Changes between Version 25 and Version 26 of GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute
- Timestamp:
- 12/16/16 10:54:26 (7 years ago)
Legend:
- Unmodified
- Added
- Removed
- Modified
-
GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute
v25 v26 30 30 In this example we are going to run a very simple learning switch controller to forward traffic between `host1` and `host2`. 31 31 32 32 1. First start a ping from `host1` to `host2` , which should timeout, since there is no controller running. 33 33 34 34 {{{ … … 36 36 }}} 37 37 38 38 2. Start the Floodlight Controller by running the following commands: 39 39 40 40 {{{ … … 47 47 [[Image(GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute:Open vSwitch.png, 50%)]] 48 48 49 3. In the terminal of `host1`, ping `host2` i.e. 10.0.0.2: 49 50 3. In the terminal window of `host1`, ping `host2` i.e. 10.0.0.2: 50 51 {{{ 51 52 [pjayant@host1:~$ ping 10.0.0.2 … … 73 74 Now the ping should work. You can see that the time for the first ICMP packet is longer than the rest of the ICMP packets. This is because the Open vSwitch consults the controller the first time a packet-in event occurs. The controller then inserts the flow in the Open vSwitch and the switch consults this flow for further packet-in events. Similarly, ping `host 3` i.e. 10.0.0.3 from `host 1`. 74 75 75 76 4. Go to your Open vSwitch host and take a look at the flows. You should see that your controller installed flows based on the mac addresses of your packets. Enter the following command: 76 77 77 78 {{{ … … 86 87 === 4c. Look around your OVS switch === 87 88 88 89 1. To see messages go between your switch and your controller, open a new ssh window to your controller node and run tcpdump on the `eth1` interface and on the tcp port that your controller is listening on usually 6653. (You can also run `tcpdump` on the `OVS` control interface if you desire.) 89 90 {{{ 90 91 sudo tcpdump -i eth0 tcp port 6653 91 92 }}} 92 You will see (1) periodic keepalive messages being exchanged by the switch and the controller, (2) messages from the switch to the controller (e.g. when there is a table miss) and an ICMP Echo message in, and (3) messages from the controller to the switch (e.g. to install new flow entries). 93 94 3. Kill your Floodlight controller by pressing `Ctrl-C`: 93 94 You will see (1) periodic keepalive messages being exchanged by the switch and the controller, (2) messages from the switch to the controller (e.g. when there is a table miss) and an ICMP Echo message in, and (3) messages from the controller to the switch (e.g. to install new flow entries). 95 96 97 3. Kill your Floodlight controller by pressing `Ctrl-C`: 95 98 {{{ 96 99 2016-10-30 21:00:47.333 INFO [n.f.l.i.LinkDiscoveryManager] Sending LLDP packets out of all the enabled ports … … 101 104 }}} 102 105 103 4. Notice what happens to your ping on host1. 104 105 5. If you are using OVS, check the flow table entries on your switch: 106 107 4. Notice what happens to your ping on host1. 108 109 110 5. If you are using OVS, check the flow table entries on your switch: 106 111 {{{ 107 112 sudo ovs-ofctl dump-flows br0 108 113 }}} 109 Since you set your switch to "secure" mode, i.e. don't forward packets if the controller fails, you will not see flow table entries. If you see flow table entries, try again after 10 seconds to give the entries time to expire. 114 115 Since you set your switch to "secure" mode, i.e. don't forward packets if the controller fails, you will not see flow table entries. If you see flow table entries, try again after 10 seconds to give the entries time to expire. 110 116 111 117 … … 138 144 139 145 ==== iii. Use Wireshark to see the OpenFlow messages ==== 140 Many times it is useful to see the OpenFlow messages being exchanged between your controller and the switch. This will tell you whether the messages that are created by your controller are correct and will allow you to see the details of any errors you might be seeing from the switch. You can use wireshark on both ends of the connection, in hardware switches you have to rely only on the controller view. 141 142 The controller host and OVS has wireshark installed, including the openflow dissector. For more information on wireshark you can take a look at the [http://wiki.wireshark.org/ wireshark wiki]. 143 144 Here we have a simple case of how to use the OpenFlow dissector for wireshark. 146 147 Many times it is useful to see the OpenFlow messages being exchanged between your controller and the switch. This will tell you whether the messages that are created by your controller are correct and will allow you to see the details of any errors you might be seeing from the switch. You can use Wireshark on both ends of the connection, in hardware switches you have to rely only on the controller view. 148 149 The controller host and OVS has the Wireshark application already installed, including the openflow dissector. For more information on Wireshark you can take a look at the [http://wiki.wireshark.org/ Wireshark wiki]. 150 151 Here we have a simple case of how to use the OpenFlow dissector for Wireshark. 145 152 146 153 If you are on a Linux friendly machine (this includes MACs) open a terminal and ssh to your controller machine using the -Y command line argument, i.e. … … 149 156 }}} 150 157 151 Assuming that the public IP address on the controller is eth0, run wireshark by typing:158 Assuming that the public IP address on the controller is eth0, run Wireshark by typing: 152 159 {{{ 153 160 sudo wireshark -i eth0& 154 161 }}} 155 162 156 When the wireshark window pops up, you might still have to choose eth0 for a live capture. And you will want to use a filter to cut down on the chatter in the wireshark window. One such filter might be just seeing what shows up on port 6653. To do that type ''tcp.port eq 6653'' in the filter window, assuming that 6653 is the port that the controller is163 When the Wireshark window pops up, you might still have to choose eth0 for a live capture. And you will want to use a filter to cut down on the chatter in the Wireshark window. One such filter might be just seeing what shows up on port 6653. To do that type ''tcp.port eq 6653'' in the filter window, assuming that 6653 is the port that the controller is 157 164 listening on. And once you have lines, you can choose one of the lines and choose "Decode as ...." and choose the ''OFP protocol''. 158 165