使用 RYU REST API 添加基于 IP 的流条目 [英] Adding an IP based flow entry using RYU REST API
问题描述
我正在尝试使用添加流条目基于 RYU OFCTL REST 的 api (ryu.readthedocs.io/en/latest/app/ofctl_rest.html),用于将流添加到运行在 mininet 上的 OVS 交换机
I am trying to add a flow entry using RYU OFCTL REST based api (ryu.readthedocs.io/en/latest/app/ofctl_rest.html) for adding flows to an OVS Switch running on mininet
RYU 正在运行 ofctl_rest 和 simple_switch 这两个应用程序
RYU is running ofctl_rest and simple_switch these two applications
我使用一个简单的拓扑结构,一台交换机 3 台主机......h1 = 10.0.0.1
I am using a simple topology with one switch 3 hosts ... h1 = 10.0.0.1
h2 = 10.0.0.2
h2 = 10.0.0.2
h3 = 10.0.0.3
h3 = 10.0.0.3
如何添加流条目以阻止来自主机 h1 的所有传入数据包.
我使用了一个 json 对象
How do i add a flow entry to block all incoming packets from host h1.
I used a json object
data={
"dpid": 1,
"cookie": 2802,
"priority": 3000,
"match":{
"nw_src": "10.0.0.1",
},
"actions": [ ]
}
但是这个流条目阻止了来自所有机器的所有 ping ...
But this flow entry is blocking all the pings from all the machines ...
有人可以建议如何使用API 在OVS中添加和IP地址过滤规则
can someone suggest how to add and IP address filtering rule in OVS using API
推荐答案
我尝试了同样的事情并使用了以下命令:
I tried same thing and used the command below:
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 100,
"flags": 1,
"match":{
"nw_src": "10.0.0.1",
"dl_type": 2048
},
"actions":[
]
}' http://localhost:8080/stats/flowentry/add
结果没问题.
mininet> dpctl dump-flows
*** s1 ------------------------------------------------------------------------
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=6.722s, table=0, n_packets=0, n_bytes=0, idle_age=6, priority=100,ip,nw_src=10.0.0.1 actions=drop
...
插入此规则后:
mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
^C
--- 10.0.0.2 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1000ms
mininet> h2 ping h3
PING 10.0.0.3 (10.0.0.3) 56(84) bytes of data.
64 bytes from 10.0.0.3: icmp_seq=1 ttl=64 time=0.147 ms
64 bytes from 10.0.0.3: icmp_seq=2 ttl=64 time=0.063 ms
我已使用 ofctl_rest 应用程序进行此设置,并首先插入所有必要的规则以使主机可以相互访问.这是插入这些规则的脚本:
I've used ofctl_rest app for this setup and first insert all necessary rules to make host reachable each other. Here is the script for inserting those rules:
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 0,
"flags": 1,
"match":{},
"actions":[
{
"type":"OUTPUT",
"port": "CONTROLLER"
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":2,
"dl_dst":"00:00:00:00:00:01"
},
"actions":[
{
"type":"OUTPUT",
"port": 1
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":1,
"dl_dst":"00:00:00:00:00:02"
},
"actions":[
{
"type":"OUTPUT",
"port": 2
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":3,
"dl_dst":"00:00:00:00:00:01"
},
"actions":[
{
"type":"OUTPUT",
"port": 1
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":1,
"dl_dst":"00:00:00:00:00:03"
},
"actions":[
{
"type":"OUTPUT",
"port": 3
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":3,
"dl_dst":"00:00:00:00:00:02"
},
"actions":[
{
"type":"OUTPUT",
"port": 2
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":2,
"dl_dst":"00:00:00:00:00:03"
},
"actions":[
{
"type":"OUTPUT",
"port": 3
}
]
}' http://localhost:8080/stats/flowentry/add
这篇关于使用 RYU REST API 添加基于 IP 的流条目的文章就介绍到这了,希望我们推荐的答案对大家有所帮助,也希望大家多多支持IT屋!