Open VSwitch - Introduction - Part 1 - Arie Bregman

12/10/2017 Open vSwitch: Introduction Part 1 Arie Bregman
ARIE BREGMAN
Linux And Stu
Open vSwitch: Introduction Part

1
OCTOBER 18, 2016 / BREGMAN / 0 COMMENTS
This post turned out to be much longer than I planned. So I decided to split it into two
posts.
This part covers:
Overview
Installation
Simple scenario walkthrough(connecting a virtual machinethrough ovs bridge to

the internet)
Basic commands ( add/delete bridge, add/delete ports, show con guration, etc)
The second part covers:
Components (ovsdb-server, ovs-vswitch, ovs kernel module)
Utilities (ovs-vsctl, ovs-ofctl, ovs-appctl, etc)
Modes (normal & ow)
http://abregman.com/2016/10/18/open-vswitch-introduction-part-1/ 1/17
What is Open vSwitch?

Open vSwitch is a multilayersoftware/virtual switch used to interconnect virtual
machines in the same host and between different hosts.
The goal of the project (as speci edin the of cial documentation): Implement a
production quality switch platform that supports standard management interfaces
and opens the forwarding functions to programmatic extension and control.
It is a very popular project, used in a variety of SDN solutions. Youll probably bump
into it soon or later when deep diving into projects such as OpenStack and
OpenDaylight.
OpenvSwitch supports many of the features you already familiar with, assumingyou
worked with switches before:
VLAN tagging
LACP
STP
QOS
Tunneling protocols (GRE, VXLAN)
SPAN, RSPAN
Virtual Switch Overview

Before we deep dive into OpenvSwitch (Ill refer to it as ovs from now on) and learn
how to useovs commands, lets start with a basic overview of how it looks when you
con gured one bridge with one interface and multiple ports on your system
As you cansee in the drawing, there is one bridge named my_bridge which was
created using openvswitch. You canhave more than onebridgeon your system, using
ovs-vsctl add-br command, which we will cover later.
Each bridge can havemultiple ports and each port consists of one or more interfaces.
In our example, there is one port named Bond, which is an actual bond of two
physical interfaces (eth0 and eth1).
First ovs command that well use is ovs-vsctl show. This command will print the
contents of the ovs database (in other words, your switches con guration).
Basically everything that you cansee in the drawing (note that in a fresh new
environment, you would not see anything except for ovs version and id.).
1 > ovs-vsctl show

2
3 79ec4909-0d98-489b-a81b-a667cf26a25a
4 Bridge my_bridge
5 Port "Bond"
6 Interface "eth0"
7 Interface "eth1"
8 ovs_version: "2.5.0"
Installation
Before you can start using ovs, you need to install it on your system. The following
commands should work onFedora/CentOS/RHEL.
1 > yum install -y openvswitch

2 > systemctl start openvswitch
If openvswitchisnt provided by oneof your repositories, try to download it directly

from here.
You should now be able to use the ovs-vsctl show command whichwe already used
in the overview section.
1 > sudo ovs-vsctl show

2
3 9e72385f-ed0a-40fd-97f3-21d49cbf60f3
Connect a virtual machine through Open vSwitch bridge

I can show you several random ovs commands, but I believe in learning through
speci c exercises. So lets say our goal is to connect a newly created VM to the
internet, but we want to connect it through an ovs bridge. Our goal is to achieve
something similar to the following diagram:
Im going to assume you already have a VM with eth0, so we will not cover the
creation of it, in this post.
Add a new bridge

The rst thing we shoulddo, is to create an ovs bridge.The way to create and
con gure bridges is by using the ovs-vsctl add-br command.
1 > sudo ovs-vsctl add-br my_bridge
By using the above command, we added a new bridge, named my_bridge.
We can then use then ovs-vsctl show command to verify our bridge was created.
1 > ovs-vsctl show

2
3 9e72385f-ed0a-40fd-97f3-21d49cbf60f3
4 Bridge my_bridge
5 Port my_bridge
6 Interface my_bridge
7 type: internal
As you can see in the above output, there is now a new bridge named my_bridge. It
has one port, which is an internal (according to the type) and it mapped to an
interface called my_bridge.
Now lets bring the my_bridge interface up.
1 > ip link set my_bridge up

2 > ip a
3
4 3: my_bridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noq
5 link/ether 9a:15:b7:cc:29:4e brd ff:ff:ff:ff:ff:ff
6 inet6 fe80::9815:b7ff:fecc:294e/64 scope link
7 valid_lft forever preferred_lft forever
Note thatour newly created bridge is not directly connected to our physical interface
(eth0). Lets change it.
Add existing interface to the bridge

Lets connect eth0 interface to my_bridge (Warning: youll lose any connectivity to
the internet after executingthe following command)
1 > sudo ovs-vsctl add-port my_bridge eth0
We just lost connectivity to the external world. Check by yourself (the most popular
check today is probably pinging 8.8.8.8).
This is because eth0 is now connected to our bridge and not to the default IP stack of
the system. Our system still trying to reach the external network directly through
eth0. In order to recover our connectivity to the external network, we need to do two
things:
1. Remove eth0 address, since we no longer reach the internet directly through eth0
2. Assign my_bridge with address so we can reach the internet through it ( the ow
would be: IP stack -> my_bridge -> eth0).
Lets start by removing eth0 current address
1 > ip addr del 192.168.121.52/24 dev eth0
Verify with ip a that eth0 indeed has no IP address.
Next, we will run dhclient to con gure my_bridge, so it can be allocated withan IP
address
1 > dhclient my_bridge
Now that my_bridge has an IP address, we should be able to reach the internet once
again.
1 > ip a
2
3 4: my_bridge: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc no
4 link/ether ce:8b:5b:a7:a8:4f brd ff:ff:ff:ff:ff:ff
5 inet 192.168.121.195/24 brd 192.168.121.255 scope global dynamic my_bridg
6 valid_lft 3478sec preferred_lft 3478sec
7 inet6 fe80::cc8b:5bff:fea7:a84f/64 scope link
8 valid_lft forever preferred_lft forever
9
10 > ping 8.8.8.8
11
12 PING 8.8.8.8 (8.8.8.8) 56(84) bytes of data.
13 64 bytes from 8.8.8.8: icmp_seq=1 ttl=56 time=105 ms
14 64 bytes from 8.8.8.8: icmp_seq=2 ttl=56 time=105 ms
AddTAP device
Lets add a newinterface which well laterconnect to our virtual machine.
1 > ip tuntap add mode tap virt_port

2
3 # Bring the interface up
4 > ip link set virt_port up
You might not be familiar with TUN, TAP interfaces, so lets take a second to explain
what they are exactly.
TUN,TAP devices are entirely virtual in contrast to other devices on your system (e.g
eth0) which associated with a physical address.
A TUN device operates in the third OSI layer (network) and used mostly for routing
traf c, while a TAP device operates in the second OSI layer (data link) and used to
process Ethernet frames.
Now lets add our newly created device to our ovs bridge
1 > sudo ovs-vsctl add-port my_bridge virt_port
We can verify now with ovs-vsctl show that our ports are connected to my_bridge
1 > sudo ovs-vsctl show

2
3 9e72385f-ed0a-40fd-97f3-21d49cbf60f3
4 Bridge my_bridge
5 Port my_bridge
6 Interface my_bridge
7 type: internal
8 Port "virt_port"
9 Interface "virt_port"
This is the state we reached:
Connect a bridge portto the VM

Last step is to connect our newly created device virt_port to our virtual machine.
This step implementation depends on the virtualization solution you are using.
Personally, Im using libvirt.
With libvirt, you go to the virtual machine properties (the light bulb icon) and click
atthe bottom onadd hardware button.
Next, you choose Network and in Network source you choose the virt _port device
and Bridge for Source mode as can seen in the following image
Congrats, we reached our goal. The virtual machine is now able to reach the internet,
through our ovs bridge my_bridge.
I highly recommend to test the connectivity with a simple check of ping 8.8.8.8. In
case it doesnt work, try to repeat the steps above or post a comment on this post and
Ill try to assist.
Delete a bridge
Now that we nished with our small exercise, we can cleanup the environment.
To deletean existing bridge, use theovs-vsctl del-br command.
1 > ovs-vsctl del-br <bridge_name>
Note that it will also remove any related ports and interfaces.
Delete ports
To remove only a speci c port, you can use the following command
1 > ovs-vsctl del-port <port_name>
Command reference
I gathered all the commands we used in this post, for an easier reference
1 ovs-vsctl show # Print summary of the ovs database content (b

2 ovs-vsctl add-br <bridge_name> # Add a new bridge
3 ovs-vsctl del-br <bridge_name> # Delete existing bridge
4 ovs-vsctl add-port <bridge_name> <port_name> # Add a new port in the specified
5
6 ip a (= 'ip addr' = 'ip address') # Displays addresses and their properties
7 ip addr del <IP address/CIDR> dev <device> # Remove the specified address fr
8 ip set link <interface_name> up # Bring an interface up
9 ip tuntap add mode tap <device_name> # Add TAP device
Q&A
Q: You describeda virtual switch andthe technology is called openvswitch, but the
actual commands use the wordbridge,why?
A: Switch is a bridge with multiple ports, dont let it confuse you, switch and bridge
are usually used interchangeably.
Q: Is it possible to add two ports to a bridge with one command?
A: Yes. It can be done with ovs-vsctl add-port <bridge_name> <port1> add-port

<bridge> <port2>
Share this:
Related
Open vSwitch: Introduction - Linux: Network Namespace OpenFlow: Introduction

Part 2 September 29, 2016 November 30, 2016
October 19, 2016 In "Linux" In "Linux"
In "Linux"
Linux, Networking
BRIDGE OPENVSWITCH OPENVSWITCH INTRODUCTION OVS OVS BASICS
OVS-VSCTL SWITCH
PREVIOUS POST NEXT POST
Linux: Network Namespace Open vSwitch: Introduction Part 2
Leave a Reply
Your email address will not be published.
Name
Email
Website
Post Comment
Notify me of follow-up comments by email.
Notify me of new posts by email.
Search form SEARCH
RECENT POSTS
Algorithms: Basic Exercises Part 1
Linear Programming: Graphical Method
jQuery Datatable Ajax: Change cells HTML after data is processed
Python: Working with Jinja2 templates
Ajax Datatable: changing row color based on the data
RECENT COMMENTS
Satya on Ansible: write and run your rst playbook
vamshi on Ansible: write and run your rst playbook
Viju on Ansible: write and run your rst playbook
Martin on Python: Objects comparison
Justin C. on Linux: Ulimit And Maximum Number Of Open Files
2017 ARIE BREGMAN UP

Open VSwitch - Introduction - Part 1 - Arie Bregman

Diunggah oleh

Informasi Dokumen

Judul Asli

Hak Cipta

Format Tersedia

Bagikan dokumen Ini

Bagikan atau Tanam Dokumen

Opsi Berbagi

Apakah menurut Anda dokumen ini bermanfaat?

Apakah konten ini tidak pantas?

Hak Cipta:

Format Tersedia

Open VSwitch - Introduction - Part 1 - Arie Bregman

Diunggah oleh

Hak Cipta:

Format Tersedia

12/10/2017 Open vSwitch: Introduction Part 1 Arie Bregman

Open vSwitch: Introduction Part

This part covers:

Simple scenario walkthrough(connecting a virtual machinethrough ovs bridge to

The second part covers:

Components (ovsdb-server, ovs-vswitch, ovs kernel module)

Utilities (ovs-vsctl, ovs-ofctl, ovs-appctl, etc)

Modes (normal & ow)

What is Open vSwitch?

Tunneling protocols (GRE, VXLAN)

Virtual Switch Overview

1 > ovs-vsctl show

1 > yum install -y openvswitch

If openvswitchisnt provided by oneof your repositories, try to download it directly

1 > sudo ovs-vsctl show

Connect a virtual machine through Open vSwitch bridge

Add a new bridge

1 > sudo ovs-vsctl add-br my_bridge

By using the above command, we added a new bridge, named my_bridge.

1 > ovs-vsctl show

Now lets bring the my_bridge interface up.

1 > ip link set my_bridge up

Add existing interface to the bridge

1 > sudo ovs-vsctl add-port my_bridge eth0

Lets start by removing eth0 current address

1 > ip addr del 192.168.121.52/24 dev eth0

Verify with ip a that eth0 indeed has no IP address.

1 > dhclient my_bridge

1 > ip tuntap add mode tap virt_port

1 > sudo ovs-vsctl add-port my_bridge virt_port

1 > sudo ovs-vsctl show

This is the state we reached:

Connect a bridge portto the VM

To deletean existing bridge, use theovs-vsctl del-br command.

1 > ovs-vsctl del-br <bridge_name>

1 > ovs-vsctl del-port <port_name>

1 ovs-vsctl show # Print summary of the ovs database content (b

Q: Is it possible to add two ports to a bridge with one command?

A: Yes. It can be done with ovs-vsctl add-port <bridge_name> <port1> add-port

Open vSwitch: Introduction - Linux: Network Namespace OpenFlow: Introduction

BRIDGE OPENVSWITCH OPENVSWITCH INTRODUCTION OVS OVS BASICS

PREVIOUS POST NEXT POST

Linux: Network Namespace Open vSwitch: Introduction Part 2

Notify me of follow-up comments by email.

Notify me of new posts by email.

Search form SEARCH

Algorithms: Basic Exercises Part 1

Linear Programming: Graphical Method

jQuery Datatable Ajax: Change cells HTML after data is processed

Python: Working with Jinja2 templates

Ajax Datatable: changing row color based on the data

Satya on Ansible: write and run your rst playbook

vamshi on Ansible: write and run your rst playbook

Viju on Ansible: write and run your rst playbook

Martin on Python: Objects comparison

Justin C. on Linux: Ulimit And Maximum Number Of Open Files

2017 ARIE BREGMAN UP

Anda mungkin juga menyukai