观察openstack中VXLAN的flows（Icehouse，ubuntu14.04）

2015年05月13日 8055点热度 0人点赞 0条评论

首先观察一下br-tun的接口，可以看到

-接口1是与br-int互联的口

-接口2是到10.1.1.145的tunnel接口

-接口3是到10.1.1.5的tunnel接口

最后一个local是内部接口

root@compute:/home/gavin# ovs-ofctl show br-tun
OFPT_FEATURES_REPLY (xid=0x2): dpid:00007e03ccc4c742
n_tables:254, n_buffers:256
capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP
actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE
 1(patch-int): addr:42:a8:d1:42:4f:86
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 2(vxlan-0a010191): addr:4a:e5:c9:4f:d9:63
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 3(vxlan-0a010105): addr:0a:28:d8:87:c5:65
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
 LOCAL(br-tun): addr:7e:03:cc:c4:c7:42
     config:     0
     state:      0
     speed: 0 Mbps now, 0 Mbps max
OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0

root@compute:/home/gavin# ovs-ofctl show br-tun

OFPT_FEATURES_REPLY (xid=0x2): dpid:00007e03ccc4c742

n_tables:254, n_buffers:256

capabilities: FLOW_STATS TABLE_STATS PORT_STATS QUEUE_STATS ARP_MATCH_IP

actions: OUTPUT SET_VLAN_VID SET_VLAN_PCP STRIP_VLAN SET_DL_SRC SET_DL_DST SET_NW_SRC SET_NW_DST SET_NW_TOS SET_TP_SRC SET_TP_DST ENQUEUE

1(patch-int): addr:42:a8:d1:42:4f:86

config: 0

state: 0

speed: 0 Mbps now, 0 Mbps max

2(vxlan-0a010191): addr:4a:e5:c9:4f:d9:63

config: 0

state: 0

speed: 0 Mbps now, 0 Mbps max

3(vxlan-0a010105): addr:0a:28:d8:87:c5:65

config: 0

state: 0

speed: 0 Mbps now, 0 Mbps max

LOCAL(br-tun): addr:7e:03:cc:c4:c7:42

config: 0

state: 0

speed: 0 Mbps now, 0 Mbps max

OFPT_GET_CONFIG_REPLY (xid=0x4): frags=normal miss_send_len=0

再观察没有流量时候的flows rule：

root@compute:/home/gavin# ovs-ofctl dump-flows br-tun
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=7697.984s, table=0, n_packets=1049, n_bytes=100884, idle_age=719, priority=1,in_port=3 actions=resubmit(,3)
 cookie=0x0, duration=7699.315s, table=0, n_packets=1316, n_bytes=114034, idle_age=719, priority=1,in_port=1 actions=resubmit(,1)
 cookie=0x0, duration=48.361s, table=0, n_packets=0, n_bytes=0, idle_age=48, priority=1,in_port=2 actions=resubmit(,3)
 cookie=0x0, duration=7699.239s, table=0, n_packets=6, n_bytes=480, idle_age=7690, priority=0 actions=drop
 cookie=0x0, duration=7699.162s, table=1, n_packets=1039, n_bytes=98474, idle_age=719, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)
 cookie=0x0, duration=7699.085s, table=1, n_packets=277, n_bytes=15560, idle_age=1674, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,21)
 cookie=0x0, duration=7699.008s, table=2, n_packets=0, n_bytes=0, idle_age=7699, priority=0 actions=drop
 cookie=0x0, duration=7695.356s, table=3, n_packets=1034, n_bytes=99054, idle_age=719, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)
 cookie=0x0, duration=6476.471s, table=3, n_packets=15, n_bytes=1830, idle_age=6371, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)
 cookie=0x0, duration=7698.932s, table=3, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=drop
 cookie=0x0, duration=7698.857s, table=10, n_packets=1049, n_bytes=100884, idle_age=719, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
 cookie=0x0, duration=7698.781s, table=20, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=resubmit(,21)
 cookie=0x0, duration=6476.547s, table=21, n_packets=82, n_bytes=4346, idle_age=6385, hard_age=48, dl_vlan=2 actions=strip_vlan,set_tunnel:0x10001,output:2,output:3
 cookie=0x0, duration=7695.433s, table=21, n_packets=170, n_bytes=9164, idle_age=1674, hard_age=48, dl_vlan=1 actions=strip_vlan,set_tunnel:0x10002,output:2,output:3
 cookie=0x0, duration=7698.705s, table=21, n_packets=25, n_bytes=2050, idle_age=6476, priority=0 actions=drop

root@compute:/home/gavin# ovs-ofctl dump-flows br-tun

NXST_FLOW reply (xid=0x4):

cookie=0x0, duration=7697.984s, table=0, n_packets=1049, n_bytes=100884, idle_age=719, priority=1,in_port=3 actions=resubmit(,3)

cookie=0x0, duration=7699.315s, table=0, n_packets=1316, n_bytes=114034, idle_age=719, priority=1,in_port=1 actions=resubmit(,1)

cookie=0x0, duration=48.361s, table=0, n_packets=0, n_bytes=0, idle_age=48, priority=1,in_port=2 actions=resubmit(,3)

cookie=0x0, duration=7699.239s, table=0, n_packets=6, n_bytes=480, idle_age=7690, priority=0 actions=drop

cookie=0x0, duration=7699.162s, table=1, n_packets=1039, n_bytes=98474, idle_age=719, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)

cookie=0x0, duration=7699.085s, table=1, n_packets=277, n_bytes=15560, idle_age=1674, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,21)

cookie=0x0, duration=7699.008s, table=2, n_packets=0, n_bytes=0, idle_age=7699, priority=0 actions=drop

cookie=0x0, duration=7695.356s, table=3, n_packets=1034, n_bytes=99054, idle_age=719, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)

cookie=0x0, duration=6476.471s, table=3, n_packets=15, n_bytes=1830, idle_age=6371, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)

cookie=0x0, duration=7698.932s, table=3, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=drop

cookie=0x0, duration=7698.857s, table=10, n_packets=1049, n_bytes=100884, idle_age=719, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1

cookie=0x0, duration=7698.781s, table=20, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=resubmit(,21)

cookie=0x0, duration=6476.547s, table=21, n_packets=82, n_bytes=4346, idle_age=6385, hard_age=48, dl_vlan=2 actions=strip_vlan,set_tunnel:0x10001,output:2,output:3

cookie=0x0, duration=7695.433s, table=21, n_packets=170, n_bytes=9164, idle_age=1674, hard_age=48, dl_vlan=1 actions=strip_vlan,set_tunnel:0x10002,output:2,output:3

cookie=0x0, duration=7698.705s, table=21, n_packets=25, n_bytes=2050, idle_age=6476, priority=0 actions=drop

上述rule分为table 0 1 2 3 10 20 21，每一行最后的括弧中的数字表示接下来将数据包交给哪个table，数据包将从上到下顺序去匹配这些rule

table 0 中的 in port对应于上面的br-tun中的接口，可以看到如果in port=3 即数据从接口3（与10.1.1.5的tunnel接口）进来，数据交给table 3，而table 3所做的事情是将数据包的tunnel id去除，并修改添加对应的vlan id，然后交给 table 10，或者table 3做丢弃动作

 cookie=0x0, duration=7695.356s, table=3, n_packets=1034, n_bytes=99054, idle_age=719, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)
 cookie=0x0, duration=6476.471s, table=3, n_packets=15, n_bytes=1830, idle_age=6371, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)
 cookie=0x0, duration=7698.932s, table=3, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=drop

cookie=0x0, duration=7695.356s, table=3, n_packets=1034, n_bytes=99054, idle_age=719, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)

cookie=0x0, duration=6476.471s, table=3, n_packets=15, n_bytes=1830, idle_age=6371, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)

cookie=0x0, duration=7698.932s, table=3, n_packets=0, n_bytes=0, idle_age=7698, priority=0 actions=drop

table 10在接到数据包后做数据处理，并传给output:1这个接口1，接口1是与br-int交换机互联的接口，因此数据包被送到了br-int交换机，从而交给了相关目的地址。

而如果一开始数据从in port=1 进来，表示数据从br-int进来，数据包经由table 0 匹配后，交给table 1，table 1交给 table 20或者21， table 20根据学习到的mac 与tunnel id等的映射转发数据，而table 21则负责进行复制广播类数据。

因而如果从compute上得一个vm 去ping 网络节点的dhcp接口，获得如下实际结果：

root@compute:/home/gavin# ovs-ofctl dump-flows br-tun
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=9042.763s, table=0, n_packets=1122, n_bytes=107758, idle_age=0, priority=1,in_port=3 actions=resubmit(,3)
 cookie=0x0, duration=9044.094s, table=0, n_packets=1389, n_bytes=120908, idle_age=0, priority=1,in_port=1 actions=resubmit(,1)
 cookie=0x0, duration=152.391s, table=0, n_packets=0, n_bytes=0, idle_age=152, priority=1,in_port=2 actions=resubmit(,3)
 cookie=0x0, duration=9044.018s, table=0, n_packets=6, n_bytes=480, idle_age=9035, priority=0 actions=drop
 cookie=0x0, duration=9043.941s, table=1, n_packets=1111, n_bytes=105306, idle_age=0, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)
 cookie=0x0, duration=9043.864s, table=1, n_packets=278, n_bytes=15602, idle_age=67, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,21)
 cookie=0x0, duration=9043.787s, table=2, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=drop
 cookie=0x0, duration=9040.135s, table=3, n_packets=1107, n_bytes=105928, idle_age=0, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)
 cookie=0x0, duration=7821.25s, table=3, n_packets=15, n_bytes=1830, idle_age=7716, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)
 cookie=0x0, duration=9043.711s, table=3, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=drop
 cookie=0x0, duration=9043.636s, table=10, n_packets=1122, n_bytes=107758, idle_age=0, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1
 cookie=0x0, duration=67.627s, table=20, n_packets=72, n_bytes=6832, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:e2:90:6c actions=load:0->NXM_OF_VLAN_TCI[],load:0x10002->NXM_NX_TUN_ID[],output:3
 cookie=0x0, duration=9043.56s, table=20, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=resubmit(,21)
 cookie=0x0, duration=7821.326s, table=21, n_packets=82, n_bytes=4346, idle_age=7730, hard_age=152, dl_vlan=2 actions=strip_vlan,set_tunnel:0x10001,output:2,output:3
 cookie=0x0, duration=9040.212s, table=21, n_packets=171, n_bytes=9206, idle_age=67, hard_age=152, dl_vlan=1 actions=strip_vlan,set_tunnel:0x10002,output:2,output:3
 cookie=0x0, duration=9043.484s, table=21, n_packets=25, n_bytes=2050, idle_age=7821, priority=0 actions=drop

root@compute:/home/gavin# ovs-ofctl dump-flows br-tun

NXST_FLOW reply (xid=0x4):

cookie=0x0, duration=9042.763s, table=0, n_packets=1122, n_bytes=107758, idle_age=0, priority=1,in_port=3 actions=resubmit(,3)

cookie=0x0, duration=9044.094s, table=0, n_packets=1389, n_bytes=120908, idle_age=0, priority=1,in_port=1 actions=resubmit(,1)

cookie=0x0, duration=152.391s, table=0, n_packets=0, n_bytes=0, idle_age=152, priority=1,in_port=2 actions=resubmit(,3)

cookie=0x0, duration=9044.018s, table=0, n_packets=6, n_bytes=480, idle_age=9035, priority=0 actions=drop

cookie=0x0, duration=9043.941s, table=1, n_packets=1111, n_bytes=105306, idle_age=0, priority=1,dl_dst=00:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,20)

cookie=0x0, duration=9043.864s, table=1, n_packets=278, n_bytes=15602, idle_age=67, priority=1,dl_dst=01:00:00:00:00:00/01:00:00:00:00:00 actions=resubmit(,21)

cookie=0x0, duration=9043.787s, table=2, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=drop

cookie=0x0, duration=9040.135s, table=3, n_packets=1107, n_bytes=105928, idle_age=0, priority=1,tun_id=0x10002 actions=mod_vlan_vid:1,resubmit(,10)

cookie=0x0, duration=7821.25s, table=3, n_packets=15, n_bytes=1830, idle_age=7716, priority=1,tun_id=0x10001 actions=mod_vlan_vid:2,resubmit(,10)

cookie=0x0, duration=9043.711s, table=3, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=drop

cookie=0x0, duration=9043.636s, table=10, n_packets=1122, n_bytes=107758, idle_age=0, priority=1 actions=learn(table=20,hard_timeout=300,priority=1,NXM_OF_VLAN_TCI[0..11],NXM_OF_ETH_DST[]=NXM_OF_ETH_SRC[],load:0->NXM_OF_VLAN_TCI[],load:NXM_NX_TUN_ID[]->NXM_NX_TUN_ID[],output:NXM_OF_IN_PORT[]),output:1

cookie=0x0, duration=67.627s, table=20, n_packets=72, n_bytes=6832, hard_timeout=300, idle_age=0, hard_age=0, priority=1,vlan_tci=0x0001/0x0fff,dl_dst=fa:16:3e:e2:90:6c actions=load:0->NXM_OF_VLAN_TCI[],load:0x10002->NXM_NX_TUN_ID[],output:3

cookie=0x0, duration=9043.56s, table=20, n_packets=0, n_bytes=0, idle_age=9043, priority=0 actions=resubmit(,21)

cookie=0x0, duration=7821.326s, table=21, n_packets=82, n_bytes=4346, idle_age=7730, hard_age=152, dl_vlan=2 actions=strip_vlan,set_tunnel:0x10001,output:2,output:3

cookie=0x0, duration=9040.212s, table=21, n_packets=171, n_bytes=9206, idle_age=67, hard_age=152, dl_vlan=1 actions=strip_vlan,set_tunnel:0x10002,output:2,output:3

cookie=0x0, duration=9043.484s, table=21, n_packets=25, n_bytes=2050, idle_age=7821, priority=0 actions=drop

参考资料

http://www.opencloudblog.com/?p=300