vlan实验
在宿主即创建了一个ovs bridge,连接至宿主机的出口网卡eht0,再创建了两个vport,然后用virtualbox创建两个虚拟机,分别桥接至两个vport。搭建方式可以参考我的上篇博客:使用VirtualBox创建虚拟机连接ovs bridge。网络拓扑如下:
在没设置vlan tag之前,两个主机是可以相互ping通的。然后设置vlan tag:
ovs-vsctl set port vport1 tag=100
发现VM1无法ping通至VM2,同理在VM2设置相同的tag后,两个主机可以互相ping通,位于一个vlan下了。可以用ovs-vsctl list port指令查看port的vlan等配置。
参考:
https://www.youtube.com/watch?v=rYW7kQRyUvA
http://vinllen.com/shi-yong-virtualboxchuang-jian-xu-ni-ji-lian-jie-ovs-bridge/
http://openvswitch.org/support/config-cookbooks/vlan-configuration-cookbook/
gre实验
一直跑gre实验跑不通,配置明明ok的,后来查阅官方文档发现ovs gre和linux gre不能共存,ovs在编译时如果发现ip_gre的存在,则不会再次编译ovs gre。
Q: I created a GRE port using ovs-vsctl so why can't I send traffic or
see the port in the datapath?
A: On Linux kernels before 3.11, the OVS GRE module and Linux GRE module cannot be loaded at the same time. It is likely that on your system the Linux GRE module is already loaded and blocking OVS (to confirm, check dmesg for errors regarding GRE registration). To fix this, unload all GRE modules that appear in lsmod as well as the OVS kernel module. You can then reload the OVS module following the directions in INSTALL.md, which will ensure that dependencies are satisfied.
To use GRE tunneling on Linux 2.6.37 or newer, kernel support for GRE demultiplexing (CONFIG_NET_IPGRE_DEMUX) must be compiled in or available as a module. Also, on kernels before 3.11, the ip_gre module, for GRE tunnels over IP (NET_IPGRE), must not be loaded or compiled in.
参考:
https://github.com/openvswitch/ovs/blob/master/FAQ.md
https://github.com/openvswitch/ovs/blob/master/INSTALL.md
vxlan实验
本想自己画图,结果发现超哥的博客画的好赞,实验比较简单,我就盗用一下超哥的了,唯一需要注意的就是这里启用namespace代替虚拟机,方便快捷:
命令:
ip netns add red
ovs-vsctl add-br ovsbr0
ovs-vsctl add-port ovsbr0 red0 -- set interface red0 type=internal
ip link set red0 netns red
ovs-vsctl add-port ovsbr0 vxlan0 -- set interface vxlan0 type=vxlan options:remote_ip=10.73.132.22
ip netns exec red ifconfig red0 192.168.0.4/25 up
其实也可以自己搭虚拟机,再测试:
