Sdn command line controller lab

Copyright 2014 Kenneth M. Chipps Ph.D.
www.chipps.com
Software Defined Networking
Lab
Using Mininet
and the
POX Controller
Last Update 2014.02.04
2.1.0
1

Sources
• This lab uses the OpenFlow Tutorial
sample lab from
• http://archive.openflow.org/wk/index.php/O
penFlow_Tutorial#Download_Files
• and content from the book Software
Defined Networking with OpenFlow by
Siamak Azodolmolky
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 2

The SDN Lab
• For this lab on SDN we will be using
Mininet to create the SDN hardware and
OpenFlow commands to define how the
hardware acts

What is Mininet
• Mininet is a network emulator, not a
simulator
• It can be used to create virtual hosts,
hubs, switches, controllers, and links
• The code used in Mininet can be used with
no or minimal changes on real SDN
OpenFlow networks

Flow of the Lab
• In this lab you will
– Simulate a multi-switch, multi-host network
with Mininet
– Create flow tables from the command line
– Setup a controller to download the flow
entries
– View OpenFlow messages with Wireshark

Flow of the Lab
• After the tutorial, you can apply what
you've learned to physical networks based
on software switches or SDN capable
hardware switches at line rate
• Here are the steps we will go through

Flow of the Lab
– Download the virtual machine
– Setup the virtual machine
– Check the setup in Linux
– Create the network
– Examine the network
– Work with basic OpenFlow commands
– Add a controller

Download the Virtual Machine
• For this lab a virtual machine appliance in
ovf format must be downloaded from the
OpenFlow Tutorial website here
– https://github.com/downloads/mininet/mininet/
mininet-2.0.0-113012-amd64-ovf.zip
• Download this file
• Expand the zip file
• You should see these files

Download the Virtual Machine

Setup the Virtual Machine
• To import this appliance into VirtualBox
– Select
• File
– Import Appliance
» Select the ovf image
» Press the Import button
• This lab requires two virtual NICs
– The first one should be set to host-only
network
– The second one to NAT

Check Linux
• Mininet is a command line tool that runs in
Linux
• The Mininet prompt looks like this
– mininet>
• The Linux prompt ends with a $ for a
normal user
• It ends in # for the root account

Check Linux
• We will use the sudo command to run the
Linux commands with root privileges at the
normal user prompt

Check Linux
• Start the virtual machine
• Login to Linux
• The login is
– mininet
– mininet
• The screen should look like this

Check Linux

Check Linux
• Let’s see if the two network interfaces are
setup correctly
• At the Linux prompt enter
– ifconfig

Check Linux
• Three interfaces should appear
• Two physical interfaces called
– eth0
– eth1
– And the loopback interface

Check Linux
• One of the physical interfaces should have
a 192 address and the other a 10 address
• We will access the virtual machine using a
terminal program using the 192 address
• If either of the eth Ethernet interfaces are
missing, run this command
– sudo dhclient ethx
• Where the x in ethx is the number of the
interface Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 17

Check Linux

Check Linux
• As you can see the eth1 interface is
missing
• After the dhclient command is run this
appears

Check Linux

Create the Network
• Pay close attention to the prompt shown
for each command
• It makes a difference
• The basic network we will start with looks
like this

Create the Network

Create the Network
• H2 H3 and H4 are just generic end
devices
• In the real world they would be PCs,
printers, VOIP telephones and so forth
• The others are the SDN devices - a switch
and a controller

Create the Network
• These commands can be entered in the
VirtualBox window from the keyboard
• Or a terminal program such as Putty can
be used so the commands can be pasted
• Let’s start Putty and connect to the virtual
machine
• Use the 192 IP address
• Putty defaults to SSH

Create the Network
• So just enter the address and click open
• The login in is the same as before
– mininet
– mininet

Create the Network

Create the Network
• To paste a command, copy it from here
and right click on the command prompt
shown in Putty
• The virtual machine is setup with Mininet
installed and ready to run
• Issue this command to create the SDN
devices and links for this lab

Create the Network
• It all goes on one line in Linux
– $ sudo mn --topo single,3 --mac --switch ovsk --controller remote
• This tells Mininet to start up a three host,
single – openvSwitch based - switch
topology, set the MAC address of each
host equal to its IP, and point to a remote
controller which defaults to the localhost
• The screen should look like this

Create the Network

Create the Network
• Here's what Mininet just did
– Created three virtual hosts
– Created a single OpenFlow software switch
with three ports
– Connected each virtual host to the switch with
a virtual Ethernet cable
– Set the MAC address of each host equal to its
IP address
– Configured the OpenFlow switch to connect to
the controllerCopyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 30

Create the Network
• These devices do the following
– An OpenFlow Controller
• The controller creates and transfer to the flow
commands to the switches
– An OpenFlow Switch
• This is a software based switch that takes
commands from the controller that are used to
handle the frames it receives

Examine the Network
• Notice that the Linux prompt is gone
• This is the mininet prompt
• Let’s see what we made
• At the Mininet prompt enter
– mininet>nodes
• This should appear

Examine the Network

Examine the Network
• We can also see the network using
– mininet>net
• And see information about all the nodes
with
– mininet>dump

Examine the Network

Work With OpenFlow
• In OpenFlow to look at a switch’s flow
table the dpctl – data path control
command can be used
• Most OpenFlow switches start up with a
passive listening port - 6634 - from which
you can poll the switch, without having to
add debugging code to the controller

Work With OpenFlow
• For example the command
– $ dpctl show tcp:127.0.0.1:6634
• will connect to the switch and dump out its
port state and capabilities
• This command can be run from the
Mininet prompt as well in this form
– mininet>dpctl show
• I am going to open another Putty
connection to do thisCopyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 37

Work With OpenFlow

Work With OpenFlow
• This command looks at the flow table
– $ dpctl dump-flows tcp:127.0.0.1:6634
– or
– mininet>dpctl dump-flows
• Since we haven't started a controller yet,
the flow-table should be empty

Work With OpenFlow

Work With OpenFlow
• With the virtual hardware setup let’s check
network connectivity from the Mininet
console
– mininet>h1 ping –c3 h2
• The syntax for ping in mininet is
– Ping from – h1 here
– Number of pings – 3 times in this example
– Ping to – h2 here

Work With OpenFlow
• For a continuous ping h1 ping h2
• CRTL c to stop the ping

Work With OpenFlow

Work With OpenFlow
• Did you get any replies
• As you saw before, the switch flow table is
empty
• Besides that, the controller is not yet
configured to provide flow handling
instructions to the switch and therefore the
switch doesn't know what to do with
incoming traffic, leading to ping failure

Work With OpenFlow
• Let’s add some flows using dpctl first
• The dpctl command can do this on an
individual switch without a controller
• These flows are meant to be transitory
• As we are working with this in a lab rather
than in a realtime line rate network we
need to increase the timeout before we
add any flows or we will have to keep
reentering the flowsCopyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 47

Work With OpenFlow
• To increase the timeout to 5 minutes enter
this command
– $dpctl add-flow tcp:127.0.0.1:6634 in_port=1,idle_timeout=300,actions=output:2
• Now we can add the flow commands
• This is an example of a proactive entry to
the flow table as it will be added before the
traffic it will handle has crossed the
network
• In the other lab we will use reactive mode

Work With OpenFlow
• Type this all on one line
– $ dpctl add-flow tcp:127.0.0.1:6634 in_port=1,actions=output:2
• And this also all on one line
– $ dpctl add-flow tcp:127.0.0.1:6634 in_port=2,actions=output:1

Work With OpenFlow
• This will forward packets coming to port 1
to port 2 and vice-versa
• Verify this by checking the flow-table with
– $ dpctl dump-flows tcp:127.0.0.1:6634

Work With OpenFlow

Work With OpenFlow
• Run the ping command again in the
mininet console
– mininet> h1 ping -c3 h2
• Did you get replies now

Work With OpenFlow

Work With OpenFlow
• Check the flow-table again and look at the
statistics for each flow entry
• Is this what you expected to see based on
the ping traffic

Activate Wireshark
• Wireshark is useful here to examine the
traffic generated by OpenFlow
• The virtual machine being used for this lab
has Wireshark already installed
• Let’s see how we get it working in this
environment
• We will have to use a new SSH session
using X11 as Wireshark uses a GUI
interface Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 55

Activate Wireshark
• To run an application that uses a GUI X11
is required
• This can be done at either end
• Under Windows, the Xming server must
be running, and you must make an SSH
connection with X11 forwarding enabled

Activate Wireshark
• First, search the Internet for and download
the Xming server
• Install it
• Start Xming
• Xming will not show any window, but you
can verify that it is running by looking for
its process in Window's task bar

Activate Wireshark
• Second, make an SSH connection with
X11 forwarding enabled
• If you are using Putty, you can connect to
the lab by entering the VM's IP address for
the 192 address NIC and enabling X11
forwarding

Activate Wireshark
• To enable X11 forwarding from Putty's
GUI, go to PuttyConnection | SSH | X11,
then click on Enable X11 Forwarding, as
shown in the following screenshot

Activate Wireshark

Activate Wireshark
• Or X11 can be added to the VM itself
• To install X11 and a simple window
manager, from the VM console window
enter
– $ sudo apt-get update
– $ sudo apt-get install xinit flwm
• Start an X11 session in the VM console
window by typing
– $ startx

Activate Wireshark
• Now start Wireshark as a background
process
– $sudo wireshark $
• Click on OK to clear any error messages

Observe SDN Traffic
• Start a capture in Wireshark using the
loopback interface
• Create and apply a filter for just the
OpenFlow traffic by entering a display filter
in Wireshark using the string
– of

Load the Controller
• To generate some traffic we will load a
controller as that is the next step anyway
• There are a number of software based or
hardware based controllers that can be
used in an SDN
• In this example we will load the POX
controller
• The developers of this controller say this
about it Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com 64

POX Controller
– POX is NOX‘s younger sibling
– At its core, it’s a platform for the rapid
development and prototyping of network
control software using Python
– Meaning, at a very basic level, it’s one of a
growing number of frameworks (including
NOX, Floodlight, Trema, etc., etc.) for helping
you write an OpenFlow controller

POX Controller
– POX also goes beyond this
– As well as being a framework for interacting
with OpenFlow switches, we’re using it as the
basis for some of our ongoing work to help
build the emerging discipline of Software
Defined Networking
– We’re using it to explore and prototype
distribution, SDN debugging, network
virtualization, controller design, and
programming models

Load the Controller
• To start POX enter these commands
– $cd pox
– ./pox.py forwarding.l2_learning
• If the command prompt does not appear
after running this command, press enter

Load the Controller

Observe SDN Traffic
• Switch back to the Wireshark window to
see the activity as the controller loads

Observe SDN Traffic

Summary
• We now have a complete Software
Defined Network whose actions are
defined by OpenFlow

Sdn command line controller lab

Empfohlen

Empfohlen

Weitere ähnliche Inhalte

Was ist angesagt?

Was ist angesagt? (20)

Andere mochten auch

Andere mochten auch (20)

Ähnlich wie Sdn command line controller lab

Ähnlich wie Sdn command line controller lab (20)

Kürzlich hochgeladen

Kürzlich hochgeladen (20)

Sdn command line controller lab