ovs流表分析

root@compute-1:~# ovs-ofctl dump-flows br-int
NXST_FLOW reply (xid=0x4):
 cookie=0xbedca6dce2935c60, duration=86037.896s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=10,icmp6,in_port=38,icmp_type=136 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.785s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=10,icmp6,in_port=40,icmp_type=136 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.648s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=10,icmp6,in_port=9,icmp_type=136 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.536s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=10,icmp6,in_port=39,icmp_type=136 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.351s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=10,icmp6,in_port=37,icmp_type=136 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.868s, table=0, n_packets=359, n_bytes=15078, idle_age=34, hard_age=65534, priority=10,arp,in_port=38 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.755s, table=0, n_packets=361, n_bytes=15162, idle_age=15, hard_age=65534, priority=10,arp,in_port=40 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.618s, table=0, n_packets=24558, n_bytes=1031436, idle_age=0, hard_age=65534, priority=10,arp,in_port=9 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.508s, table=0, n_packets=19996, n_bytes=839832, idle_age=0, hard_age=65534, priority=10,arp,in_port=39 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=86037.322s, table=0, n_packets=24133, n_bytes=1013586, idle_age=2, hard_age=65534, priority=10,arp,in_port=37 actions=resubmit(,24)
 cookie=0xbedca6dce2935c60, duration=4150068.305s, table=0, n_packets=72220587, n_bytes=5493785948, idle_age=0, hard_age=65534, priority=2,in_port=2 actions=drop
 cookie=0xbedca6dce2935c60, duration=4150068.292s, table=0, n_packets=50525913, n_bytes=3109582261, idle_age=0, hard_age=65534, priority=2,in_port=14 actions=drop
 cookie=0xbedca6dce2935c60, duration=4150065.422s, table=0, n_packets=167905, n_bytes=57401910, idle_age=14, hard_age=65534, priority=2,in_port=10 actions=drop
 cookie=0xbedca6dce2935c60, duration=86037.924s, table=0, n_packets=359, n_bytes=122778, idle_age=39, hard_age=65534, priority=9,in_port=38 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.813s, table=0, n_packets=361, n_bytes=123462, idle_age=20, hard_age=65534, priority=9,in_port=40 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.679s, table=0, n_packets=13932, n_bytes=1030968, idle_age=7, hard_age=65534, priority=9,in_port=9 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.563s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=9,in_port=39 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.381s, table=0, n_packets=6966, n_bytes=515484, idle_age=1, hard_age=65534, priority=9,in_port=37 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=4150067.869s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:18:bd:b2 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.840s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:18:bd:b2 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.810s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:18:bd:b2 actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150067.782s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:2e:7d:ad actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.754s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:2e:7d:ad actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.727s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:2e:7d:ad actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150067.698s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:50:d4:4f actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.669s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:50:d4:4f actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.641s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:50:d4:4f actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150067.614s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:59:82:51 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.586s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:59:82:51 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.559s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:59:82:51 actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150067.532s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:95:13:f7 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.501s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:95:13:f7 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.471s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:95:13:f7 actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150067.441s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=2,dl_src=fa:16:3f:df:c1:f5 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.413s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,in_port=14,dl_src=fa:16:3f:df:c1:f5 actions=resubmit(,2)
 cookie=0xbedca6dce2935c60, duration=4150067.384s, table=0, n_packets=142997, n_bytes=10919635, idle_age=89, hard_age=65534, priority=2,in_port=1,dl_src=fa:16:3f:df:c1:f5 actions=resubmit(,1)
 cookie=0xbedca6dce2935c60, duration=4150069.241s, table=0, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=4150068.319s, table=0, n_packets=1226663, n_bytes=69674983, idle_age=4, hard_age=65534, priority=1 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86050.759s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,dl_vlan=5,dl_dst=fa:16:3e:ae:8e:e1 actions=strip_vlan,mod_dl_src:fa:16:3e:0e:31:d7,output:40
 cookie=0xbedca6dce2935c60, duration=86050.745s, table=1, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=4,dl_vlan=5,dl_dst=fa:16:3e:89:bd:99 actions=strip_vlan,mod_dl_src:fa:16:3e:0e:31:d7,output:38
 cookie=0xbedca6dce2935c60, duration=4150068.348s, table=1, n_packets=142997, n_bytes=10919635, idle_age=89, hard_age=65534, priority=1 actions=drop
 cookie=0xbedca6dce2935c60, duration=4150068.334s, table=2, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=1 actions=drop
 cookie=0xbedca6dce2935c60, duration=4150068.361s, table=23, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=0 actions=drop
 cookie=0xbedca6dce2935c60, duration=86037.910s, table=24, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,icmp6,in_port=38,icmp_type=136,nd_target=fe80::f816:3eff:fe89:bd99 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.799s, table=24, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,icmp6,in_port=40,icmp_type=136,nd_target=fe80::f816:3eff:feae:8ee1 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.663s, table=24, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,icmp6,in_port=9,icmp_type=136,nd_target=fe80::f816:3eff:fe5c:87d7 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.551s, table=24, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,icmp6,in_port=39,icmp_type=136,nd_target=fe80::f816:3eff:fe1a:41b4 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.366s, table=24, n_packets=0, n_bytes=0, idle_age=65534, hard_age=65534, priority=2,icmp6,in_port=37,icmp_type=136,nd_target=fe80::f816:3eff:fe45:d778 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.882s, table=24, n_packets=359, n_bytes=15078, idle_age=34, hard_age=65534, priority=2,arp,in_port=38,arp_spa=192.168.10.14 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.770s, table=24, n_packets=361, n_bytes=15162, idle_age=15, hard_age=65534, priority=2,arp,in_port=40,arp_spa=192.168.10.13 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.633s, table=24, n_packets=24558, n_bytes=1031436, idle_age=0, hard_age=65534, priority=2,arp,in_port=9,arp_spa=3.1.1.82 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.522s, table=24, n_packets=19996, n_bytes=839832, idle_age=0, hard_age=65534, priority=2,arp,in_port=39,arp_spa=3.1.1.91 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=86037.336s, table=24, n_packets=24133, n_bytes=1013586, idle_age=2, hard_age=65534, priority=2,arp,in_port=37,arp_spa=3.1.1.92 actions=resubmit(,25)
 cookie=0xbedca6dce2935c60, duration=4150069.213s, table=24, n_packets=1, n_bytes=42, idle_age=65534, hard_age=65534, priority=0 actions=drop
 cookie=0xbedca6dce2935c60, duration=86037.951s, table=25, n_packets=718, n_bytes=137856, idle_age=34, hard_age=65534, priority=2,in_port=38,dl_src=fa:16:3e:89:bd:99 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.841s, table=25, n_packets=722, n_bytes=138624, idle_age=15, hard_age=65534, priority=2,in_port=40,dl_src=fa:16:3e:ae:8e:e1 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.709s, table=25, n_packets=38490, n_bytes=2062404, idle_age=0, hard_age=65534, priority=2,in_port=9,dl_src=fa:16:3e:5c:87:d7 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.590s, table=25, n_packets=19996, n_bytes=839832, idle_age=0, hard_age=65534, priority=2,in_port=39,dl_src=fa:16:3e:1a:41:b4 actions=NORMAL
 cookie=0xbedca6dce2935c60, duration=86037.411s, table=25, n_packets=31099, n_bytes=1529070, idle_age=1, hard_age=65534, priority=2,in_port=37,dl_src=fa:16:3e:45:d7:78 actions=NORMAL

流表字段组成

基本字段

duration = value

流表的id默认为0。64位数字，不可重复。

duration

duration = secs

报文在表中的时间。以秒为单位。

table

table = number

流表的编号，范围是0-254。

n_packets

匹配的报文个数。

n_bytes

匹配的报文总字节数。

hard_age

hard_age = secs

自流表被添加或者修改经过的时间

idle_age

idle_age = secs

没有任何包经过流表的时间

priority

指明流表的优先级，0-65535，默认32768。数字越大，则优先级越高。因此，高优先级带通配符流表项必须要被放到低编号的流表中。交换机负责正确地顺序，避免高优先级规则覆盖掉低优先级的。

条件字段

in_port

in_port = port

匹配传递数据包的OpenFlow端口号。

dl_src

dl_src = xx:xx:xx:xx:xx:xx

匹配数据包的源MAC地址。

dl_dst

dl_dst = xx:xx:xx:xx:xx:xx

匹配数据包的目的MAC地址。

nw_src

nw_src = ip[Inetmask]

匹配数据包的源IP地址。

nw_dst

nw_dst = ip[Inetmask]

匹配数据包的目的IP地址。

dl_vlan

dl_vlan = vlan

匹配数据包的Vlan id，范围是0-4095。0xffff代表不包含Vlan Tag的数据包。

dl_type

dl_type = ethertype

匹配以太网协议类型。0-65535，16进制的数字。其中0x0800代表IPv4协议，0x086DD代表IPv6协议，0x0806代表ARP协议。

Ethertype	协议
0x0000-0x05DC	IEEE 802.3长度
0x0101–0x01FF	实验
0x0600	XEROX NS IDP
0x0660 0x0661	DLOG
0x0800	网际协议（IP）
0x0801	X.75 Internet
0x0802	NBS Internet
0x0803	ECMA Internet
0x0804	Chaosnet
0x0805	X.25 Level 3
0x0806	地址解析协议（ARP：Address Resolution Protocol）
0x0808	帧中继ARP（Frame Relay ARP）[RFC1701]
0x6559	原始帧中继（Raw Frame Relay）[RFC1701]
0x8035	动态DARP（DRARP：Dynamic RARP）反向地址解析协议（RARP：Reverse Address Resolution Protocol）
0x8037	Novell Netware IPX
0x809B	EtherTalk
0x80D5	IBM SNA Services over Ethernet
0x80F3	AppleTalk地址解析协议（AARP：AppleTalk Address Resolution Protocol）
0x8100	以太网自动保护开关（EAPS：Ethernet Automatic Protection Switching）
0x8137	因特网包交换（IPX：Internet Packet Exchange）
0x814C	简单网络管理协议（SNMP：Simple Network Management Protocol）
0x86DD	网际协议v6（IPv6，Internet Protocol version 6）
0x880B	点对点协议（PPP：Point-to-Point Protocol）
0x880C	通用交换管理协议（GSMP：General Switch Management Protocol）
0x8847	多协议标签交换（单播）（MPLS：Multi-Protocol Label Switching [unicast]）
0x8848	多协议标签交换（组播）（MPLS, Multi-Protocol Label Switching [multicast]）
0x8863	以太网上的PPP（发现阶段）（PPPoE：PPP Over Ethernet [Discovery Stage]）
0x8864	以太网上的PPP（会话阶段）（PPPoE，PPP Over Ethernet[PPP Session Stage]）
0x88BB	轻量级访问点协议（LWAPP：Light Weight Access Point Protocol）
0x88CC	链接层发现协议（LLDP：Link Layer Discovery Protocol）
0x8E88	局域网上的 EAP（EAPOL：EAP over LAN）
0x9000	配置测试协议（Loopback）
0x9100	VLAN 标签协议标识符（VLAN Tag Protocol Identifier）
0x9200	VLAN 标签协议标识符（VLAN Tag Protocol Identifier）
0xFFFF	保留

nw_proto

nw_proto = proto

icmp_type

icmp_type = type

当dl_type和nw_proto确定数据包为ICMP或ICMPv6时，匹配ICMP的type和code。取值区间都为[0, 255]。如果dl_type和nw_proto使用了其他值时，该字段忽略。

协议关键字
协议关键字相当于alias。

ip     =  dl_type=0x0800  
ipv6   =  dl_type=0x86DD
icmp   =  dl_type=0x0800,nw_proto=1  
icmp6  =  dl_type=0x86DD,nw_proto=58  
tcp    =  dl_type=0x0800,nw_proto=6  
tcp6   =  dl_type=0x86DD,nw_proto=6  
udp    =  dl_type=0x0800,nw_proto=17  
udp6   =  dl_type=0x86DD,nw_proto=17  
sctp   =  dl_type=0x0800,nw_proto=132  
sctp6  =  dl_type=0x86DD,nw_proto=132  
arp    =  dl_type=0x0806  
rarp   =  dl_type=0x8035  
mpls   =  dl_type=0x8847  
mplsm  =  dl_type=0x8848

动作字段

normal

按照常规L2/L3处理流程处理数据包。

drop

将数据包丢弃。

resubmit

resubmit([port],[table])

将报文转发给指定的流表，并替换流表的in_port字段，重新进行匹配。

Open vSwitch（二）

目录

查看流表