Step 1
|
configure
terminal
Device# configure terminal
|
Enters global
configuration mode.
|
Step 2
|
openflow
|
Enters OpenFlow configuration mode.
|
Step 3
|
switch switch-id pipeline
pipeline-id
Device(config-ofa)# switch 1 pipeline 201
|
Creates an OpenFlow switch with a pipeline.
Note
|
For the Cisco Nexus 3500 platform switches, the value of pipeline-id is 203.
|
|
Step 4
|
Enter one of the following commands:
- of-port interface
interface-name
- of-port interface
port-channel-name
For a physical interface: Device(config-ofa-switch)# of-port interface ethernet1/1
For a port-channel interface: Device(config-ofa-switch)# of-port interface port-channel2
|
Configures an Ethernet interface or port-channel interface as a port of a Cisco OpenFlow Agent logical switch.
-
Standard Cisco NX-OS interface type abbreviations are supported.
-
The interface must be designated for the Cisco OpenFlow Agent logical switch only.
-
The mode openflow configuration is added to an interface when an interface is configured as a port of Cisco OpenFlow Agent. To add or remove an interface as a port of Cisco OpenFlow Agent, ensure that the Cisco OpenFlow Agent is activated and running to ensure the proper automatic addition and removal of the mode openflow configuration. To remove an interface as a port of Cisco OpenFlow Agent, use the no form of this command.
-
An interface configured for a port channel should not be configured as a Cisco OpenFlow Agent logical switch port.
-
Repeat this step to configure additional interfaces.
|
Step 5
|
controller ipv4
ip-address [port tcp-port] [
vrf
vrf-name] security{none |
tls}
Controller in default VRF: Device(config-ofa-switch)# controller ipv4 10.1.1.2 security none
|
Specifies the IPv4 address, port number, and VRF of a controller that can manage the logical switch, port number used by
the controller to connect to the logical switch and the VRF of the controller.
-
If unspecified, the default VRF is used.
-
Controllers use TCP port 6653 by default.
-
You can configure up to eight controllers. Repeat this step if you need to configure additional controllers.
-
If TLS is not disabled in this step, configure TLS trustpoints using the tls command.
-
You can use the clear openflow switch 1 controller all
command to clear controller connections. This command can reset a connection after Transport Layer Security (TLS) certificates
and keys are updated. This is not required for TCP connections.
A connection
to a controller is initiated for the logical switch.
|
Step 6
|
(Optional)
tls trust-point local local-trust-point remote remote-trust-point
Device(config-ofa-switch)# tls trust-point local mylocal remote myremote
|
(Optional)
Specifies the local and remote TLS trustpoints to be used for the controller connection.
|
Step 7
|
(Optional) logging flow-mod
Device(config-ofa-switch)# logging flow-mod
|
(Optional)
Enables logging of flow changes, including addition, deletion, and modification of flows.
-
Logging of flow changes is disabled by default.
-
Flow changes are logged in syslog and can be viewed using the show logging command.
-
Logging of flow changes is a CPU intensive activity and should not be enabled for networks greater than 1000 flows.
|
Step 8
|
(Optional)
probe-interval
probe-interval
Device(config-ofa-switch)# probe-interval 5
|
(Optional)
Configures the interval, in seconds, at which the controller is probed with echo requests.
|
Step 9
|
(Optional)
rate-limit
packet_in
controller-packet-rate burst maximum-packets-to-controller
Device(config-ofa-switch)# rate-limit packet_in 300 burst 50
|
(Optional)
Configures the maximum packet rate of the connection to the controller and the maximum packets permitted in a burst of packets
sent to the controller in a second.
-
The default value is zero, meaning that an indefinite packet rate and packet burst are permitted.
-
This rate limit is for Cisco OpenFlow Agent. It is not related to the rate limit of the device (data plane) configured by COPP.
|
Step 10
|
(Optional)
max-backoff
backoff-timer
Device(config-ofa-switch)# max-backoff 8
|
(Optional)
Configures the time, in seconds, for which the device must wait before attempting to initiate a connection with the controller.
|
Step 11
|
(Optional)
datapath-id
id
Device(config-ofa-switch)# datapath-id 0x111
|
(Optional)
id is a 64bit hex value. A valid id is in the range [0x1-0xffffffffffffffff]. This identifier allows the controller to uniquely identify the device.
|
Step 12
|
(Optional)
protocol-version [1.0 |
1.3
|
negotiate]
Device(config-ofa-switch)# protocol-version 1.3
|
(Optional)
This command forces a specific version of the controller connection. If you force version 1.3 and the controller supports
only 1.0, no session is established (or vice versa). The default behavior is to negotiate a compatible version between the
controller and device.
Supported values are:
-
1.0 —Configures device to connect to 1.0 controllers only
-
1.3 —Configures device to connect to 1.3 controllers only
-
negotiate—(Default) Negotiates the protocol version with the controller. The device uses version 1.3 for negotiation.
|
Step 13
|
(Optional)
shutdown
Device(config-ofa-switch)# shutdown
|
(Optional)
This disables the OpenFlow switch without having to remove all the other configuration.
|
Step 14
|
default-miss
value
Device(config-ofa-switch)# default-miss continue-normal
|
The
default-miss command sets the behavior when a packet does not match a flow in the flow table. The controller flows may override default-miss flows.
Note
|
Not every action is supported on every platform.
|
continue-drop : a miss in a flow table will cascade to perform a match in the next table (if applicable). A miss in the terminal table in
the pipeline will result in the packet being dropped.
continue-normal : a miss in a flow table will cascade to perform a match in the next table (if applicable). A miss in the terminal table in
the pipeline will result in the packet being sent to the switch's normal hardware processing.
continue-controller : a miss in a flow table will cascade to perform a match in the next table (if applicable). A miss in the terminal table in
the pipeline will result in the packet being sent to the controller.
drop : a miss in the first flow table of the pipeline will not cascade to any other table. Instead the packet will be dropped.
normal : a miss in the first flow table of the pipeline will not cascade to any other table. Instead the packet will be sent to the
switch's normal hardware forwarding.
controller : a miss in the first flow table of the pipeline will not cascade to any other table. Instead the packet will be sent to the
controller.
|
Step 15
|
(Optional)
statistics
collection-interval
seconds
Device(config-ofa-switch)# statistics collection 10
|
(Optional)
A setting of zero disables statistics collection. If collection is enabled, the interval must be a minimum of seven seconds.
The interval setting can be used to reduce the CPU load from periodic statistics polling. For example, if you have 1000 flows
and choose a statistics collection interval of 10 seconds, 1000flows/10s = 100 flows per second poll rate.
Note
|
Each flow table has a prescribed maximum flows-per-second poll rate supported by hardware as displayed in the show openflow hardware capabilities command . If you choose a statistics collection interval that is too small, the maximum rate supported by the hardware is used, effectively
throttling the statistics collection.
|
|
Step 16
|
end
Device(config-ofa-switch)# end
|
Exits logical switch configuration mode and enters privileged EXEC mode.
|
Step 17
|
copy running-config startup-config
Device# copy running-config startup-config
|
Saves the
change persistently through reboots and restarts by copying the running
configuration to the startup configuration.
|