Open vSwitch (OVS)

Install

apt install -y openvswitch-switch

List

# list interfaces
docker exec openvswitch_vswitchd ovs-vsctl list-ifaces br-int
 
# show bridges
docker exec openvswitch_vswitchd ovs-vsctl list-br
 
# show ports
docker exec openvswitch_vswitchd ovs-vsctl list-ports br-int

Create interface
https://docs.openstack.org/octavia/latest/install/install-ubuntu.html

# create bridge
ovs-vsctl add-br mybridge
# ifconfig mybridge up
ip link set mybridge up
ovs-vsctl show
ovs-dpctl show
 
# create
echo docker exec openvswitch_vswitchd ovs-vsctl -- --may-exist add-port br-int my-if1 -- \
set Interface my-if1 type=internal -- \
set Interface my-if1 external-ids:iface-status=active -- \
set Interface my-if1 external-ids:attached-mac=${CTL_HOST_MAC} -- \
set Interface my-if1 external-ids:iface-id=${PORT_ID} -- \
set Interface my-if1 external-ids:skip_cleanup=true
 
# Create port
openvswitch_vswitchd ovs-vsctl -- --may-exist add-port br-int my-port1 -- \
    set Interface o-hm0 type=internal -- \
    set Interface o-hm0 mac="${PORT_MAC}" -- \
    set Interface o-hm0 external-ids:iface-status=active -- \
    set Interface o-hm0 external-ids:iface-id=${PORT_ID} -- \
    set Interface o-hm0 external-ids:skip_cleanup=true -- \
    set Interface o-hm0 external-ids:attached-mac=${PORT_MAC}
 
# create vlan
ovs-vsctl add-port br0 vlan10 tag=10 -- set Interface vlan10 type=internal
ip addr add 192.168.0.123/24 dev vlan10

Show / List

ovs-vsctl show
 
ovs-vsctl list bridge
ovs-vsctl list port
ovs-vsctl list interface

Create

ovs-vsctl -- --may-exist add-port br-int o-hm0 -- \
set Interface o-hm0 type=internal -- \
set Interface o-hm0 external-ids:iface-status=active -- \
set Interface o-hm0 external-ids:attached-mac=${CTL_HOST_MAC} -- \
set Interface o-hm0 external-ids:iface-id=${PORT_ID} -- \
set Interface o-hm0 external-ids:skip_cleanup=true

Delete

# delete port
ovs-vsctl del-port br-int o-hm0
 
# delete ovs-tcpdump port
ovs-vsctl del-port br-tun ovsmiXXXXXX
 
# delete bridge
ovs-vsctl del-br mybridge

CLI
http://www.sznote.net/?p=1032

ovs-vsctl set int ovsbr0 mtu_request=1416
 
ovs-appctl fdb/show mybridge
ovs-ofctl show mybridge
ovs-ofctl dump-flows mybridge
 
# fake interface for LXD?
ovs-vsctl add-br br0
ovs-vsctl add-port br0 eno1
ovs-vsctl add-br vlan100 br0 100
lxc network attach-profile vlan100 default eth0

Tuntap device

# tuntap devices
ip tuntap add mode tap vport1
ip tuntap add mode tap vport2
ifconfig vport1 up
ip link set vport2 up
ifconfig
ovs-vsctl add-port mybridge vport1
ovs-vsctl add-port mybridge vport2
ovs-vsctl show

Cleanup broken interfaces

# search for broken ovs entries in db
for NODE in $(openstack compute service list -c Host -f value | sort -u); do
echo $NODE
    OUTPUT=$(ssh ${NODE} docker exec openvswitch_vswitchd ovsdb-client dump | grep qvo | egrep -v "tag|mac" | cut -d "\"" -f2)
    for PORT in ${OUTPUT}; do
        printf "%-20s %s\n" "${NODE}" "${PORT}"
    done
done
 
# get VM details for broken ovs entry
PORT=qvof53312d0-4d
openstack server show -c "OS-EXT-SRV-ATTR:host" -c name -c id -f value $(
    openstack port show -c device_id -f value $(
        openstack port list -c id -f value | grep $(echo ${PORT} | awk '{print substr($1,4,8)}')
    )
)
 
New: http://www.panticz.de/OpenVswitch-cleanup-interfaces
 
# get broken interface info
ssh os1-com2-dev docker exec openvswitch_vswitchd ovs-vsctl show | grep -A2 qvo5b1aac7e-d4
 
# delete port
ssh os1-com52-dev docker exec openvswitch_vswitchd ovs-vsctl del-port qvo1c589412-d2
 
# delete bridge
ssh os1-comX-prod
brctl show  | grep -C2 5b1aac7e
brctl delif qbr5b1aac7e-d4 qvb5b1aac7e-d4
ip link set qbr5b1aac7e-d4 down
brctl delbr qbr5b1aac7e-d4

Ansible module
https://docs.ansible.com/ansible/latest/modules/openvswitch_bridge_module.html#openvswitch-bridge-module
https://docs.ansible.com/ansible/latest/modules/openvswitch_db_module.html#openvswitch-db-module
https://docs.ansible.com/ansible/latest/modules/openvswitch_port_module.html#openvswitch-port-module

Documentation
http://manpages.ubuntu.com/manpages/latest/man8/ovs-vsctl.8.html

Video
https://www.youtube.com/watch?v=rYW7kQRyUvA - Introduction to Open vSwitch (OVS)
https://www.youtube.com/watch?v=7IXEtUEZslg - OpenStack Neutron Packet Walkthrough (DVR)
https://www.youtube.com/watch?v=FyV4MoQ3T0I - OpenFlow flow entries on Open vSwitch (OVS)

Hardware
https://northboundnetworks.com/collections/zodiac-fx/products/zodiac-fx

Route
http://docs.openvswitch.org/en/latest/howto/userspace-tunneling/

ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ovs/route/show

ARP
https://wiki.openstack.org/wiki/Ovs-flow-logic

# show ARP entry
ovs-ofctl dump-flows br-tun | grep 10.20.0.14 | grep arp

Delete entry

ovsdb-client dump | grep 10.11.0.34
ovsdb-client dump | wc -l 
 
ovs-ofctl dump-flows br-tun | grep 10.11.0.34
ovs-ofctl dump-flows br-tun | wc -l
 
ovs-ofctl --strict del-flows br-tun "priority=1,arp,dl_vlan=17,arp_tpa=10.11.0.34"

Packet Tracing
http://docs.openvswitch.org/en/latest/topics/tracing/
https://medium.com/@george.shuklin/utility-of-the-month-ofproto-trace-b94a1e1b9cfd

ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ofproto/trace br-int icmp,in_port=1234,dl_dst=00:11:22:33:44:55
ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ofproto/trace br-int icmp,in_port=1234,dl_dst=00:11:22:33:44:55,dl_src=11:22:33:44:55:66

Links
https://www.openvswitch.org/
https://thomas-leister.de/en/container-overlay-network-openvswitch-linux/
https://blog.scottlowe.org/2012/10/19/vlans-with-open-vswitch-fake-bridges/
https://manpages.ubuntu.com/manpages/latest/man8/ovs-vsctl.8.html
https://www.yet.org/2014/09/openvswitch-troubleshooting/