vpp安装及入门 ============== 编译运行入门 --------------- 1, 安装centos 7 虚拟机:使用virtualbox6.1.14或以上版本. CentOS系统版本:CentOS Linux release 7.8.2003 (CentOS-7-x86_64-DVD-2003) 建议分配空间超过30G 2, 更新系统及安装软件 :: sudo yum update sudo yum install git pygpgme yum-utils sudo yum install vim sudo yum install python3 cmake sudo yum install tcpdump sudo yum install subversion 3, 下载代码 git clone http://gerrit.fd.io/r/vpp 4, 编译 4.1 进入vpp目录,执行make install-dep 将下载编译依赖的软件,例如boost库和cmake等等 4.2 make build-release 编译时自动下载DPDK。 编译完成后安装文件在build-root/install-vpp-nativ/vpp目录下 5, 运行 :: make run-release vpp# show version vpp v21.01-rc0~0-g0b31630 built by zhang on localhost.localdomain at 2020-09-10T05:56:22 vpp# quit 启动 :: sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 } sudo ./vppctl -s /run/vpp/cli-vpp1.sock 6, 配置文件 :: cd /src/vpp/conf sudo mkdir -p /etc/vpp sudo cp startup.conf /etc/vpp/ sudo cp 80-vpp.conf /etc/sysctl.d 使用VPP创建并使用接口 ---------------------- 1, 创建veth 网卡 在Linux上创建veth网卡 :: sudo ip link add name vpp1out type veth peer name vpp1host sudo ip link set vpp1host up sudo ip link set vpp1out up 设置IP地址 :: sudo ip addr add 10.10.1.1/24 dev vpp1host 输出结果如图 :: [zhang@localhost bin]$ sudo ip addr show vpp1host 4: vpp1host@vpp1out: mtu 1500 qdisc noqueue state UP group default qlen 1000 link/ether c2:2e:27:24:30:5c brd ff:ff:ff:ff:ff:ff inet 10.10.1.1/24 scope global vpp1host valid_lft forever preferred_lft forever inet6 fe80::c02e:27ff:fe24:305c/64 scope link valid_lft forever preferred_lft forever 在vpp中添加接口 sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1out 然后在vpp中查看接口 :: show interface show hardware 设置接口状态为up, 并查看接口状态 :: $ set int state host-vpp1out up $ show interface 设置IP,并查看接口配置的IP信息 :: $ set int ip address host-vpp1out 10.10.1.2/24 $ show int addr 增加trace报文及查看和清除trace :: $ trace add af-packet-input 10 从主机上执行 :: ping -c 2 10.10.1.2 在vpp上查看trace, 查看完成之后清除trace :: $ show trace $ clear trace ping 10.10.1.1 show trace 查看arp表和转发表 :: show ip neighbors show ip fib 连接两个VPP实例 ---------------------- memif是一种非常高性能的直接内存接口类型,可以在vpp实例之间使用以形成拓扑。 它使用文件套接字作为控制通道来设置共享内存。 在第一台VPP上执行创建memif接口,并启用和设置IP。 :: $ create interface memif id 0 master $ set int ip address memif0/0 10.10.2.1/24 $ set int state memif0/0 up $ show int addr vpp2实例 :: sudo ./vpp unix {cli-listen /run/vpp/cli-vpp2.sock} api-segment { prefix vpp2 } sudo ./vppctl -s /run/vpp/cli-vpp2.sock vpp# create interface memif id 0 slave vpp# set int ip address memif0/0 10.10.2.2/24 vpp# set int state memif0/0 up vpp# show int addr 设置路由 ----------- sudo ip route add 10.10.2.0/24 via 10.10.1.2 在VPP2中设置路由 :: vpp# ip route add 10.10.1.0/24 via 10.10.2.1 交换机模式(switching) ------------------------- 1, 启动两个VPP :: sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 } sudo ./vpp unix {cli-listen /run/vpp/cli-vpp2.sock} api-segment { prefix vpp2 } 2, 连接vpp1到主机 :: sudo ip link add name vpp1out type veth peer name vpp1host sudo ip link set vpp1host up sudo ip link set vpp1out up sudo ip addr add 10.10.1.1/24 dev vpp1host sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1out # set int state host-vpp1out up # show int addr 3, 连接vpp1到vpp2 :: sudo ip link add name vpp2vpp1 type veth peer name vpp1vpp2 sudo ip link set vpp1vpp2 up sudo ip link set vpp2vpp1 up sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1vpp2 sudo ./vppctl -s /run/vpp/cli-vpp1.sock set int state host-vpp1vpp2 up sudo ./vppctl -s /run/vpp/cli-vpp2.sock create host-interface name vpp2vpp1 sudo ./vppctl -s /run/vpp/cli-vpp2.sock set int state host-vpp2vpp1 up 4, 在vpp1上配置Bridge Domain :: vpp# show bridge-domain sudo vppctl -s /run/vpp/cli-vpp1.sock set int l2 bridge host-vpp1out 0 sudo vppctl -s /run/vpp/cli-vpp1.sock set int l2 bridge host-vpp1vpp2 0 sudo vppctl -s /run/vpp/cli-vpp1.sock show bridge-domain 0 detail 提示:: show bridge-domain: No operations on the default bridge domain are supported 改为使用1 :: set int l2 bridge host-vpp1out 1 set int l2 bridge host-vpp1vpp2 1 show bridge-domain 1 detail vpp# show bridge-domain 1 detail BD-ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding ARP-Term arp-ufwd BVI-Intf 1 1 0 off on on flood on off off N/A Interface If-idx ISN SHG BVI TxFlood VLAN-Tag-Rewrite host-vpp1out 1 3 0 - * none host-vpp1vpp2 2 5 0 - * none 5, 在vpp2上配置回环接口 :: sudo ./vppctl -s /run/vpp/cli-vpp2.sock create loopback interface sudo ./vppctl -s /run/vpp/cli-vpp2.sock set int ip address loop0 10.10.1.2/24 # set int state loop0 up # show int addr 6, Configure bridge domain on vpp2 :: sudo vppctl -s /run/vpp/cli-vpp2.sock set int l2 bridge loop0 1 bvi sudo vppctl -s /run/vpp/cli-vpp2.sock set int l2 bridge host-vpp2vpp1 1 # set int state host-vpp2vpp1 up 7, ping和trace 在vpp1中打开trace :: trace add af-packet-input 10 在主机上ping :: ping 10.10.1.2 在vpp中查看trace结果:: show trace 也可以在vpp2上进行ping和trace ping 10.10.1.1 8, 查看二层转发表 :: sudo vppctl -s /run/vpp/cli-vpp1.sock show l2fib verbose sudo vppctl -s /run/vpp/cli-vpp2.sock show l2fib verbose 配置SNAT ------------ 1), 重启机器,从初始开始配置 :: sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 } sudo vppctl -s /run/vpp/cli-vpp1.sock show plugins 2), 创建veth接口 :: sudo ip link add name vpp1outside type veth peer name vpp1outsidehost sudo ip addr add 10.10.1.1/24 dev vpp1outsidehost sudo ip link set dev vpp1outsidehost up sudo ip link add name vpp1inside type veth peer name vpp1insidehost 3), 创建名字空间,在名字空间内设置网卡及设置路由 :: sudo ip netns add inside sudo ip link set dev vpp1inside up netns inside sudo ip netns exec inside ip addr add 10.10.2.2/24 dev vpp1inside sudo ip netns exec inside ip route add 10.10.1.0/24 via 10.10.2.1 sudo ip netns exec inside ip addr 4), Configure vpp outside interface (原文有错误) :: sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1outside # set int ip address host-vpp1outside 10.10.1.2/24 # set int state host-vpp1outside up # show int addr sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1insidehost # set int ip address host-vpp1insidehost 10.10.2.1/24 # set int state host-vpp1insidehost up # show int addr 5), Configure snat Configure snat to use the address of host-vpp1outside sudo vppctl -s /run/vpp/cli-vpp1.sock snat add interface address host-vpp1outside Configure snat inside and outside interfaces sudo vppctl -s /run/vpp/cli-vpp1.sock set interface snat in host-vpp1insidehost out host-vpp1outside 这是vpp17.04支持的方法。现在通过nat44进行设置。:: vpp# nat44 add int address host-vpp1outside vpp# set int nat44 in host-vpp1insidehost out host-vpp1outside 6), ping 并进行抓包验证 sudo ip netns exec inside ping -c 1 10.10.1.1 参考资料 ---------- * https://wiki.fd.io/view/VPP/Build,_install,_and_test_images 更新时间2020.9