什么是 Static Flow Pusher?
Static Flow Pusher 是一个 Floodlight 模块,使用的是REST API接口,允许用户在OpenFlow 网络中插入流表 。
主动式和反应式流插入
OpenFlow 支持两种流表插入: 主动式和反应式。当数据包抵达OpenFlow交换机,而交换机没有该包对应的匹配流表时,反应时流表插入起作用。该数据包被送到控制器,由控制器进行评估,并向交换机添加相应的流表,从而把该数据包正确的转发出去。主动式插入则是在数据包到达之前就插入相应的流表,这就是两种方式的区别。
Static Flow Pusher 对于主动式流表插入很有用。Floodlight 默认会加载 Forwarding模块, 该模块使用反应式流插入 ,如果你只想使用静态流,你可以在floodlight.properties配置文件中删除 Forwarding。
API 概要
| URI | Description | Arguments |
|---|---|---|
| /wm/staticflowentrypusher/json | 静态流添加或删除操作 | HTTP POST data (add flow), HTTP DELETE (for deletion) |
| /wm/staticflowentrypusher/list/<switch>/json | 列举交换机的静态流表 | switch: Valid Switch DPID (XX:XX:XX:XX:XX:XX:XX:XX) or "all" |
| /wm/staticflowentrypusher/clear/<switch>/json | 清除交换机的静态流表 | switch: Valid Switch DPID (XX:XX:XX:XX:XX:XX:XX:XX) or "all" |
添加静态流操作
静态流添加是通过REST API接口来进行的。例如,在交换机1上插入一条让数据包从端口1进端口2出的流表,则可以使用curl命令。 第二个命令可以显示插入的流表。
curl -d '{"switch": "00:00:00:00:00:00:00:01", "name":"flow-mod-1", "priority":"32768", "ingress-port":"1","active":"true", "actions":"output=2"}' http://<controller_ip>:8080/wm/staticflowentrypusher/json
curl http://<controller_ip>:8080/wm/core/switch/1/flow/json;
删除静态流操作
通过包含流表名字的 HTTP DELETE命令来删除指定流表。
curl -X DELETE -d '{"name":"flow-mod-1"}' http://<controller_ip>:8080/wm/staticflowentrypusher/json
flow entry的可能属性
| Key | Value | Notes |
|---|---|---|
| switch | <switch ID> | ID of the switch (data path) that this rule should be added to xx:xx:xx:xx:xx:xx:xx:xx |
| name | <string> | Name of the flow entry, this is the primary key, it MUST be unique |
| actions | <key>=<value> | See table of actions below Specify multiple actions using a comma-separated list Specifying no actions will cause the packets to be dropped |
| priority | <number> | default is 32767 maximum value is 32767 |
| active | <boolean> | |
| wildcards | ||
| ingress-port | <number> | switch port on which the packet is received Can be hexadecimal (with leading 0x) or decimal |
| src-mac | <mac address> | xx:xx:xx:xx:xx:xx |
| dst-mac | <mac address> | xx:xx:xx:xx:xx:xx |
| vlan-id | <number> | Can be hexadecimal (with leading 0x) or decimal |
| vlan-priority | <number> | Can be hexadecimal (with leading 0x) or decimal |
| ether-type | <number> | Can be hexadecimal (with leading 0x) or decimal |
| tos-bits | <number> | Can be hexadecimal (with leading 0x) or decimal |
| protocol | <number> | Can be hexadecimal (with leading 0x) or decimal |
| src-ip | <ip address> | xx.xx.xx.xx |
| dst-ip | <ip address> | xx.xx.xx.xx |
| src-port | <number> | Can be hexadecimal (with leading 0x) or decimal |
| dst-port | <number> | Can be hexadecimal (with leading 0x) or decimal |
Possible actions within the "action" field:
| Key | Value | Notes |
|---|---|---|
| output | <number> all controller local ingress-port normal flood | no "drop" option (instead, specify no action to drop packets) |
| enqueue | <number>:<number> | First number is port number, second is queue ID Can be hexadecimal (with leading 0x) or decimal |
| strip-vlan | ||
| set-vlan-id | <number> | Can be hexadecimal (with leading 0x) or decimal |
| set-vlan-priority | <number> | Can be hexadecimal (with leading 0x) or decimal |
| set-src-mac | <mac address> | xx:xx:xx:xx:xx:xx |
| set-dst-mac | <mac address> | xx:xx:xx:xx:xx:xx |
| set-tos-bits | <number> | |
| set-src-ip | <ip address> | xx.xx.xx.xx |
| set-dst-ip | <ip address> | xx.xx.xx.xx |
| set-src-port | <number> | Can be hexadecimal (with leading 0x) or decimal |
| set-dst-port | <number> | Can be hexadecimal (with leading 0x) or decimal |
静态流表插入的实际应用
我们可以使用python脚本写流表操作, 例如, 使用mininet产生一个简单的拓扑,并连接上控制器,默认的拓扑是一个交换机(s1)和两个主机(h2和h3)。
sudo mn --controller=remote --ip=<controller ip> --port=6633
下面的代码插入从h2到h3的流和h3到h2的流。
import httplib
import json
class StaticFlowPusher(object):
def __init__(self, server):
self.server = server
def get(self, data):
ret = self.rest_call({}, 'GET')
return json.loads(ret[2])
def set(self, data):
ret = self.rest_call(data, 'POST')
return ret[0] == 200
def remove(self, objtype, data):
ret = self.rest_call(data, 'DELETE')
return ret[0] == 200
def rest_call(self, data, action):
path = '/wm/staticflowentrypusher/json'
headers = {
'Content-type': 'application/json',
'Accept': 'application/json',
}
body = json.dumps(data)
conn = httplib.HTTPConnection(self.server, 8080)
conn.request(action, path, body, headers)
response = conn.getresponse()
ret = (response.status, response.reason, response.read())
print ret
conn.close()
return ret
pusher = StaticFlowPusher('<insert_controller_ip')
flow1 = {
'switch':"00:00:00:00:00:00:00:01",
"name":"flow-mod-1",
"cookie":"0",
"priority":"32768",
"ingress-port":"1",
"active":"true",
"actions":"output=flood"
}
flow2 = {
'switch':"00:00:00:00:00:00:00:01",
"name":"flow-mod-2",
"cookie":"0",
"priority":"32768",
"ingress-port":"2",
"active":"true",
"actions":"output=flood"
}
pusher.set(flow1)
pusher.set(flow2)
通过ping命令进行测试
mininet> h2 ping h3
780
被折叠的 条评论
为什么被折叠?
到【灌水乐园】发言
