編者按：環路廣播風暴，如果有環路，數據幀將會在環路中來回傳遞，大量增生數據幀，形成廣播風暴。在SDN中部分控制器可以抑制環路廣播風暴的產生，如Floodlight，而像POX控制器，就不能很好的解決廣播風暴的問題。

接下來將對Floodlight和POX控制器進行廣播風暴實驗的對比。

物理連接上OF1、OF2、OF3形成環路，使用Flowvisor（192.168.20.6:6634）隔離成兩個虛網。VM1和VM3在一個虛網中，由POX（192.168.20.6:6635）控制，VM2和VM3在另一個虛網中，由Floodlight（192.168.20.6:6636）控制。

POX安裝與配置

安裝：

git?clonehttp://github.com/noxrepo/pox

啟動：

./pox.py?forwarding.l2_learning?openflow.of_01?--port=6635

Floodlight安裝與安裝

安裝：

apt-get?install?build-essential?default-jdk?ant?python-dev

git?clone?git://github.com/floodlight/floodlight.git

ant;

端口配置：

vi?./src/main/resources/floodlightdefault.properties

啟動：

nohup?java?-jar?target/floodlight.jar?>?/dev/null?&

Flowvisor安裝與配置

安裝：

sudo?apt-get?install?ant

sudo?apt-get?install?openjdk-6-jdk

wget?https://github.com/OPENNETWORKINGLAB/flowvisor/archive/1.2-MAINT.zip

make?&&?make?install

端口配置

vi?/etc/flowvisor/config.json（目前使用監聽端口6634）

普通用戶下啟動：

nohup??flowvisor?/etc/flowvisor/config.json?>/dev/null?&

OvS安裝與配置

OvS在之前已經寫過，詳情可查看《Open?vSwitch2.3.0版本安裝部署及基本操作》。

創建虛網

創建兩個slice，分別指定到POX和Floodlight上：

fvctl?-p?8181?add-slice?s1?tcp:127.0.0.1:6635?1@1

fvctl?-p?8181?add-slice?s2?tcp:127.0.0.1:6636?2@2

修改OvS的dpid：

192.168.20.3：ovs-vsctl?set?bridge?br0?other_config:datapath-id=1000000000000001

192.168.20.4：ovs-vsctl?set?bridge?br0?other_config:datapath-id=1000000000000002

192.168.20.5：ovs-vsctl?set?bridge?br0?other_config:datapath-id=1000000000000003

root@fnic8:~#?ovs-vsctl?list?bridge?br0

_uuid???????????????:?9a7f1e47-b5f1-410f-9a63-0393acf1a651

controller??????????:?[1ab5ceec-3965-47c4-89ab-1f1f408470bb]

datapath_id?????????:?"1000000000000001"

查看端口號：

root@fnic8:~#?ovs-ofctl?show?br0

OFPT_FEATURES_REPLY?(xid=0x2):?dpid:1000000000000001

n_tables:254,?n_buffers:256

capabilities:?FLOW_STATS?TABLE_STATS?PORT_STATS?QUEUE_STATS?ARP_MATCH_IP

actions:?OUTPUT?SET_VLAN_VID?SET_VLAN_PCP?STRIP_VLAN?SET_DL_SRC?SET_DL_DST?SET_NW_SRC?SET_NW_DST?SET_NW_TOS?SET_TP_SRC?SET_TP_DST?ENQUEUE

1(vnet0):?addr:fe:54:00:d4:fa:b1

config:?????0

state:??????0

current:????10MB-FD?COPPER

speed:?10?Mbps?now,?0?Mbps?max

2(eth1):?addr:74:86:7a:d7:65:65

config:?????0

state:??????0

current:????100MB-FD?COPPER?AUTO_NEG

advertised:?10MB-HD?10MB-FD?100MB-HD?100MB-FD?1GB-HD?1GB-FD?COPPER?AUTO_NEG?AUTO_PAUSE

supported:??10MB-HD?10MB-FD?100MB-HD?100MB-FD?1GB-HD?1GB-FD?COPPER?AUTO_NEG

speed:?100?Mbps?now,?1000?Mbps?max

3(eth2):?addr:74:86:7a:d7:65:66

config:?????0

state:??????0

current:????1GB-FD?COPPER?AUTO_NEG

advertised:?10MB-HD?10MB-FD?100MB-HD?100MB-FD?1GB-HD?1GB-FD?COPPER?AUTO_NEG?AUTO_PAUSE

supported:??10MB-HD?10MB-FD?100MB-HD?100MB-FD?1GB-HD?1GB-FD?COPPER?AUTO_NEG

speed:?1000?Mbps?now,?1000?Mbps?max

LOCAL(br0):?addr:74:86:7a:d7:65:65

config:?????0

state:??????0

speed:?0?Mbps?now,?0?Mbps?max

OFPT_GET_CONFIG_REPLY?(xid=0x4):?frags=normal?miss_send_len=0

虛網隔離創建

執行以下腳本，創建flowspace：

DP1=1000000000000001

DP2=1000000000000002

DP3=1000000000000003

#s1-dpid1

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=1,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=1,nw_src=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=2,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=2,nw_src=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=3,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP1?1?in_port=3,nw_src=10.0.0.1?s1=7

#s1-dpid2

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP2?1?in_port=2,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP2?1?in_port=2,nw_src=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP2?1?in_port=3,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP2?1?in_port=3,nw_src=10.0.0.1?s1=7

#s1-dpid3

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=1,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=1,nw_src=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=2,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=2,nw_src=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=3,nw_dst=10.0.0.1?s1=7

fvctl?-p?8181?add-flowspace?-f?1?space1?$DP3?1?in_port=3,nw_src=10.0.0.1?s1=7

#s2-dpid1

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP1?1?in_port=2,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP1?1?in_port=2,nw_src=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP1?1?in_port=3,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP1?1?in_port=3,nw_src=10.0.0.2?s2=7

#s2-dpid2

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=1,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=1,nw_src=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=2,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=2,nw_src=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=3,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP2?1?in_port=3,nw_src=10.0.0.2?s2=7

#s2-dpid3

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=1,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=1,nw_src=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=2,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=2,nw_src=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=3,nw_dst=10.0.0.2?s2=7

fvctl?-p?8181?add-flowspace?-f?2?space1?$DP3?1?in_port=3,nw_src=10.0.0.2?s2=7

設置隊列

OvS1設置隊列，流量隔離

執行以下腳本設置隊列：

#!/bin/bash

#clear?config

ovs-vsctl?del-br?br0

ovs-vsctl?--?--all?destroy?qos

ovs-vsctl?--?--all?destroy?queue

ovs-vsctl?add-br?br0?--?set?bridge?br0?other_config:datapath-id=1000000000000001

ovs-vsctl?set-controller?br0?tcp:192.168.20.6:6634

ovs-vsctl?set?bridge?br0?fail_mode=secure

virsh?destroy?vm3?//vm3為VM名稱

sleep?5

virsh?start?vm3

sleep?5

ovs-vsctl?add-port?br0?eth1

ovs-vsctl?add-port?br0?eth2

#qos

ovs-vsctl?set?port?eth1?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth1?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

ovs-vsctl?set?port?eth2?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth2?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

OvS2設置隊列，流量隔離

執行以下腳本設置隊列：

#!/bin/bash

#clear?config

ovs-vsctl?del-br?br0

ovs-vsctl?--?--all?destroy?qos

ovs-vsctl?--?--all?destroy?queue

ovs-vsctl?add-br?br0?--?set?bridge?br0?other_config:datapath-id=1000000000000002

ovs-vsctl?set-controller?br0?tcp:192.168.20.6:6634

ovs-vsctl?set?bridge?br0?fail_mode=secure

virsh?destroy?vm4

sleep?5

virsh?start?vm4

sleep?5

ovs-vsctl?add-port?br0?eth1

ovs-vsctl?add-port?br0?eth2

#qos

ovs-vsctl?set?port?eth1?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth1?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

ovs-vsctl?set?port?eth2?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth2?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

OvS3設置隊列，流量隔離

執行以下腳本設置隊列：

#!/bin/bash

#clear?config

ovs-vsctl?del-br?br0

ovs-vsctl?--?--all?destroy?qos

ovs-vsctl?--?--all?destroy?queue

ovs-vsctl?add-br?br0?--?set?bridge?br0?other_config:datapath-id=1000000000000003

ovs-vsctl?set-controller?br0?tcp:192.168.20.6:6634

ovs-vsctl?set?bridge?br0?fail_mode=secure

virsh?destroy?vm5

sleep?5

virsh?start?vm5

sleep?5

ovs-vsctl?add-port?br0?eth1

ovs-vsctl?add-port?br0?eth2

#qos

ovs-vsctl?set?port?eth1?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth1?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

ovs-vsctl?set?port?eth2?qos=@newqos?--?--id=@newqos?create?qos?type=linux-htb\

queues=1=@q1,2=@q2?other_config:max-rate=`ovs-vsctl?get?interface?eth2?link-speed`\

--?--id=@q1?create?queue?other_config:min-rate=10000000\

--?--id=@q2?create?queue?other_config:min-rate=10000000

實驗結果

VM1與VM3形成廣播風暴；

VM2與VM3可以ping通，Floodlight的最小生成樹協議成功抑制了廣播風暴；

VM1與VM2由于在不同的flowspace中ping不通。

本文轉載自SDNLAB,更多SDN相關技術文章請關注SDNLAB。