Static Flow Pusher 是一个 Floodlight 模块,使用的是REST API接口,允许用户在OpenFlow 网络中插入流表 。
主动式和反应式流插入
OpenFlow 支持两种流表插入: 主动式和反应式。当数据包抵达OpenFlow交换机,而交换机没有该包对应的匹配流表时,反应时流表插入起作用。该数据包被送到控制器,由控制器进行评估,并向交换机添加相应的流表,从而把该数据包正确的转发出去。主动式插入则是在数据包到达之前就插入相应的流表,这就是两种方式的区别。
Static Flow Pusher 对于主动式流表插入很有用。Floodlight 默认会加载 Forwarding模块, 该模块使用反应式流插入 ,如果你只想使用静态流,你可以在floodlight.properties配置文件中删除 Forwarding。
API 概要
URI Description Arguments /wm/staticflowentrypusher/json 静态流添加或删除操作 HTTP POST data (add flow), HTTP DELETE (for deletion) /wm/staticflowentrypusher/list/<switch>/json 列举交换机的静态流表 switch: Valid Switch DPID (XX:XX:XX:XX:XX:XX:XX:XX) or "all" /wm/staticflowentrypusher/clear/<switch>/json 清除交换机的静态流表 switch: Valid Switch DPID (XX:XX:XX:XX:XX:XX:XX:XX) or "all" 添加静态流操作静态流添加是通过REST API接口来进行的。例如,在交换机1上插入一条让数据包从端口1进端口2出的流表,则可以使用curl命令。 第二个命令可以显示插入的流表。
curl -d '{"switch": "00:00:00:00:00:00:00:01", "name":"flow-mod-1", "priority":"32768", "ingress-port":"1","active":"true", "actions":"output=2"}' http://<controller_ip>:8080/wm/staticflowentrypusher/json curl http://<controller_ip>:8080/wm/core/switch/1/flow/json;
删除静态流操作
通过包含流表名字的 HTTP DELETE命令来删除指定流表。
curl -X DELETE -d '{"name":"flow-mod-1"}' http://<controller_ip>:8080/wm/staticflowentrypusher/json
flow entry的可能属性
Key Value Notes switch <switch ID> ID of the switch (data path) that this rule should be added to xx:xx:xx:xx:xx:xx:xx:xx name <string> Name of the flow entry, this is the primary key, it MUST be unique actions <key>=<value> See table of actions below Specify multiple actions using a comma-separated list Specifying no actions will cause the packets to be dropped priority <number> default is 32767 maximum value is 32767 active <boolean> wildcards ingress-port <number> switch port on which the packet is received Can be hexadecimal (with leading 0x) or decimal src-mac <mac address> xx:xx:xx:xx:xx:xx dst-mac <mac address> xx:xx:xx:xx:xx:xx vlan-id <number> Can be hexadecimal (with leading 0x) or decimal vlan-priority <number> Can be hexadecimal (with leading 0x) or decimal ether-type <number> Can be hexadecimal (with leading 0x) or decimal tos-bits <number> Can be hexadecimal (with leading 0x) or decimal protocol <number> Can be hexadecimal (with leading 0x) or decimal src-ip <ip address> xx.xx.xx.xx dst-ip <ip address> xx.xx.xx.xx src-port <number> Can be hexadecimal (with leading 0x) or decimal dst-port <number> Can be hexadecimal (with leading 0x) or decimalPossible actions within the "action" field:
Key Value Notes output <number> all controller local ingress-port normal flood no "drop" option (instead, specify no action to drop packets) enqueue <number>:<number> First number is port number, second is queue ID Can be hexadecimal (with leading 0x) or decimal strip-vlan set-vlan-id <number> Can be hexadecimal (with leading 0x) or decimal set-vlan-priority <number> Can be hexadecimal (with leading 0x) or decimal set-src-mac <mac address> xx:xx:xx:xx:xx:xx set-dst-mac <mac address> xx:xx:xx:xx:xx:xx set-tos-bits <number> set-src-ip <ip address> xx.xx.xx.xx set-dst-ip <ip address> xx.xx.xx.xx set-src-port <number> Can be hexadecimal (with leading 0x) or decimal set-dst-port <number> Can be hexadecimal (with leading 0x) or decimal
静态流表插入的实际应用
我们可以使用Python脚本写流表操作, 例如, 使用mininet产生一个简单的拓扑,并连接上控制器,默认的拓扑是一个交换机(s1)和两个主机(h2和h3)。
sudo mn --controller=remote --ip=<controller ip> --port=6633下面的代码插入从h2到h3的流和h3到h2的流。
import httplib import json class StaticFlowPusher(object): def __init__(self, server): self.server = server def get(self, data): ret = self.rest_call({}, 'GET') return json.loads(ret[2]) def set(self, data): ret = self.rest_call(data, 'POST') return ret[0] == 200 def remove(self, objtype, data): ret = self.rest_call(data, 'DELETE') return ret[0] == 200 def rest_call(self, data, action): path = '/wm/staticflowentrypusher/json' headers = { 'Content-type': 'application/json', 'Accept': 'application/json', } body = json.dumps(data) conn = httplib.HTTPConnection(self.server, 8080) conn.request(action, path, body, headers) response = conn.getresponse() ret = (response.status, response.reason, response.read()) print ret conn.close() return ret pusher = StaticFlowPusher('<insert_controller_ip') flow1 = { 'switch':"00:00:00:00:00:00:00:01", "name":"flow-mod-1", "cookie":"0", "priority":"32768", "ingress-port":"1", "active":"true", "actions":"output=flood" } flow2 = { 'switch':"00:00:00:00:00:00:00:01", "name":"flow-mod-2", "cookie":"0", "priority":"32768", "ingress-port":"2", "active":"true", "actions":"output=flood" } pusher.set(flow1) pusher.set(flow2)通过ping命令进行测试
mininet> h2 ping h3 顶 0 踩