您的当前位置：首页 SDN实验---Mininet实验（玩转流表）

SDN实验---Mininet实验（玩转流表）

来源：刀刀网

⼀：实验⽬的

（⼀）案例⽬的

（⼆）实验内容

（三）⽹络拓扑结构

⼆：OpenFlow流表实验准备

（⼀）使⽤Python设置⽹络拓扑 --- tree_topo.py

from mininet.topo import Topofrom mininet.net import Mininet

from mininet.node import RemoteControllerfrom mininet.link import TCLink

from mininet.util import dumpNodeConnectionsclass MyTopo(Topo):

def __init__(self):

super(MyTopo,self).__init__() # add host

Host1 = self.addHost('h1') Host2 = self.addHost('h2') Host3 = self.addHost('h3') switch1 = self.addSwitch('s1') switch2 = self.addSwitch('s2') self.addLink(Host1,switch1) self.addLink(Host2,switch1) self.addLink(Host3,switch2) self.addLink(switch1,switch2)topos = {\"mytopo\":(lambda:MyTopo())}

（⼆）启动远程Ryu控制器

ryu-manager simple_switch.py　　注意，该控制器py⽂件在app⽬录下

# Licensed under the Apache License, Version 2.0 (the \"License\");# you may not use this file except in compliance with the License.# You may obtain a copy of the License at#

# http://www.apache.org/licenses/LICENSE-2.0#

# Unless required by applicable law or agreed to in writing, software# distributed under the License is distributed on an \"AS IS\" BASIS,

# WITHOUT WARRANTIES OR CONDITIONS OF ANY KIND, either express or# implied.

# See the License for the specific language governing permissions and# limitations under the License.

\"\"\"

An OpenFlow 1.0 L2 learning switch implementation.\"\"\"

from ryu.base import app_managerfrom ryu.controller import ofp_event

from ryu.controller.handler import MAIN_DISPATCHERfrom ryu.controller.handler import set_ev_clsfrom ryu.ofproto import ofproto_v1_0from ryu.lib.mac import haddr_to_binfrom ryu.lib.packet import packetfrom ryu.lib.packet import ethernetfrom ryu.lib.packet import ether_types

class SimpleSwitch(app_manager.RyuApp):　　不同与之前的Ryu实验，这⾥⾯没有在交换机初始连接时下发默认流表...待思考 OFP_VERSIONS = [ofproto_v1_0.OFP_VERSION] def __init__(self, *args, **kwargs):

super(SimpleSwitch, self).__init__(*args, **kwargs) self.mac_to_port = {}

def add_flow(self, datapath, in_port, dst, src, actions):　　下发流表 ofproto = datapath.ofproto

match = datapath.ofproto_parser.OFPMatch( in_port=in_port,

dl_dst=haddr_to_bin(dst), dl_src=haddr_to_bin(src))

mod = datapath.ofproto_parser.OFPFlowMod( datapath=datapath, match=match, cookie=0,

command=ofproto.OFPFC_ADD, idle_timeout=0, hard_timeout=0, priority=ofproto.OFP_DEFAULT_PRIORITY,

flags=ofproto.OFPFF_SEND_FLOW_REM, actions=actions) datapath.send_msg(mod)

@set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER) def _packet_in_handler(self, ev):　　交换机向控制器发送数据 msg = ev.msg

datapath = msg.datapath ofproto = datapath.ofproto

pkt = packet.Packet(msg.data)

eth = pkt.get_protocol(ethernet.ethernet)

if eth.ethertype == ether_types.ETH_TYPE_LLDP: # ignore lldp packet return dst = eth.dst src = eth.src

dpid = datapath.id

self.mac_to_port.setdefault(dpid, {})

self.logger.info(\"packet in %s %s %s %s\", dpid, src, dst, msg.in_port) # learn a mac address to avoid FLOOD next time. self.mac_to_port[dpid][src] = msg.in_port if dst in self.mac_to_port[dpid]:

out_port = self.mac_to_port[dpid][dst] else:

out_port = ofproto.OFPP_FLOOD

actions = [datapath.ofproto_parser.OFPActionOutput(out_port)] # install a flow to avoid packet_in next time if out_port != ofproto.OFPP_FLOOD:

self.add_flow(datapath, msg.in_port, dst, src, actions) data = None

if msg.buffer_id == ofproto.OFP_NO_BUFFER: data = msg.data

out = datapath.ofproto_parser.OFPPacketOut(

datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port, actions=actions, data=data) datapath.send_msg(out)

@set_ev_cls(ofp_event.EventOFPPortStatus, MAIN_DISPATCHER) def _port_status_handler(self, ev): msg = ev.msg

reason = msg.reason

port_no = msg.desc.port_no

ofproto = msg.datapath.ofproto if reason == ofproto.OFPPR_ADD:

self.logger.info(\"port added %s\", port_no) elif reason == ofproto.OFPPR_DELETE:

self.logger.info(\"port deleted %s\", port_no) elif reason == ofproto.OFPPR_MODIFY:

self.logger.info(\"port modified %s\", port_no) else:

self.logger.info(\"Illeagal port state %s %s\", port_no, reason)

（三）Mininet开始启动⽹络拓扑

sudo mn --custom tree_topt.py --topo=mytopo --controller=remote,ip=127.0.0.1,port=6633

注意：应该是主机连接发送了数据，导致控制器对⽹络进⾏了拓扑收集，问题同上：

三：进⾏OpenFlow流表分析

（⼀）主要流表操作命令

dpctl dump-flows 查看静态流表

dpctl del-flows 删除所有交换机中的流表

dpctl add-flow in_port=1,actions=output:2　　添加流表项到所有交换机，注意：⼀般是成对添加，实现双⽅通信

sh ovs-ofctl del-flows s1 in_port=2　　删除指定交换机的，匹配in_port=2的流表dpctl del-flows in_port=1 删除所有交换机中符合in_port=1的流表

dpctl add-flow in_port=2,actions=drop 　　添加丢弃数据包的流表项

（⼆）先解决上⾯问题，是不是启动Mininet后进⾏了数据包发送，导致控制器下发流表

重新启动Ryu和Mininet，直接查看交换机中是否有流表.

1.先启动交换机，查看流表，为空

2.启动控制器，之后再查看交换机中流表信息，依旧为空

3.主机使⽤pingall命令后，查看流表，发⽣变化

已解决。但是交换机是如何设置默认流表当不知道packet如何处理的时候发⽣给控制器？如果这是默认动作，那么我们之前Ryu实验中为何要实现 @set_ev_cls(ofp_event.EventOFPSwitchFeatures,CONFIG_DISPATCHER) def switch_features_handler(self,ev):　　　　？？？？？

经过启动hub.py在控制器上，进⾏测试，发现会进⼊switch_features_handler,并且会下发默认流表---所以说，我们可以不⽤设置这个默认流表也可以，但是这个函数中，我们可以设置⼀些其他的流表进⾏控制---所以说还是⽐较有⽤的

注意从（三）开始的实验我们需要关闭控制器Ryu进⾏（三）删除所有流表

由于没有流表，所有ping操作不可达

（四）添加h1与和h2之间的流表转发

1.单个交换机操作

2.h1 ping h2,信息可达（因为有流表进⾏指导）

3.h1 ping h3,消息不可达（因为交换机2中没有流表项，并且交换机1也没有配置到port3的动作

4.实现所有⽹络所有主机互通（先清空流表）

为所有交换机添加端⼝1和端⼝2的操作---两个交换机公共操作

dpctl add-flow in_port=1,actions=output:2　　dpctl add-flow in_port=2,actions=output:1

为交换机之间端⼝提供交互---只操作s1(因为只有s1有端⼝3)

sh ovs-ofctl add-flow s1 in_port=1,actions=output:2,3sh ovs-ofctl add-flow s1 in_port=3,actions=output:1,2sh ovs-ofctl add-flow s1 in_port=2,actions=output:1,3

实验结果显⽰

或者：我们直接添加下⾯流表也可以实现上⾯操作

mininet> dpctl add-flow in_port=1,actions=output:2,3mininet> dpctl add-flow in_port=2,actions=output:1,3mininet> dpctl add-flow in_port=3,actions=output:1,2

5.为交换机2添加丢弃流表，使得两个交换机不可通信（在前⾯互通基础上实现）

mininet> sh ovs-ofctl del-flows s2 in_port=1　　删除原有流表

mininet> sh ovs-ofctl add-flow s2 in_port=1,actions=drop　　添加丢弃流表

因篇幅问题不能全部显示，请点此查看更多更全内容

查看全文