基础环境

• Opendaylight + Mininet （安装好karaf等组件）
• Open vSwitch 2.3.1

实验步骤

查看控制器ip和交换机的连接状态

登录控制器，查看端口是否处于监听状态

netstat -an|grep 6633

登录交换机，查看交换机与控制器的连接情况

root@guest-virtual-machine:/home/guest# ovs-vsctl show
2e6efe16-6875-4feb-8451-7da554fbd3c8
    ovs_version: "2.0.2"
//以上是交换机与控制器未连接成功，需要手动连接，显示以下的“is_connected：true”
root@guest-virtual-machine:/home/guest# ovs-vsctl add-br br-sw
root@guest-virtual-machine:/home/guest# ovs-vsctl set-controller br-sw tcp:192.168.123.10:6633
root@guest-virtual-machine:/home/guest# ovs-vsctl show

登陆主机，查看主机与控制器连接情况，如果没连接，需要手动连接

登录交换机，连接控制器（基于OVSDB协议创建一个新的连接）

ovs-vsctl set-manager tcp:192.168.123.10:6640

安装sFlow

将sFlow安装包上传至控制器，并解压

登录交换机，部署sFlow Agent

ovs-vsctl -- --id=@sflow create sflow agent=s1 target=\"192.168.123.10:6633\" header=128 sampling=10 polling=1 -- set bridge br-sw sflow=@sflow

查看已配置的sFlow Agent信息

ovs-vsctl list sflow

登录控制器，启动sFlow

验证防DDoS攻击

打开浏览器，查看状态

http://192.168.123.10:8008/html/index.html#status

路由实验

首先运行Opendaylight，并安装好组件

编辑路由脚本脚本

#!/usr/bin/python
import time
from mininet.net import Mininet
from mininet.node import Controller, RemoteController, OVSKernelSwitch,UserSwitch
from mininet.cli import CLI
from mininet.log import setLogLevel
from mininet.link import Link, TCLink
def topology():
    "Create a network."
    net = Mininet( controller=RemoteController, link=TCLink, switch=OVSKernelSwitch )
    print "*** Creating nodes ***"
    h1 = net.addHost( 'h1', mac='00:00:00:00:00:01', ip='10.123.10.1/24' )
    h2 = net.addHost( 'h2', mac='00:00:00:00:00:02', ip='10.123.10.2/24' )
    h3 = net.addHost( 'h3', mac='00:00:00:00:00:03', ip='10.123.1.1/24' )
    s1 = net.addSwitch( 's1', listenPort=6673, mac='00:00:00:00:00:11' )
    s2 = net.addSwitch( 's2', listenPort=6674, mac='00:00:00:00:00:12' )
    c0 = net.addController( 'c0', controller=RemoteController, ip='127.0.0.1', port=6633 )
    print "*** Creating links ***"
    net.addLink(s1, h1, 1, 0)
    net.addLink(s2, h3, 1, 0)
    Link(h2, s1, intfName1='h2-eth0')
    Link(h2, s2, intfName1='h2-eth1')
    h2.cmd('ifconfig h2-eth1 10.123.1.2 netmask 255.255.255.0')
    h2.cmd('sysctl net.ipv4.ip_forward=1')
    h1.cmd('route add default gw 10.123.10.2')
    h3.cmd('route add default gw 10.123.1.2')
    print "*** Starting network ***"
    net.build()
    c0.start()
    s1.start( [c0] )
    s2.start( [c0] )
    print "*** Running CLI ***"
    CLI( net )
    print "*** Stopping network ***"
    net.stop()
if __name__ == '__main__':
    setLogLevel( 'info' )
    topology()

运行脚本

python router.py

两个交换机下发转发规则：

root@guest-virtual-machine:/home/guest# ovs-ofctl add-flow s1 in_port=1,actions=output:2
root@guest-virtual-machine:/home/guest# ovs-ofctl add-flow s1 in_port=2,actions=output:1
root@guest-virtual-machine:/home/guest# ovs-ofctl add-flow s2 in_port=1,actions=output:2
root@guest-virtual-machine:/home/guest# ovs-ofctl add-flow s2 in_port=2,actions=output:1

在CLI命令行里执行

mininet> h1 route add default gw 10.123.10.2
mininet> h3 route add default gw 10.123.1.2
mininet> h1 ping 10.123.10.2
mininet> h1 ping 10.123.1.2

这时候再次测试h1 ping h3 就可以通

举例

环境继承上述，再添加一个h4，使他们都可以通

mininet> py net.addHost( 'h4', mac='00:00:00:00:00:04', ip='10.123.123.1/24' )
mininet> py net.addSwitch( 's3', listenPort=6675, mac='00:00:00:00:00:13' )

创建链路

mininet> py net.addLink(s3, h4, 1, 0)
mininet> py net.addLink(h2, s3, intfName1='h2-eth2')

环境继承上述，再添加一个h4，使他们都可以通

//添加h4设备
h4 = net.addHost( 'h4', mac='00:00:00:00:00:04', ip='10.123.123.1/24' )
//添加s3交换机
s3 = net.addSwitch( 's3', listenPort=6675, mac='00:00:00:00:00:13' )
//添加s3和h4的链路
net.addLink(s3, h4, 1, 0)
//设置ip端口
h2.cmd('ifconfig h2-eth2 10.123.123.2 netmask 255.255.255.0')
//设置h4的网关
h4.cmd('route add default gw 10.123.123.2')
//开启s3
s3.start( [c0] )