The Basic Introduction of
Open vSwitch
Te-Yen(Danny) Liu
Date : 2014/01/08
Agenda
 What is Virtual Switch?

 Virtual Network Topology using OVS
 What is Open vSwitch and Features?
 The Main Com...
What is Virtual Switch?
 In virtual network, virtual switch acts like an advanced edge

switch for VMs.

Hypervisor
vNIC
...
Virtual Network Topology (1/2)
 An example of Virtual Network Topology in OpenStack

Page 4
Virtual Network Topology (2/2)
 Another example of Virtual Network Topology in OpenStack
 They use Open vSwitch as the s...
What is Open vSwitch?
 A software-based solution
 Resolve the problems of network separation and traffic
visibility, so ...
Open vSwitch Design
 Decision about how to process packet made in

userspace
 First packet of new flow goes to ovs-vswit...
Features

















Visibility into inter-VM communication via NetFlow, sFlow(R), IPFIX, SPAN, RSPAN...
sFlow with OpenvSwitch

Page 9
The Main Components

Page 10
ovsdb-server
 Database that holds switch level configuration

 Custom database with nice properties:
 Log-based
 Speak...
Example: Setup QoS
 There are two ways to do that:
 Interface Rate Limiting ( on Interface )
 For

instance:

– sudo ov...
The example of QoS in OVS Database
 It is a GUI tool to see the tables in the ovsdb-server
 This case is about checking ...
ovs-vswitchd
 Core component in the system:
 Communicates with outside world using OpenFlow
 Communicates with ovsdb-se...
OVS Kernel Module: openvswitch_mod.ko
 Handles switching and tunneling
 Exact-match cache of flows
 Designed to be fast ...
Using OVS to build Network Topology
 Physical Machine to Physical Machine

>ovs-vsctl add-br br0
>ovs-vsctl add-port br0 ...
Using OVS to build Network Topology
 Virtual Machine to Virtual Machine
 Hypervisor is KVM
>ovs-vsctl add-br br0
>cat /e...
Using OVS to build Network Topology
 The profile of the virtual network
 Internal port is connected to IP Stack
 VMs co...
Using OVS to build Network Topology
 Virtual Machine to Virtual Machine with GRE Tunnel

GRE Tunnel

GRE Tunnel

Page 19
Using OVS to build Network Topology
sudo ifconfig eth1 0
sudo ovs-vsctl add-br br1
sudo ovs-vsctl add-br br2
sudo ovs-vsct...
Using OVS to build Network Topology
 Bridge to Bridge
 They need a patch port to communicate with each other

ovs-vsctl ...
Demo Topology
 The host: OVS1 and OVS2 communicate with each other by GRE Tunnel
 The host: KVM will provision a VM gues...
OVS with GRE Tunnel Demo (1/2)
 OVS1 and OVS2 communicate with each other by GRE Tunnel

sudo ovs-vsctl add-br br0
sudo o...
OVS with GRE Tunnel Demo (2/2)
 OVS1 and OVS2 in bare metal mode to communicate with each

other by GRE Tunnel
sudo ovs-v...
OVS with KVM and guest VM Demo
 The host: KVM will provision a VM guest and communicates with OVS1 and

OVS2
IP: 10.1.2.1...
Q&A

Page 26
Reference
 http://blog.scottlowe.org/2013/05/07/using-gre-tunnels-with






open-vswitch/
http://lamoop.com/post/2...
Upcoming SlideShare
Loading in...5
×

The Basic Introduction of Open vSwitch

21,594

Published on

This basic introduction of Open vSwitch is for those who want to get started to know Open vSwitch and how to operate it.

Published in: Technology
0 Comments
48 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total Views
21,594
On Slideshare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
1,231
Comments
0
Likes
48
Embeds 0
No embeds

No notes for slide

The Basic Introduction of Open vSwitch

  1. 1. The Basic Introduction of Open vSwitch Te-Yen(Danny) Liu Date : 2014/01/08
  2. 2. Agenda  What is Virtual Switch?  Virtual Network Topology using OVS  What is Open vSwitch and Features?  The Main Components  Using OVS to build Network Topology  Advanced Examples  Demo Page 2
  3. 3. What is Virtual Switch?  In virtual network, virtual switch acts like an advanced edge switch for VMs. Hypervisor vNIC VIF VM VM VM Virtual Network (L2) Virtual Switch NIC as vSwitch’s uplink port Data Flow Physical Switch Page 3
  4. 4. Virtual Network Topology (1/2)  An example of Virtual Network Topology in OpenStack Page 4
  5. 5. Virtual Network Topology (2/2)  Another example of Virtual Network Topology in OpenStack  They use Open vSwitch as the solution to deal with the complication in virtual newtork and multi-tenancy Page 5
  6. 6. What is Open vSwitch?  A software-based solution  Resolve the problems of network separation and traffic visibility, so the cloud users can be assigned VMs with elastic and secure network configurations  Flexible Controller in User-Space  Fast Datapath in Kernel  An implementation of Open Flow Controller Page 6
  7. 7. Open vSwitch Design  Decision about how to process packet made in userspace  First packet of new flow goes to ovs-vswitchd, following packets hit cached entry in kernel Page 7
  8. 8. Features                 Visibility into inter-VM communication via NetFlow, sFlow(R), IPFIX, SPAN, RSPAN, and GRE-tunneled mirrors LACP (IEEE 802.1AX-2008) Standard 802.1Q VLAN model with trunking BFD and 802.1ag link monitoring STP (IEEE 802.1D-1998) Fine-grained QoS control Support for HFSC qdisc Per VM interface traffic policing NIC bonding with source-MAC load balancing, active backup, and L4 hashing OpenFlow protocol support (including many extensions for virtualization) IPv6 support Multiple tunneling protocols (GRE, VXLAN, IPsec, GRE and VXLAN over IPsec) Remote configuration protocol with C and Python bindings Kernel and user-space forwarding engine options Multi-table forwarding pipeline with flow-caching engine Forwarding layer abstraction to ease porting to new software and hardware platforms The newest version is 2.0 Page 8
  9. 9. sFlow with OpenvSwitch Page 9
  10. 10. The Main Components Page 10
  11. 11. ovsdb-server  Database that holds switch level configuration  Custom database with nice properties:  Log-based  Speaks OVSDB management protocol(JSON-RPC) to manager and ovs-vswitchd Page 11
  12. 12. Example: Setup QoS  There are two ways to do that:  Interface Rate Limiting ( on Interface )  For instance: – sudo ovs-vsctl set Interface eth1 ingress_policing_rate=10000 – sudo ovs-vsctl set Interface eth1 ingress_policing_burst=1000  Port QoS Policy ( on Port )  For – – – – – – – – – instance: sudo ovs-vsctl set port eth1 qos=@newqos -- --id=@newqos create qos type=linux-htb other-config:max-rate=200000000 queues=0=@q0,1=@q1 -- --id=@q0 create queue other-config:min-rate=100000000 other-config:max-rate=100000000 -- --id=@q1 create queue other-config:min-rate=50000000 other-config:max-rate=50000000  Qos can have more than 1 queue Page 12
  13. 13. The example of QoS in OVS Database  It is a GUI tool to see the tables in the ovsdb-server  This case is about checking QoS setting Page 13
  14. 14. ovs-vswitchd  Core component in the system:  Communicates with outside world using OpenFlow  Communicates with ovsdb-server using management protocol (OVSDB)  Communicates with kernel module over netlink  Communicates with the system through netdev abstract interface  Supports multiple independent datapaths (bridges)  Implements mirroring, bonding, and VLANs through modifications of the same flow table exposed through OpenFlow Page 14
  15. 15. OVS Kernel Module: openvswitch_mod.ko  Handles switching and tunneling  Exact-match cache of flows  Designed to be fast and simple  Packet comes in, if found, associated actions executed and counters updated. Otherwise, sent to userspace  Does no flow expiration  Knows nothing of OpenFlow  Implements tunnels Page 15
  16. 16. Using OVS to build Network Topology  Physical Machine to Physical Machine >ovs-vsctl add-br br0 >ovs-vsctl add-port br0 eth0 >ovs-vsctl add-port br0 eth1 Page 16
  17. 17. Using OVS to build Network Topology  Virtual Machine to Virtual Machine  Hypervisor is KVM >ovs-vsctl add-br br0 >cat /etc/ovs-ifup #!/bin/sh switch= 'br0' /sbin/ifconfig $1 0.0.0.0 up ovs-vsctl add-port ${switch} $1 >cat /etc/ovs-ifup #!/bin/sh switch= 'br0' /sbin/ifconfig $1 0.0.0.0 down ovs-vsctl del-port ${switch} $1 >kvm -m 512 -net nic,macaddr=00:11:22:33:44:55-net tap,script= /etc/ovs-ifup ,downscript= /etc/ovs-ifdown-drive file = /path/to/disk-image ,boot=on >kvm -m 512 -net nic,macaddr=11:22:33:44:55:66-net tap,script= /etc/ovs-ifup ,downscript= /etc/ovs-ifdown-drive file = /path/to/disk-image ,boot=on Page 17
  18. 18. Using OVS to build Network Topology  The profile of the virtual network  Internal port is connected to IP Stack  VMs connect with outside network via vport ( tap virtual interface ) Page 18
  19. 19. Using OVS to build Network Topology  Virtual Machine to Virtual Machine with GRE Tunnel GRE Tunnel GRE Tunnel Page 19
  20. 20. Using OVS to build Network Topology sudo ifconfig eth1 0 sudo ovs-vsctl add-br br1 sudo ovs-vsctl add-br br2 sudo ovs-vsctl add-port br1 eth0 sudo ifconfig br1 192.168.1.155 netmask 255.255.255.0 sudo ifconfig br2 10.1.1.1 netmask 255.255.255.0 sudo ovs-vsctl add-port br2 gre0 -- set interface gre0 type=gre options:remote_ip=192.168.1.152 sudo ifconfig eth1 0 sudo ovs-vsctl add-br br1 sudo ovs-vsctl add-br br2 sudo ovs-vsctl add-port br1 eth0 sudo ifconfig br1 192.168.1.152 netmask 255.255.255.0 sudo ifconfig br2 10.1.1.2 netmask 255.255.255.0 sudo ovs-vsctl add-port br2 gre0 -- set interface gre0 type=gre options:remote_ip=192.168.1.155 sudo vi /etc/ovs-ifup #!/bin/sh switch='br2' /sbin/ifconfig $1 0.0.0.0 up ovs-vsctl add-port ${switch} $1 sudo vi /etc/ovs-ifdown #!/bin/sh switch=’br2’ /sbin/ifconfig $1 0.0.0.0 down ovs-vsctl del-port ${switch} $1 sudo chmod +x /etc/ovs-ifup /etc/ovs-ifdown sudo kvm -m 512 -net nic,macaddr=11:22:33:44:55:66 -net tap,script=/etc/ovs-ifup,downscript=/etc/ovs-ifdown -cdrom /home/brent/images/ubuntu-12.04-desktop-i386.iso & Page 20
  21. 21. Using OVS to build Network Topology  Bridge to Bridge  They need a patch port to communicate with each other ovs-vsctl add-br br0 ovs-vsctl add-br br1 ovs-vsctl add-port br0 patch-to-br1 ovs-vsctl set interface patch-to-br1type=patch ovs-vsctl set interface patch-to-br1 options:peer=patch-to-br0 ovs-vsctl add-port br1 patch-to-br0 ovs-vsctl set nterface patch-to-br0type=patch ovs-vsctl set interface patch-to-br0 options:peer=patch-to-br1 Page 21
  22. 22. Demo Topology  The host: OVS1 and OVS2 communicate with each other by GRE Tunnel  The host: KVM will provision a VM guest and communicates with OVS1 and OVS2 Page 22
  23. 23. OVS with GRE Tunnel Demo (1/2)  OVS1 and OVS2 communicate with each other by GRE Tunnel sudo ovs-vsctl add-br br0 sudo ovs-vsctl add-br br1 sudo ovs-vsctl add-port br0 eth0 sudo ifconfig eth0 0 sudo ifconfig br0 192.168.1.10 netmask 255.255.255.0 sudo route add default gw 192.168.1.1 br0 sudo ifconfig br1 10.1.2.10 netmask 255.255.255.0 sudo ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.11 sudo ovs-vsctl add-br br0 sudo ovs-vsctl add-br br1 sudo ovs-vsctl add-port br0 eth0 sudo ifconfig eth0 0 sudo ifconfig br0 192.168.1.11 netmask 255.255.255.0 sudo route add default gw 192.168.1.1 br0 sudo ifconfig br1 10.1.2.11 netmask 255.255.255.0 sudo ovs-vsctl add-port br1 gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.10 IP: 192.168.1.10 Default GW: 192.168.1.1 br0 IP: 10.1.2.10 br1 gre1 Remote IP: 192.168.1.11 eth0 Page 23
  24. 24. OVS with GRE Tunnel Demo (2/2)  OVS1 and OVS2 in bare metal mode to communicate with each other by GRE Tunnel sudo ovs-vsctl add-br br-int sudo ifconfig eth0 192.168.1.10 netmask 255.255.255.0 sudo route add default gw 192.168.1.1 eth0 sudo ovs-vsctl add-port br-int mgmt0 -- set interface mgmt0 type=internal sudo ifconfig mgmt0 10.1.2.10 netmask 255.255.255.0 sudo ovs-vsctl add-port br-int gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.11 br0 mgmt0 sudo ovs-vsctl add-br br-int sudo ifconfig eth0 192.168.1.11 netmask 255.255.255.0 sudo route add default gw 192.168.1.1 eth0 sudo ovs-vsctl add-port br-int mgmt0 -- set interface mgmt0 type=internal sudo ifconfig mgmt0 10.1.2.11 netmask 255.255.255.0 sudo ovs-vsctl add-port br-int gre1 -- set interface gre1 type=gre options:remote_ip=192.168.1.10 gre1 Remote IP: 192.168.1.11 IP: 10.1.2.10 eth0 IP: 192.168.1.10 Default GW: 192.168.1.1 Page 24
  25. 25. OVS with KVM and guest VM Demo  The host: KVM will provision a VM guest and communicates with OVS1 and OVS2 IP: 10.1.2.10 IP: 10.1.2.11 VM1 VM2 tap0 br0 tap1 IP: 192.168.1.20 Default GW: 192.168.1.1 eth0 sudo ovs-vsctl add-br br0 sudo ovs-vsctl add-port br0 eth0 sudo ovs-vsctl list port sudo ifconfig eth0 0 sudo ifconfig br0 192.168.1.20 netmask 255.255.255.0 sudo route add default gw 192.168.1.1 br0 sudo kvm -m 512 -hda /home/liudanny/kvm_lab/linux-core-4.7.7-openvswitch-1.11.0_guagga-0.99.22.4.img -net nic,macaddr=00:11:22:33:44:55 -net tap,script=/etc/ovs-ifup,downscript=/etc/ovs-ifdown sudo kvm -m 512 -hda /home/liudanny/kvm_lab/linux-core-4.7.7-openvswitch-1.11.0_guagga-0.99.22.4.img -net nic,macaddr=11:22:33:44:55:66 -net tap,script=/etc/ovs-ifup,downscript=/etc/ovs-ifdown Page 25
  26. 26. Q&A Page 26
  27. 27. Reference  http://blog.scottlowe.org/2013/05/07/using-gre-tunnels-with      open-vswitch/ http://lamoop.com/post/2013-11-18/40060149263 http://www.youtube.com/watch?v=rYW7kQRyUvA http://networkstatic.net/open-vswitch-gre-tunnel-configuration/ http://networkstatic.net/configuring-vxlan-and-gre-tunnels-onopenvswitch/ http://openvswitch.org/ovs-vswitchd.conf.db.5.pdf http://openvswitch.org/ Page 27
  1. A particular slide catching your eye?

    Clipping is a handy way to collect important slides you want to go back to later.

×