Open vSwitch - ether42/bootable-usb GitHub Wiki
The complete /etc/network/interfaces configuration:
auto bridge-enp3s0
iface bridge-enp3s0 inet manual
ovs_type OVSBridge
ovs_ports enp3s0
allow-bridge-enp3s0 enp3s0
iface enp3s0 inet manual
ovs_bridge bridge-enp3s0
ovs_type OVSPort
ovs_options trunks=99,100,101,102
auto bridge
iface bridge inet manual
ovs_type OVSBridge
ovs_options bridge-enp3s0 99
auto service
iface service inet static
ovs_type OVSBridge
ovs_options bridge-enp3s0 101
address 10.0.101.1
netmask 255.255.255.0
gateway 10.0.101.254
post-up echo nameserver 10.0.101.253 > /etc/resolv.conf
post-up echo search lorn.space >> /etc/resolv.conf
auto client
iface client inet manual
ovs_type OVSBridge
ovs_options bridge-enp3s0 100
auto administrative
iface administrative inet static
ovs_type OVSBridge
ovs_options bridge-enp3s0 102
address 10.0.102.1
netmask 255.255.255.0
Note that the dns- stanzas are available when resolvconf is installed.
Sadly, the interfaces have to be statically configured as the LXC hosting the DHCP will be started after this boot step.
More information is available at Open vSwitch's GitHub repository (document also available as /usr/share/doc/openvswitch-switch/README.Debian.gz).
The previous configuration will do the following commands under the hood.
Creating a bridge and adding a physical interface/port to it:
ovs-vsctl add-br bridge-enp3s0
ovs-vsctl add-port bridge-enp3s0 enp3s0Native VLAN and trunk:
ovs-vsctl set port en3ps0 trunks=99,100,101,102
ovs-vsctl add-br bridge bridge-enp3s0 99
ovs-vsctl add-br client bridge-enp3s0 100
ovs-vsctl add-br service bridge-enp3s0 101
ovs-vsctl add-br administrative bridge-enp3s0 102The previous add-br commands will create 'fake bridges', see ovs-vsctl(8).
ovs-vsctl show should display something like that, where veth* ports are dynamically allocated by the LXC when attaching to the bridge:
4bac8876-52b9-4688-a8fe-8635fc4c20ce
Bridge "bridge-enp3s0"
Port bridge
tag: 99
Interface bridge
type: internal
Port service
tag: 101
Interface service
type: internal
Port administrative
tag: 102
Interface administrative
type: internal
Port client
tag: 100
Interface client
type: internal
Port "enp3s0"
trunks: [99, 100, 101, 102]
Interface "enp3s0"
Port "bridge-enp3s0"
Interface "bridge-enp3s0"
type: internal
Port "veth4TMWVG"
tag: 99
Interface "veth4TMWVG"
Port "vethDHSA62"
tag: 100
Interface "vethDHSA62"
Port "vethJS8YPS"
tag: 101
Interface "vethJS8YPS"
Port "veth2ESKE5"
tag: 102
Interface "veth2ESKE5"
[...]
ovs_version: "2.6.2"
It is recommended to create two small scripts to easily handle attaching the LXC's interfaces to Open vSwitch. In case of a fake bridge, Open vSwitch will automatically create the corresponding ports so there is no need for those scripts.
A simple bridge for enp3s0, /etc/network/interfaces.d/enp3s0:
auto bridge-enp3s0
iface bridge-enp3s0 inet dhcp
ovs_type OVSBridge
ovs_ports enp3s0
allow-bridge-enp3s0 enp3s0
iface enp3s0 inet manual
ovs_bridge bridge-enp3s0
ovs_type OVSPort
/etc/lxc/ovs_bridge_up.sh, +x:
#!/bin/sh -eu
[ $# -eq 6 ]
ovs-vsctl --if-exists del-port "$1" "$6"
ovs-vsctl --may-exist add-port "$1" "$6"/etc/lxc/ovs_bridge_down.sh, +x:
#!/bin/sh -eu
[ $# -eq 6 ]
ovs-vsctl --if-exists del-port "$1" "$6"The scripts arguments are:
-
$1is the Open vSwitch bridge to use - the rest is dynamically given, for example when
lxc.network.typeis set tovethfive parameters will be given, as a result$6is the LXC's network interface
Checking $# is recommended: the number of parameters given to the command is variable and depends on the LXC's network configuration.
The LXC configuration should look like this:
lxc.network.type = veth
lxc.network.flags = up
lxc.network.script.up = /etc/lxc/ovs_bridge_up.sh $bridge
lxc.network.script.down = /etc/lxc/ovs_bridge_down.sh $bridge
Where $bridge has to replaced by the name of the Open vSwitch bridge to use (example: bridge-enp3s0).