Wednesday, January 10, 2018

Software Defined Networking (SDN) - OpenFlow and OVSDB connection

https://www.howtoforge.com/tutorial/software-defined-networking-sdn-openflow-and-ovsdb-connection

This article is based on OpenFlow and OVSDB connection between SDN controller and Openflow based switches and provides details on connection lifecycle. We will use open source SDN controller i.e. Opendaylight (ODL) Carbon release and Openflow virtual switch i.e. OpenVswitch (OVS) version 2.6.0 to describe about OVSDB and Openflow connection.
SDN controller manages underlying Openflow switches through two types of connection:
  • OVSDB
  • Openflow

OVSDB and Openflow connection

OVSDB is OVS database management protocol which defines schema for OVS database and specification for communication between controller and switch. SDN controller uses this protocol to control OVS switch by populating its database with the intended configuration.
Typically, SDN controller runs in passive mode to listen for OVSDB and Openflow connections from OVS on ports 6640 and 6653 respectively.
So first, let us start ODL controller, you can download it from here. It is a prerequisite to set JAVA_HOME environment variable in your system to latest Java version. Running ODL is so easy, just do below steps:
  1. Download ODL distribution from here.
  2. Unzip the ODL distribution.
  3. Enter the ‘bin’ sub-directory located under the top-level directory of the downloaded package.
  4. Run the following command to get your controller up: karaf
Below is the image for above steps performed:
Install OpenDaylight
As we need to manage OVS switches to which OVSDB and Openflow connections will be made, so Openflow and OVSDB plugins need to be installed into ODL. which is to be done This can be done as shown below:
Openflow and OVSDB plugin installation
Once Openflow and OVSDB plugins are installed, ODL starts listening for Openflow and OVSDB connections at 6653 and 6640 port respectively. This can be checked at controller by running the following commands:
netstat -a | grep 6653
netstat -a | grep 6640
netstat result
It is noted that OVS switch should already be running before executing any OVS command. To run OVS on Ubuntu, run the following command with root permissions:
sudo /etc/init.d/openvswitch-switch start
It is available as service, so you can check its status as well.
sudo /etc/init.d/openvswitch-switch status
Once, OVS is running, you can execute its CLI commands also. For example,
sudo ovs-vsctl show
Below is the image for above command execution output:
ovs-vsctl show
At OVS side, below command is run to initiate OVSDB connection with controller:
ovs-vsctl set-manager tcp::6640
To confirm that the connection is established, below command can be run which shows ‘is_connected’ flag is set to true in the output.
sudo ovs-vsctl show
Connection is_connected flag
Openflow connection is made on bridge, so either you can create bridge on OVS or ODL can also create bridge on OVS by sending configuration to OVS via OVSDB connection. Over the bridge in OVS, below command can be run to connect bridge to ODL, which establishes establishing Openflow connection between ODL and OVS.
ovs-vsctl set-controller tcp::6653
Check below for their connection details.
connection details
As we have seen from OVS side that OVSDB and Openflow connections have been made and same can be verified at ODL side by running the following commands.
netstat -a | grep 6653
netstat -a | grep 6640
Check below image for the output of the commands which confirms connection ESTABLISHED state:
Connections established
Since OVSDB and Openflow connection as are based on TCP, messages exchanged between ODL and OVS can be easily captured through Wireshark software. Check below packet capture image which shows messages exchanged during connection setup.
Wireshark
In Wireshark packet capture logs, you can see various Openflow messages which are exchanged between controller and OVS during connection setup.
As you are seeing during connection setup, ODL sent FEATURES_REQUEST Openflow messages and in response, ODL received FEATURES_REPLY from OVS. Inside FEATURES_REPLY messages, ODL gets datapath ID (i.e. unique identifier) of OVS bridge which takes care of forwarding (based on Openflow rules configured by OFL) the traffic among the Virtual machines connected to the ports of OVS.
At OVS side, the following command can be run to show details of bridge.
sudo ovs-ofctl show br-int -OOpenFlow13
Check below image for the output of the command:
ovfs-ofctl command result
Here, you can see FEATURE_REPLY shows the datapath ID (in hex format) of the bridge on OVS.
Even ODL has dashboard DLUX feature which gives GUI web interface to ODL controller at url http://localhost:8181/index.html on which ODL user can log in (by default username and password is ‘admin’) and check network topology on the browser of the system where ODL is running. Check below images for same.
ODL has dashboard DLUX feature
Topology
In the above image, you can see the OVS switch is shown in the network topology being managed by ODL controller. Since, we have connected one switch only, that is why only one Openflow node is shown. Here, OVS switch is shown with its datapath ID in decimal format.
To delete Openflow connection with ODL, below command can be run at OVS:
ovs-vsctl del-controller
To delete OVSDB connection with ODL, below command can be run at OVS:
ovs-vsctl del-manager
After connection is deleted, ‘is_conncted’ flag that was ‘true’ when connection was established, will disappear from output of ‘ovs-vsctl show’ CLI command of OVS.
Check below image for OpenFlow and OVSDB connection deletion initiated from OVS side:
OpenFlow and OVSDB connection
For debugging and troubleshooting, you can check log files maintained in ODL and OVS.

ODL logging path

When ODL distribution (which you have downloaded) is unzipped and you run the ‘karaf’ binary executable, then ‘log’ sub-directory gets created which contains karaf.log files and their generic path is: ~/distribution-karaf--/data/log.
Check below image for ODL side log files.
ODL logging path

OVS logging path

When OVS is running, it generates an OVSDB log file named ‘ovsdb-server.log’ and Openflow log file named ‘ovs-vswitchd.log’ at path:
/var/log/openvswitch
Check below image for OVS side log files for OVSDB (ovsdb-server.log) and Openflow modules (ovs-vswitchd.log) of OVS.
OVS logging path
                                                   +===+
This article is co-authored by Tarun Thakur.
References:

No comments:

Post a Comment