In this post - I am going to explore the application of Open vSwitch as traditional switch that can be used in the LAN closets during migration to SDN using either Openflow or some other SDN overlay technology. OVS initially started as a soft switch and was seen as an alternative to linux bridge. But today it has become de-facto SDN switch supporting Openflow 1.3+ including some 1.5 features as well. Due to its popularity - many switch vendors have started to ship hardware switches integrated with OVS. It is still available as a freely downloadable switch from the openvswitch.org's web site.
Let's look at some of the most commonly used traditional layer 2 access technology that OVS needs to support for it to become a viable alternative to regular expensive vendor switches.
1. It must support VLANs.
2. Trunk Interfaces
3. VLAN tagging (Q-in-Q, EVC etc)
4. Spanning tree (RSTP, MSTP etc)
5. Access-list - packet filtering
6. QOS for VoIP/Data traffic
7. Policing
OVS supports some of these functions exactly like regular access switches. In fact - I found configuring OVS using ovs-vsctl lot more simpler than the the traditional switches. We will go over the configuration of some of these functions using Linux name Space and Open vSwitch.
OVS offers two most important commands to configure the switch 1) using "ovs-vsctl" command and 2) using "ovs-ofctl" command. However, these two commands operate differently. Of these two , "ovs-vsctl" modifies the ovsdb database which stores the switch level configuration. All the changes made using ovs-vsctl are permanent.
Contrary to this, "ovs-ofctl" modifies the forwading table of the switch and has the ability to modify most ( I mean all in case of ethernet) of the header fields in a packet.
VLAN /Trunk Interface Configuration using "ovs-vsctl" command
Using the topology shown below we will configure VLAN switching on OpenvSwitch S1 and S2. I used Linux Name Space to build the topology. However, using Linux name space and installation of OVS switch are outside the scope of this post. You can refer to my most on Linux tools for virtual networking if you need more information on building virtual topology in a Linux environment..
Let's put host H1 and H3 in VLAN 10.
Configure port s1-eth1 with tag=10 as shown below. It will automatically add ths port to VLAN = 10
#ovs-vsctl set port s1-eth1 tag=10
#ovs-vsctl set port s1-trunk vlan_mode=access
Configure the trunk link between S1 and S2 to be trunk and assign it the VLAN tag of 10.
On switch S1
#ovs-vsctl set port s1-trunk trunk=10
on Switch S2
#ovs-vsctl set port s2-trunk trunk=10
Finally, Configure port s2-eth1 to be access port with VLAN tag 10.
#ovs-vsctl set port s2-eth1 tag=10
#ovs-vsctl set port s1-trunk vlan_mode=access
The above configuration will put H1 and H3 in VLAN 10. Let's expand our configuration by adding host H2 and H4 to VLAN 20.
on Switch S1
#ovs-vsctl set port s1-eth2 tag=20
#ovs-vsctl set port s1-trunk trunk=10,20
on Switch S2
#ovs-vsctl set port s2-eth2 tag=20
#ovs-vsctl set port s2-trunk trunk=10,20
This completes our simple VLAN configuration. However, if were to support trunk ports with native VLAN its configuration would be as shown below. ( Assuming VLAN 10 to be the native VLAN.)
On Switch1
# ovs-vsctl set port s1-trunk vlan_mode=native-untagged
On Switch S2
# ovs-vsctl set port s2-trunk vlan_mode=native-untagged
Please check my other posts for more Layer 2 examples using OVS.
Let's look at some of the most commonly used traditional layer 2 access technology that OVS needs to support for it to become a viable alternative to regular expensive vendor switches.
1. It must support VLANs.
2. Trunk Interfaces
3. VLAN tagging (Q-in-Q, EVC etc)
4. Spanning tree (RSTP, MSTP etc)
5. Access-list - packet filtering
6. QOS for VoIP/Data traffic
7. Policing
OVS supports some of these functions exactly like regular access switches. In fact - I found configuring OVS using ovs-vsctl lot more simpler than the the traditional switches. We will go over the configuration of some of these functions using Linux name Space and Open vSwitch.
OVS offers two most important commands to configure the switch 1) using "ovs-vsctl" command and 2) using "ovs-ofctl" command. However, these two commands operate differently. Of these two , "ovs-vsctl" modifies the ovsdb database which stores the switch level configuration. All the changes made using ovs-vsctl are permanent.
Contrary to this, "ovs-ofctl" modifies the forwading table of the switch and has the ability to modify most ( I mean all in case of ethernet) of the header fields in a packet.
VLAN /Trunk Interface Configuration using "ovs-vsctl" command
Using the topology shown below we will configure VLAN switching on OpenvSwitch S1 and S2. I used Linux Name Space to build the topology. However, using Linux name space and installation of OVS switch are outside the scope of this post. You can refer to my most on Linux tools for virtual networking if you need more information on building virtual topology in a Linux environment..
Let's put host H1 and H3 in VLAN 10.
Configure port s1-eth1 with tag=10 as shown below. It will automatically add ths port to VLAN = 10
#ovs-vsctl set port s1-eth1 tag=10
#ovs-vsctl set port s1-trunk vlan_mode=access
Configure the trunk link between S1 and S2 to be trunk and assign it the VLAN tag of 10.
On switch S1
#ovs-vsctl set port s1-trunk trunk=10
on Switch S2
#ovs-vsctl set port s2-trunk trunk=10
Finally, Configure port s2-eth1 to be access port with VLAN tag 10.
#ovs-vsctl set port s2-eth1 tag=10
#ovs-vsctl set port s1-trunk vlan_mode=access
The above configuration will put H1 and H3 in VLAN 10. Let's expand our configuration by adding host H2 and H4 to VLAN 20.
on Switch S1
#ovs-vsctl set port s1-eth2 tag=20
#ovs-vsctl set port s1-trunk trunk=10,20
on Switch S2
#ovs-vsctl set port s2-eth2 tag=20
#ovs-vsctl set port s2-trunk trunk=10,20
On Switch1
# ovs-vsctl set port s1-trunk vlan_mode=native-untagged
# ovs-vsctl set port s1-trunk tag=10
# ovs-vsctl set port s1-trunk=20,30On Switch S2
# ovs-vsctl set port s2-trunk vlan_mode=native-untagged
# ovs-vsctl set port s2-trunk tag=10
# ovs-vsctl set port s2-trunk=20,30
I just included VLAN 30 to make the configuration complete and show you that except native VLAN , all other VLANs will need to go there.
Please check my other posts for more Layer 2 examples using OVS.
No comments:
Post a Comment