Changes between Version 39 and Version 40 of GENIExperimenter/Tutorials/OpenFlowOVS/Execute
- Timestamp:
- 10/03/13 11:41:26 (11 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIExperimenter/Tutorials/OpenFlowOVS/Execute
v39 v40 28 28 29 29 === 2b. Configure the Software Switch === 30 Now that you are logged in, we need first to configure OVS. To save time in this tutorial, we have already started OVS and we have added an Ethernet bridge that will act as our software switch. Try: 30 31 Now that you are logged in, we need first to configure OVS. To save time in this tutorial, we have already started OVS and we have added an Ethernet bridge that will act as our software switch. Try the following to show the configure bridge: 31 32 {{{ 32 33 sudo ovs-vsctl list-br … … 72 73 73 74 ==== `standalone` vs `secure` mode ==== 75 74 76 The !OpenFlow controller is responsible for setting up all flows on the switch, which means that when the controller is not running there should be no packet switching at all. Depending on the setup of your network, such a behavior might not be desired. It might be best that when the controller is down, the switch should default back in being a learning layer 2 switch. In other circumstances however this might be undesirable. In OVS this is a tunable parameter, called `fail-safe-mode` which can be set to the following parameters: 75 * `standalone` [default] 76 * `secure` 77 * `standalone` [default]: in which case OVS will take responsibility for forwarding the packets if the controller fails 78 * `secure`: in which case only the controller is responsible for forwarding packets, and if the controller is down all packets are going to be dropped. 77 79 78 80 In OVS when the parameter is not set it falls back to the `standalone` mode. For the purpose of this tutorial we will set the `fail-safe-mode` to `secure`, since we want to be the ones controlling the forwarding. Run: … … 80 82 sudo ovs-vsctl set-fail-mode br0 secure 81 83 }}} 82 You can verify your OVS settings by issu eing the following:84 You can verify your OVS settings by issuing the following: 83 85 84 86 {{{ 85 87 sudo ovs-vsctl show 86 88 }}} 89 87 90 == 3. Execute Experiment == 88 Now that our switch is up and running we are ready to start working on our controller. For this tutorial we are going to use the [http://www.noxrepo.org/pox/about-pox/ POX controller]. The software that is installed in the OVS host for running POX can be found [http://www.gpolab.bbn.com/experiment-support/OpenFlowOVS/of-ovs.tar.gz here]. 91 92 Now that our switch is up and running we are ready to start working on our controller. For this tutorial we are going to use the [http://www.noxrepo.org/pox/about-pox/ POX controller]. The software is already installed in the OVS host for running POX and can also be found [http://www.gpolab.bbn.com/experiment-support/OpenFlowOVS/of-ovs.tar.gz here]. 89 93 90 94 === 3a. Login to your hosts === 95 91 96 To start our experiment we need to ssh all of our hosts. Depending on which tool and OS you are using there is a slightly different process for logging in. If you don't know how to SSH to your reserved hosts take a look in [wiki:HowTo/LoginToNodes this page.] Once you have logged in follow the rest of the instructions. 92 97 … … 99 104 100 105 === 3b. Use a Learning Switch Controller === 106 101 107 We have installed the POX controller under `/local/pox` on the OVS host. POX comes with a set of example modules that you can use out of the box. One of the modules is a learning switch. Let's start the learning switch controller: 108 102 109 {{{ 103 110 cd /local/pox 104 111 ./pox.py --verbose forwarding.l2_learning 105 112 }}} 113 106 114 Go back to the terminal of `host1` and try to ping `host2` again: 115 107 116 {{{ 108 117 ping 10.10.1.2 109 118 }}} 119 110 120 Now the ping should work. 111 121 … … 113 123 114 124 Kill your POX controller by pressing `Ctrl-C`: 115 {{{ 116 125 126 {{{ 117 127 DEBUG:forwarding.l2_learning:installing flow for 02:c7:e8:a7:40:65.1 -> 02:f1:ae:bb:e3:a8.2 118 128 ^C … … 134 144 135 145 === Useful Tips for writing your controller === 146 136 147 In order to make this first experience of writing controller easier, we wrote some helpful functions that will abstract some of the particularities of POX away. 137 148 These functions are locates at `/local/pox/ext/utils.py`, so while you write your controller consult this file for details. … … 156 167 157 168 === 3c. Run a traffic duplication controller === 158 In the above example we ran a very simple controller. The power of OpenFlow comes from the fact that you can decide to forward the packet anyway you want based on the supported OpenFlow actions. A very simple but powerful modification you can do, is to duplicate all the traffic of the switch out a specific port. This is very useful for application and network analysis. You can imagine that at the port where you duplicate traffic you connect a device that does analysis. Our hosts are VMs so we are going to verify the duplication by doing a `tcpdump` on the port on the OVS switch. 169 170 In the above example we ran a very simple learning switch controller. The power of !OpenFlow comes from the fact that you can decide to forward the packet anyway you want based on the supported !OpenFlow actions. A very simple but powerful modification you can do, is to duplicate all the traffic of the switch out a specific port. This is very useful for application and network analysis. You can imagine that at the port where you duplicate traffic you connect a device that does analysis. For this tutorial we are going to verify the duplication by doing a `tcpdump` on a port on the OVS switch. 159 171 160 172 1. Open two new terminals to the OVS host. 161 2. Look at the sli ver details page in the portal and see what interfaces are bound to ''OVS:if0'' and ''OVS:if1'', use the MAC address of the interface to figure this out. Run tcpdump on these interfaces; one in each of the new terminals you opened. This will allow you to see all traffic going out the interfaces173 2. Look at the slice ''Details'' page in the portal and see what interfaces are bound to ''OVS:if0'' and ''OVS:if1'', use the MAC address of the interface to figure this out. Run tcpdump on these interfaces; one in each of the new terminals you opened. This will allow you to see all traffic going out the interfaces. 162 174 {{{ 163 175 sudo tcpdump -i <data_interface_name> … … 198 210 Now let's do a slightly more complicated controller. OpenFlow gives you the power to overwrite fields of your packets at the switch, for example the TCP source or destination port and do port forwarding. You can have clients trying to contact a server at port 5000, and the OpenFlow switch can redirect your traffic to a service listening on port 6000. 199 211 200 Under the `/loca/pox/ext` directory there are two files !PortForwarding.py and myPortForwarding.py that are similar like the previous exercise. Both of these controller are configured by a configuration file at `ext/port_forward.config`. Use myPortForwarding.py to write your own port forwarding controller.201 202 To test your controller we are going to use netcat. Go to the two terminals of host2. In one terminal run:212 1. Under the `/loca/pox/ext` directory there are two files !PortForwarding.py and myPortForwarding.py that are similar like the previous exercise. Both of these controller are configured by a configuration file at `ext/port_forward.config`. Use myPortForwarding.py to write your own port forwarding controller. 213 214 2. To test your controller we are going to use netcat. Go to the two terminals of host2. In one terminal run: 203 215 {{{ 204 216 nc -l 5000 … … 210 222 }}} 211 223 212 Now, first start the simple layer 2 forwarding controller: 213 {{{ 224 3. Now, start the simple layer 2 forwarding controller. We are doing this to seen what happens with a simple controller. 225 {{{ 226 cd /local/pox 214 227 ./pox.py --verbose forwarding.l2_learning 215 228 }}} 216 229 217 Go to the terminal of host1 and connect to host2 at port 5000:230 4. Go to the terminal of host1 and connect to host2 at port 5000: 218 231 {{{ 219 232 nc 10.10.1.2 5000 220 233 }}} 221 234 222 Type something and you should see it at the the terminal of host2 at port 5000.223 224 Nowstop the simple layer 2 forwarding controller:235 5. Type something and you should see it at the the terminal of host2 at port 5000. 236 237 6. Now, stop the simple layer 2 forwarding controller: 225 238 {{{ 226 239 DEBUG:forwarding.l2_learning:installing flow for 02:d4:15:ed:07:4e.3 -> 02:ff:be:1d:19:ea.2 … … 232 245 }}} 233 246 234 Nowstart your port forwarding controller:247 7. And start your port forwarding controller: 235 248 {{{ 236 249 ./pox.py --verbose myPortForwarding 237 250 }}} 238 251 239 Repeat the netcat scenario described above. Now, your text should appear on the other terminal of host2.240 241 242 Stop your port forwarding controller:252 8. Repeat the netcat scenario described above. Now, your text should appear on the other terminal of host2 which is listenign to port 6000. 253 254 255 9. Stop your port forwarding controller: 243 256 {{{ 244 257 DEBUG:myPortForwarding:Got a packet : [02:aa:a3:e8:6c:db>33:33:ff:e8:6c:db IPV6] … … 250 263 }}} 251 264 252 === 3e. Run a server proxy Controller ===265 === 3e. Run a Server Proxy Controller === 253 266 254 267 As our last exercise, instead of diverging the traffic to a different server running on the same host, we will diverge the traffic to a server running on a different host and on a different port. 255 268 256 Under the `ext` directory there are two files Proxy.py and myProxy.py that are similar like the previous exercise. Both of these controllers are configured by a configuration file at `ext/proxy.config`. 257 258 1. On the terminal of `host3` run a netcat server:259 260 261 262 263 2. On your OVS host open the /local/pox/ext/P/myProxy.py file, and edit it to implement a controller that will diverge traffic destined for `host2` to `host3`. Before you start implementing think about what are the side effects of diverging traffic to a different host.269 1. Under the `/loca/pox/ext` directory there are two files Proxy.py and myProxy.py that are similar like the previous exercise. Both of these controllers are configured by the configuration file `proxy.config`. Use myProxy.py to write your own proxy controller. 270 271 2. On the terminal of `host3` run a netcat server: 272 {{{ 273 nc -l 7000 274 }}} 275 276 3. On your OVS host open the /local/pox/ext/myProxy.py file, and edit it to implement a controller that will diverge traffic destined for `host2` to `host3`. Before you start implementing think about what are the side effects of diverging traffic to a different host. 264 277 * Is it enough to just change the IP address? 265 278 * Is it enough to just modify the TCP packets? 279 280 If you want to see the solution, it's available in file /local/pox/ext/Proxy.py file. 266 281 267 3. If you want to see the solution, it's available in file /local/pox/ext/Proxy.py file. 268 269 4. To test your proxy controller run: 270 {{{ 271 ./pox.py --verbose myProxy 272 }}} 273 274 5. Go back to the terminal of `host1` and try to connect to `host2` port 5000 275 {{{ 276 nc 10.10.1.2 5000 277 }}} 278 279 6. If your controller works correctly, you should see your text showing up on the terminal of `host3`. 282 4. To test your proxy controller run: 283 {{{ 284 cd /local/pox 285 ./pox.py --verbose myProxy 286 }}} 287 288 5. Go back to the terminal of `host1` and try to connect netcat to `host2` port 5000 289 {{{ 290 nc 10.10.1.2 5000 291 }}} 292 293 6. If your controller works correctly, you should see your text showing up on the terminal of `host3`. 280 294 281 295 ----