wiki:GENIEducation/SampleAssignments/IPRouting/ProcedureWithAnsible

Version 15 (modified by divyashri.bhat@gmail.com, 3 years ago) (diff)

--

IPv4 Routing Assignment

Overview:

In this experiment you will learn how to set up static routing with the route command. We will orchestrate this experiment in Ansible and use the ping command to verify connectivity. We will use the following network topology for this experiment:
route topology
   

Prerequisites:

For this tutorial you need :

Tools:

All the tools will already be installed on your nodes. For your reference we are going to use:
   

Where to get help:

  • Take a look at the Tips section in the end of the exercise
  • Contact your TA and/or Professor for help. If you are doing this exercise outside the context of a course, please email help@geni.net

Design/Setup

1. Verify your Environment Setup:

This exercise assumes you have already setup your account at the GENI Portal. In particular ensure that:
  1. You can login to the GENI Portal
  2. You are a member of a GENI Project (there is at least one project listed under the ''Projects'' tab)
  3. You have setup your ssh keys (there is at least one key listed under the ''Profile->SSH Keys'' tab)
  4. Install Ansible. Find the instructions for your package manager here.

2. Setup the Topology:

  1. Login to the GENI Portal
  2. Reserve resources from an ExoGENI rack using the RSpec called ECE374_UMass_EG from the Portal
Action:Take a screenshot of your slice when all the nodes are ready and include it in your write up

3. Ansible Login

  1. If you have Omni installed on your machine use the command "$readyToLogin MYSLICE --useSliceAggregates --ansible-inventory -o" to create an inventory for the Ansible playbook and proceed to Step 4.
  2. If you do not have Omni installed, click on the "Details" button on the Slice page in the GENI Portal
  3. Scroll to the bottom of the screen and click on the link "Show Ansible Inventory" as shown in the following screenshot
    Ansible Inventory
  4. Using your favorite text editor, save the output to a file called inventory as explained in the AnsibleHelloGENI tutorial
The following steps (4-6) are all part of a single Ansible playbook. The entire script can be found at this link. Here, we provide an explanation for the relevant sections of the script.

4. Test connectivity using ping

This sections checks the local connectivity of each node to its neighboring node.

- name: test NodeA
   hosts: NodeA
   sudo: True
   tasks:
    - name: ping seta1
       shell:  "ping -c 5 192.168.1.11"
       register: pingA1_test
       failed_when: "'Timeout' in pingA1_test.stdout_lines"
    - debug: var=pingA1_test.stdout_lines
    - name: ping seta2
       shell:  "ping -c 5 192.168.3.12"
       register: pingA2_test
       failed_when: "'Timeout' in pingA2_test.stdout_lines"
    - debug: var=pingA2_test.stdout_lines
  
- name: test NodeB 
  hosts: NodeB
  sudo: True
  tasks:
   - name: ping setb1
      shell:  "ping -c 5 192.168.1.10"
      register: pingB1_test
      failed_when: "'Timeout' in pingB1_test.stdout_lines"
   - debug: var=pingB1_test.stdout_lines
   - name: ping setb2
      shell:  "ping -c 5 192.168.2.12"
      register: pingB2_test
      failed_when: "'Timeout' in pingB2_test.stdout_lines"
   - debug: var=pingB2_test.stdout_lines
   
- name: test NodeC 
  hosts: NodeC
  sudo: True
  tasks:
   - name: ping setc1
      shell:  "ping -c 5 192.168.3.10"
      register: pingC1_test
      failed_when: "'Timeout' in pingC1_test.stdout_lines"
   - debug: var=pingC1_test.stdout_lines
   - name: ping setc2
      shell:  "ping -c 5 192.168.2.11"
      register: pingC2_test
      failed_when: "'Timeout' in pingC2_test.stdout_lines"
   - debug: var=pingC2_test.stdout_lines
               

5. Setup the routing

The goal of this exercise is to setup the routing as indicated in Figure 1; i.e. packets from A sent to IP address 192.168.2.12 on node C should be routed via node B. In order to create this routing behavior you will need to modify the routing tables in your nodes using the linux route command
#Enter static routing commands here
- name: route NodeA 
  hosts: NodeA
  sudo: True
  tasks:
   - name: rout seta1
      shell:  ""
      register: routA1_test
   - debug: var=routA1_test.stderr_lines
  
- name: route NodeB 
  hosts: NodeB
  sudo: True
  tasks:
   - name: rout setb1
      shell:  ""
      register: routB1_test
   - debug: var=routB1_test.stderr_lines

- name: route NodeC
  hosts: NodeC
  sudo: True
  tasks:
   - name: rout setc1
      shell:  ""
      register: routC1_test
   - debug: var=routC1_test.stderr_lines


Questions:

  1. Setup the routing from A to 192.68.2.12 so that it goes through B. Was it enough to just modify the routing tables? What else did you need to change in order for the traffic to flow?

6. Test routing using ping

This part of the script is used to test the new route setup.

#Test New route setup
- name: testroute NodeA 
  hosts: NodeA
  sudo: True
  tasks:
   - name: ping seta1
     shell:  "ping -c 5 192.168.2.12"
     register: pingA1_test
     failed_when: "'Timeout' in pingA1_test.stdout_lines"
   - debug: var=pingA1_test.stdout_lines
   

Once you have filled in the route commands, execute the ansible playbook using the following command:

ansible-playbook <myfile.yml> -i inventory


Finish

4. Cleanup

After you are done with the exercise and you have captured everything requested for the writeup, you should release your resources so that other experimenters can use them. In order to cleanup your slice :
  1. In Jacks, press the Delete button in the top of your canvas
  2. Select Delete at used managers and confirm your selection.
Wait and after a few moments all the resources will have been released and you will have an empty canvas again. Notice that your slice is still there. There is no way to delete a slice, it will be removed automatically after its expiration date, but remember that a slice is just an empty container so it doesn't take up any resources.

What to hand in:

  • Save the output of the Ansible command in a file and hand it in.

  • Tips

    • If you have trouble with your assignment, look carefully in the logs on your terminal. The Ansible script gives you the output of the bash shell for each command and you will be able to figure out why your script doesn't work as expected.
    • If you get a "Command not found " error when executing standard commands like ifconfig add sbin to your path:
         export PATH=$PATH:/sbin
      
    • Remember that you can use “ifconfig” to determine which Ethernet interface (e.g., eth0) is bound to what IP address at each of the nodes.
    • In order to enable IP forwarding of packets on a node you have to execute the following command:
      sudo sh -c 'echo 1 > /proc/sys/net/ipv4/ip_forward'
      
    • A new slice will always be in its initial state with NO routing set up!
    • A useful tool to debug the packet flow is tcpdump. In order to install it run:
         sudo apt-get install tcpdump
      

    Attachments (1)

    Download all attachments as: .zip