OpenvSwitch VXLAN 隧道实验
最近在了解 openstack 网络,下面基于ubuntu虚拟机安装OpenvSwitch,测试vxlan的基本配置。
节点信息:
| 主机名 | IP地址 | OS | 网卡 |
|---|---|---|---|
| node1 | 192.168.95.11 | Ubuntu 22.04 | ens33 |
| node2 | 192.168.95.12 | Ubuntu 22.04 | ens33 |
网卡信息:
root@node1:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:0f:26:b9 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 192.168.95.11/24 brd 192.168.95.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe0f:26b9/64 scope link
整体逻辑图如下:
在两个节点部署OpenvSwitch,通过vxlan隧道网络实现vm01和vm02的网络互通。
前置要求,每个节点安装OpenvSwitch
apt update -y
apt install -y openvswitch-switch
确认安装版本
root@node1:~# ovs-vsctl --version
ovs-vsctl (Open vSwitch) 2.17.9
DB Schema 8.3.0
节点1配置
创建虚拟机
创建网络地址空间ns0,模拟出VM虚拟机
ip netns add ns0
创建一对vethpair,两个接口分别为veth0和veth1
ip link add veth0 type veth peer name veth1
将veth0添加到ns0中
ip link set veth0 netns ns0
为veth0配置IP地址
ip netns exec ns0 ip addr add 10.1.1.1/24 dev veth0
ip netns exec ns0 ip link set veth0 up
ip netns exec ns0 ip a
建立vxlan隧道
创建vxlan网桥br-vxlan
ovs-vsctl add-br br-vxlan
将veth1添加到br-vxlan网桥中
ovs-vsctl add-port br-vxlan veth1
ip link set veth1 up
在br-vxlan网桥中创建本端vxlan端口vxlan1,端口类型为vxlan,配置远端IP为对端主机
ovs-vsctl add-port br-vxlan vxlan1 -- set interface vxlan1 type=vxlan options:remote_ip=192.168.95.12
查看openvswitch 网桥端口
root@node1:~# ovs-vsctl show
b3bb2f7f-6129-46d0-ab6c-806a9499e673
Bridge br-vxlan
Port br-vxlan
Interface br-vxlan
type: internal
Port veth1
Interface veth1
Port vxlan1
Interface vxlan1
type: vxlan
options: {remote_ip="192.168.95.12"}
ovs_version: "2.17.9"
root@node1:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:0c:29:0f:26:b9 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 192.168.95.11/24 brd 192.168.95.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::20c:29ff:fe0f:26b9/64 scope link
valid_lft forever preferred_lft forever
3: veth1@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master ovs-system state UP group default qlen 1000
link/ether 56:79:1f:8a:6d:46 brd ff:ff:ff:ff:ff:ff link-netns ns0
inet6 fe80::5479:1fff:fe8a:6d46/64 scope link
valid_lft forever preferred_lft forever
5: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 0e:b0:e1:3a:de:4c brd ff:ff:ff:ff:ff:ff
6: br-vxlan: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether be:43:d3:bd:9a:41 brd ff:ff:ff:ff:ff:ff
7: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000
link/ether de:3a:29:91:e1:4f brd ff:ff:ff:ff:ff:ff
inet6 fe80::cc1b:89ff:fe76:e7f/64 scope link
valid_lft forever preferred_lft forever
节点2配置
创建虚拟机
创建网络地址空间ns0,模拟出VM虚拟机
ip netns add ns0
创建一对vethpair,两个接口分别为veth0和veth1
ip link add veth0 type veth peer name veth1
将veth0添加到ns0中
ip link set veth0 netns ns0
为veth0配置IP地址
ip netns exec ns0 ip addr add 10.1.1.2/24 dev veth0
ip netns exec ns0 ip link set veth0 up
ip netns exec ns0 ip a
建立vxlan隧道
创建vxlan网桥br-vxlan
ovs-vsctl add-br br-vxlan
将veth1添加到br-vxlan网桥中
ovs-vsctl add-port br-vxlan veth1
ip link set veth1 up
在br-vxlan网桥中创建本端vxlan端口vxlan1,端口类型为vxlan,配置远端IP为对端主机
ovs-vsctl add-port br-vxlan vxlan1 -- set interface vxlan1 type=vxlan options:remote_ip=192.168.95.11
查看openvswitch 网桥端口
root@node2:~# ovs-vsctl show
ca71335f-e4a9-4b07-9183-b4993a6864d4
Bridge br-vxlan
Port vxlan1
Interface vxlan1
type: vxlan
options: {remote_ip="192.168.95.11"}
Port br-vxlan
Interface br-vxlan
type: internal
Port veth1
Interface veth1
ovs_version: "2.17.9"
root@node2:~# ip a
1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
inet 127.0.0.1/8 scope host lo
valid_lft forever preferred_lft forever
inet6 ::1/128 scope host
valid_lft forever preferred_lft forever
2: ens33: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
link/ether 00:50:56:3a:b4:d8 brd ff:ff:ff:ff:ff:ff
altname enp2s1
inet 192.168.95.12/24 brd 192.168.95.255 scope global ens33
valid_lft forever preferred_lft forever
inet6 fe80::250:56ff:fe3a:b4d8/64 scope link
valid_lft forever preferred_lft forever
3: veth1@if4: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue master ovs-system state UP group default qlen 1000
link/ether 56:79:1f:8a:6d:46 brd ff:ff:ff:ff:ff:ff link-netns ns0
inet6 fe80::5479:1fff:fe8a:6d46/64 scope link
valid_lft forever preferred_lft forever
5: ovs-system: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether 0e:b0:e1:3a:de:4c brd ff:ff:ff:ff:ff:ff
6: br-vxlan: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
link/ether b6:7c:80:cb:6e:45 brd ff:ff:ff:ff:ff:ff
7: vxlan_sys_4789: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 65000 qdisc noqueue master ovs-system state UNKNOWN group default qlen 1000
link/ether de:3a:29:91:e1:4f brd ff:ff:ff:ff:ff:ff
inet6 fe80::6c5c:7cff:fece:5a7/64 scope link
valid_lft forever preferred_lft forever
验证连通性
节点1连接节点2 VM
root@node1:~# ip netns exec ns0 ping 10.1.1.2 -c 4
PING 10.1.1.2 (10.1.1.2) 56(84) bytes of data.
64 bytes from 10.1.1.2: icmp_seq=1 ttl=64 time=0.543 ms
64 bytes from 10.1.1.2: icmp_seq=2 ttl=64 time=0.737 ms
64 bytes from 10.1.1.2: icmp_seq=3 ttl=64 time=0.640 ms
64 bytes from 10.1.1.2: icmp_seq=4 ttl=64 time=2.20 ms
--- 10.1.1.2 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3077ms
rtt min/avg/max/mdev = 0.543/1.031/2.204/0.680 ms
节点2连接节点1 VM
root@node2:~# ip netns exec ns0 ping 10.1.1.1 -c 4
PING 10.1.1.1 (10.1.1.1) 56(84) bytes of data.
64 bytes from 10.1.1.1: icmp_seq=1 ttl=64 time=1.21 ms
64 bytes from 10.1.1.1: icmp_seq=2 ttl=64 time=0.642 ms
64 bytes from 10.1.1.1: icmp_seq=3 ttl=64 time=0.557 ms
64 bytes from 10.1.1.1: icmp_seq=4 ttl=64 time=0.589 ms
--- 10.1.1.1 ping statistics ---
4 packets transmitted, 4 received, 0% packet loss, time 3027ms
rtt min/avg/max/mdev = 0.557/0.749/1.211/0.268 ms
参考:https://www.cnblogs.com/Bozh/p/4838304.html
