Changes between Version 3 and Version 4 of GENIExperimenter/Tutorials/OpenFlowNFVNAT
- Timestamp:
- 11/20/15 14:09:24 (8 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIExperimenter/Tutorials/OpenFlowNFVNAT
v3 v4 128 128 d. You can also use Netcat (`nc`) to test reachability of TCP and UDP. The behavior should be the same. 129 129 130 == 2Start controller to enable NAT ==131 132 === 2.1 Access a server from behind the NAT ===130 == 4 Start controller to enable NAT == 131 132 === 4.1 Access a server from behind the NAT === 133 133 134 134 You can try to write your own controller to implement NAT. However, we a provide you a functional controller. 135 i. Download the NAT Ryu module. At your controller node run:135 a. Download the NAT Ryu module. At your controller node run: 136 136 {{{ 137 137 cd /tmp/ryu/ … … 140 140 }}} 141 141 142 ii. Start the controller on `NAT` host:142 b. Start the controller on `NAT` host: 143 143 {{{ 144 144 nat:~$ cd /tmp/ryu/; ./bin/ryu-manager ryu-nat.py … … 155 155 }}} 156 156 157 158 b. On `outside`, we start a nc server: 157 c. On `outside`, we start a nc server: 159 158 {{{ 160 159 host3:~$ nc -l 6666 … … 165 164 }}} 166 165 167 c. Now send message between each other and try the same thing between `host3` and `host2`.168 169 d. On the terminal of `controller`, in which you started your controller, you should see a log similar to:166 d. Now send message between each other and try the same thing between `host3` and `host2`. 167 168 e. On the terminal of `controller`, in which you started your controller, you should see a log similar to: 170 169 {{{ 171 170 Created mapping 192.168.0.3 31596 to 128.128.128.100 59997 … … 175 174 {{{ 176 175 #!comment 177 === 2.2 Outside source ===176 === 4.2 Outside source === 178 177 179 178 You may be wondering whether it will behave the same if we use `insideX` hosts to be the nc server. You can try it and the answer is no. That's due to the nature of dynamic NAT. … … 202 201 }}} 203 202 204 == 3Handle ARP and ICMP ==203 == 5 Handle ARP and ICMP == 205 204 One of very common mistakes that people make, when writing OF controller, is forgetting to handle ARP and ICMP message and finding their controller does not work as expected. 206 205 207 === 3.1 ARP ===206 === 5.1 ARP === 208 207 As we mentioned before, we should insert rules into the OF switch that allow ARP packets to go through, probably after the switch is connected. 209 208 210 === 3.2 ICMP ===209 === 5.2 ICMP === 211 210 Handling ARP is trivial as NAT does not involve ARP. However, it's not the case for ICMP. If you only process translation for TCP/UDP, you will find you cannot ping between `outside` and `insideX` while nc is working properly. Handling ICMP is even not as straightforward as for TCP/UDP. Because for ICMP, you cannot get port information to bind with. Our provided solution makes use of ICMP echo identifier. You may come up with different approach involves ICMP sequence number or others. 212 211 … … 239 238 <td> 240 239 241 <h3><u> 4. Cleanup </u></h3>240 <h3><u> 6. Cleanup </u></h3> 242 241 After you are done with the exercise and you have captured everything requested for the writeup, you should release your resources so that other experimenters can use 243 242 them. In order to cleanup your slice :