通过OpenDaylight自定义OpenFlow没有效果

我在OpenStack云中有两个VM。使用以下命令，我可以在它们之间发送数据：

# On the server (IP 10.0.0.7)    
nc -u -l -p 7865

# On the client (10.0.0.10)
nc -u 10.0.0.7 7865

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

现在，我想阻止从10.0.0.10到10.0.0.7的通信，但仍然允许它在另一个方向。所以我创建了这个流：

root@ubuntu:/opt/stack/opendaylight# cat my_custom_flow.xml 
<?xml version="1.0"?>
<flow xmlns="urn:opendaylight:flow:inventory">
  <priority>1</priority>
  <flow-name>nakrule-custom-flow</flow-name>
  <idle-timeout>12000</idle-timeout>
  <match>
    <ethernet-match>
      <ethernet-type>
        <type>2048</type>
      </ethernet-type>
    </ethernet-match>
    <ipv4-source>10.0.0.10/32</ipv4-source>
    <ipv4-destination>10.0.0.7/32</ipv4-destination>
    <ip-match>
      <ip-dscp>28</ip-dscp>
    </ip-match>
  </match>
  <id>10</id>
  <table_id>0</table_id>
  <instructions>
    <instruction>
      <order>6555</order>
    </instruction>
    <instruction>
      <order>0</order>
      <apply-actions>
        <action>
          <order>0</order>
          <drop-action/>
        </action>
      </apply-actions>
    </instruction>
  </instructions>
</flow>

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

ID为202520253197559的交换机在其表中有很多流，而另一个交换机有2-3个流。因此，我猜202520253197559是br int，因此使用以下命令将我的新流添加到其中：

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

现在，我可以通过另一个REST请求查看我的流程：

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

curl -u admin:admin http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes | python -m json.tool

{
    "flow-name": "nakrule-custom-flow",
    "id": "10",
    "idle-timeout": 12000,
    "instructions": {
        "instruction": [
            {
                "order": 6555
            },
            {
                "apply-actions": {
                    "action": [
                        {
                            "drop-action": {},
                            "order": 0
                        }
                    ]
                },
                "order": 0
            }
        ]
    },
    "match": {
        "ethernet-match": {
            "ethernet-type": {
                "type": 2048
            }
        },
        "ip-match": {
            "ip-dscp": 28
        },
        "ipv4-destination": "10.0.0.7/32",
        "ipv4-source": "10.0.0.10/32"
    },
    "priority": 1,
    "table_id": 0
},

然而，然后我回到我的两个虚拟机，他们仍然可以成功地互相发送数据。此外，使用以下命令不返回任何内容：

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

ovs-ofctl dump-flows br-int --protocols=OpenFlow13 | grep nakrule

我应该看到我的新流程，这是否意味着OpenDaylight不会将其添加到我的交换机中

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

root@ubuntu:/opt/stack# ovs-ofctl snoop br-int
2018-05-11T09:15:27Z|00001|vconn|ERR|unix:/var/run/openvswitch/br-int.snoop: received OpenFlow version 0x04 != expected 01
2018-05-11T09:15:27Z|00002|vconn|ERR|unix:/var/run/openvswitch/br-int.snoop: received OpenFlow version 0x04 != expected 01

---

提前感谢。

您确定openflow:1是该交换机的节点id吗

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

你想要编程。我对此表示怀疑。通常openflow:1是 我们从mininet部署中看到

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

通过RESTCONF获取拓扑API并计算出节点id 你的开关。或者你也可以通过找到mac电脑来猜测 正在使用的br int地址，并将十六进制转换为十进制

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

例如，mininet实际上使他们的mac地址变得简单，比如 00:00:00:00:00:01，这就是它最终成为openflow的原因：1

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

我在您更新的问题中注意到的另一个问题是您正在发送 URL中表234的流，但在流中指定表0 数据

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

此外，您还可以在restconf中检查config/store，以使这些节点 看看ODL是否接受了这个流。如果它在配置存储和 该开关连接到openflow插件，那么流应该 按下开关

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

另一个寻找线索的地方是karaf.log

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10

最后，如果你认为一切都是对的，并且流程应该得到改善 发送到开关，但开关未显示流量，然后 尝试进行数据包捕获。可能是您的交换机拒绝了 由于某种原因，这股水流停止了。如果需要，也可以在ovs日志中显示 情况就是这样。我怀疑这就是问题所在，只是补充一下 以防万一

curl -u admin:admin -H 'Content-Type: application/yang.data+xml' -X PUT -d @my_custom_flow.xml http://192.168.100.100:8181/restconf/config/opendaylight-inventory:nodes/node/openflow:202520253197559/table/234/flow/10