open v switch20150410b

Mininet, Wireshark and Open vSwitch

a study notes

Richard Kuo, Professional-Technical Architect,

Domain 2.0 Architecture & Planning

Motivation

• Understand some basic network engineering tools for SDN/NFV and network virtualization, which can be served as building blocks for knowledge development.

4/10/15 Creatie Common, SA, NC 2

Network Virtualization

• User Interface

• Network Services

• Controller

• Logic Network

• Virtualization

• Physical Network Resources

• Software operating environment (VM, container)

• Analytics, Policy, Goal, QoS, SLA

• OSS and BSS

• Service composition, chaining


Mininet

• http://mininet.org/

• Mininet is a network emulator, it creates a virtual network, runs on VM, cloud or native machine:

•

OpenVirtex, FlowVisor

ODL, ONOS,…

Mininet, OvS, Wireshark, …

VPN, LB, DPI,..

OpenFlow(Southbound)


http://mininet.org/

Mininet

$ sudo mn --topo single,3 --mac --switch ovsk --controller=remote

$ sudo mn --topo linear,4 --mac --switch ovsk --controller=remote

$ sudo mn --topo tree,3 --mac --switch ovsk --controller=remote

from: NDI Communication


Mininet Commands

• Default topology (h1, h2, s1, c0)

• sudo mn

• nodes

• net

• dump

• pingall

• h1 ping h2 –c3


Wireshark• supports hundreds of

protocolshttp://www.wireshark.org/docs/dfref/

• Live capture and offline analysis

• Multiplatform: Windows, Linux, MAC

• Captured data browsing in GUI or in TTY mode (TSHARK)

• R/W many different capture file formats: tcpdump (libpcap), MS Network Monitor, Network General Sniffer®, RADCOM WAN/LAN Analyzer and many others.

• Output can be exported to XML, PostScript® or simple text


http://www.wireshark.org/docs/dfref/

Wireshark

• Packet list

• Packet details

• Packet bytes


Open vSwitch

• A software-based solution

• An implementation of OpenFlow

• Flexible Controller in user-space and fast datapath in Kernel

• Flow Decision• Decision about how to process

packet made in user-space

• First packet of new flow goes to ovs-vswitchd, following packets hit cached entry in kernel


Features

• Visibility into inter-VM communication via NetFlow, sFlow(R), IPFIX, SPAN, RSPAN, and GRE-tunneled mirrors

• Support features on a Linux system:– Fully functional Layer 2 switch– NetFlow, sFlow, SPAN, and RSPAN support– 802.1Q VLANs with trunking– QoS– Port aggregation– GRE tunneling– Compatibility with the Linux bridge code (brctl)– Kernel and userspace switch implementation

• Fine-grained QoS control• Support for HFSC qdisc• Per VM interface traffic policing

• NIC bonding with source-MAC load balancing, active backup, and L4 hashing

• OpenFlow protocol support (including many extensions for virtualization)

• IPv6 support• Multiple tunneling protocols

– GRE, VXLAN, IPsec, GRE and VXLAN over IPsec

• Remote configuration protocol with C and Python bindings

• Kernel and user-space forwarding engine options• Multi-table forwarding pipeline with flow-caching

engine• Forwarding layer abstraction to ease porting to new

software and hardware platforms

• Feature list for container is in process


Open vSwitch Schema

• Database that holds switch level configuration

• Custom database with nice properties:

• Log-based

• Speaks OVSDB management protocol(JSON-RPC) to manager and ovs-vswitchd


Hardware VTEP Schema


OvS Core Components

• ovs-vswitchd

• ovs-kernel

• ovsdb, ovsdb-server


The example of QoS in OVS Database

• It is a GUI tool to see the tables in the ovsdb-server• This case is about checking QoS setting

ovs-appctl

ovs-appctl is a utility for managing these daemons at runtime. It is useful for configuring log module settings as well as viewing all OpenFlow flows, including hidden ones.


ovs-dpctl

ovs-dpctl is very similar to ovs-ofctl in that they both show flow table entries. The flows that ovs-dpctl prints are always an exact match and reflect packets that have actually passed through the system within the last few seconds.

.


ovs-ofctl

This tool is used for administering and monitoring OpenFlowswitches. Even if OVS isn't configured for centralized administration, ovs-ofctl can be used to show the current state of OVS including features, configuration, and table entries.


ovs-vsctl

This tool is used for configuration and viewing OVS switch operations:

• Port configuration,

• bridge additions/deletions,

• bonding,

• VLAN tagging


Demo


open v switch20150410b

Technology

chaining41015creatie

process41015creatie

network emulator

virtual network

switch ovsk

ms network monitor

network general sniffer

new software