Chapter 4. SDN Networking with Open vSwitch

In Chapter 3, SDN Protocols, we learned about the key protocols enabling SDN-based solutions and Open vSwitch implementation of OpenFlow. In this chapter, we will build on the knowledge to gain insights into how these components fit together to implement SDN networking. We will begin with lightweight virtual networking with a Linux network namespace and Open vSwitch functioning as a conventional L2 switch. We will then bring OpenFlow into the mix to depict the flow-based networking with virtual machines, interfacing with SDN Controller. We will introduce Mininet, a network emulation tool for prototyping network topologies. Finally, we will depict the architecture of Neutron, the networking component of OpenStack.

We will cover the following topics in this chapter:

  • Open vSwitch as L2 Switch with Network namespace
  • Open vSwitch as an OpenFlow Switch interface with SDN Controller
  • Open vSwitch and Mininet
  • OpenStack Neutron architecture

OVS Networking with Linux Network namespace

The Linux operating system has a single routing table and global set of network interfaces. Network namespace scales this limitation by providing independent instances of network interfaces and routing tables. This feature enables network isolation and independent operation of multiple network instances. The following diagram depicts network topology with OVS interconnecting hosts isolated by network:

OVS Networking with Linux Network namespace

Figure 1: Network topology with OVS connecting with Network namespace hosts

The network interface within the namespace interconnects with Virtual Ethernet Port of open vSwitch via Virtual Ethernet (VETH) port pair. Virtual Ethernet ports are equivalent to a pair of physical Ethernet interfaces interconnected by a cable, albeit implemented purely using software. Virtual Ethernet is implemented as tunnel driver working at link layer (L2) connecting pair of Virtual Ethernet ports.

In this example, we will create two network namespaces and interconnect them with Open vSwitch. We will see how the Network namespace isolates the Network instance:

  1. As the first step, let's create two Network namespaces one for each host, namely blue_host and green_host:

    OVS Networking with Linux Network namespace

  2. We will now add the links in the Network namespace to enable connectivity for the virtual hosts:

    OVS Networking with Linux Network namespace

  3. Let us now add these links to the respective Network namespaces:

    OVS Networking with Linux Network namespace

  4. Verify the links move to the Network namespaces:

    OVS Networking with Linux Network namespace

  5. Configure IP address to the interfaces in the Network namespace as the next step:

    OVS Networking with Linux Network namespace

  6. Ping the interface between the network namespace. We notice Ping does not succeed in confirming that the network interfaces between the Network namespace are isolated:

    OVS Networking with Linux Network namespace

  7. Now let's interconnect the interfaces via Open vSwitch. By creating an OVS bridge and adding the VETH peer interfaces to the bridge:

    OVS Networking with Linux Network namespace

  8. Check the flow DB in the OVS to confirm that the network interfaces MAC is not learnt:

    OVS Networking with Linux Network namespace

  9. Ping the interfaces in the network namespace, connected via OVS bridge:

    OVS Networking with Linux Network namespace

  10. We can now see that the forwarding database (FDB) in the OVS bridge ovs_br has learned the MAC addresses of the interfaces in the network namespace.

    OVS Networking with Linux Network namespace

  11. Using the ovs-ofctl command, we will show that the packet count starts increasing.

    OVS Networking with Linux Network namespace

As we can see with the preceding example, Open vSwitch works like a regular MAC learning and forwarding switch when no controller is configured and OpenFlow rules are not programmed.

..................Content has been hidden....................

You can't read the all page of ebook, please click here login for view all page.
Reset
3.129.67.38