Friday, September 13, 2013

my first steps with OpenFlow...

Hanging out at our CondoOfCondos workshop in Texas...

We are clearly getting a bit old school here:

http://archive.openflow.org/wk/index.php/OpenFlow_Tutorial

I pulled the mininet OVF file from here, and imported into VirtualBox.


I always set up the following port forwards inside of VirtualBox to point at the VM IP you can pull from the console above. It looks like this screen grab below. I used 127.0.0.1 here rather than my host address incase my 802.11X provided DHCP address here at the University of Texas changes, so I bind to the internal, remember as Dorothy said:

"There's no place like 127.0.0.1" ;-)


This allows you to do things like this so you can get an xterm on the box easy w/o having to have "host based" adapters set up:
bash-3.2$ ssh -Y -p 2222 mininet@localhost

Ok, now we log in from our local machine with our nifty ssh -Y -p 2222 trick, then we quickly xauth merge our original users .Xauthority so we can run commands like mn as root, the last command xterm h1 h2 h3 brings up terminals on each of the "nodes".
bash-3.2$ hostname
wireless-10-146-144-180.public.utexas.edu

bash-3.2$ ssh -Y -p 2222 mininet@localhost
mininet@localhost's password: 
Welcome to Ubuntu 12.10 (GNU/Linux 3.5.0-17-generic x86_64)

 * Documentation:  https://help.ubuntu.com/
New release '13.04' available.
Run 'do-release-upgrade' to upgrade to it.

Last login: Fri Sep 13 07:11:12 2013 from 10.0.2.2

mininet@mininet-vm:~$ sudo su -

root@mininet-vm:~# xauth merge ~mininet/.Xauthority 

root@mininet-vm:~# mn --topo single,3 --mac --switch ovsk --controller remote
*** Creating network
*** Adding controller
Unable to contact the remote controller at 127.0.0.1:6633
*** Adding hosts:
h1 h2 h3 
*** Adding switches:
s1 
*** Adding links:
(h1, s1) (h2, s1) (h3, s1) 
*** Configuring hosts
h1 h2 h3 
*** Starting controller
*** Starting 1 switches
s1 
*** Starting CLI:

mininet> nodes
available nodes are: 
h1 h2 h3 s1 c0

mininet> xterm h1 h2 h3

Ok cool so we have a running environment - let's have a look at the controller:
mininet@mininet-vm:~$ dpctl show tcp:127.0.0.1:6634
features_reply (xid=0xed316c06): ver:0x1, dpid:1
n_tables:255, n_buffers:256
features: capabilities:0xc7, actions:0xfff
 1(s1-eth1): addr:42:d3:0e:0e:32:f8, config: 0, state:0
     current:    10GB-FD COPPER 
 2(s1-eth2): addr:ca:87:a0:f4:41:5e, config: 0, state:0
     current:    10GB-FD COPPER 
 3(s1-eth3): addr:06:35:30:84:75:c7, config: 0, state:0
     current:    10GB-FD COPPER 
 LOCAL(s1): addr:3a:ae:61:e0:0c:4d, config: 0x1, state:0x1
get_config_reply (xid=0xb4fb7b2b): miss_send_len=0

mininet@mininet-vm:~$ dpctl dump-flows tcp:127.0.0.1:6634
stats_reply (xid=0xec08f0e9): flags=none type=1(flow)


Ok first ping test is epic fail, as you can see above - no flows there be!
mininet> h1 ping -c2 h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
From 10.0.0.1 icmp_seq=2 Destination Host Unreachable

--- 10.0.0.2 ping statistics ---
2 packets transmitted, 0 received, +2 errors, 100% packet loss, time 1001ms

So let's add our very first "flow"!
mininet@mininet-vm:~$ dpctl add-flow tcp:127.0.0.1:6634 in_port=1,actions=output:2
mininet@mininet-vm:~$ dpctl add-flow tcp:127.0.0.1:6634 in_port=2,actions=output:1

and now we get...
mininet> h1 ping -c2 h2
PING 10.0.0.2 (10.0.0.2) 56(84) bytes of data.
64 bytes from 10.0.0.2: icmp_req=1 ttl=64 time=0.253 ms
64 bytes from 10.0.0.2: icmp_req=2 ttl=64 time=0.045 ms

YAY!

See lotsa ICMP flows!
mininet@mininet-vm:~$ dpctl dump-flows tcp:127.0.0.1:6634

stats_reply (xid=0x3eaa5384): flags=none type=1(flow)

  cookie=0, duration_sec=9s, duration_nsec=302000000s, table_id=0, priority=65535, n_packets=2, n_bytes=196, idle_timeout=60,hard_timeout=0,icmp,in_port=1,dl_vlan=0xffff,dl_vlan_pcp=0x00,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:03,nw_src=10.0.0.1,nw_dst=10.0.0.3,nw_tos=0x00,icmp_type=8,icmp_code=0,actions=output:3

  cookie=0, duration_sec=9s, duration_nsec=302000000s, table_id=0, priority=65535, n_packets=2, n_bytes=196, idle_timeout=60,hard_timeout=0,icmp,in_port=3,dl_vlan=0xffff,dl_vlan_pcp=0x00,dl_src=00:00:00:00:00:03,dl_dst=00:00:00:00:00:01,nw_src=10.0.0.3,nw_dst=10.0.0.1,nw_tos=0x00,icmp_type=0,icmp_code=0,actions=output:1

  cookie=0, duration_sec=12s, duration_nsec=838000000s, table_id=0, priority=65535, n_packets=2, n_bytes=196, idle_timeout=60,hard_timeout=0,icmp,in_port=2,dl_vlan=0xffff,dl_vlan_pcp=0x00,dl_src=00:00:00:00:00:02,dl_dst=00:00:00:00:00:01,nw_src=10.0.0.2,nw_dst=10.0.0.1,nw_tos=0x00,icmp_type=0,icmp_code=0,actions=output:1

  cookie=0, duration_sec=11s, duration_nsec=836000000s, table_id=0, priority=65535, n_packets=1, n_bytes=98, idle_timeout=60,hard_timeout=0,icmp,in_port=1,dl_vlan=0xffff,dl_vlan_pcp=0x00,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:02,nw_src=10.0.0.1,nw_dst=10.0.0.2,nw_tos=0x00,icmp_type=8,icmp_code=0,actions=output:2

Kinda more fun this once you stand up an actual controller:
mininet@mininet-vm:~$ controller -v ptcp:
Sep 13 07:48:23|00001|poll_loop|DBG|[POLLIN] on fd 4:
Sep 13 07:48:23|00002|rconn|DBG|tcp: entering ACTIVE
Sep 13 07:48:23|00003|vconn|DBG|tcp:127.0.0.1:51691: 

sent (Success): hello (xid=0x3394cdce):

Sep 13 07:48:23|00004|vconn|DBG|tcp:127.0.0.1:51691: 

received: hello (xid=0xe):

Sep 13 07:48:23|00005|vconn|DBG|tcp:127.0.0.1:51691: 

negotiated OpenFlow version 0x01 (we support versions 0x01 to 0x01 inclusive,
peer no later than version 0x01)

Sep 13 07:48:23|00006|vconn|DBG|tcp:127.0.0.1:51691: 

sent (Success): features_request (xid=0xbac80804):

Sep 13 07:48:23|00007|vconn|DBG|tcp:127.0.0.1:51691: 

sent (Success): set_config (xid=0x2c509fae): miss_send_len=128

Sep 13 07:48:23|00008|poll_loop|DBG|[POLLIN] on fd 6:

Sep 13 07:48:23|00009|vconn|DBG|tcp:127.0.0.1:51691: 

received: features_reply (xid=0xbac80804): ver:0x1, dpid:1

n_tables:255, n_buffers:256

features: capabilities:0xc7, actions:0xfff

 1(s1-eth1): addr:42:d3:0e:0e:32:f8, config: 0, state:0
     current:    10GB-FD COPPER 
 2(s1-eth2): addr:ca:87:a0:f4:41:5e, config: 0, state:0
     current:    10GB-FD COPPER 
 3(s1-eth3): addr:06:35:30:84:75:c7, config: 0, state:0
     current:    10GB-FD COPPER 
 LOCAL(s1):  addr:3a:ae:61:e0:0c:4d, config: 0x1, state:0x1

And here is the output of an iperf, I'll leave it here for now
*** Iperf: testing TCP bandwidth between h1 and h3
waiting for iperf to start up...*** Results: ['3.41 Gbits/sec', '3.41 Gbits/sec']

Looks like I might be all set for the tutorial this afternoon!



[any opinions here are all mine, and have absolutely nothing to do with my employer]
(c) 2011 James Cuff