Purchase Linux CDs / DVDs / Flash Drives at OSDisc.com

Welcome to Our Community

While Linux.org has been around for a while, we recently changed management and had to purge most of the content (including users). If you signed up before April 23rd, 2017 please sign up again. Thanks!

Open Vswitch and manipulating added ports

Discussion in 'Linux Networking' started by ilgtech, Feb 24, 2018.

  1. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    I wanted to set up OVS to support a couple of interfaces belonging to an IPS VM.
    First, I'm only just learning about OVS so please forgive any dumb questions I might submit due to my not understanding how this software behaves.

    I have in the past brought up a libvirt based VM and bridged a physical host interface to the eth0 belonging to the virtual machine like this:

    auto br1 # eth0 on the IPSVM is tied to this bridge

    iface br1 inet manual
    bridge_ports eno2
    post-up ifconfig eno2 mtu 1520
    post-up ifconfig eno2 promisc
    post-up ethtool -G eno2 rx 4096
    post-up ethtool -K eno2 rx off tx off sg off tso off ufo off gso off gro off lro off rxvlan off txvlan off ntuple off rxhash off
    post-up ethtool -N eno2 rx-flow-hash udp4 sdfn
    post-up ethtool -N eno2 rx-flow-hash udp6 sdfn
    post-up ethtool -C eno2 rx-usecs 1 rx-frames 0
    post-up ethtool -C eno2 adaptive-rx off
    bridge_stp off
    bridge_maxwait 0
    post-down brctl delbr br1

    ========================================

    Now for the main part of the question.
    In: ovs-vsctl add-port vbridge0 eno2

    What's the stanza look like to give it all the ethtool options and ifconfig options that I put on eno2 via the bridge commands as shown above?
    Is there a way to add "ovs-vsctl set interface <insert options here>" to create an equivalent config?

    Or would I simply bring up the interface manually via /etc/network/interfaces

    Like:
    auto eno2
    iface eno2 inet manual
    post-up ifconfig $IFACE up
    post-up ifconfig $IFACE mtu 1520
    post-up ifconfig $IFACE promisc
    post-up ethtool -G $IFACE rx 4096
    post-up ethtool -K $IFACE rx off tx off sg off tso off ufo off gso off gro off lro off rxvlan off txvlan off ntuple off rxhash off
    post-up ethtool -N $IFACE rx-flow-hash udp4 sdfn
    post-up ethtool -N $IFACE rx-flow-hash udp6 sdfn
    post-up ethtool -C $IFACE rx-usecs 1 rx-frames 0
    post-up ethtool -C $IFACE adaptive-rx off
    bridge_stp off
    bridge_maxwait 0
    pre-down ifconfig $IFACE down

    Then: ovs-vsctl add-port vbridge0 eno2 #and it would maintain all the attributes I brought it up with manually?


    I've always operated under the pretense that when a bridge grabs an interface, the interface becomes a slave to the bridge and has to assume all of the bridges default settings.

    So I'm thinking that bringing up eno2 manually with all those settings and adding the port eno2 after the fact would be a waste of time. I was thinking I would have to get OVS to set the attributes to the interface as it would be master over the slaved interface en02.




    Clear as mudd? I'm hoping what I wrote made sense.
    I have concern about all the NIC attributes because IPS systems really only perform correctly if all these attributes are applied to the interface. If you don't tune the interface this way, you'll miss things you're trying to detect with the IPS system.

    Thanks!
     
  2. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    atanere likes this.
  3. wizardfromoz

    wizardfromoz Super Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 30, 2017
    Messages:
    1,332
    Likes Received:
    1,527
    Wow, I love it when they solve their own problems :p

    Hi @ilgtech and welcome to linux.org.

    I am not strong in this area, but I will read and digest what you have written and bookmark those links for my personal knowledge base.

    Enjoy your Linux

    Chris Turner
    wizardfromoz
     
    atanere likes this.
  4. atanere

    atanere Moderator
    Gold Supporter

    Joined:
    Apr 6, 2017
    Messages:
    1,596
    Likes Received:
    1,636
  5. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    Thanks atanere, I have a background as an Infrastructure support Engineer with my specialization being focused in Network Engineering. I am also a linux enthusiast that likes to use my FOSS knowledge where it applies to networking. This time it happened to be centered around Software defined networking of libvirt based KVM guests. If I can help in some networking questions for a forum member I'd be happy to try.
     
    wizardfromoz and atanere like this.
  6. atanere

    atanere Moderator
    Gold Supporter

    Joined:
    Apr 6, 2017
    Messages:
    1,596
    Likes Received:
    1,636
    Expertise is always welcome! :D Please check in with us anytime!

    You might take a look at this question while you're here. You may have a much better suggestion than I offered. Thanks!

    Cheers
     
    wizardfromoz likes this.
  7. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    atenere or wizardfromoz, is there a section in here to paste tut's?

    I just wrote out a VERY long winded tut to build out Open Vswitch and run KVM/Qemu Libvirt hypervisor happily together. I'd like to share.
     
    finrodfelagund_, atanere and nuna like this.
  8. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    Just in case, I put it on pastebin
     
    finrodfelagund_ and atanere like this.
  9. wizardfromoz

    wizardfromoz Super Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 30, 2017
    Messages:
    1,332
    Likes Received:
    1,527
    Hi mate, Linux Tutorials are here -

    https://www.linux.org/#linux-tutorials.122

    Stan's (@atanere 's) just headed off for work, but our Admin @Rob will be able to advise, or one of our other staff.

    If permissions are required, Rob will likely be the one to handle that.

    I joined here last May and within a couple of weeks Rob had established that I was a loud-mouthed know-it-all ie suited to writing articles. So he gave me permissions to a Staging area under Articles and Tutorials.

    I've taken a quick look at your pastebin work, looks impressive, and is beyond my pay grade, currentlyo_O

    Good luck, and goodonyer for being prepared to get in and help out ;)

    Wiz
     
    atanere likes this.
  10. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    Wiz, sorry..I'm a little bit embarrassed, that tut is a bit if a mess and could use polish and a spit shine... Overall, all I was trying to do was simply share the "cliff notes" version of what took me about 2 full weekends of searcing online source after online source.. It was a huge pain ..Just trying to save somebody else the headache.
     
    finrodfelagund_ and atanere like this.
  11. wizardfromoz

    wizardfromoz Super Moderator
    Staff Member Gold Supporter

    Joined:
    Apr 30, 2017
    Messages:
    1,332
    Likes Received:
    1,527
    No need to be embarrassed mate :)

    Did you want to put it on hold for a bit and do some more work on it?

    No deadlines, no timeframe, no pressure :D

    ... I think I've just summarised my feelings about Linux :cool:

    Wiz
     
    atanere likes this.
  12. ilgtech

    ilgtech New Member

    Joined:
    Feb 24, 2018
    Messages:
    8
    Likes Received:
    14
    Yes, I'll clean it up and repost to the appropriate TUT link you provided. Thanks Wiz.
     
    wizardfromoz and atanere like this.
  13. atanere

    atanere Moderator
    Gold Supporter

    Joined:
    Apr 6, 2017
    Messages:
    1,596
    Likes Received:
    1,636
    Wizard's right about this.... if you need assistance to post the tute, then @Rob will need to help you. I did a quick read on pastbin also and looks like a great topic.

    Cheers
     
    wizardfromoz likes this.

Share This Page