本公司書麵許可,任何單位和個人不得擅自摘抄、複製本文檔內容的部分或全部,並不得以任何形式傳播。
除bobty下载软件 的商標外,本手冊中出現的其它公司的商標、產品標識及商品名稱,由各自權利人擁有。
本文檔中的信息可能變動,恕不另行通知。
目 錄
本文檔介紹了OpenFlow的配置舉例。
OpenFlow允許控製器直接訪問和操作網絡設備的轉發平麵,將控製平麵和數據平麵分離。交換機依據控製器下發的流表(Flow Table)對報文進行匹配和轉發,在同一個流表中按照流表項的優先級大小進行匹配。一個OpenFlow交換機可以包含一個或者多個流表。
本文檔中的配置均是在實驗室環境下進行的配置和驗證,配置前設備的所有參數均采用出廠時的缺省配置。如果您已經對設備進行了配置,為了保證配置效果,請確認現有配置和以下舉例中的配置不衝突。
本文假設您已了解OpenFlow特性。
如圖1所示,Host A和Host C屬於VLAN 4092;Host B和Host D屬於VLAN 4094;它們之間通過Switch A和Swtich B進行連接。現要求通過對Switch A和Switch B進行OpenFlow配置,使VLAN 4092和VLAN 4094內的主機基於控製器下發的流表項進行通信,即要求交換機對VLAN 4092和VLAN 4094內的數據進行OpenFlow轉發。
圖1 OpenFlow基本功能配置舉例組網圖
· 為了使控製器可以通過LLDP學習OpenFlow網絡拓撲,設備上必須全局使能LLDP功能。
· 為了使OpenFlow實例與控製器建立連接,需要配置交換機與控製器之間路由可達,本例中以VLAN接口1作為與控製器通信的接口。
· 為了保持交換機與控製器之間連接的可靠性,需要使用TCP/SSL建立連接。本例中采用TCP方式建立交換機與控製器之間的連接。如果需要更高的連接可靠性,可以選擇使用SSL建立連接。
· 為了使連接主機的Access類型的端口成為OpenFlow端口,配置映射VLAN 4092、VLAN 4094時,需要選擇Loosen模式。
表1 適用產品及版本
|
產品 |
軟件版本 |
|
S6800係列 S6860係列 S6861係列 |
Release 2702 |
# 配置VLAN。
<SwitchA> system-view
[SwitchA] vlan 4092
[SwitchA-vlan4092] quit
[SwitchA] vlan 4094
[SwitchA-vlan4094] quit
# 配置Switch A上的接口Ten-GigabitEthernet3/0/1、Ten-GigabitEthernet3/0/2和Ten-GigabitEthernet3/0/3。
[SwitchA] interface Ten-GigabitEthernet 3/0/1
[SwitchA-Ten-GigabitEthernet3/0/1] port access vlan 4092
[SwitchA-Ten-GigabitEthernet3/0/1] quit
[SwitchA] interface Ten-GigabitEthernet 3/0/2
[SwitchA-Ten-GigabitEthernet3/0/2] port access vlan 4094
[SwitchA-Ten-GigabitEthernet3/0/2] quit
[SwitchA] interface Ten-GigabitEthernet 3/0/3
[SwitchA-Ten-GigabitEthernet3/0/3] port link-type trunk
[SwitchA-Ten-GigabitEthernet3/0/3] port trunk permit vlan 4092 4094
[SwitchA-Ten-GigabitEthernet3/0/3] quit
# 全局使能LLDP功能。
[SwitchA] lldp global enable
# 配置VLAN接口1用於和控製器建立連接。
[SwitchA] interface Vlan-interface 1
[SwitchA-Vlan-interface1] ip address 192.168.2.125 255.255.255.0
[SwitchA-Vlan-interface1] quit
# 創建OpenFlow實例1並映射VLAN 4092和VLAN 4094,同時選擇映射模式為Loosen模式。
[SwitchA] openflow instance 1
[SwitchA-of-inst-1] classification vlan 4092 mask 4093 loosen
# 配置控製器0的IP地址並激活實例。
[SwitchA-of-inst-1] controller 0 address ip 192.168.2.225
[SwitchA-of-inst-1] active instance
[SwitchA-of-inst-1] quit
# 配置VLAN。
<SwitchB> system-view
[SwitchB] vlan 4092
[SwitchB-vlan4092] quit
[SwitchB] vlan 4094
[SwitchB-vlan4094] quit
# 配置Switch B上的接口Ten-GigabitEthernet3/0/1、Ten-GigabitEthernet3/0/2和Ten-GigabitEthernet3/0/3。
[SwitchB] interface Ten-GigabitEthernet 3/0/1
[SwitchB-Ten-GigabitEthernet3/0/1] port access vlan 4092
[SwitchB-Ten-GigabitEthernet3/0/1] quit
[SwitchB] interface Ten-GigabitEthernet 3/0/2
[SwitchB-Ten-GigabitEthernet3/0/2] port access vlan 4094
[SwitchB-Ten-GigabitEthernet3/0/2] quit
[SwitchB] interface Ten-GigabitEthernet 3/0/3
[SwitchB-Ten-GigabitEthernet3/0/3] port link-type trunk
[SwitchB-Ten-GigabitEthernet3/0/3] port trunk permit vlan 4092 4094
[SwitchB-Ten-GigabitEthernet3/0/3] quit
# 全局使能LLDP功能。
[SwitchB] lldp global enable
# 配置VLAN接口1用於和控製器建立連接。
[SwitchB] interface Vlan-interface 1
[SwitchB-Vlan-interface1] ip address 192.168.2.126 255.255.255.0
[SwitchB-Vlan-interface1] quit
# 創建OpenFlow實例1並映射VLAN 4092和VLAN 4094,同時選擇映射模式為Loosen模式。
[SwitchB] openflow instance 1
[SwitchB-of-inst-1] classification vlan 4092 mask 4093 loosen
# 配置控製器0的IP地址並激活實例。
[SwitchB-of-inst-1] controller 0 address ip 192.168.2.225
[SwitchB-of-inst-1] active instance
[SwitchB-of-inst-1] quit
# 以Switch A為例,查看OpenFlow實例1的信息。
[SwitchA] display openflow instance 1
Instance 1 information:
Configuration information:
Description : --
Active status : Active
Inactive configuration:
None
Active configuration:
Classification VLAN, loosen mode, total VLANs(2)
4092, 4094
In-band management VLAN, total VLANs(0)
Empty VLAN
Connect mode: Multiple
MAC address learning: Enabled
Flow table:
Table ID(type): 0(Extensibility), count: 1
Flow-entry max-limit: 65535
Datapath ID: 0x000174258a024c00
...
Port information:
Ten-GigabitEthernet3/0/1
Ten-GigabitEthernet3/0/2
Ten-GigabitEthernet3/0/3
Active channel information:
Controller 0 IP address: 192.168.2.225 port: 6633
以上信息表明以太接口Ten-GigabitEthernet3/0/1、Ten-GigabitEthernet3/0/2、Ten-GigabitEthernet3/0/3已配置為OpenFlow端口,即可以進行OpenFlow數據轉發。
# 查看Switch A與控製器的連接信息。
[SwitchA] display openflow instance 1 controller
Instance 1 controller information:
Reconnect interval: 60 (s)
Echo interval : 5 (s)
Controller ID : 0
Controller IP address : 192.168.2.225
Controller port : 6633
Controller role : Equal
Connect type : TCP
Connect state : Established
Packets sent : 132
Packets received : 434
SSL policy : --
VRF name : --
以上信息表明Swithc A已與控製器建立連接。
# 查看Switch A上的流表信息。
[SwitchA] display openflow instance 1 flow-table
Instance 1 flow table information:
Table 0 information:
Table type: Extensibility, flow entry count: 1, total flow entry count: 1
MissRule flow entry information:
cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: flow_send_rem,
byte count: 0, packet count: 0
Match information: any
Instruction information:
Write actions:
Output interface: Controller, send length: 65509 bytes
以上信息表明此時Switch A上隻有一條優先級為0的TableMiss流表項,且該條流表項的動作為上送控製器(不同控製器的缺省動作可能不同,具體請參見控製器的相關資料)。
# Host A ping Host C。
Ping 10.1.1.2 (10.1.1.2): 56 data bytes, press CTRL_C to break
56 bytes from 10.1.1.2: icmp_seq=0 ttl=255 time=4.582 ms
56 bytes from 10.1.1.2: icmp_seq=1 ttl=255 time=1.299 ms
56 bytes from 10.1.1.2: icmp_seq=2 ttl=255 time=1.389 ms
56 bytes from 10.1.1.2: icmp_seq=3 ttl=255 time=6.688 ms
56 bytes from 10.1.1.2: icmp_seq=4 ttl=255 time=1.294 ms
--- Ping statistics for 10.1.1.2 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.294/3.050/6.688/2.213 ms
以上信息表明Host A與Host C之間是互通的。
# 查看Switch A上的流表信息。
[SwitchA] display openflow instance 1 flow-table
Instance 1 flow table information:
Table 0 information:
Table type: Extensibility, flow entry count: 4, total flow entry count: 4
MissRule flow entry information:
cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: flow_send_rem,
byte count: 0, packet count: 0
Match information: any
Instruction information:
Write actions:
Output interface: Controller, send length: 65509 bytes
Flow entry 1 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 1
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c5
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8034
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0806
Instruction information:
Write actions:
Output interface: XGE3/0/1
Flow entry 2 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/1
Ethernet destination MAC address: 7425-8a0f-8034
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 0cda-41b1-d1c5
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/3
Flow entry 3 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c5
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8034
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/1
以上信息表明Host A和Host C之間ARP應答報文和ICMP請求/應答報文成功觸發控製器下發流表項,且相應的數據報文基於下發的流表項進行轉發。
# Host B ping Host D。
Ping 20.1.1.2 (20.1.1.2): 56 data bytes, press CTRL_C to break
56 bytes from 20.1.1.2: icmp_seq=0 ttl=255 time=1.620 ms
56 bytes from 20.1.1.2: icmp_seq=1 ttl=255 time=6.625 ms
56 bytes from 20.1.1.2: icmp_seq=2 ttl=255 time=1.454 ms
56 bytes from 20.1.1.2: icmp_seq=3 ttl=255 time=1.134 ms
56 bytes from 20.1.1.2: icmp_seq=4 ttl=255 time=1.260 ms
--- Ping statistics for 20.1.1.2 ---
5 packet(s) transmitted, 5 packet(s) received, 0.0% packet loss
round-trip min/avg/max/std-dev = 1.134/2.419/6.625/2.110 ms
以上信息表明Host B與Host D之間是互通的。
# 再次查看Switch A上的流表信息。
[SwitchA] display openflow instance 1 flow-table
Instance 1 flow table information:
Table 0 information:
Table type: Extensibility, flow entry count: 7, total flow entry count: 7
MissRule flow entry information:
cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: flow_send_rem,
byte count: 0, packet count: 0
Match information: any
Instruction information:
Write actions:
Output interface: Controller, send length: 65509 bytes
Flow entry 1 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 1
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c5
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8034
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0806
Instruction information:
Write actions:
Output interface: XGE3/0/1
Flow entry 2 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/1
Ethernet destination MAC address: 7425-8a0f-8034
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 0cda-41b1-d1c5
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/3
Flow entry 3 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c5
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8034
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/1
Flow entry 4 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 1
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c4
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8035
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0806
Instruction information:
Write actions:
Output interface: XGE3/0/2
Flow entry 5 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/2
Ethernet destination MAC address: 7425-8a0f-8035
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 0cda-41b1-d1c4
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/3
Flow entry 6 information:
cookie: 0x2328, priority: 29999, hard time: 0, idle time: 300, flags:
flow_send_rem, byte count: 1, packet count: 4
Match information:
Input interface: XGE3/0/3
Ethernet destination MAC address: 0cda-41b1-d1c4
Ethernet destination MAC address mask: ffff-ffff-ffff
Ethernet source MAC address: 7425-8a0f-8035
Ethernet source MAC address mask: ffff-ffff-ffff
Ethernet type: 0x0800
Instruction information:
Write actions:
Output interface: XGE3/0/2
以上信息表明Host B和Host D之間ARP應答報文和ICMP請求/應答報文也成功觸發控製器下發流表項,且相應的數據報文基於下發的流表項進行轉發。
· Switch A:
#
lldp global enable
#
vlan 4092
#
vlan 4094
#
openflow instance 1
classification vlan 4092 mask 4093 loosen
controller 0 address ip 192.168.2.225
active instance
#
interface Vlan-interface1
ip address 192.168.2.125 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port link-mode bridge
port access vlan 4092
#
interface Ten-GigabitEthernet3/0/2
port link-mode bridge
port access vlan 4094
#
interface Ten-GigabitEthernet3/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 4092 4094
#
· Switch B:
#
lldp global enable
#
vlan 4092
#
vlan 4094
#
openflow instance 1
classification vlan 4092 mask 4093 loosen
controller 0 address ip 192.168.2.225
active instance
#
interface Vlan-interface1
ip address 192.168.2.126 255.255.255.0
#
interface Ten-GigabitEthernet3/0/1
port link-mode bridge
port access vlan 4092
#
interface Ten-GigabitEthernet3/0/2
port link-mode bridge
port access vlan 4094
#
interface Ten-GigabitEthernet3/0/3
port link-mode bridge
port link-type trunk
port trunk permit vlan 1 4092 4094
#
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 OpenFlow配置指導
· H3C S6800[60][61](R27xx) & S6820(R630x)係列以太網交換機 OpenFlow命令參考
不同款型規格的資料略有差異, 詳細信息請向具體銷售和400谘詢。H3C保留在沒有任何通知或提示的情況下對資料內容進行修改的權利!
支持
