Changes between Version 20 and Version 21 of GENIEducation/SampleAssignments/OpenFlowAssignment/ExerciseLayout/Execute

05/30/13 13:59:49 (6 years ago)



  • GENIEducation/SampleAssignments/OpenFlowAssignment/ExerciseLayout/Execute

    v20 v21  
    4141= Exercises =
    42  - '''3.1 Building a Firewall with OpenFlow -- Files to download: [ fw.rspec], [ firewall.rb], [ fw.conf] [[BR]]'''
     42 - '''3.1 Building a Firewall with OpenFlow -- Files to download: [ firewall.rb], [ fw.conf] [[BR]]'''
    4343 A firewall observes the packets that pass through it, and uses a set of rules to determine whether any given packet should be allowed to pass. A stateless firewall does this using only the rules and the current packet. A stateful firewall keeps track of the packets it has seen in the past, and uses information about them, along with the rules, to make its determinations. [[BR]]
    4444 In this exercise, you will build a stateful firewall controller for TCP connections in OpenFlow. The first packet of each connection will be handled by the controller, but all other connection packets will be handled by the OpenFlow-enabled router or switch without contacting your controller. This design will allow you to write powerful firewall rule sets without unduly impacting packet forwarding speeds. Your controller will parse a simple configuration file to load its rules. Complete stateful firewalls often handle multiple TCP/IP protocols (generally at least both TCP and UDP), track transport protocol operational states, and often understand some application protocols, particularly those utilizing multiple transport streams (such as FTP, SIP, and DHCP). The firewall you will implement for this exercise, however, needs handle only TCP, and will not directly process packet headers or data. [[BR]] [[BR]]
    166  - '''3.3 Load Balancing''' -- Files to download: [ lb.rspec], [ load-balancer.rb], [] [[BR]]
     166 - '''3.3 Load Balancing''' -- Files to download: [ load-balancer.rb], [] [[BR]]
    167167 Load balancing in computer networking is the division of network traffic between two or more network devices or paths, typically for the purpose of achieving higher total throughput than either one path, ensuring a specific maximum latency or minimum bandwidth to some or all flows, or similar purposes. For this exercise, you will design a load-balancing OpenFlow controller capable of collecting external data and using it to divide traffic between dissimilar network paths so as to achieve full bandwidth utilization with minimal queuing delays. [[BR]]
    168168 An interesting property of removing the controller from an OpenFlow device and placing it in an external system of arbitrary computing power and storage capability is that decision-making for network flows based on external state becomes reasonable. Traditional routing and switching devices make flow decisions based largely on local data (or perhaps data from adjacent network devices), but an OpenFlow controller can collect data from servers, network devices, or any other convenient source, and use this data to direct incoming flows. [[BR]]