Bypassing OpenFlow controller and injecting flow table entries via a code call:
> Can someone refer to the code where a new flow is inserted to > openflow tables in the OVS, as a consequence action of a received > message from a controller? handle_flow_mod() in ofproto.c
Another similar request:
> My project was previously calling system commands like ‘ovs-ofctl add-flow’ directly from C, > but we would like to do this programmatically now, by calling into the openvswitch library. > After looking at this for a bit and what methods I would have to call, I’ve realized this is > non trivial, and I can’t find any easily exposed methods to add and delete flows. > Does anyone have an example anywhere of calling into openvswitch methods > directly to add/remove flows? So far the best way I can find is calling into > ovn/controller/ofctrl.h:ofctrl_add_flow(…), but this will require quite a bit of legwork. One way: There are plenty of controllers out there, including a couple in C - libfluid Another way: Here’s how I do it. It’s essentially the same as what the ‘ovs-ofctl add-flow’ command does under the hood. 1. Build a string formatted as the “ovs-ofctl” command would do, for example “table=1,cookie=0xdeadbeef,in_port=1,actions=resubmit(,2)” 2. Pass this to parser_ofp_flow_mod_str(). The parser will magically parse the string in to a rich struct. 3. Pass the struct to ofputil_encode_flow_mod(). This returns a struct with a serialized OpenFlow message buffer. 4. Send this buffer on the wire either via a socket you manage yourself or let OpenVswitch do it for you.
Added 2017/11/13, the second link shows a terrific example usage for ovs-dpctl
> I have a problem that when i use the ovs-dpctl to add a flow into datapath, > it occurs "ovs-dpctl: parsing flow key (Invalid argument)" > > example: > root@jlt:~# ovs-dpctl add-flow system@myDP "in_port(1),eth_type(0x800),ipv4 > (src=172.31.110.4,dst=172.31.110.5)" 2 > ovs-dpctl: parsing flow key (Invalid argument) You may be able to use 'dmesg' to see which key is missing. See the talk by Joe Stringer: Youtube And the blogpost (shameless plug for myself): Direct Kernel OVS Flow Programming
A follow up from Ben indicated though:
I believe that this particular error comes from the userspace parser, not the kernel.
Another addition on 2017/11/13:
> For us, newbies, examples are extremely valuable, more than a thousand > words. > If some kind soul has an example on how to insert a new interface (s1-eth3) > in a single switch (s1) with two interfaces (s1-eth2 and s1-eth3) please > share with me. If you run something like this: ovs-vsctl -vjsonrpc -- add-bond s1 s1-eth3 s1-eth2 s1-eth3 then you will see what ovs-vsctl does to insert such a bond, logged as the jsonrpc module.
2017/11/25 Addition 1:
ovs-save is a shell script, using `ovs-ofctl dump-flows br` to write flows into a file, and then use `ovs-ofctl add-flows br FILE` to add them.
2017/11/25 Addition 2:
The OpenFlow Spec does not directly provide the mechanism for the multi-path load balancing and also Ryu does not provide it. I guess it is depending on your application design...
But for the beginning, how about using the Group action(the "select" type)? The selection algorithm is depending on your switch though, it provides an easy way to do load balancing.
Please refer to the section "5.6.1 Group Types" in the OpenFlow Spec 1.3.5 for the details: https://www.opennetworking.org/wp-content/uploads/2014/10/openflow-switch-v1.3.5.pdf
2017/12/07 dpctl: Support flush conntrack by 5-tuple
With this patch, "flush-conntrack" in ovs-dpctl and ovs-appctl accept a conntrack 5-tuple to delete the conntrack entry specified by the 5-tuple. For example, user can use the following command to flush a conntrack entry in zone 5.
$ ovs-dpctl flush-conntrack zone=5 \ 'ct_nw_src=10.1.1.2,ct_nw_dst=10.1.1.1,ct_nw_proto=17,ct_tp_src=2,ct_tp_dst=1' $ ovs-appctl dpctl/flush-conntrack zone=5 \ 'ct_nw_src=10.1.1.2,ct_nw_dst=10.1.1.1,ct_nw_proto=17,ct_tp_src=2,ct_tp_dst=1'
2018/06/11: "I suggest using ofproto/trace to figure out what's going on. See ovs-vswitchd(8) if you're not already familiar with it."
2018/06/11: "You can see the history of the configuration database by running "ovsdb-tool -mm show-log" on it. This might reveal what is happening, too."
"ovs-vsctl --may-exist add-port {{ info.ovs_bridge }} {{ interface }} {{ info.ovs_options }} -- set interface {{ interface }} type=internal"
2018/11/25 - ovs-testcontroller