vpp安装及入门
编译运行入门
1, 安装centos 7
虚拟机:使用virtualbox6.1.14或以上版本.
CentOS系统版本:CentOS Linux release 7.8.2003 (CentOS-7-x86_64-DVD-2003)
建议分配空间超过30G
2, 更新系统及安装软件
sudo yum update
sudo yum install git pygpgme yum-utils
sudo yum install vim
sudo yum install python3 cmake
sudo yum install tcpdump
sudo yum install subversion
3, 下载代码
git clone http://gerrit.fd.io/r/vpp
4, 编译
4.1 进入vpp目录,执行make install-dep 将下载编译依赖的软件,例如boost库和cmake等等
4.2 make build-release 编译时自动下载DPDK。
编译完成后安装文件在build-root/install-vpp-nativ/vpp目录下
5, 运行
make run-release
vpp# show version
vpp v21.01-rc0~0-g0b31630 built by zhang on localhost.localdomain at 2020-09-10T05:56:22
vpp# quit
启动
sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 }
sudo ./vppctl -s /run/vpp/cli-vpp1.sock
6, 配置文件
cd <top>/src/vpp/conf
sudo mkdir -p /etc/vpp
sudo cp startup.conf /etc/vpp/
sudo cp 80-vpp.conf /etc/sysctl.d
使用VPP创建并使用接口
1, 创建veth 网卡
在Linux上创建veth网卡
sudo ip link add name vpp1out type veth peer name vpp1host
sudo ip link set vpp1host up
sudo ip link set vpp1out up
设置IP地址
sudo ip addr add 10.10.1.1/24 dev vpp1host
输出结果如图
[zhang@localhost bin]$ sudo ip addr show vpp1host
4: vpp1host@vpp1out: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
link/ether c2:2e:27:24:30:5c brd ff:ff:ff:ff:ff:ff
inet 10.10.1.1/24 scope global vpp1host
valid_lft forever preferred_lft forever
inet6 fe80::c02e:27ff:fe24:305c/64 scope link
valid_lft forever preferred_lft forever
在vpp中添加接口
sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1out
然后在vpp中查看接口
show interface
show hardware
设置接口状态为up, 并查看接口状态
$ set int state host-vpp1out up
$ show interface
设置IP,并查看接口配置的IP信息
$ set int ip address host-vpp1out 10.10.1.2/24
$ show int addr
增加trace报文及查看和清除trace
$ trace add af-packet-input 10
从主机上执行
ping -c 2 10.10.1.2
在vpp上查看trace, 查看完成之后清除trace
$ show trace
$ clear trace
ping 10.10.1.1
show trace
查看arp表和转发表
show ip neighbors
show ip fib
连接两个VPP实例
memif是一种非常高性能的直接内存接口类型,可以在vpp实例之间使用以形成拓扑。 它使用文件套接字作为控制通道来设置共享内存。
在第一台VPP上执行创建memif接口,并启用和设置IP。
$ create interface memif id 0 master
$ set int ip address memif0/0 10.10.2.1/24
$ set int state memif0/0 up
$ show int addr
vpp2实例
sudo ./vpp unix {cli-listen /run/vpp/cli-vpp2.sock} api-segment { prefix vpp2 }
sudo ./vppctl -s /run/vpp/cli-vpp2.sock
vpp# create interface memif id 0 slave
vpp# set int ip address memif0/0 10.10.2.2/24
vpp# set int state memif0/0 up
vpp# show int addr
设置路由
sudo ip route add 10.10.2.0/24 via 10.10.1.2
在VPP2中设置路由
vpp# ip route add 10.10.1.0/24 via 10.10.2.1
交换机模式(switching)
1, 启动两个VPP
sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 }
sudo ./vpp unix {cli-listen /run/vpp/cli-vpp2.sock} api-segment { prefix vpp2 }
2, 连接vpp1到主机
sudo ip link add name vpp1out type veth peer name vpp1host
sudo ip link set vpp1host up
sudo ip link set vpp1out up
sudo ip addr add 10.10.1.1/24 dev vpp1host
sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1out
# set int state host-vpp1out up
# show int addr
3, 连接vpp1到vpp2
sudo ip link add name vpp2vpp1 type veth peer name vpp1vpp2
sudo ip link set vpp1vpp2 up
sudo ip link set vpp2vpp1 up
sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1vpp2
sudo ./vppctl -s /run/vpp/cli-vpp1.sock set int state host-vpp1vpp2 up
sudo ./vppctl -s /run/vpp/cli-vpp2.sock create host-interface name vpp2vpp1
sudo ./vppctl -s /run/vpp/cli-vpp2.sock set int state host-vpp2vpp1 up
4, 在vpp1上配置Bridge Domain
vpp# show bridge-domain
sudo vppctl -s /run/vpp/cli-vpp1.sock set int l2 bridge host-vpp1out 0
sudo vppctl -s /run/vpp/cli-vpp1.sock set int l2 bridge host-vpp1vpp2 0
sudo vppctl -s /run/vpp/cli-vpp1.sock show bridge-domain 0 detail
提示:
show bridge-domain: No operations on the default bridge domain are supported
改为使用1
set int l2 bridge host-vpp1out 1
set int l2 bridge host-vpp1vpp2 1
show bridge-domain 1 detail
vpp# show bridge-domain 1 detail
BD-ID Index BSN Age(min) Learning U-Forwrd UU-Flood Flooding ARP-Term arp-ufwd BVI-Intf
1 1 0 off on on flood on off off N/A
Interface If-idx ISN SHG BVI TxFlood VLAN-Tag-Rewrite
host-vpp1out 1 3 0 - * none
host-vpp1vpp2 2 5 0 - * none
5, 在vpp2上配置回环接口
sudo ./vppctl -s /run/vpp/cli-vpp2.sock create loopback interface
sudo ./vppctl -s /run/vpp/cli-vpp2.sock set int ip address loop0 10.10.1.2/24
# set int state loop0 up
# show int addr
6, Configure bridge domain on vpp2
sudo vppctl -s /run/vpp/cli-vpp2.sock set int l2 bridge loop0 1 bvi
sudo vppctl -s /run/vpp/cli-vpp2.sock set int l2 bridge host-vpp2vpp1 1
# set int state host-vpp2vpp1 up
7, ping和trace
在vpp1中打开trace
trace add af-packet-input 10
在主机上ping
ping 10.10.1.2
在vpp中查看trace结果:
show trace
也可以在vpp2上进行ping和trace
ping 10.10.1.1
8, 查看二层转发表
sudo vppctl -s /run/vpp/cli-vpp1.sock show l2fib verbose
sudo vppctl -s /run/vpp/cli-vpp2.sock show l2fib verbose
配置SNAT
1), 重启机器,从初始开始配置
sudo ./vpp unix {cli-listen /run/vpp/cli-vpp1.sock} api-segment { prefix vpp1 }
sudo vppctl -s /run/vpp/cli-vpp1.sock show plugins
2), 创建veth接口
sudo ip link add name vpp1outside type veth peer name vpp1outsidehost
sudo ip addr add 10.10.1.1/24 dev vpp1outsidehost
sudo ip link set dev vpp1outsidehost up
sudo ip link add name vpp1inside type veth peer name vpp1insidehost
3), 创建名字空间,在名字空间内设置网卡及设置路由
sudo ip netns add inside
sudo ip link set dev vpp1inside up netns inside
sudo ip netns exec inside ip addr add 10.10.2.2/24 dev vpp1inside
sudo ip netns exec inside ip route add 10.10.1.0/24 via 10.10.2.1
sudo ip netns exec inside ip addr
4), Configure vpp outside interface
(原文有错误)
sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1outside
# set int ip address host-vpp1outside 10.10.1.2/24
# set int state host-vpp1outside up
# show int addr
sudo ./vppctl -s /run/vpp/cli-vpp1.sock create host-interface name vpp1insidehost
# set int ip address host-vpp1insidehost 10.10.2.1/24
# set int state host-vpp1insidehost up
# show int addr
5), Configure snat
Configure snat to use the address of host-vpp1outside
sudo vppctl -s /run/vpp/cli-vpp1.sock snat add interface address host-vpp1outside
Configure snat inside and outside interfaces
sudo vppctl -s /run/vpp/cli-vpp1.sock set interface snat in host-vpp1insidehost out host-vpp1outside
这是vpp17.04支持的方法。现在通过nat44进行设置。:
vpp# nat44 add int address host-vpp1outside
vpp# set int nat44 in host-vpp1insidehost out host-vpp1outside
6), ping 并进行抓包验证
sudo ip netns exec inside ping -c 1 10.10.1.1
参考资料
更新时间2020.9