HPE Community read-only access December 15, 2018
This is a maintenance upgrade. You will be able to read articles and posts, but not post or reply.
Hours:
Dec 15, 4:00 am to 10:00 am UTC
Dec 14, 10:00 pm CST to Dec 15, 4:00 am CST
Dec 14, 8:00 pm PST to Dec 15, 2:00 am PST
Software Defined Networking
cancel
Showing results for 
Search instead for 
Did you mean: 

More than one MEMBER VLAN in my Opeflow instance

 
SOLVED
Go to solution
Highlighted
sbotkine
Frequent Advisor

More than one MEMBER VLAN in my Opeflow instance

Hello, 

 

I am using the HP VAN SDN to drive my OpenFlow switchs (HP 3500-24G and HP-3800-24G).

 

For the moment I have one instance using the vlan 20:

 

openflow
   controller-id 1 ip 130.223.23.100 controller-interface vlan 23
   instance "unil"
       listen-port
       member vlan 20
       controller-id 1
       version 1.3
       enable
       exit

 

Now I want to add a second VLAN in my OpenFlow LAN to sepatate my openFlow traffic in two different VLAN

 

How can I process ?

 

For the moment I tried  to : 

1. add  a new "member vlan" into my instance "unil".  But I have the message "Only one VLAN can be configured as a member of OpenFloew instance.

2. create a new instance. However I can not the  listen-port= 6633, because it is already used by my instance "unil". Now I can add a other listen port (listen-port 6637 for example), but in this case do I have to change something on my HP VAN SDN Controller configuration to  let him used my two listener port (6633 and 6637) ? 

 

Could you help me ?

 

Regards, 

 

Serge

4 REPLIES
EricAtHP
Esteemed Contributor

Re: More than one MEMBER VLAN in my Opeflow instance

Hi Serge,

 

The listen-port command is only necessary if you want someone other than the configured controller to be able to push flows to the switch. This is a big security hole. I don't recommend using it at all.

 

sbotkine
Frequent Advisor

Re: More than one MEMBER VLAN in my Opeflow instance

Ok I've just deleted the "listen-port" command.

 

But I still don't know how to create "correctly" two differents OpenFlow VLAN on my switchs network.

 

Here is what I did: 

 

openflow
   controller-id 1 ip 130.223.23.100 controller-interface vlan 23
   instance "unil"
       member vlan 20
       controller-id 1
       software-flow-table 4
       version 1.3
       enable
       exit
   instance "secureunil"
       member vlan 224
       controller-id 1
       software-flow-table 4
       version 1.3
       enable
       exit
      enable
      exit

 

The problem now is I have 2 differents dpid per switchs. That means two flow tables per switch one for each dpid. 

If I print the "OpenFlow Topology" into the HP VAN SDN web interface, I have two different network.

 

Is it not possible to have one flow table per switch (= same dpid) to manage two different  VLAN ? 

 

How can I do with uplink port (ports that link two different Openflow swith). These port have the two vlan tagged (20 and 224), is it correct ? If I want to add a rule for these uplink port  independently of the vlan the traffic is concerned,  I have to add the same role in both tables (the one for dpid of vlan 20 and the one for dpid of vlan 224), is it correct ?

 

It is quite confuse for me, the way to manage two different vlan.

 

Regards,

 

Serge 

 

 

 

EricAtHP
Esteemed Contributor
Solution

Re: More than one MEMBER VLAN in my Opeflow instance

There are two ways to implement OpenFlow on your switch. The first is "hybrid", which is the mode you are currently in. Some VLANs are OpenFlow controlled and others are traditional. The other is "aggregate" mode. In this mode, all VLANs are OpenFlow controlled except the VLAN used to connect to the controller. To use this mode, delete the instances you have now. Then create one new instance but use the reserved name "aggregate". Try this, i believe it will meet your needs.

 

By the way, notice that in your current config, the dpid is a combination of the vlan id, in hex, and the base MAC address of the switch.

 

Regards,

Eric

zefanya_
Member

Re: More than one MEMBER VLAN in my Opeflow instance

i'm have same problem with you, but in my openflow topology only one switch detected.

can you help me for connected 2 switch and in openflow topology can detected ?