本例子主要演示多台主机通过Vlan进行L2隔离,利用mininet虚拟出openflow交换机,并对其进行控制,mininet交换机拓扑图如下:
配置mininet拓扑:
1 |
sudo mn --controller=remote,ip=172.31.2.70 --custom multi_vlan_network.py --topo mytopo |
multi_vlan_network.py脚本如下:
1 2 3 4 5 6 7 8 9 10 11 12 13 14 15 16 17 18 19 20 21 22 23 24 25 26 27 28 29 30 31 32 33 34 35 36 37 38 39 40 41 42 43 44 45 46 47 48 49 50 51 52 53 54 55 56 57 58 59 60 61 62 63 64 65 66 67 |
#!/usr/bin/python from mininet.node import Host, RemoteController from mininet.topo import Topo import apt #Note Vlan package check only work with ubuntu #Please comment the package check if your running the script other than ubuntu #package check Start cache = apt.Cache() if cache['vlan'].is_installed: print "Vlan installed" else: print "ERROR:VLAN package not installed please run sudo apt-get install vlan" exit(1) #package check End class VLANHost( Host ): def config( self, vlan=100, **params ): """Configure VLANHost according to (optional) parameters: vlan: VLAN ID for default interface""" r = super( Host, self ).config( **params ) intf = self.defaultIntf() # remove IP from default, "physical" interface self.cmd( 'ifconfig %s inet 0' % intf ) # create VLAN interface self.cmd( 'vconfig add %s %d' % ( intf, vlan ) ) # assign the host's IP to the VLAN interface self.cmd( 'ifconfig %s.%d inet %s' % ( intf, vlan, params['ip'] ) ) # update the intf name and host's intf map newName = '%s.%d' % ( intf, vlan ) # update the (Mininet) interface to refer to VLAN interface name intf.name = newName # add VLAN interface to host's name to intf map self.nameToIntf[ newName ] = intf return r class MyTopo( Topo ): "Simple topology example." def __init__( self ): "Create custom topo." # Initialize topology Topo.__init__( self ) # Add hosts and switches host1=self.addHost( 'h1', cls=VLANHost, vlan=200) host2=self.addHost( 'h2', cls=VLANHost, vlan=300) host3=self.addHost( 'h3', cls=VLANHost, vlan=200) host4=self.addHost( 'h4', cls=VLANHost, vlan=300) host5=self.addHost( 'h5', cls=VLANHost, vlan=200) host6=self.addHost( 'h6', cls=VLANHost, vlan=300) s1 = self.addSwitch( 's1' ) s2 = self.addSwitch( 's2' ) s3 = self.addSwitch( 's3' ) self.addLink(s1,host1) self.addLink(s1,s2) self.addLink(s2,host2) self.addLink(s2,host3) self.addLink(s2,host4) self.addLink(s1,s3) self.addLink(s3,host5) self.addLink(s3,host6) topos = { 'mytopo': ( lambda: MyTopo() ) } |
查看拓扑链接结构:
1 2 3 4 5 6 7 8 9 10 |
mininet> net h1 h1-eth0.200:s1-eth1 h2 h2-eth0.300:s2-eth2 h3 h3-eth0.200:s2-eth3 h4 h4-eth0.300:s2-eth4 h5 h5-eth0.200:s3-eth2 h6 h6-eth0.300:s3-eth3 s1 lo: s1-eth1:h1-eth0.200 s1-eth2:s2-eth1 s1-eth3:s3-eth1 s2 lo: s2-eth1:s1-eth2 s2-eth2:h2-eth0.300 s2-eth3:h3-eth0.200 s2-eth4:h4-eth0.300 s3 lo: s3-eth1:s1-eth3 s3-eth2:h5-eth0.200 s3-eth3:h6-eth0.300 |
添加如下of流表,如果没有改表项的话:
1 2 3 |
sudo ovs-ofctl add-flow s1 priority=0,actions=output:CONTROLLER sudo ovs-ofctl add-flow s2 priority=0,actions=output:CONTROLLER sudo ovs-ofctl add-flow s3 priority=0,actions=output:CONTROLLER |
此时所有主机都是不通的:
1 2 3 4 5 6 7 |
mininet> pingall h1 -> X X X X X h2 -> X X X X X h3 -> X X X X X h4 -> X X X X X h5 -> X X X X X h6 -> X X X X X |
下面通过vtn规则,使得h1、h3、h5在vlan200中的可以互相通信,h2、h4、h6在vlan300中的可以互相通信,调用接口创建相关资源:
- 创建vtn:
1 2 |
curl -i --user admin:adminpass -H 'content-type: application/json' -X POST -d '{"vtn" : {"vtn_name":"vtn_one","description":"test VTN" }}' http://172.31.2.70:8083/vtn-webapi/vtns HTTP/1.1 201 Created |
- 创建控制器:
1 2 |
curl -i --user admin:adminpass -H 'content-type: application/json' -X POST -d '{"controller": {"controller_id": "controller1", "ipaddr":"172.31.2.70", "type": "odc", "version": "1.0", "auditstatus":"enable"}}' http://172.31.2.70:8083/vtn-webapi/controllers HTTP/1.1 201 Created |
- 创建虚拟桥:
1 2 3 4 5 |
curl -i --user admin:adminpass -H 'content-type: application/json' -X POST -d '{"vbridge" : {"vbr_name":"vbr_one","controller_id":"controller1","domain_id":"(DEFAULT)" }}' http://172.31.2.70:8083/vtn-webapi/vtns/vtn_one/vbridges HTTP/1.1 201 Created curl -i --user admin:adminpass -H 'content-type: application/json' -X POST -d '{"vbridge" : {"vbr_name":"vbr_two","controller_id":"controller1","domain_id":"(DEFAULT)" }}' http://172.31.2.70:8083/vtn-webapi/vtns/vtn_one/vbridges HTTP/1.1 201 Created |
- 创建vlan映射:
1 2 3 4 5 |
curl -i -X POST -H 'content-type: application/json' -H 'username: admin' -H 'password: adminpass' -d '{"vlanmap" : {"vlan_id": 200 }}' http://172.31.2.70:8083/vtn-webapi/vtns/vtn_one/vbridges/vbr_one/vlanmaps HTTP/1.1 201 Created curl -i -X POST -H 'content-type: application/json' -H 'username: admin' -H 'password: adminpass' -d '{"vlanmap" : {"vlan_id": 300 }}' http://172.31.2.70:8083/vtn-webapi/vtns/vtn_one/vbridges/vbr_two/vlanmaps HTTP/1.1 201 Created |
此时检测所有主机的连通性:
1 2 3 4 5 6 7 |
mininet> pingall h1 -> X h3 X h5 X h2 -> X X h4 X h6 h3 -> h1 X X h5 X h4 -> X h2 X X h6 h5 -> h1 X h3 X X h6 -> X h2 X h4 X |
查看VTN的状态信息:
1 2 3 4 5 6 7 |
curl -i -X GET -H 'content-type: application/json' -H 'username: admin' -H 'password: adminpass' "http://172.31.2.70:8083/vtn-webapi/vtnstations?controller_id=controller1&vtn_name=vtn_one" HTTP/1.1 200 OK Server: Apache-Coyote/1.1 Content-Type: application/json;charset=UTF-8 Content-Length: 1610 Date: Wed, 20 Jan 2016 11:32:09 GMT {"vtnstations":[{"domain_id":"(DEFAULT)","port_name":"s2-eth3","vlan_id":"200","station_id":"901737414512253","vnode_name":"vbr_one","ipaddrs":["10.0.0.3"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:02","interface":{},"macaddr":"5aad.4a91.0cfd","vnode_type":"vbridge"},{"domain_id":"(DEFAULT)","port_name":"s1-eth1","vlan_id":"200","station_id":"1549816156138162","vnode_name":"vbr_one","ipaddrs":["10.0.0.1"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:01","interface":{},"macaddr":"9a62.a138.8aa2","vnode_type":"vbridge"},{"domain_id":"(DEFAULT)","port_name":"s3-eth2","vlan_id":"200","station_id":"202237191169977","vnode_name":"vbr_one","ipaddrs":["10.0.0.5"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:03","interface":{},"macaddr":"caed.bfa9.6107","vnode_type":"vbridge"},{"domain_id":"(DEFAULT)","port_name":"s3-eth3","vlan_id":"300","station_id":"62213473824129","vnode_name":"vbr_two","ipaddrs":["10.0.0.6"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:03","interface":{},"macaddr":"3ed5.2f26.f11d","vnode_type":"vbridge"},{"domain_id":"(DEFAULT)","port_name":"s2-eth4","vlan_id":"300","station_id":"170143107233162180","vnode_name":"vbr_two","ipaddrs":["10.0.0.4"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:02","interface":{},"macaddr":"aa8f.6be9.a2b4","vnode_type":"vbridge"},{"domain_id":"(DEFAULT)","port_name":"s2-eth2","vlan_id":"300","station_id":"198424814410843","vnode_name":"vbr_two","ipaddrs":["10.0.0.2"],"vtn_name":"vtn_one","switch_id":"00:00:00:00:00:00:00:02","interface":{},"macaddr":"c604.f890.6c2b","vnode_type":"vbridge"}]} |