我想添加流條目使用 基於RYU OFCTL REST的api(ryu.readthedocs.io/en/latest/app/ofctl_rest.html)用於將流添加到OVS開關ON mininet運行使用RYU REST API添加基於IP的流條目
RYU運行ofctl_rest和simple_switch這兩個應用程序
我使用一個開關3臺主機一個簡單的拓撲... H1 = 10.0.0.1
h2 = 10.0.0.2
H3 = 10.0.0.3
如何添加流條目阻止主機H1所有的報文。
我用JSON對象
data={
"dpid": 1,
"cookie": 2802,
"priority": 3000,
"match":{
"nw_src": "10.0.0.1",
},
"actions": [ ]
}
但這流條目阻止所有坪從所有的機器...
可有人建議如何使用API
在OVS添加和IP地址過濾規則我想同樣的事情,使用下面的命令:
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 100,
"flags": 1,
"match":{
"nw_src": "10.0.0.1",
"dl_type": 2048
},
"actions":[
]
}' http://localhost:8080/stats/flowentry/add
結果是OK。
mininet> dpctl dump-flows
*** s1 ------------------------------------------------------------------------
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=6.722s, table=0, n_packets=0, n_bytes=0, idle_age=6, priority=100,ip,nw_src=10.0.0.1 actions=drop
...
插入此規則後:
mininet> h1 ping h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
^C
--- 10.0.0.2 ping statistics ---
2 packets transmitted, 0 received, 100% packet loss, time 1000ms
mininet> h2 ping h3
PING 10.0.0.3 (10.0.0.3) 56(84) bytes of data.
64 bytes from 10.0.0.3: icmp_seq=1 ttl=64 time=0.147 ms
64 bytes from 10.0.0.3: icmp_seq=2 ttl=64 time=0.063 ms
我用ofctl_rest應用此設置,首先插入所有必要的規則,使主機可達對方。這裏是腳本插入這些規則:
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 0,
"flags": 1,
"match":{},
"actions":[
{
"type":"OUTPUT",
"port": "CONTROLLER"
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":2,
"dl_dst":"00:00:00:00:00:01"
},
"actions":[
{
"type":"OUTPUT",
"port": 1
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":1,
"dl_dst":"00:00:00:00:00:02"
},
"actions":[
{
"type":"OUTPUT",
"port": 2
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":3,
"dl_dst":"00:00:00:00:00:01"
},
"actions":[
{
"type":"OUTPUT",
"port": 1
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":1,
"dl_dst":"00:00:00:00:00:03"
},
"actions":[
{
"type":"OUTPUT",
"port": 3
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":3,
"dl_dst":"00:00:00:00:00:02"
},
"actions":[
{
"type":"OUTPUT",
"port": 2
}
]
}' http://localhost:8080/stats/flowentry/add
curl -X POST -d '{
"dpid": 1,
"cookie": 0,
"table_id": 0,
"priority": 1,
"flags": 1,
"match":{
"in_port":2,
"dl_dst":"00:00:00:00:00:03"
},
"actions":[
{
"type":"OUTPUT",
"port": 3
}
]
}' http://localhost:8080/stats/flowentry/add
謝謝你這麼多的解決方案,我將嘗試使用這個請求而不是RYU ofctl API ...當你說插入所有必要的規則 – user3445623
謝謝你這麼多的解決方案我會嘗試使用此請求,而不是RYU ofctl API ...當您說插入所有必要的規則時,他們不會添加當我使用pingall命令?或有一些不同的規則,我需要添加....請幫助這個查詢...也請分享所有有關ryu mininet命令和添加流量的命令 – user3445623
我編輯了我的答案並添加了腳本我用了。 Ofctl_rest沒有規則。您可以使用我添加的腳本添加規則。之後,平阿爾就好了。然後您可以添加放置操作規則。 –