wiki:HelloGENI

Version 10 (modified by Josh Smift, 9 years ago) (diff)

--

Here's a description of the Hello GENI experiment, and the configuration of resources that it uses.

Overview

This experiment is just a quick way to reserve some resources and use netcat to show that they can talk to each other. It uses an IP subnet, which you have to reserve from a pool that the GPO maintains, but the rest of the resources, you can reserve yourself.

Resource requirements

The Hello GENI experiment requires an IP subnet, some compute resources, and OpenFlow network resources connecting the compute resources.

The Omni command-line tool can be used to reserve the compute and network resources; the GENI Experimenter page has detailed instructions for getting started with Omni.

An IP subnet

The GPO has set aside 10.42.0.0/16 as a pool of IP subnets for this. We're currently using 10.42.101.0/24 - 10.42.110.0/24 for the Plastic Slices project, and have 10.42.111.0/24 - 10.42.120.0/24 available for other uses.

These subnets aren't provided by an aggregate, and thus can't be reserved via the GENI AM API. To reserve one for your experiment, just contact gpo-infra@geni.net. Please DO NOT use an IP subnet that you haven't reserved.

FIXME: This page should link to a general page for our GENI dataplane IP address conventions, like 10.VL.AN.x for test hosts on intercampus VLANs, using the same last octet in all of the dataplane addresses of hosts that are involved in Hello GENI type experiments, DNS information, etc. For now, the static ARP table for the mesoscale MyPLC plnodes, which we store at http://www.gpolab.bbn.com/arp/geni-core-arp.txt (so that it can be fetched easily to hosts when it changes), is probably the best place to find IP and ARP information.

Compute resources

Hello GENI can use MyPLC plnodes at the mesoscale campuses for its compute resources, which have been pre-configured with the appropriate IP subnets, and with static ARP entries to allow them to talk to each other without requiring a controller that handles loop detection for broadcast traffic.

You can also in theory use mesoscale ProtoGENI or Wide-Area ProtoGENI hosts as compute resources, but we haven't actually done this in practice yet.

See the static ARP table mentioned above for IP information for the compute resources.

OpenFlow resources

In order to connect the compute resources, you'll need to reserve some OpenFlow resources, both on campuses and in the GENI network core.

On campuses, you'll want an rpsec that reserves your subnet, on the ports that (a) your compute resources are connected to; and (b) connect those ports to the cross-connect to reach the OF core VLANs (3715 and 3716). The various campus OpenFlow aggregate information pages have tables and/or diagrams with more information along those lines; if you need a hand figuring out exactly which ports to use, contact help@geni.net.

Note that as with all OpenFlow slivers, you'll need to contact the Expedient Opt-In Manager admins for the aggregates where you reserve resources.

You'll also need a host on which you can run an OpenFlow controller, listening on a TCP port, which the OpenFlow resources at the sites can reach (i.e. any firewalls in front of your controller must permit your TCP port).

FIXME: This page should link to a page describing how to get and run a simple OpenFlow controller, if you don't have one already.

Example

Here's a full end-to-end example, using one MyPLC plnode at each of BBN and Stanford, and using 10.42.256.0/24 (which doesn't exist) as the example IP subnet. It assumes that you're already set up with Omni.

Rspecs

Save these rspecs into files; you'll use them with omni commands later.

Compute resources

These rspecs will each reserve one MyPLC plnode. You could modify them to reserve different and/or additional plnodes, but you'd also need to modify your OpenFlow rspecs to include the dataplane interfaces for those plnodes. See "More advanced stuff" below.

One MyPLC plnode at BBN

Save this in a file called myplc-bbn.rspec:

<?xml version="1.0"?>
<RSpec type="SFA">
  <network name="plc.gpolab">
    <site id="s1">
      <name>myplc.gpolab.bbn.com</name>
      <node id="n1">
        <hostname>navis.gpolab.bbn.com</hostname>
        <sliver></sliver>
      </node>
    </site>
  </network>
</RSpec>

One MyPLC plnode at Stanford

Save this in a file called myplc-stanford.rspec:

<?xml version="1.0"?>
<RSpec type="SFA">
  <network name="plc">
    <site id="s1">
      <name>MyPLC</name>
      <node id="n1">
        <hostname>of-planet1.stanford.edu</hostname>
        <sliver></sliver>
      </node>
    </site>
  </network>
</RSpec>

OpenFlow resources

You'll need to modify some parts of both of these rspecs before you can use them. In particular, you'll need to modify:

  • In the 'user' element, sub in your own site name, e-mail address, first name, last name, and a newly-made-up password for Expedient to use.
  • In the 'project' element, sub in your own username and your full name.
  • In the 'slice' element:
    • For the 'controller_url' attribute, sub in the hostname and port where you plan to run your OpenFlow controller.
    • For the 'name' attribute, sub in the hostname and port of your controller.
    • For the 'description' attribute, sub in your own username.
    • For the 'expiry' attribute, enter a number representing a time in the future, in seconds since the epoch. (Try 'date +%s -d "now + 1 week"' on a Linux system to get a number meaning "one week from now".)
  • In the 'nw_dst' and 'nw_src' elements, sub in your subnet instead of "256" in two places below.

BBN

Save this in a file called openflow-bbn.rspec:

<resv_rspec type="openflow">
  <user affiliation="YOURSITE" email="YOURUSERNAME@YOURSITE" firstname="YOURFIRST" lastname="YOURLAST" password="NEWPASSWD"/>
  <project name="YOURUSERNAME-hello-geni" description="Hello GENI experiment by YOURNAME"/>
  <slice controller_url="tcp:HOSTNAME:PORT" name="HOSTNAME-PORT" description="The controler for YOURUSERNAME-hello-geni."/>
  <flowspace>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:24:a8:c4:b9:00+port:56"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:24:a8:c4:b9:00+port:71"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:12:e2:b8:a5:d0+port:3"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:12:e2:b8:a5:d0+port:20"/>
    <dl_type from="2048" to="2048"/>
    <nw_dst from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
  <flowspace>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:24:a8:c4:b9:00+port:56"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:24:a8:c4:b9:00+port:71"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:12:e2:b8:a5:d0+port:3"/>
    <port urn="urn:publicid:IDN+tulum.gpolab.bbn.com:expedient:openflow+switch:06:d6:00:12:e2:b8:a5:d0+port:20"/>
    <dl_type from="2048" to="2048"/>
    <nw_src from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
</resv_rspec>

Then edit it as described above.

Stanford

Save this in a file called openflow-stanford.rspec:

<resv_rspec type="openflow" version="2">
  <user affiliation="YOURSITE" email="YOURUSERNAME@YOURSITE" firstname="YOURFIRST" lastname="YOURLAST" password="NEWPASSWD"/>
  <project name="YOURUSERNAME-hello-geni" description="Hello GENI experiment by YOURNAME"/>
  <slice controller_url="tcp:HOSTNAME:PORT" name="HOSTNAME-PORT" description="The controler for YOURUSERNAME-hello-geni." expiry="EXPIRY"/>
  <flowspace>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:00:00:00:12:e2:78:31:f5+port:2"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:00:00:00:12:e2:78:31:f5+port:11"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:03:85:00:23:47:4e:2e:c0+port:4"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:03:85:00:23:47:4e:2e:c0+port:8"/>
    <dl_type from="2048" to="2048"/>
    <nw_dst from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
  <flowspace>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:00:00:00:12:e2:78:31:f5+port:2"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:00:00:00:12:e2:78:31:f5+port:11"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:03:85:00:23:47:4e:2e:c0+port:4"/>
    <port urn="urn:publicid:IDN+stanford:expedient:openflow+switch:03:85:00:23:47:4e:2e:c0+port:8"/>
    <dl_type from="2048" to="2048"/>
    <nw_src from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
</resv_rspec>

Then edit it as described above.

NLR

Save this in a file called openflow-nlr.rspec:

<resv_rspec type="openflow" version="2">
  <user affiliation="YOURSITE" email="YOURUSERNAME@YOURSITE" firstname="YOURFIRST" lastname="YOURLAST" password="NEWPASSWD"/>
  <project name="YOURUSERNAME-hello-geni" description="Hello GENI experiment by YOURNAME"/>
  <slice controller_url="tcp:HOSTNAME:PORT" name="HOSTNAME-PORT" description="The controler for YOURUSERNAME-hello-geni." expiry="EXPIRY"/>
  <flowspace>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:23:47:c8:bc:00"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:23:47:ca:bc:40"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:24:a8:d2:48:00"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:24:a8:d2:b8:40"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:26:f1:40:a8:00"/>
    <dl_type from="2048" to="2048"/>
    <nw_dst from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
  <flowspace>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:23:47:c8:bc:00"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:23:47:ca:bc:40"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:24:a8:d2:48:00"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:24:a8:d2:b8:40"/>
    <switch urn="urn:publicid:IDN+nlr:expedient:openflow+switch:0e:83:00:26:f1:40:a8:00"/>
    <dl_type from="2048" to="2048"/>
    <nw_src from="10.42.256.0" to="10.42.256.255"/>
  </flowspace>
</resv_rspec>

Then edit it as described above.

Creating your slice

Now that you've got your rspecs, create your slice.

First, give it a name, like "hello" followed by your username, e.g. "hellojbs". Then, create it, and set it to expire a week from now:

slicename=helloYOURUSERNAME
omni createslice $slicename
omni renewslice $slicename $(date +%Y%m%dT%H:%M:%S -d "now + 1 week")

Creating your slivers

Now that you've got a slice, create slivers within it:

omni -n -a https://myplc.gpolab.bbn.com:12346/ createsliver $slicename myplc-bbn.rspec
omni -n -a https://myplc.stanford.edu:12346/ createsliver $slicename myplc-stanford.rspec
omni -n -a https://expedient.gpolab.bbn.com:1443/openflow/gapi/createsliver $slicename openflow-bbn.rspec
omni -n -a https://endpoint.stanford.edu:1443/openflow/gapi/ $slicename openflow-stanford.rspec
omni -n -a https://ofc-testlab.grnoc.iu.edu:1443/openflow/gapi/createsliver $slicename openflow-nlr.rspec

Opt in your OpenFlow resources

Creating those OpenFlow slivers doesn't actually reserve the resources immediately, it just puts in a request to the OpenFlow Expedient Opt-In Manager at each aggregate. In order to finish reserving them, send mail to response-team@geni.net, saying something like:

Hi! I'm creating a slice to try out Hello GENI, and reserving some
OpenFlow resources at BBN, Stanford, and NLR. My topology should just
include the port for one MyPLC plnode at each site, the cross-connect port
to VLAN 3715, and the connections between them, plus the NLR backbone
switches, for 10.42.256.0/24 only.

Can you please opt in my slivers? Thanks!

Sub in your subnet in place of "256" above, of course.

Log in to your MyPLC resources

While you wait for your OpenFlow resources to be opted in, you can confirm that you can log in to your MyPLC resources. Run these commands to find the login name to use:

omni -n -a https://myplc.gpolab.bbn.com:12346/ sliverstatus $slicename
omni -n -a https://myplc.stanford.edu:12346/ sliverstatus $slicename

In the output of each of those, look for a line containing "pl_hostname" and a line containing "pl_login". You should then be able to log in via SSH using that login name to that hostname, e.g.

ssh pgenigpolabbbncom_jbstest@navis.gpolab.bbn.com

Once you've logged in, you can install the 'nc' package, to run netcat, which you'll use later:

sudo yum install nc

Say hello

Once you hear back from the Expedient OIM admins at BBN, Stanford, and NLR, you can try sending traffic from one of your MyPLC plnodes to another.

Log in to your plnode at BBN, and run a netcat listener, on :

nc -lk 10.42.256.55 6256

In another window, log in to your plnode at Stanford, and connect to the listener you're running at BBN:

nc 10.42.256.55 6256

You can then type text in one window, and it'll appear in the other -- if your OpenFlow controller is running. Try it with your controller running, and not running, to see.

Note that after you stop your controller, you'll need to wait five seconds without sending any traffic in order for the flowtable entries in the switches to time out -- if you keep sending traffic continuously, it'll keep flowing even if you stop your controller. Once any existing flowtable entries time out, though, new ones won't be created (and traffic won't flow) while your controller is down.

More advanced stuff

You can run

omni -n -a https://myplc.gpolab.bbn.com:12346/ listresources
omni -n -a https://myplc.stanford.edu:12346/ listresources

to get a list of other BBN and/or Stanford MyPLC plnodes to use. Note that the advertisement rspec format returned by that command is subtly different than the reservation rspec format shown above.

If you wanted to use different plnodes than the ones listed above, you'd need to modify your OpenFlow rspecs to include the dataplane interfaces for those plnodes, and also any intermediate switches in the topology.

FIXME: This page should probably include a little more information about how to figure out what ports you'd need to set up a more complicated topology.

Attachments (10)

Download all attachments as: .zip