Changes between Version 25 and Version 26 of GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute


Ignore:
Timestamp:
12/16/16 10:54:26 (7 years ago)
Author:
lnevers@bbn.com
Comment:

--

Legend:

Unmodified
Added
Removed
Modified

  • GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute

    v25 v26  
    3030In this example we are going to run a very simple learning switch controller to forward traffic between `host1` and `host2`.
    3131 
    32   1. First start a ping from  `host1` to `host2` , which should timeout, since there is no controller running.
     321. First start a ping from  `host1` to `host2` , which should timeout, since there is no controller running.
    3333
    3434{{{
     
    3636}}}
    3737
    38   2. Start the Floodlight Controller by running the following commands:
     382. Start the Floodlight Controller by running the following commands:
    3939
    4040{{{
     
    4747[[Image(GENIExperimenter/Tutorials/OpenFlowOVS-Floodlight/Execute:Open vSwitch.png, 50%)]]
    4848
    49  3. In the terminal of `host1`, ping `host2` i.e. 10.0.0.2:
     49
     503. In the terminal window of `host1`, ping `host2` i.e. 10.0.0.2:
    5051{{{
    5152[pjayant@host1:~$ ping 10.0.0.2
     
    7374Now the ping should work. You can see that the time for the first ICMP packet is longer than the rest of the ICMP packets. This is because the Open vSwitch consults the controller the first time a packet-in event occurs. The controller then inserts the flow in the Open vSwitch and the switch consults this flow for further packet-in events. Similarly, ping `host 3` i.e. 10.0.0.3 from `host 1`.
    7475
    75  4. Go to your Open vSwitch host and take a look at the flows. You should see that your controller installed flows based on the mac addresses of your packets. Enter the following command:
     764. Go to your Open vSwitch host and take a look at the flows. You should see that your controller installed flows based on the mac addresses of your packets. Enter the following command:
    7677
    7778{{{
     
    8687=== 4c. Look around your OVS switch  ===
    8788
    88   1. To see messages go between your switch and your controller, open a new ssh window to your controller node and run tcpdump on the `eth1` interface and on the tcp port that your controller is listening on usually 6653.  (You can also run `tcpdump` on the `OVS` control interface if you desire.)
     891. To see messages go between your switch and your controller, open a new ssh window to your controller node and run tcpdump on the `eth1` interface and on the tcp port that your controller is listening on usually 6653.  (You can also run `tcpdump` on the `OVS` control interface if you desire.)
    8990{{{
    9091sudo tcpdump -i eth0 tcp port 6653
    9192}}}
    92   You will see (1) periodic keepalive messages being exchanged by the switch and the controller, (2) messages from the switch to the controller (e.g. when there is a table miss) and an ICMP Echo message in, and (3) messages from the controller to the switch (e.g. to install new flow entries).
    93 
    94   3. Kill your Floodlight controller by pressing `Ctrl-C`:
     93 
     94You will see (1) periodic keepalive messages being exchanged by the switch and the controller, (2) messages from the switch to the controller (e.g. when there is a table miss) and an ICMP Echo message in, and (3) messages from the controller to the switch (e.g. to install new flow entries).
     95
     96 
     973. Kill your Floodlight controller by pressing `Ctrl-C`:
    9598{{{
    96992016-10-30 21:00:47.333 INFO  [n.f.l.i.LinkDiscoveryManager] Sending LLDP packets out of all the enabled ports
     
    101104}}}
    102105
    103   4. Notice what happens to your ping on host1.
    104 
    105   5. If you are using OVS, check the flow table entries on your switch:
     106 
     1074. Notice what happens to your ping on host1.
     108
     109 
     1105. If you are using OVS, check the flow table entries on your switch:
    106111{{{
    107112sudo ovs-ofctl dump-flows br0
    108113}}}
    109   Since you set your switch to "secure" mode, i.e. don't forward packets if the controller fails, you will not see flow table entries.  If you see flow table entries, try again after 10 seconds to give the entries time to expire.
     114 
     115Since you set your switch to "secure" mode, i.e. don't forward packets if the controller fails, you will not see flow table entries.  If you see flow table entries, try again after 10 seconds to give the entries time to expire.
    110116
    111117
     
    138144
    139145==== iii. Use Wireshark to see the OpenFlow messages ====
    140 Many times it is useful to see the OpenFlow messages being exchanged between your controller and the switch. This will tell you whether the messages that are created by your controller are correct and will allow you to see the details of any errors you might be seeing from the switch. You can use wireshark on both ends of the connection, in hardware switches you have to rely only on the controller view.
    141 
    142 The controller host and OVS has wireshark installed, including the openflow dissector. For more information on wireshark you can take a look at the [http://wiki.wireshark.org/ wireshark wiki].
    143 
    144 Here we have a simple case of how to use the OpenFlow dissector for wireshark.
     146
     147Many times it is useful to see the OpenFlow messages being exchanged between your controller and the switch. This will tell you whether the messages that are created by your controller are correct and will allow you to see the details of any errors you might be seeing from the switch. You can use Wireshark on both ends of the connection, in hardware switches you have to rely only on the controller view.
     148
     149The controller host and OVS has the Wireshark application already installed, including the openflow dissector. For more information on Wireshark you can take a look at the [http://wiki.wireshark.org/ Wireshark wiki].
     150
     151Here we have a simple case of how to use the OpenFlow dissector for Wireshark.
    145152
    146153If you are on a Linux friendly machine (this includes MACs) open a terminal and ssh to your controller machine using the -Y command line argument, i.e.
     
    149156}}}
    150157
    151 Assuming that the public IP address on the controller is eth0, run wireshark by typing:
     158Assuming that the public IP address on the controller is eth0, run Wireshark by typing:
    152159{{{
    153160sudo wireshark -i eth0&
    154161}}}
    155162
    156 When the wireshark window pops up, you might still have to choose eth0 for a live capture.  And you will want to use a filter to cut down on the chatter in the wireshark window.   One such filter might be just seeing what shows up on port 6653. To do that type ''tcp.port eq 6653'' in the filter window, assuming that 6653 is the port that the controller is
     163When the Wireshark window pops up, you might still have to choose eth0 for a live capture.  And you will want to use a filter to cut down on the chatter in the Wireshark window.   One such filter might be just seeing what shows up on port 6653. To do that type ''tcp.port eq 6653'' in the filter window, assuming that 6653 is the port that the controller is
    157164listening on.   And once you have lines, you can choose one of the lines and choose "Decode as ...." and choose the ''OFP protocol''.
    158165