Contents

OpenFlow commands· 1

active instance· 1

classification global 1

classification vlan· 2

controller address· 3

controller connect interval 4

controller echo-request interval 4

controller mode· 5

datapath-id· 6

description· 6

default table-miss permit 7

display openflow controller 8

display openflow flow-table· 9

display openflow group· 13

display openflow instance· 14

display openflow meter 16

display openflow summary· 18

fail-open mode· 19

flow-entry max-limit 20

flow-log disable· 20

flow-table· 21

forbidden port 22

in-band management vlan· 22

mac-ip dynamic-mac aware· 23

openflow instance· 24

permit-port-type member-port 24

refresh ip-flow· 25

reset openflow instance controller statistics· 25

Index· 27

OpenFlow commands

In this chapter, an OpenFlow switch is the same as an OpenFlow instance, unless otherwise specified.

active instance

Use active instance to activate or reactivate an OpenFlow instance.

Use undo active instance to deactivate an OpenFlow instance.

Syntax

active instance

undo active instance

Default

An OpenFlow instance is not activated.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

An OpenFlow instance takes effect only after it is activated.

Reactivating an OpenFlow instance refreshes the configuration data and interrupts communication with the controllers.

You can reactivate an OpenFlow instance by using the active instance command after you deactivate the OpenFlow instance by using the undo active instance command.

Examples

# Activate OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] active instance

classification global

Use classification global to enable the global mode for an OpenFlow instance.

Use undo classification to remove the configuration.

Syntax

classification global

undo classification

Default

An OpenFlow instance is in the VLAN mode.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

If you execute the classification global and classification vlan commands multiple times, the most recent configuration takes effect.

By default, an OpenFlow instance is in the VLAN mode. When an OpenFlow instance is associated with VLANs, the flow entries take effect only on packets within those VLANs.

When the global mode is enabled for an OpenFlow instance, the flow entries take effect on packets within the network. All interfaces on the device belong to the OpenFlow instance, including VLAN interfaces, Layer 2 or Layer 3 Ethernet interfaces.

Examples

# Enable the global mode for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] classification global

Related commands

classification vlan

classification vlan

Use classification vlan to associate VLANs with an OpenFlow instance.

Use undo classification to cancel the association.

Syntax

classification vlan vlan-id [ mask vlan-mask ] [ loosen ]

undo classification

Default

An OpenFlow instance is not associated with any VLANs.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

vlan-id: Specifies the VLAN ID in the range of 1 to 4094.

vlan-mask: Specifies a VLAN mask in the range of 0 to 4095. The default value is 4095.

loosen: Specifies the loosen mode. If the loosen mode is used, a port belongs to the OpenFlow instance when VLANs associated with the OpenFlow instance overlap with the port's allowed VLANs. Otherwise, a port belongs to an OpenFlow instance only when VLANs associated with the OpenFlow instance are within the port's allowed VLAN list.

Usage guidelines

The system calculates the VLANs to be associated according to the specified VLAN ID and mask. To view the associated VLANs, use the display openflow instance command.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Associate an OpenFlow instance with a list of VLANs determined by VLAN ID 255 and VLAN mask 7.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] classification vlan 255 mask 7

Related commands

display openflow instance

controller address

Use controller address to specify a controller for an OpenFlow switch and configure the main connection to the controller.

Use undo controller address to remove the configuration.

Syntax

controller controller-id address ip ip-address [ port port-number ] [ local address ip ip-address [ port port-number ] ] [ ssl ssl-policy-name ] [ vrf vrf-name ]

undo controller controller-id address

Default

An OpenFlow instance does not have a main connection to a controller.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

controller-id: Specifies a controller by its ID in the range of 0 to 63.

ip ip-address: Specifies the IPv4 address of the controller or the device.

local address: Specifies the IPv4 address that the device uses to establish connections with the controller.

port port-number: Specifies the port number that the device or the controller uses to establish TCP connections between them. The value range for the port number is 1 to 65535. The default value is 6633.

ssl ssl-policy-name: Specifies the SSL client policy that the controller uses to authenticate the OpenFlow switch. The policy name is a case-insensitive string of 1 to 31 characters.

vrf vrf-name: Specifies the VPN to which the controller belongs. The VRF name is the VRF instance name of MPLS L3VPN and is a case-insensitive string of 1 to 31 characters.

Usage guidelines

You can specify multiple controllers for an OpenFlow switch. The OpenFlow channel between the OpenFlow switch and each controller can have only one main connection.

The OpenFlow switch exchanges control messages with a controller through the main connection to perform the following operations:

·     Receive flow table entries or data.

·     Report information to the controller.

Examples

# Specify controller 10 for OpenFlow instance 1. The controller's IP address is 1.1.1.1 and the port number is 6666.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] controller 10 address ip 1.1.1.1 port 6666

controller connect interval

Use controller connect interval to set the reconnection interval for an OpenFlow instance.

Use undo controller connect interval to restore the default.

Syntax

controller connect interval interval-value

undo controller connect interval

Default

The reconnection interval is 60 seconds for an OpenFlow instance.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

interval-value: Specifies the reconnection interval in the range of 10 to 120 seconds.

Usage guidelines

The OpenFlow instance waits a reconnection interval before it attempts to reconnect to a controller.

Examples

# Set the reconnection interval to 10 seconds for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] controller connect interval 10

controller echo-request interval

Use controller echo-request interval to set the connection detection interval for an OpenFlow switch.

Use undo controller echo-request interval to restore the default.

Syntax

controller echo-request interval interval-value

undo controller echo-request interval

Default

The connection detection interval is 5 seconds for an OpenFlow switch.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

interval-value: Specifies the connection detection interval in the range of 1 to 10 seconds.

Usage guidelines

The connection detection interval specifies the interval at which the OpenFlow switch sends an Echo Request message to a controller.

As a best practice to reduce the CPU load, set the connection detection interval to a large value.

Examples

# Set the connection detection interval to 10 seconds for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] controller echo-request interval 10

controller mode

Use controller mode to configure the connection mode for an OpenFlow instance to establish connections to controllers.

Use undo controller mode to restore the default.

Syntax

controller mode { multiple | single }

undo controller mode

Default

The connection mode is multiple.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

multiple: Configures the connection mode as multiple for the OpenFlow instance to establish connections to controllers.

single: Configures the connection mode as single for the OpenFlow instance to establish connections to controllers.

Usage guidelines

When the connection mode is single, an OpenFlow establishes a connection to only one controller at a time, and the other controllers back up the controller. When the connection is broken, the OpenFlow instance attempts to connect to the next controller until it successfully establishes a connection.

When the connection mode is multiple, an OpenFlow instance can establish connections to all controllers at a time. When one or more controllers fail or one or more controller connections are broken, the OpenFlow switch can operate correctly.

Examples

# Configure the connection mode as single for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] controller mode single

datapath-id

Use datapath-id to set the datapath ID for an OpenFlow instance.

Use undo datapath-id to restore the default.

Syntax

datapath-id datapath-id

undo datapath-id

Default

The datapath ID of an OpenFlow instance contains the instance ID and the bridge MAC address. The upper 16 bits are the instance ID and the lower 48 bits are the bridge MAC address.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

datapath-id: Specifies the datapath ID for an OpenFlow instance. The argument is a hexadecimal number and the value range is 1 to 0xFFFFFFFFFFFFFFFF.

Examples

# Set the datapath ID to 0x123456 for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] datapath-id 123456

description

Use description to set a description for an OpenFlow instance.

Use undo description to restore the default.

Syntax

description text

undo description

Default

An OpenFlow instance does not have a description.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

text: Specifies a description for the OpenFlow instance, which is a case-insensitive string of 1 to 255 characters and must start with an English letter.

Examples

# Set the description to test-desc for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] description test-desc

default table-miss permit

Use default table-miss permit to change the default action of table-miss flow entries to forward packets to the normal pipeline.

Use undo default table-miss permit to restore the default.

Syntax

default table-miss permit

undo default table-miss permit

Default

The default action of table-miss flow entries is to drop packets.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Examples

# Change the default action of table-miss flow entries to forward packets to the normal pipeline.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] default table-miss permit

display openflow controller

Use display openflow controller to display controller information for an OpenFlow instance.

Syntax

display openflow instance instance-id controller [ controller-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

controller-id: Specifies a controller by its ID in the range of 0 to 63. If no controller ID is specified, this command displays information about all controllers for an OpenFlow instance.

Usage guidelines

The controller information includes connection information and packet statistics.

Examples

# Display controller information for OpenFlow instance 100.

<Sysname> display openflow instance 100 controller

Instance 10 controller information:

 Reconnect interval: 60 (s)

 Echo interval     : 5  (s)

 

 Controller ID           : 1

 Controller IP address   : 192.168.49.49

 Controller port         : 6633

 Controller role         : --

 Connect type            : TCP

 Connect state           : Idle

 Packets sent            : 0

 Packets received        : 0

 SSL policy              : --

 VRF name                : --

Table 1 Command output

Field	Description
Reconnect interval	Reconnection interval (in seconds) for an OpenFlow instance to reconnect to all controllers.
Echo interval	Interval (in seconds) at which an OpenFlow instance sends an Echo Request message to all controller.
Controller IP address	IP address of the controller.
Controller port	TCP port number of the controller.
Controller role	Role of the controller: ·     Equal—The controller has the same mode as other controllers that are specified for the OpenFlow instance. ·     Master—The controller is the master controller for the OpenFlow instance. ·     Slave—The controller is a slave controller for the OpenFlow instance. If the controller is not configured with any role, this field displays two hyphens (--).
Connect type	Type of the connection between the OpenFlow instance and the controller: TCP or SSL.
Connect state	State of the connection between the OpenFlow instance and the controller: Idle or Established.
Packets sent	Number of packets that have been sent to the controller.
Packets received	Number of packets that have been received from the controller.
SSL policy	Name of the SSL client policy used for SSL connections. If no SSL client policy controller is configured, this field displays two hyphens (--).

 

display openflow flow-table

Use display openflow flow-table to display flow table information for an OpenFlow instance.

Syntax

display openflow instance instance-id flow-table [ table-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

table-id: Specifies a flow table by its ID in the range of 0 to 254.

Usage guidelines

If you do not specify a flow table ID, the command displays information about all flow tables for the specified OpenFlow instance.

Examples

# Display information about all flow tables for OpenFlow instance 10.

<Sysname> display openflow instance 10 flow-table

Instance 10 flow table information:

 

Table 0 information:

 Table type: MAC-IP, flow entry count: 1, total flow entry count: 2

 

MissRule (default) flow entry information:

 cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: reset_counts

 |no_pkt_counts|no_byte_counts, byte count: --, packet count: --

Match information: any

Instruction information:

 Write actions:

  Drop

 

Flow entry 1 information:

 cookie: 0x0, priority: 1, hard time: 0, idle time: 0, flags: none,

 byte count: --, packet count: --

Match information:

 Ethernet destination MAC address: 0000-0000-0001

 Ethernet destination MAC address mask: ffff-ffff-ffff

 VLAN ID: 100, mask: 0xfff

Instruction information:

 Write actions:

  Output interface: XGE1/0/4

 Write metadata/mask: 0x0000000000000001/0xffffffffffffffff

 Goto table: 1

 

Table 1 information:

 Table type: Extensibility, flow entry count: 2, total flow entry count: 2

 

MissRule Flow entry information:

 cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: none,

 byte count: --, packet count: 60

Match information: any

Instruction information:

 Write actions:

  Drop

 

Flow entry 1 information:

 cookie: 0x0, priority: 0, hard time: 0, idle time: 0, flags: flow_send_rem

 |check_overlap, byte count: --, packet count: 1

Match information:

 Input interface: XGE1/0/3

 Ethernet source MAC address: 0000-0000-0001

 Ethernet source MAC address mask: ffff-ffff-ffff

Instruction information:

 Set meter: 100

 Apply actions:

  Output interface: XGE1/0/4

 Write actions:

  Output interface: Controller, send length: 128 bytes

Table 2 Command output

Field	Description
Table type	Type of the flow table: MAC-IP or Extensibility.
flow entry count	Number of flow entries deployed by controllers.
total flow entry count	Total number of flow entries in the table.
cookie	Cookie ID of the flow entry.
priority	Priority of the flow entry. A larger value indicates a higher priority.
hard time	Hard timeout of the flow entry, in seconds. The flow entry is aged out immediately after the hard timeout expires. If the flow entry has no hard timeout, the field displays 0.
idle time	Idle timeout of the flow entry, in seconds. The flow entry is aged out if no packet matches the entry within the idle timeout. If the flow entry has no idle timeout, the field displays 0.
flags	Flags that the flow entry includes: ·     flow_send_rem—Sends a flow removed message when the flow entry is removed or expires. ·     check_overlap—Checks for overlapping flow entries. ·     reset_counts—Resets flow table counters. ·     no_pkt_counts—Does not count packets. ·     no_byte_counts—Does not count bytes. If the flow entry does not include any flags, this field displays none.
byte count	Number of bytes that have matched the flow entry.
packet count	Number of packets that have matched the flow entry.
Match information	Contents in the Match field of the flow entry (see Table 3).
Instruction information	Contents in the Instruction field of the flow entry: ·     Set meter—Sends the matched packet to a specified meter. ·     Write metadata/mask—Writes the masked metadata value into the metadata fields of the matched packet.  Metadata is used for passing messages between flow tables. ·     Write metadata mask—Mask of the metadata value to be written. ·     Goto table—Sends the matched packet to the next flow table for processing. ·     Clear actions—Immediately clears all actions in the action set of the matched packet. ·     Apply actions—Immediately applies specified actions in the action set of the matched packet. ·     Write actions—Writes specified actions into the action set of the matched packet. For more information about actions, see Table 4.

 

Table 3 Match information

Match field	Match field mask	Description
Input interface	N/A	Ingress port (see Table 5).
Physical input interface	N/A	Ingress physical port.
Ethernet destination MAC address	Mask	Ethernet destination MAC address and mask.
Ethernet source MAC address	Mask	Ethernet source MAC address and mask.
Ethernet type	N/A	Ethernet type of the OpenFlow packet payload.
VLAN ID	Mask	VLAN ID and mask.
VLAN PCP	N/A	VLAN priority.
IP DSCP	N/A	Differentiated Services Code Point (DSCP)  value.
IP ECN	N/A	Explicit Congestion Notification (ECN) value in the IP header.
IP protocol	N/A	IPv4 protocol number.
IPv4 source address	Mask	IPv4 source address and mask.
IPv4 destination address	Mask	IPv4 destination address and mask.
TCP source port	Mask	TCP source port and mask.
TCP destination port	Mask	TCP destination port and mask.
UDP source port	Mask	UDP source port and mask.
UDP destination port	Mask	UDP destination port and mask.
ICMPv4 type	N/A	ICMPv4 type.
ICMPv4 code	N/A	ICMPv4 code.
ARP source IPv4 address	Mask	Sender IPv4 address and mask in the ARP payload.
ARP source MAC address	Mask	Sender MAC address and mask in the ARP payload.

 

Table 4 Actions

Field	Description
Drop	Drops the matched packet.
Output interface	Sends the packet through a specified port. For more information about ports, see Table 5.
send length	Specifies the length of bytes to be taken from the packet and be sent to the controller.
Group	Specifies a group to process the packet.
Set queue	Maps the flow entry to a queue specified by ID.
Set field	Modifies a specific field of the packet.

 

Table 5 Ports

Port name	Ingress port	Output port	Description
Table	Not supported.	Supported.	Start flow table in the OpenFlow workflow.
Normal	Not supported.	Supported.	Normal forwarding workflow of the switch.
Flood	Not supported.	Supported.	Flooding workflow.
All	Not supported.	Supported.	All ports.
Controller	Supported.	Supported.	Channel connected to the controller.
Local	Supported.	Supported.	Local CPU.
XGE1/0/3 (port name)	Supported.	Supported.	Name of a physical or logical port, such as a link aggregation port.

 

display openflow group

Use display openflow group to display the group table information for an OpenFlow instance.

Syntax

display openflow instance instance-id group [ group-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

group-id: Specifies a group by its ID in the range of 0 to 4294967040. If this argument is not specified, the command displays information about all group entries of the OpenFlow instance.

Usage guidelines

The group entries are used by flow entries to make the OpenFlow device support more packet forwarding functions, for example, multicast and broadcast. Each group table contains multiple action buckets. The actions in the buckets of a group entry are performed for packets matching the group entry.

You cannot configure group entries on the OpenFlow devices. Instead, you can configure group entries on the controller and issue the group entries to the OpenFlow device.

Examples

# Display the group table information for OpenFlow instance 10.

<Sysname> display openflow instance 10 group

Instance 10 group table information:

 Group count: 1

 

Group entry 1:

 Type: All, byte count: 55116, packet count: 401

 Bucket 1 information:

  Action count 1, watch port: any, watch group: any

  Byte count 55116, packet count 401

  Output interface: XGE1/0/11

 Bucket 2 information:

  Action count 1, watch port: any, watch group: any

  Byte count --, packet count --

  Output interface: XGE1/0/12

 Referenced information:

  Count: 3 

  Flow table 0

  Flow entry: 1, 2, 3

Table 6 Output description

Field	Description
Group count	Number of group entries contained in the OpenFlow instance.
Type	Group table type. All indicates all buckets in the group are executed. This group is used for multicast or broadcast forwarding.
Action count	Number of actions in the action bucket.
Byte count	Number of bytes processed by the action bucket. Two hyphens (--) are displayed when the field is not supported.
packet count	Number of packets processed by the action bucket. Two hyphens (--) are displayed when the field is not supported.
watch port	Ports that affect the action bucket status.
watch group	Group table IDs of the ports that affect the action bucket status.
Output interface	Output interface in the group table.
Referenced information:	Information about the flow entries referencing group entries.
Count	Number of flow entries that reference group entries.
Flow table	ID of the flow table to which the flow entries referencing the group entries belong.
Flow entry	IDs of flow entries referencing group entries.

 

display openflow instance

Use display openflow instance to display the detailed information for an OpenFlow instance.

Syntax

display openflow instance [ instance-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

Examples

# Display the detailed information of OpenFlow instances.

<Sysname> display openflow instance

Instance 10 information:

 

Configuration information:

 Description   : test-desc

 Active status : Active

 Inactive configuration:

  Classification: Global

  Flow table:

   Table ID(type): 0(MAC-IP)

   Table ID(type): 1(Extensibility)

  Default table-miss: Permit

  Forbidden port: VLAN interface

 Active configuration:

  Classification : VLAN, loosen mode, total VLANs(1)

   2

  In-band management VLAN, total VLANs(0)

   Empty VLAN

  Connect mode: Multiple

  Mac address learning: Enabled

  Flow table:

   Table ID(type): 0(MAC-IP), count: 0

  Flow-entry max-limit: 65535

  Datapath ID: 0x0000001234567891

  Default table-miss: Drop

  Forbidden port: None

Port information:

 Ten-GigabitEthernet1/0/3

Active channel information:

 Controller 1 IP address: 192.168.49.49  port: 6633

 Controller 2 IP address: 192.168.43.49  port: 6633

Table 7 Command output

Field	Description
Description	Description of the OpenFlow instance.
Active status	Activation status of the OpenFlow instance.
Inactive configuration	Inactive OpenFlow instance configuration.
Active configuration	Active OpenFlow instance configuration.
Classification VLAN, loosen mode, total VLANs	VLANs associated with the OpenFlow instance, the total number of these VLANs.
In-band management VLAN, total VLANs	Inband management VLANs and the total number of inband management VLANs. empty VLAN is displayed when no inband management VLAN is configured.
Connect mode	Connection mode for the OpenFlow instance to establish connections to controllers: ·     multiple—The connection mode is multiple for the OpenFlow instance to establish connections to controllers. ·     single—The connection mode is single for the OpenFlow instance to establish connections to controllers.
Mac address learning	Whether MAC address learning is enabled in the VLANs associated with the OpenFlow instance: ·     Enabled—MAC address learning is enabled in the VLANs associated with the OpenFlow instance. ·     Disabled—MAC address learning is disabled in the VLANs associated with the OpenFlow instance.
Flow-entry max-limit	Maximum number of flow entries allowed in the extensibility flow table.
Datapath ID	Datapath ID of the OpenFlow instance.
Default table-miss	Default action of the table-miss flow entry: ·     Permit—Forward packets to the normal pipeline. ·     Drop—Drop packets.
Forbidden port	Port types forbidden to be reported to controllers: ·     VLAN interface. ·     Virtual Switch Interface.
Port information	Ports added to the OpenFlow instance.
Flow table	Flow table information of the OpenFlow instance.
Table ID(type)	Flow table ID (flow table type). The flow table type can be MAC-IP or Extensibility.
count	Total number of flow entries in the flow table.
Active channel information	Information about active control channels.
Controller id IP address:  port:	Brief information of controllers which have established connections to the OpenFlow instance. This field is displayed only when the OpenFlow instance has established connections to controllers.
Failopen mode	Connection interruption mode when the OpenFlow instance is disconnected from all controllers (this field is displayed only when the OpenFlow instance is disconnected from all controllers): ·     secure—The OpenFlow switch uses flow tables for traffic forwarding after it is disconnected from all controllers. ·     standalone—The OpenFlow switch uses the normal forwarding process after it is disconnected from all controllers.

 

display openflow meter

Use display openflow meter to display meter entry information for an OpenFlow instance.

Syntax

display openflow instance instance-id meter [ meter-id ]

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

meter-id: Specifies a meter by its ID in the range of 0 to 4294901760. If no meter ID is specified, this command displays information about all meter entries for an OpenFlow instance.

Examples

# Display meter entry information for OpenFlow instance 10.

<Sysname> display openflow instance 10 meter

Meter flags: KBPS  -- Rate value in kb/s, PKTPS -- Rate value in packet/sec

             BURST -- Do burst size,      STATS -- Collect statistics

 

Instance 10 meter table information:

 meter entry count: 2

 

Meter entry 100 information:

 Meter flags: KBPS

 Band 1 information

 Type: drop, rate: 1024, burst size: 65536

 Byte count: --, packet count: 0

 Referencedinformation:

  Count: 3

  Flow table: 0

  Flow entry: 1, 2, 3

 

Meter entry 200 information:

 Meter flags: KBPS

 Band 1 information

 Type: drop, rate: 10240, burst size: 655360

 Byte count: --, packet count: --

 Referenced information:

  Count: 0

Table 8 Command output

Field	Description
Group entry count	Total number of meter entries included in the OpenFlow instance.
Meter flags	Flags configured for the meter: ·     KBPS—The rate value is in kbps. ·     PKTPS—The rate value is in pps. ·     BURST—The burst size field in the band is used and the length of the packet or byte burst is determined by the burst size. ·     STATS—Meter statistics are collected.
Band	Bands included in the meter.
Type	Type of the band: ·     drop—Discard the packet. ·     dscp remark—Modify the drop precedence of the DSCP field in the IP header of the packet.
Rate	Rate value above which the corresponding band may apply to packets.
Burst size	Length of the packet or byte burst to consider for applying the meter.
Byte count	Number of bytes processed by a band. If this field is not supported, the field displays two hyphens (--).
packet count	Number of packets processed by a band. If this field is not supported, the field displays two hyphens (--).
Referenced information	Information about the meter entry referenced by flow entries.
Count	Total number of flow entries that reference the meter entry.
Flow table	Flow table to which the flow entries that reference the meter entry belong.
Flow entry	Flow entries that reference the meter entry.

 

display openflow summary

Use display openflow summary to display summary OpenFlow instance information, including OpenFlow instance ID, activation status, and datapath ID.

Syntax

display openflow instance summary

Views

Any view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Examples

# Display summary information about OpenFlow instances.

<Sysname> display openflow summary

Fail Open mode: Se -- secure mode, Sa -- standalone mode

Reactive flags: Y -- Need active instance,

                N -- Needn't active instance

 

ID    Status    Datapath-ID         Channel    Table-num  Port-num  Reactivate

1     active    0x0000000100001221  Connected       2         8       Y

10    deactive           -             -            -         -       -

4094  active    0x00000ffe00001221  Failed(Sa)        2         0     N

Table 9 Command output

Field	Description
ID	OpenFlow instance ID.
Status	Activation status of the OpenFlow instance: ·     active—The OpenFlow instance is active. ·     deactive—The OpenFlow instance is inactive.
Datapath-ID	Datapath ID of the OpenFlow instance. A hyphen (-) is displayed when the OpenFlow instance is inactive.
Channel	Status of the secure channel between the OpenFlow instance and the controller: ·     connected—The secure channel between the OpenFlow instance and the controller has been established. ·     Failed(Se)—The secure channel between the OpenFlow instance and the controller has been disconnected, and the OpenFlow instance is operating in secure mode. ·     Failed(Sa)—The channel between the OpenFlow instance and the controller has been disconnected, and the OpenFlow instance is operating in standalone mode. A hyphen (-) is displayed when the OpenFlow instance is inactive.
Table-num	Number of flow tables in the OpenFlow instance. A hyphen (-) is displayed when the OpenFlow instance is inactive.
Port-num	Number of ports belonging to the OpenFlow instance. A hyphen (-) is displayed when the OpenFlow instance is inactive.
Reactivate	Indicates whether the OpenFlow instance needs to be reactivated: ·     Y—The OpenFlow instance needs to be reactivated. ·     N—The OpenFlow instance does not need to be reactivated. A hyphen (-) is displayed when the OpenFlow instance is inactive.

 

fail-open mode

Use fail-open mode to set the connection interruption mode for an OpenFlow switch.

Use undo fail-open mode to restore the default.

Syntax

fail-open mode { secure | standalone }

undo fail-open mode

Default

The connection interruption mode is secure, and the controller deploys the table-miss flow entry (the action is Drop) to the OpenFlow instance.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

secure: Configures the OpenFlow switch to use flow tables for traffic forwarding after it is disconnected from all controllers.

standalone: Configures the OpenFlow switch to use the normal forwarding process after it is disconnected from all controllers.

Examples

# Set the connection interruption mode to standalone for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] fail-open mode standalone

flow-entry max-limit

Use flow-entry max-limit to set the maximum number of entries for each extensibility flow table.

Use undo flow-entry max-limit to restore the default.

Syntax

flow-entry max-limit limit-value

undo flow-entry max-limit

Default

An extensibility flow table has a maximum of 65535 flow entries.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

limit-value: Specifies the maximum number of flow entries, in the range of 1 to 65535.

Examples

# Configure OpenFlow instance 1 to have a maximum of 256 entries in each extensibility flow table.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] flow-entry max-limit 256

flow-log disable

Use flow-log disable to disable logging for successful flow table modifications.

Use undo flow-log disable to restore the default.

Syntax

flow-log disable

undo flow-log disable

Default

Logging for successful flow table modifications is enabled.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command is available in Release 1138P01 and later versions.

Examples

# Disable logging for successful flow table modifications for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] flow-log disable

flow-table

Use flow-table to configure a flow table for an OpenFlow instance.

Use undo flow-table to restore the default.

Syntax

flow-table { extensibility extensibility-table-id | mac-ip mac-ip-table-id }*

undo flow-table

Default

An OpenFlow instance has an extensibility flow table whose ID is 0.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

extensibility extensibility-table-id: Specifies an extensibility flow table by its ID in the range of 0 to 254.

mac-ip mac-ip-table-id: Specifies a MAC-IP flow table by its ID in the range of 0 to 254.

Usage guidelines

You can specify only one MAC-IP flow table and one extensibility flow table for an OpenFlow instance. For an OpenFlow instance, the MAC-IP flow table ID must be smaller than the extensibility flow table ID.

Configure flow tables before you activate an OpenFlow instance.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Configure a MAC-IP flow table with ID 0 and an extensibility flow table with ID 1 for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] flow-table mac-ip 0 extensibility 1

forbidden port

Use forbidden port to forbid an OpenFlow instance to report ports of the specified types to controllers.

Use undo forbidden port to restore the default.

Syntax

forbidden port { vlan-interface | vsi-interface } *

undo forbidden port

Default

All ports that belong to an OpenFlow instance are reported to the controllers.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

vlan-interface: Forbids reporting VLAN interfaces that belong to an OpenFlow instance to controllers.

vsi-interface: Forbids reporting VSI interfaces that belong to an OpenFlow instance to controllers.

Examples

# Forbid OpenFlow instance 1 to report VLAN interfaces that belong to the OpenFlow instance to controllers.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] forbidden port vlan-interface

in-band management vlan

Use in-band management vlan to configure inband management VLANs.

Use undo in-band management vlan to restore the default.

Syntax

in-band management vlan vlan-list

undo in-band management vlan

Default

No inband management VLAN is configured for an OpenFlow instance.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Parameters

vlan-list: Specifies a space-separated list of up to 10 VLAN items. Each item specifies a VLAN ID or a range of VLAN IDs in the form of vlan-id1 to vlan-id2. The value range for VLAN IDs is 1 to 4094. The value for the vlan-id2 argument must be equal to or greater than the value for the vlan-id1 argument.

Usage guidelines

The inband management VLANs must be a subset of the VLANs associated with the OpenFlow instance.

This command is applicable only to OpenFlow instances in VLAN mode.

Examples

# Configure VLAN 10 as an inband management VLAN in OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] in-band management vlan 10

mac-ip dynamic-mac aware

Use mac-ip dynamic-mac aware to configure OpenFlow to support dynamic MAC addresses.

Use undo mac-ip dynamic-mac aware to restore the default.

Syntax

mac-ip dynamic-mac aware

undo mac-ip dynamic-mac aware

Default

An OpenFlow instance ignores dynamic MAC address messages sent from controllers.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

When a MAC-IP flow table is configured for an OpenFlow switch, you can configure OpenFlow to support querying and deleting dynamic MAC addresses in the table.

When this command is configured, the OpenFlow switch does not send change events for the dynamic MAC addresses to controllers.

This command is applicable only to OpenFlow instances in VLAN mode.

Examples

# Configure OpenFlow instance 1 to support dynamic MAC addresses.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] mac-ip dynamic-mac aware

openflow instance

Use openflow instance to create an OpenFlow instance and enter OpenFlow instance view.

Use undo openflow instance to remove an OpenFlow instance.

Syntax

openflow instance instance-id

undo openflow instance instance-id

Default

No OpenFlow instance exists.

Views

System view

Predefined user roles

network-admin

mdc-admin

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

Examples

# Create OpenFlow instance 1, and enter the OpenFlow instance view.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1]

permit-port-type member-port

Use permit-port-type member-port to allow link aggregation member ports to be in the deployed flow tables.

Use undo permit-port-type to remove the configuration.

Syntax

permit-port-type member-port

undo permit-port-type

Default

Link aggregation member ports cannot be in the deployed flow tables.

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command is available in Release 1138P01 and later versions.

Examples

# Configure OpenFlow instance 1 to allow link aggregation member ports to be in the deployed flow tables.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] permit-port-type member-port

refresh ip-flow

Use refresh ip-flow to refresh all Layer 3 flow entries in the MAC-IP flow table for an OpenFlow instance.

Syntax

refresh ip-flow

Views

OpenFlow instance view

Predefined user roles

network-admin

mdc-admin

Usage guidelines

This command is available in Release 1138P01 and later versions.

Examples

# Refresh all Layer 3 flow entries in the MAC-IP flow table for OpenFlow instance 1.

<Sysname> system-view

[Sysname] openflow instance 1

[Sysname-of-inst-1] refresh ip-flow

reset openflow instance controller statistics

Use reset openflow instance controller statistics to clear statistics about packets that a controller sends and receives for an OpenFlow instance.

Syntax

reset openflow instance instance-id controller [ controller-id ] statistics

Views

User view

Predefined user roles

network-admin

network-operator

mdc-admin

mdc-operator

Parameters

instance-id: Specifies an OpenFlow instance by its ID in the range of 1 to 4094.

controller-id: Specifies a controller by its ID in the range of 0 to 63. If you do not specify this argument, the command clears statistics about packets that all controllers send and receive for an OpenFlow instance.

Examples

# Clear statistics about packets that all controllers send and receive for OpenFlow instance 1.

<Sysname> reset openflow instance 1 controller statistics

Index

A C D F I M O P R

A

active instance,1

C

classification global,1

classification vlan,2

controller address,3

controller connect interval,4

controller echo-request interval,4

controller mode,5

D

datapath-id,6

default table-miss permit,7

description,6

display openflow controller,8

display openflow flow-table,9

display openflow group,13

display openflow instance,14

display openflow meter,16

display openflow summary,18

F

fail-open mode,19

flow-entry max-limit,20

flow-log disable,20

flow-table,21

forbidden port,22

I

in-band management vlan,22

M

mac-ip dynamic-mac aware,23

O

openflow instance,24

P

permit-port-type member-port,24

R

refresh ip-flow,25

reset openflow instance controller statistics,25