No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Configuration Guide - Network Management and Monitoring

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document describes the configurations of Network Management and Monitoring, including SNMP, RMON, NETCONF, OpenFlow, LLDP, NQA, Mirroring, Packet Capture, Packet Trace, Path and Connectivity Detection Configuration, NetStream, sFlow, and iPCA.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring the OpenFlow Agent

Configuring the OpenFlow Agent

Pre-configuration Tasks

Before configuring the OpenFlow Agent on the switch, complete the following tasks:
  • Configuring OpenFlow connection parameters on the controller
  • Ensuring there is a reachable route between the switch and controller
  • (Optional) Configuring a Keychain

    To enhance network security, configure keychain authentication for the OpenFlow connection. If keychain authentication is configured on one end, it must also be configured on the other end. Otherwise, the OpenFlow connection cannot be established.

  • (Optional) Configuring the SSL Policy

    To improve network security, configure an SSL policy for the OpenFlow connection. The switch functions as an SSL client. If an SSL policy is configured on one end, it must also be configured on the other end. Otherwise, the OpenFlow connection cannot be established.

NOTE:

Switches can set up OpenFlow connections with Huawei's Agile Controller-DCN, but not third-party controllers.

Procedure

  1. Run system-view

    The system view is displayed.

  2. (Optional) Run openflow dscp dscp-number

    The DSCP priority of OpenFlow packets is set.

    The default DSCP priority of OpenFlow packets is the DSCP priority set by the set priority dscp command.

    If both the set priority dscp and openflow dscp commands are executed, the openflow dscp configuration takes effect on the OpenFlow packets. If neither openflow dscp nor set priority dscp is executed, the DSCP priority of OpenFlow packets is 0.

  3. Run sdn agent

    The device is configured as the OpenFlow-compatible switch and the SDN Agent view is displayed.

    By default, the device is not an OpenFlow-compatible switch.

  4. (Optional) Run description description-text

    The description of the OpenFlow-compatible switch is configured.

    By default, an OpenFlow-compatible switch does not have the description.

    An SDN network may have multiple OpenFlow-compatible switches. To memorize and manage these switches, run the description command to configure description for the switches. For example, the description can be the region where the switch is located or the service provided by the switch.

  5. Run source-ip ip-address

    The global IP address used to establish an OpenFlow connection with the controller is configured.

    By default, the global IP address used to establish an OpenFlow connection with the controller is not configured. The IP address of a loopback interface is recommended.

    After the global IP address is configured, the switch uses it to establish an OpenFlow connection with the controller by default.

    The switch supports the use of only one global IP address to establish an OpenFlow connection with the controller. To change this IP address, run the undo source-ip [ ip-address ] command to delete the original one first.

  6. Run controller-ip [ vpn-instance vpn-instance-name ] ip-address

    The controller IP address used to establish an OpenFlow connection with the switch is specified and the Controller-IP view is displayed.

    By default, the controller IP address used to establish an OpenFlow connection with the switch is not specified.

    Only 16 controller IP addresses can be configured on the switch. To configure a new controller IP address on the switch, run the undo controller-ip [ vpn-instance vpn-instance-name ] ip-address command to delete the original one first.

  7. (Optional) Set the IP address and OpenFlow parameters used to establish an OpenFlow connection with a specified controller.
    1. Run openflow agent

      An OpenFlow Agent view is created and displayed.

      By default, no OpenFlow Agent view is created.

    2. Run transport-address ip-address

      The IP address used to establish an OpenFlow connection with the specified controller is configured.

      By default, the IP address used to establish an OpenFlow connection with the specified controller is not configured. The IP address of a loopback interface is recommended.

    3. To enhance network security, configure keychain authentication or SSL policy for the OpenFlow connection. Keychain authentication and SSL policy cannot both be configured for the same OpenFlow connection.

      • To configure keychain authentication for an OpenFlow connection, run the authentication keychain keychain-name command.

        By default, keychain authentication is not configured for OpenFlow connections.

      • To configure SSL policy for an OpenFlow connection, run the authentication ssl ssl-policy policy-name command.

        By default, no SSL policy is configured for OpenFlow connections.

    4. Run echo-interval interval

      The heartbeat interval of the OpenFlow connection is set.

      By default, the heartbeat interval of the OpenFlow connection is 5 seconds.

      As specified in the OpenFlow protocol, the controller and switch periodically exchange ECHO packets to detect whether the peer end is still available. If the initiator does not receive any OpenFlow packet after sending five consecutive ECHO_REQUEST packets, the initiator considers that the peer device has failed, and closes the OpenFlow connection. If the initiator receives an OpenFlow packet before closing the OpenFlow connection, the initiator restarts the counter.

  8. (Optional) Configure the switch to process the LLTD packets delivered by controller.
    1. Run return

      The user view is displayed.

    2. Run system-view

      The system view is displayed.

    3. Run sdn copy-to-controller lltd enable

      The switch is enabled to process the LLTD packets delivered by the controller.

      By default, the switch does not process the LLTD packets delivered by the controller.

      If the controller needs to obtain the positions of Microsoft servers in a network topology, the controller delivers a Packet-out carrying LLTD information to the switch. If the sdn copy-to-controller lltd enable command has been executed on the switch, the switch extracts the LLTD packet from the Packet-out, and broadcasts the LLTD packet on the network. When a Microsoft server receives the LLTD packet, it replies with another LLTD packet carrying its own host name, IP address, and MAC address to the switch. The switch encapsulates the LLTD packet into a Packet-in, and sends the Packet-in to the controller.

  9. Run commit

    The configuration is committed.

Verifying the Configuration

After you configure the OpenFlow Agent on the switch to establish the OpenFlow connection between the switch and controller, you can run the following commands to verify the configuration.

  • Run the display sdn openflow session [ slave ] command to check whether the OpenFlow connection is established.
  • Run the display sdn controller [ slave ] command to check information about the controller that is connected to the switch.
  • Run the display this command in the OpenFlow Agent view to check information about OpenFlow connection authentication and configured heartbeat interval.
  • Run the display openflow flows standard command to view the user policy table information delivered by the Agile Controller through Flow_Mod.
Translation
Download
Updated: 2019-04-20

Document ID: EDOC1100075365

Views: 36252

Downloads: 123

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next