Connectivity Guide
2 Congure the logical switch instance, of-switch-1.
OS10# configure terminal
OS10 (config)# openflow
OS10 (config-openflow)# switch of-switch-1
b Option 2; for in-band management:
1 Congure one of the front-panel ports as the management port.
OS10# configure terminal
OS10 (config)# openflow
OS10 (config-openflow)# in-band-mgmt interface ethernet 1/1/1
OS10 (config-openflow)#
2 Congure an IPv4 address on the front-panel management port.
OS10# configure terminal
OS10 (config)# interface ethernet 1/1/1
OS10 (conf-if-eth1/1/1)# ip address 11.1.1.1/24
OS10 (conf-if-eth1/1/1)# no shutdown
3 Congure the logical switch instance, of-switch-1.
OS10# configure terminal
OS10 (config)# openflow
OS10 (config-openflow)# switch of-switch-1
4 Congure the OpenFlow controller to establish a connection with the logical switch instance.
OS10 (config-openflow-switch)# controller ipv4 ip-address port port-id
OS10 (config-openflow-switch)# controller ipv4 10.1.1.1 port 6633
where a.b.c.d is the IP address of the controller and port 6633 is for OpenFlow communication.
5 Enter the no shutdown command to enable the logical switch instance.
OS10 (config-openflow-switch) no shutdown
Establish TLS connection
• Generate the switch and controller certicates from a server that supports public-key infrastructure (PKI). You need the following
certicates:
– Controller certicate
– Switch certicate
– Private key le to verify the switch certicate
• The certicates and private key les must be in the Privacy-Enhanced Mail (PEM) format.
For certicate-based authentication, you must establish a TLS connection between the switch and the controller before you congure
OpenFlow on the switch. The following procedure explains how to install the controller and switch certicates on the OS10 switch. Refer to
the controller documentation for information on how to install the certicates on the controller.
NOTE
: This procedure is optional. Use this procedure if you want to congure certicate-based authentication between the
switch and the controller.
1 Log in to the OS10 switch with administrator credentials.
2 Enter the following command to copy the certicates to the OS10 switch.
In the following commands, the destination path and the destination le name on the OS10 switch, for example, config://../
openflow/cacert.pem
, remain the same in your deployment. Ensure that you enter the destination path and destination le
names as specied in the following example:
OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/controller-
cert.pem config://../openflow/cacert.pem
OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/switch-cert.pem
config://../openflow/sc-cert.pem
OS10# copy scp://username:password@server-ip/full-path-to-the-certificates/switch-
privkey.pem config://../openflow/sc-privkey.pem
OpenFlow
867