ON THIS PAGE
Example: Enabling OpenFlow on EX4550 Switches
OpenFlow is an open standard that allows you to control traffic paths in a network by creating, deleting, and modifying flows in each device, including EX4550 switches, along a path. This example shows how to configure OpenFlow support on an EX4550 switch.
Requirements
This example uses the following hardware and software components:
An EX4550 switch running Junos OS Release 13.2X51-D15 or a later release.
An OpenFlow software package with a software package release that matches the Junos OS release of the device on which it is installed.
A TCP connection between the switch and an OpenFlow controller, which needs to access the data plane of the switch.
A connection between the me0 interface of the switch and the management network.
Overview
In this example, you configure support for OpenFlow on an EX4550 switch. The switch has three interfaces that are dedicated to handling OpenFlow traffic: xe-0/0/4.0, xe-0/0/5.0, and xe-0/0/6.0. Note that on EX4550 switches, you can only configure a single logical unit using logical unit number 0 for OpenFlow interfaces.
In an OpenFlow topology, a virtual switch is used to isolate
and control OpenFlow traffic. You configure the OpenFlow virtual switch
and OpenFlow protocol statements at the [edit protocols openflow]
hierarchy level. In this example, the virtual switch, 100, is assigned
a default VLAN, which acts as a logically separate flood domain. The
assignment of the default VLAN to virtual switch 100 is automatic,
and no configuration is required to set up the default VLAN.
Virtual switch 100 also connects to the controller over a TCP connection at the IP address 198.51.100.174. The virtual switch configuration must include all of the logical interfaces participating in OpenFlow, and OpenFlow traffic will only enter or exit from these interfaces.
A flow entry consists of a match condition against which packets
entering an OpenFlow interface are compared, and the action that is
applied to packets that match the condition. Each OpenFlow interface
can have one or more flow entries. The default-action
statement
in the OpenFlow configuration indicates the action the switch applies
to packets that do not have a matching flow entry. If you omit the default-action
statement, the default action is packet-in
, which means that packets that have no matching flow entry are sent
to the controller for processing. This example explicitly configures packet-in
as the default action for packets that do not have
a matching flow entry.
This example also configures OpenFlow traceoptions, along with
the flag all
statement, which is meant to capture and log
all OpenFlow events. Since the example does not configure a specific
filename for the log file, OpenFlow events are logged in the default
OpenFlow log directory /var/log/ofd.
Configuration
CLI Quick Configuration
To quickly configure this example, copy the following
commands, paste them into a text file, remove any line breaks, change
any details necessary to match your network configuration, copy and
paste the commands into the CLI at the [edit]
hierarchy
level, and then enter commit
from configuration mode.
set interfaces xe-0/0/4 unit 0 family ethernet-switching set interfaces xe-0/0/5 unit 0 family ethernet-switching set interfaces xe-0/0/6 unit 0 family ethernet-switching set protocols openflow switch 100 controller address 198.51.100.174 set protocols openflow switch 100 controller protocol tcp set protocols openflow switch 100 interfaces xe-0/0/4.0 set protocols openflow switch 100 interfaces xe-0/0/5.0 set protocols openflow switch 100 interfaces xe-0/0/6.0 set protocols openflow switch 100 default-action packet-in set protocols openflow traceoptions flag all
Procedure
Step-by-Step Procedure
To configure support for OpenFlow:
Configure the OpenFlow interfaces as Layer 2 interfaces.
[edit interfaces] user@switch# set xe-0/0/4 unit 0 family ethernet-switching user@switch# set xe-0/0/5 unit 0 family ethernet-switching user@switch# set xe-0/0/6 unit 0 family ethernet-switching
Configure an OpenFlow virtual switch.
[edit protocols openflow] user@switch# set switch 100
Configure the OpenFlow controller IP address and the connection protocol.
[edit protocols openflow switch 100] user@switch# set controller address 198.51.100.174 user@switch# set controller protocol tcp
Configure the logical interfaces participating in OpenFlow under this virtual switch.
[edit protocols openflow switch 100] user@switch# set interfaces xe-0/0/4.0 user@switch# set interfaces xe-0/0/5.0 user@switch# set interfaces xe-0/0/6.0
Configure the default action for packets that do not have a matching flow entry.
[edit protocols openflow switch 100] user@switch# set default-action packet-in
Configure OpenFlow traceoptions.
[edit protocols openflow] user@switch# set traceoptions flag all
Commit the configuration.
[edit] user@switch# commit
Results
From operational mode, confirm your configuration by
entering the show configuration interfaces
and show
configuration protocols openflow
commands. If the output does
not display the intended configuration, repeat the instructions in
this example to correct the configuration.
user@switch> show configuration interfaces xe-0/0/4 { unit 0 { family ethernet-switching; } } xe-0/0/5 { unit 0 { family ethernet-switching; } } xe-0/0/6 { unit 0 { family ethernet-switching; } }
user@switch> show configuration protocols openflow switch 100 { default-action packet-in; interfaces { xe-0/0/4.0; xe-0/0/5.0; xe-0/0/6.0; } controller { address 198.51.100.174; protocol tcp; } } traceoptions { flag all; }
Verification
Confirm that the configuration is working properly.
- Verifying that the OpenFlow Controller Connection is Up
- Verifying that the OpenFlow Interfaces Are Up
Verifying that the OpenFlow Controller Connection is Up
Purpose
Verify that the OpenFlow controller connection is up.
Action
Issue the show openflow controller
operational
mode command, and verify that the controller connection state is up
. Because the virtual switch configuration has
only a single controller, the virtual switch should automatically
initiate a connection to the controller after you commit the configuration.
user@switch> show openflow controller Openflowd controller information: Controller socket: 12 Controller IP address: 198.51.100.174 Controller protocol: tcp Controller port: 6633 Controller connection state: up Number of connection attempt: 4 Controller role: equal
Meaning
The output shows that the connection state of the OpenFlow
controller is up
, in addition to other
information about the controller.
Verifying that the OpenFlow Interfaces Are Up
Purpose
Verify that the OpenFlow interfaces are in the Up
state.
Action
Issue the show openflow interfaces
operational
mode command, and verify that the state of each OpenFlow interface
is Up
.
user@switch> show openflow interfaces Switch name: 100 Interface Name: xe-0/0/4.0 Interface port number: 41507 Interface Hardware Address: 00:00:5e:00:53:00 Interface speed: 10Gb Full-duplex Interface Auto-Negotiation: Disabled Interface media type: Fiber Interface state: Up Switch name: 100 Interface Name: xe-0/0/5.0 Interface port number: 44538 Interface Hardware Address: 00:00:5e:00:53:01 Interface speed: 10Gb Full-duplex Interface Auto-Negotiation: Disabled Interface media type: Fiber Interface state: Up Switch name: 100 Interface Name: xe-0/0/6.0 Interface port number: 45549 Interface Hardware Address: 00:00:5e:00:53:02 Interface speed: 10Gb Full-duplex Interface Auto-Negotiation: Disabled Interface media type: Fiber Interface state: Up
Meaning
The output shows that the state of the OpenFlow interfaces
is Up
, in addition to other information
about the interfaces.