wiki:GENIExperimenter/Tutorials/GENIDesktop/aag/flow

Version 1 (modified by carpenter@vis.uky.edu, 5 years ago) (diff)

--

Distribute individual flow entries

Last but not least, we will make use of the Flow Entry module. In this module, you can install individual flow entries as you would do using any of the controllers GUIs or the command line interface of OVS. The module is fed with information of your experiment such as the IP or MAC addresses of all interfaces of your nodes. This reduces the possibility of errors that happen when you manually install flow entries using other tools. Often, you may want to distribute a single flow entry to multiple switches (e.g. as we did with ARP flows above); this module allows you to accomplish this task.

  1. Load Module

First, open the module.

  1. Define Flow

Suppose that we want drop all UDP traffic incoming to all the switches for an hour. We will first define the flow match accordingly that will match all UDP traffic. On the actions tab, we will not add any operation (i.e. the package will be dropped). Next, we will setup a hard (or soft) timeout to 1 hour, and we will give the flow a priority of 50.

On the summary tab, you will see all the flow definition you have done so far plus the set of selected switches where the flow will be distributed. If it is empty, select all the OVS nodes where you want the flow rule to be installed. Finally, install the flow entry.

Your final flow definition should look like this

  1. Testing Flow

First, make sure you can ping from h1 to h2. Then

h1 terminal: Start a netcat UDP server on port 3000.

user@h1:~$ nc -l -u 3000

Now try to connect h2 to that server and you will notice that connection is unsuccessful after typing words (i.e. packets do not reach h1).

h2 terminal: Try to establish connection with h1 UDP server.

user@h2:~$ nc -u h1 3000
this is
the UDP test
1
2
3

You may want to monitor the new installed flow entries and check that UDP traffic is in fact dropped. Since h2 is connected to s3 in our topology, you can check the flow entries at s3 in the Flow Monitor module.

Back to Tutorial

Attachments (3)

Download all attachments as: .zip