Foreword
The students are familiar with this equipment, we should be approaching the fourth decade! This should be the oldest Cisco router. 80 years since the last century, routing and switching technology continues to develop, but in this magnificent change, there is always something in a noisy room sparkling, like most of the top of the head engineer, full of wisdom!
Cisco "antique" router
This paper describes a three-layer routing will become the floor of the exchange forwards (forwards and two-story becomes a three-routing) implementation, in order to cope with OVS (OpenFlow) inter-network routing complexity of the problem; of course, the technology itself is the objective and it depends on the specific application scenario.
As technology continues to SDN "development", playing the router switches into a "traditional net workers" and engage in a controller, the transponder is considered normal work, of course, any master new technologies have left on the "history" to understand or ruminant; Maybe a few years later when someone hears a configuration of ACL, configure the routing table is a very weird thing, because then all the controllers are configured to do automatic model generation configuration issued, or write a little mouse py script on it
Traditional routing switch
OK, get down to business, let's look at the traditional route, the difference between the exchange:
Exchange: generally it refers to the same subnet packet forwarding packet forwarding according to: MAC address of
PC Perspective: When the two hosts are on the same network segment, need access PC1 PC2, PC1 arp first sends a request message to request the MAC address of PC2; response is received, the MAC address of PC1 PC2 will encapsulated packet packet's destination MAC position, and then throw the switch forwarding packets; PC2 will make similar movements.
Angle switch: The switch receives all data frames on the network; MAC address table is established (self-learning the source address), address aging mechanism using the address table maintained by using the source MAC address of the received data frame. MAC address table to find the destination MAC address of the data frame, if found the data frame is transmitted to the corresponding port, if not, it transmits to all the ports except the ingress port; forward broadcast frames to all ports and multicast frames.
Routing: generally refers to forward packets of different segments, according to the forwarding: IP routing
PC Perspective: When two hosts on different network segments, PC1 need to access PC2, PC1 will first query the next hop IP address corresponding to the PC2 in its own routing table (usually the default gateway) address, and then go to send ARP packet, requesting the MAC address corresponding to the next hop; response is received, the MAC address will PC1 encapsulated in a MAC packet object position (note in this case the destination IP is the IP address of PC2 still, rather than the next hop IP), and then the data packets thrown router; PC2 will do a similar action.
Router Perspective: When a router receives an IP packet, the router will find out the destination IP address of the three-layer header of the packet, the destination IP address and then took to query its own routing table, find the "best match" after the entry route, forwards the packet out to the interface according to the indicated route of entry, or the next hop IP, IP routing that is (of course the router will do extra work: the three packet header TTL is decremented by one, Layer modified data packet is the MAC source MAC address of its outbound interface, Layer destination MAC address modified data packet for the next hop MAC); and each local router will maintain a routing table (routing table), are installed in the routing table with routing entries learned router, routing entries from the routing prefix (destination address associated with the routing), source routing information, a next hop IP interface or the like constituting elements; router static configuration or dynamic manner obtaining routing entries and maintain their own routing table.
OpenFlow appears
When OpenFlow appears, routers, switches, unified into a transponder, transponder basis: a flow table
OK, we look at long-sawed flow table:
root@ubuntu:~# ovs-ofctl dump-flows br2
NXST_FLOW reply (xid=0x4):
cookie=0x0, duration=16080.313s, table=0, n_packets=1, n_bytes=42, idle_age=15691, priority=200,arp,arp_tpa=2.2.2.0/24 actions=output:100
cookie=0x0, duration=15964.186s, table=0, n_packets=1, n_bytes=42, idle_age=15691, priority=100,arp,arp_tpa=1.1.1.0/24 actions=output:1
cookie=0x0, duration=15985.113s, table=0, n_packets=5, n_bytes=490, idle_age=15692, priority=200,icmp,nw_dst=2.2.2.0/24 actions=output:100
cookie=0x0, duration=15802.910s, table=0, n_packets=5, n_bytes=490, idle_age=15692, priority=100,icmp,nw_dst=1.1.1.0/24 actions=output:1
Of course there called flow table ACL, this is understandable, have a strong Pipeline match domain and Action, flow sheets can be regarded as its characteristics (performance being first does not care); so far, MAC table, routing table in the transponder above all has to see it, you can see only the top of the flow table.
On the OVS, if the Bridge is configured Secure mode, the default is no flow table; now if we OVS configured to an ordinary traditional switcher, only a few need to increase the flow table on ARP, ICMP, it Ping can pass (refer to the above example), which is relatively simple.
Of course, some people might say there's an easier: simply Bridge Configuration Standalone mode or add a default action = NORMAL flow table on it. But if this is the case, all traffic back to the traditional two-story three-tier forwards go, OVS as a new era, which is in line with my personality, ah, if so, which live or to the Linux Bridge to do it.
But the question is, if the OVS has configured a router function of the transponder, which is more difficult; because the forwarding process analysis through the above route is still relatively complex, needs to be done as follows:
It requires a gateway device (Device) Similarly, to respond to ARP requests: Of course, the device may configure the gateway address automatically generated when adding OVS, adding a separate device may be specialized as a gateway.
Layer packets need to modify the source address and destination MAC Layer header TTL: is because the routing hop by hop, each hop needs to do the work, even now forwarded through the flow table, and forwards the intermediate repeater packet arrival time or the inverse of the first hop destination MAC address need to modify the data packet is the MAC address of the receiving end.
Everything exchange in the world
OpenFlow in the world of all network devices are called transponders or switch, perform simple forwarding to forward motion; OK, then we will not be able to access inter-network routing and forwarding into common Layer 2 forwarding it? The answer is YES!
Now we come to realize this idea by an example:
The first question we need to solve is the problem gateways: How to cancel ARP request to the gateway? This is not a difficult task in the Linux platform, with a single command:
@ Ubuntu the root: ~ # 0.0.0.0/0 the Add IP route dev eth0 scope Link
(Also note arp_ignore needed is 0 or 1)
Link route is a direct target address arp, arp rather than the next hop address. His point is that the destination address is part of the two-story link directly connected with the local, not across layer. Since it is not across the three links, arp can pass unimpeded, but the standard has not requested the source and target requirements arp request protocol packet address must be the same network segment (not even mask constraints), so that , following a arp request is valid:
Verify response obtained:
Careful children's shoes can be found in the above command is actually solved two of our problem, the problem gateway solution, the other due to the direct request of the source host the MAC address of the destination host, so when the package also encapsulates the MAC destination host province we went in the last first-hop destination MAC packets for the purpose of modifying the host job.
The last remaining problem is a problem of preventing TTL ring, this process also relatively simple, we can add actions = dec_ttl in the flow table (1), output: 100, automatically reducing the TTL at each hop.
Then PC above the receiving end do a similar operation, the flow table associated OVS added ARP traffic flows and intermediate, to achieve inter-network "swap."
Little Tips
Through the above description, the conversion has been achieved inter-network routing to the exchange, in addition can also achieve the transition to the so-called routing floor of the exchange, such as 10.0.0.100/24 access 10.0.0.200/24, according to our assumptions should go Layer 2 forwarding, i.e. the MAC address of the request directly to the destination host, and then packaged, transmitted;
However, due to various reasons, may be followed by the destination host 10.0.0.200/24 source host across three networks, now how to do it? OK, you can add a specific routes to 10.0.0.200/24 point to the default gateway, add a route in detail above, the destination host 10.0.0.100/24 point to the default gateway, and then ping it, there is wood there to see their top source host the mouth up too!
This switch should do things Layer 2 forwarding, other distributed out of it!