Wednesday, April 29, 2015

Running MPLS with Open vSwitch on ubuntu 15.04

Building the Test Topology

Software version used

1. Ubuntu 15.04
2. Open vSwitch 2.3.1


We will build our test topology as shown below

H1 (h1-eth0)------(s1-eth0)S1(s1-eth1)--------(s2-eth1)S2(s2-eth0)------(h2-eth0)H2

Step 1:  Let's create switch S1 and S2 along with ip ethernet links that will be connecting the two switches together along with H1 and H2.


root@ubuntu:~# ovs-vsctl add-br s1
root@ubuntu:~# ovs-vsctl add-br s2

root@ubuntu:~# ip link add s1-eth0 type veth peer name h1-eth0
root@ubuntu:~# ip link add s2-eth0 type veth peer name h2-eth0
root@ubuntu:~# ip link add s2-eth1 type veth peer name s1-eth1

Step 2:- Create Host H1 and H2 and assign them their respective interfaces.

root@ubuntu:~# ip netns add h1
root@ubuntu:~# ip netns add h2

root@ubuntu:~# ip link set h1-eth0 netns h1

root@ubuntu:~# ip link set h2-eth0 netns h2

Step3:-Let's assign Ports to switch S1 and S2.

root@ubuntu:~# ovs-vsctl add-port s1 s1-eth0
root@ubuntu:~# ovs-vsctl add-port s1 s1-eth1
root@ubuntu:~# ovs-vsctl add-port s2 s2-eth0
root@ubuntu:~# ovs-vsctl add-port s2 s2-eth1

Step4:- Let's bring all the Interfaces up

root@ubuntu:~# ip netns exec h1 bash
root@ubuntu:~# ifconfig h1-eth0 up
root@ubuntu:~# ifconfig lo up

root@ubuntu:~# ip netns exec h2 bash
root@ubuntu:~# ifconfig lo up
root@ubuntu:~# ifconfig h2-eth0 up

root@ubuntu:~# ip link set s1-eth0 up
root@ubuntu:~# ip link set s2-eth0 up
root@ubuntu:~# ip link set s2-eth1 up
root@ubuntu:~# ip link set s1-eth1 up

Step 5:- Assign Ip address 192.168.10.1/24 to host H1 and 192.168.10.2/24 to host H2 as shown below


root@ubuntu:~# ip netns exec h1 bash
root@ubuntu:~# ifconfig h1-eth0 192.168.10.1/24
root@ubuntu:~# exit

root@ubuntu:~# ip netns exec h2 bash
root@ubuntu:~# ifconfig h2-eth0 192.168.10.2/24
root@ubuntu:~# exit

Step 6:- Run ping from host H1 to H2 to verify the connection

root@ubuntu:~# ping 192.168.10.1
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.334 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.061 ms
64 bytes from 192.168.10.1: icmp_seq=3 ttl=64 time=0.071 ms
64 bytes from 192.168.10.1: icmp_seq=4 ttl=64 time=0.078 ms

Step 7:- Check the rules in both switches to see what is allowing the ping to pass through.

root@ubuntu:~# ovs-ofctl -O OpenFlow13 dump-flows s1
OFPST_FLOW reply (OF1.3) (xid=0x2):
 cookie=0x0, duration=990.380s, table=0, n_packets=30, n_bytes=2388, priority=0 actions=NORMAL
root@ubuntu:~# 
root@ubuntu:~# 
root@ubuntu:~# ovs-ofctl -O OpenFlow13 dump-flows s2
OFPST_FLOW reply (OF1.3) (xid=0x2):
 cookie=0x0, duration=990.540s, table=0, n_packets=29, n_bytes=2318, priority=0 actions=NORMAL
root@ubuntu:~# 

Hosts are able to ping each other because of the default rule with NORMAL action.

Step 8:- Let's delete the default rule and try ping again


root@ubuntu:~# ovs-ofctl -O OpenFlow13 del-flows s2
root@ubuntu:~# ovs-ofctl -O OpenFlow13 del-flows s1

Verify the deletion of rules 

root@ubuntu:~# ovs-ofctl -O OpenFlow13 dump-flows s1
OFPST_FLOW reply (OF1.3) (xid=0x2):
root@ubuntu:~# 
root@ubuntu:~# ovs-ofctl -O OpenFlow13 dump-flows s2
OFPST_FLOW reply (OF1.3) (xid=0x2):

Check the Ping from Host H1 to H2.. to see if its working


root@ubuntu:~# ip netns exec h1 bash

root@ubuntu:~# ping 192.168.10.2
PING 192.168.10.2 (192.168.10.2) 56(84) bytes of data.
^C
--- 192.168.10.2 ping statistics ---
5 packets transmitted, 0 received, 100% packet loss, time 4033ms

root@ubuntu:~# ping 192.168.10.2
PING 192.168.10.2 (192.168.10.2) 56(84) bytes of data.
From 192.168.10.1 icmp_seq=1 Destination Host Unreachable
From 192.168.10.1 icmp_seq=2 Destination Host Unreachable

Ping failed ... because there are no rules to forward the traffic.

Step 9:- Add MPLS rules for ARP and IP in switch S1. Use MPLS label value of 40 for ARP and MPLS label value of 30 for IP traffic

IP flow rules

ovs-ofctl -O OpenFlow13 add-flow s1 "table=0,in_port=1,ip,action=push_mpls:0x8847,set_mpls_label:30,output:2"

ovs-ofctl -O OpenFlow13 add-flow s1 "table=0,in_port=2,mpls,mpls_label=30,action=pop_mpls:0x0800,output:1"

ARP Flow  rules

ovs-ofctl -O OpenFlow13 add-flow s1 "table=0,in_port=1,arp,action=push_mpls:0x8847,set_mpls_label:40,output:2"

ovs-ofctl -O OpenFlow13 add-flow s1 "table=0,in_port=2,mpls,mpls_label=40,action=pop_mpls:0x0806,output:1"

Step 10:- Add MPLS rules on switch S2 using the same label value as Switch S1

IP flow rules

ovs-ofctl -O OpenFlow13 add-flow s2 "table=0,in_port=1,ip,action=push_mpls:0x8847,set_mpls_label:30,output:2"

ovs-ofctl -O OpenFlow13 add-flow s2 "table=0,in_port=2,mpls,mpls_label=30,action=pop_mpls:0x0800,output:1"

ARP flow rules

ovs-ofctl -O OpenFlow13 add-flow s2 "table=0,in_port=1,arp,action=push_mpls:0x8847,set_mpls_label:40,output:2"

ovs-ofctl -O OpenFlow13 add-flow s2 "table=0,in_port=2,mpls,mpls_label=40,action=pop_mpls:0x0806,output:1"

Step 11:- Try ping from host H1 to see if it can ping Host H2


root@ubuntu:~# ip netns exec h2 bash
root@ubuntu:~# ping 192.168.10.1
PING 192.168.10.1 (192.168.10.1) 56(84) bytes of data.
64 bytes from 192.168.10.1: icmp_seq=1 ttl=64 time=0.420 ms
64 bytes from 192.168.10.1: icmp_seq=2 ttl=64 time=0.346 ms
^C

Ping works ...!!!!





Posted by at

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)