wiki:Tutorials/m0SDN/aHowTo

Version 15 (modified by akoshibe, 15 years ago) ( diff )

OpenFlow How-To

Sandbox 9 uses the OpenFlow capable switch as part of its setup as a means to provide a testbed for experimentation with the OpenFlow protocol. This tutorial covers the following:

  • The network topology of the testbed
  • The OpenFlow components of the testbed
  • Installation of the OpenFlow Reference System and NOX
  • Performance analysis tools

OpenFlow Protocol

OpenFlow is a protocol that allows for the creation of overlay networks over pre-existing network infrastructure. This allows a researcher to run experiments on production networks without the fear of affecting any of the legacy installations or setups, while having control over how data is handled across the network.

"OpenFlow Protocol" specifically refers to the protocol that is used by a network device and its controller to pass information about flows, or instructions on how to handle data packets based on the packet header, to each other.

Detailed information can be found here: http://www.openflowswitch.org/

The Testbed

Sandbox 9 consists of three nodes connected to the SB9 Console through a OpenFlow enabled gigabit switch. The network topology is shown below:

No image "OFSetup.jpg" attached to Documentation/OpenFlow/OFHowTo

The dotted box (labeled sw_sb09) represents the OpenFlow enabled NEC IP8800/S3640-48T2XW switch, currently running firmware supporting OpenFlow v0.8.9. The switch is pre-configured so that ports 25-36 (the data VLAN, in red) is an OpenFlow virtual switch that listens for a controller running on the SB9 Console. There exists a virtual connection between the controller and virtual switch, represented by the dotted red line. Two trunked connections exist - one connects the setup with the ORBIT network (through sw_sb_top), and the other not only allows the console to communicate with the nodes, but also provides the secure controller-switch VLAN needed for the OpenFlow setup. The experimenter would be able to monitor and manipulate the setup from the Console.


We can run the controller on the console or on one of the nodes as they each can have equal access the the openflow controling vlan.

Installing the controller (on a node)

Two distinct controllers, one from the OpenFlow reference System (v0.8.9r2) and another from NOX-core (v0.5.0), have been successfully installed and tested on the Console. These can be downloaded from the following places:

The former is a simple implementation that comes with a few tests; latter is a full-blown network operating system/ development tool that comes with a Network API that can be used to write and develop your own controller in C++ or Python.

Both can also be installed using Git. Git can be installed with the following command:

apt-get install git-core   

Installing the OpenFlow Reference System

While presented, it is not recommended to install from tarball. The detailed instructions may be found here: http://www.openflowswitch.org/wp/getstarted/

  1. Download software and required packages. If using git:
    sudo apt-get install git-core automake m4 pkg-config libtool
    git clone http://openflowswitch.org/openflow
    cd openflow
    ./boot.sh
    

if installing from tarball:

mkdir openflow
cd openflow
wget http://openflowswitch.org/downloads/openflow-0.9.0.tar.gz
tar xzf openflow-0.9.0.tar.gz
cd openflow-0.9.0
sudo apt-get install gcc linux-headers-`uname -r`
  1. Make and install.
    ./configure --with-l26=/lib/modules/`uname -r`/build
    make
    make install
    

Installing NOX (on a node)

It is not only recommended but also much simpler to use git to install NOX. Therefore the following instructions assume you are using git. The full instructions are found at noxrepo.org: http://noxrepo.org/manual/installation.html

Dependencies
NOX requires the following packages to be installed on the Console:

  • GNU Libtool (libtool)
  • Boost C++ libraries (libboost1.35-dev)
  • Apache HTTP Server (apache2)
  • Xerces C++ parser (libxerces-c28)
  • Xerces development files (libxerces-c2-dev)
  • SSL development libraries (libssl-dev)
  • SQLite 3 development files (libsqlite3-dev)
  • Simple JSON for Python (python-simplejson)

If all dependencies are taken care of, NOX will install with the following steps.

cd 
git clone git://noxrepo.org/noxcore
cd noxcore/
./boot.sh
mkdir build/
cd build/
../configure --with-python=yes
make
make check 

Controllers on the Console

A sub-set of these instructions can be used to install a "custom" controller in userspace on the console. Most of the requsite libraries should already be installed.

TODO list subset.

Starting the controller

Both commands start the controller and establish a connection with the OpenFlow switch. The -v is for verbose. -h for both will give you the help files for the controllers. In the reference system, the controller is found under …/openflow/controller/

./controller -v ptcp:6633 

and in NOX, it is found under …/noxcore/build/src/

./nox-core -v -i ptcp:6633 

ptcp:6633 refers to a passive connection to TCP 6633, the default OpenFlow port. An active connection method using standard TCP exists, however this does not work on this setup. In the OpenFlow reference system, a log of the verbose output can be saved by appending --log-file [filename].


Available Tools

Some of these tools require root privlages and will thus require a custom installation on a node. Otherse can be run from the console directly in an unprivlaged mode.

TODO indicate what credentails are required for each tool.

the Wireshark plugin

The OpenFlow Reference system comes with an OpenFlow wireshark dissector. glib is required for the plugin to work:

apt-get install wireshark libgtk2.0-dev
cd utilities/wireshark_dissectors/openflow
make
sudo make install

tcpdump pcap files can also be opened using wireshark - once the plugin has been installed, OpenFlow packets can be interpreted from these files as well.

Iperf

For performance testing, you may want to run some bandwidth tests. iperf is a tool that measures maximum network performance using TCP for throughput and UDP for jitter and datagram loss. The standard image used for the Sandbox nodes when booted with command omf tell on comes with iperf. To take measurements, you need at least two nodes. One node becomes the server, the other(s), clients.

To start the server:

iperf -s 

and on the client:

iperf -c 192.168.x.y 

192.168.x.y is the IP address block associated with the OpenFlow VLAN. When setting the node IP addresses (i.e. using ifconfig), x.y should be made unique to each node. A caveat is that iperf cannot take real-time bandwidth measurements. Real-time bandwidth use can be monitored using BWM-ng.

BWM-ng

By default, the tool will monitor all interfaces on the Console. To monitor just the OpenFlow interface, you must specify eth1.100. To output this to a csv, use the following command (-t specifies a sampling rate of 1000 msec, or 1 sample/sec):

bwm-ng -I eth1.100 -o csv -t 1000 -F <file-name>

Development

The files defining OpenFlow Protocol can be found in the following locations:

  • OpenFlow reference system: openflow/include/openflow/openflow.h
  • NOX: noxcore/src/include/openflow.hh

In addition, NOX provides a Web API that allows you to do development in C++ or Python.

Demo Video

TODO move this onto the orbit webserver.

A video Demonsration of the usage of the refrence controller can be found at: http://www.winlab.rutgers.edu/~ssugrim/Projects.html

Note: See TracWiki for help on using the wiki.