Install
apt install -y openvswitch-switch
List
# list interfaces docker exec openvswitch_vswitchd ovs-vsctl list-ifaces br-int # show bridges docker exec openvswitch_vswitchd ovs-vsctl list-br # show ports docker exec openvswitch_vswitchd ovs-vsctl list-ports br-int
Create interface
https://docs.openstack.org/octavia/latest/install/install-ubuntu.html
# create bridge ovs-vsctl add-br mybridge # ifconfig mybridge up ip link set mybridge up ovs-vsctl show ovs-dpctl show # create echo docker exec openvswitch_vswitchd ovs-vsctl -- --may-exist add-port br-int my-if1 -- \ set Interface my-if1 type=internal -- \ set Interface my-if1 external-ids:iface-status=active -- \ set Interface my-if1 external-ids:attached-mac=${CTL_HOST_MAC} -- \ set Interface my-if1 external-ids:iface-id=${PORT_ID} -- \ set Interface my-if1 external-ids:skip_cleanup=true # Create port openvswitch_vswitchd ovs-vsctl -- --may-exist add-port br-int my-port1 -- \ set Interface o-hm0 type=internal -- \ set Interface o-hm0 mac="${PORT_MAC}" -- \ set Interface o-hm0 external-ids:iface-status=active -- \ set Interface o-hm0 external-ids:iface-id=${PORT_ID} -- \ set Interface o-hm0 external-ids:skip_cleanup=true -- \ set Interface o-hm0 external-ids:attached-mac=${PORT_MAC} # create vlan ovs-vsctl add-port br0 vlan10 tag=10 -- set Interface vlan10 type=internal ip addr add 192.168.0.123/24 dev vlan10
Show / List
ovs-vsctl show ovs-vsctl list bridge ovs-vsctl list port ovs-vsctl list interface
Create
ovs-vsctl -- --may-exist add-port br-int o-hm0 -- \ set Interface o-hm0 type=internal -- \ set Interface o-hm0 external-ids:iface-status=active -- \ set Interface o-hm0 external-ids:attached-mac=${CTL_HOST_MAC} -- \ set Interface o-hm0 external-ids:iface-id=${PORT_ID} -- \ set Interface o-hm0 external-ids:skip_cleanup=true
Delete
# delete port ovs-vsctl del-port br-int o-hm0 # delete ovs-tcpdump port ovs-vsctl del-port br-tun ovsmiXXXXXX # delete bridge ovs-vsctl del-br mybridge
CLI
http://www.sznote.net/?p=1032
ovs-vsctl set int ovsbr0 mtu_request=1416 ovs-appctl fdb/show mybridge ovs-ofctl show mybridge ovs-ofctl dump-flows mybridge # fake interface for LXD? ovs-vsctl add-br br0 ovs-vsctl add-port br0 eno1 ovs-vsctl add-br vlan100 br0 100 lxc network attach-profile vlan100 default eth0
Tuntap device
# tuntap devices ip tuntap add mode tap vport1 ip tuntap add mode tap vport2 ifconfig vport1 up ip link set vport2 up ifconfig ovs-vsctl add-port mybridge vport1 ovs-vsctl add-port mybridge vport2 ovs-vsctl show
Cleanup broken interfaces
# search for broken ovs entries in db for NODE in $(openstack compute service list -c Host -f value | sort -u); do echo $NODE OUTPUT=$(ssh ${NODE} docker exec openvswitch_vswitchd ovsdb-client dump | grep qvo | egrep -v "tag|mac" | cut -d "\"" -f2) for PORT in ${OUTPUT}; do printf "%-20s %s\n" "${NODE}" "${PORT}" done done # get VM details for broken ovs entry PORT=qvof53312d0-4d openstack server show -c "OS-EXT-SRV-ATTR:host" -c name -c id -f value $( openstack port show -c device_id -f value $( openstack port list -c id -f value | grep $(echo ${PORT} | awk '{print substr($1,4,8)}') ) ) New: http://www.panticz.de/OpenVswitch-cleanup-interfaces # get broken interface info ssh os1-com2-dev docker exec openvswitch_vswitchd ovs-vsctl show | grep -A2 qvo5b1aac7e-d4 # delete port ssh os1-com52-dev docker exec openvswitch_vswitchd ovs-vsctl del-port qvo1c589412-d2 # delete bridge ssh os1-comX-prod brctl show | grep -C2 5b1aac7e brctl delif qbr5b1aac7e-d4 qvb5b1aac7e-d4 ip link set qbr5b1aac7e-d4 down brctl delbr qbr5b1aac7e-d4
Ansible module
https://docs.ansible.com/ansible/latest/modules/openvswitch_bridge_module.html#openvswitch-bridge-module
https://docs.ansible.com/ansible/latest/modules/openvswitch_db_module.html#openvswitch-db-module
https://docs.ansible.com/ansible/latest/modules/openvswitch_port_module.html#openvswitch-port-module
Documentation
http://manpages.ubuntu.com/manpages/latest/man8/ovs-vsctl.8.html
Video
https://www.youtube.com/watch?v=rYW7kQRyUvA - Introduction to Open vSwitch (OVS)
https://www.youtube.com/watch?v=7IXEtUEZslg - OpenStack Neutron Packet Walkthrough (DVR)
https://www.youtube.com/watch?v=FyV4MoQ3T0I - OpenFlow flow entries on Open vSwitch (OVS)
Hardware
https://northboundnetworks.com/collections/zodiac-fx/products/zodiac-fx
Route
http://docs.openvswitch.org/en/latest/howto/userspace-tunneling/
ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ovs/route/show
ARP
https://wiki.openstack.org/wiki/Ovs-flow-logic
# show ARP entry ovs-ofctl dump-flows br-tun | grep 10.20.0.14 | grep arp
Delete entry
ovsdb-client dump | grep 10.11.0.34 ovsdb-client dump | wc -l ovs-ofctl dump-flows br-tun | grep 10.11.0.34 ovs-ofctl dump-flows br-tun | wc -l ovs-ofctl --strict del-flows br-tun "priority=1,arp,dl_vlan=17,arp_tpa=10.11.0.34"
Packet Tracing
http://docs.openvswitch.org/en/latest/topics/tracing/
https://medium.com/@george.shuklin/utility-of-the-month-ofproto-trace-b94a1e1b9cfd
ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ofproto/trace br-int icmp,in_port=1234,dl_dst=00:11:22:33:44:55 ovs-appctl -t /var/run/openvswitch/ovs-vswitchd.*.ctl ofproto/trace br-int icmp,in_port=1234,dl_dst=00:11:22:33:44:55,dl_src=11:22:33:44:55:66
Links
https://www.openvswitch.org/
https://thomas-leister.de/en/container-overlay-network-openvswitch-linux/
https://blog.scottlowe.org/2012/10/19/vlans-with-open-vswitch-fake-bridges/
https://manpages.ubuntu.com/manpages/latest/man8/ovs-vsctl.8.html
https://www.yet.org/2014/09/openvswitch-troubleshooting/