Installing openvswitch and RYU controller

On ubuntu 14.04

Installing RYU Openflow controller

sudo apt-get update
sudo apt-get install python-pip python-dev
sudo pip install ryu greenlet repoze.lru stevedore

run ryu-manager for test.

ryu-manager

IF it emits any error, maybe you need below. Or you may need to install additional python package.

sudo pip install --upgrade six

Installing openvswitch from package

sudo apt-get install openvswitch-switch

Creating switch

sudo ovs-vsctl add-br nat-br

It may be a good idea to create a script to attaching eth0 to nat-br and reassining IP address. Because there is network outrage when we attaching eth0 to nat-br.

vi asdf

#!/usr/bin/env bash
sudo ovs-vsctl add-port nat-br eth0
sudo ovs-vsctl set bridge nat-br other-config:hwaddr=11:22:33:44:55:66
sudo ifconfig eth0 0.0.0.0
sudo dhclient -v nat-br

chmod +x asdf

If you're doing it in remote cloud machine , you need to setup two network interface for stable console access. Below is amazon example. If you are not skip this part. Adding additional public network interface in amazon Add VPC and attach elastic IP to it. Then attach VPC to instance.

sudo vi /etc/iproute2/rt_tables

add below line at the end of the file.

1 out

sudo ifconfig eth1 up
sudo dhclient -v eth1 
sudo ifconfig
sudo ip route show
sudo ip route add default via <default gw> dev eth1 table out

sudo ip rule add from <IP of eth1>/32 table out
sudo ip rule add to <IP of eth1>/32 table out

You should be able to ping both of public IP to the instance.

Attaching network interface to switch

sudo ovs-vsctl add-port nat-br eth0

You may take a long time to do every sudo command seeing "sudo: unable to resolve host ip-10-0-0-80" error.

sudo vi /etc/hosts

Make edit the host files like below

127.0.0.1 localhost
127.0.1.1 ip-10-0-0-80

For amazon, only assigned MAC address can be used. (Probably most commercial cloud service would do). So use the mac address of eth0 for the nat-br.

sudo ovs-vsctl set bridge nat-br other-config:hwaddr=11:22:33:44:55:66

Now you lost Internet connection. Let's DHCP again

sudo ifconfig eth0 0.0.0.0
sudo dhclient -v nat-br

You may not want above DHCP procedure everytime you boot. Then you should add below line at /etc/network/interfaces. [1]

auto nat-br
allow-ovs nat-br
iface nat-br inet dhcp
ovs_type OVSBridge
ovs_ports eth0

allow-nat-br eth0
iface eth0 inet manual
ovs_bridge nat-br
ovs_type OVSPort

Configure controller to OVS

sudo ovs-vsctl set-controller nat-br tcp:127.0.0.1:6633

I'm using LXC instead of real VM.

sudo apt-get install lxc
sudo lxc-create -t ubuntu -n c0

LXC use linux bridge lxcbr0. Detach from this bridge and attach to OVS.

sudo brctl delif lxcbr0 veth0
sudo ifconfig lxcbr0 down
sudo ovs-vsctl add-port nat-br veth0

Now console to this LXC instance and statically configure network interface. The IP address should be in the same subnet range of GATEWAY_IP in RYU controller code and ipop config.

sudo lxc-console -n c0
sudo ifconfig eth0 192.168.4.3
sudo route add default gw 192.168.4.1

You can see the flow rules. All the ICMP message forwarded to controller. If you access to any public

sudo ovs-ofctl dump-flows nat-br

Now in LXC console. You can try http. DNS would be quite slow

wget -p www.google.com

Check the flow rule agian from the host. , You can see bunch of NAT rules are added.

sudo ovs-ofctl dump-flows nat-br

don’t forget to set hw address of ovs-switch to the same as eth0. Maybe only allowed mac address works.

[1] https://github.com/openvswitch/ovs/blob/master/debian/openvswitch-switch.README.Debian [2] https://www.lisenet.com/2014/create-and-attach-a-second-elastic-network-interface-with-eip-to-ec2-vpc-instance/