= !OpenFlow How-To = Sandbox 9 uses the !OpenFlow capable switch as part of its setup as a means to provide a testbed for experimentation with the !OpenFlow protocol. This tutorial covers the following: * The network topology of the testbed * The !OpenFlow components of the testbed * Installation of the !OpenFlow Reference System and NOX * Performance analysis tools === !OpenFlow Protocol === !OpenFlow is a protocol that allows for the creation of overlay networks over pre-existing network infrastructure. This allows a researcher to run experiments on production networks without the fear of affecting any of the legacy installations or setups, while having control over how data is handled across the network. [[BR]] [[BR]] "!OpenFlow Protocol" specifically refers to the protocol that is used by a network device and its controller to pass information about flows, or instructions on how to handle data packets based on the packet header, to each other. Detailed information can be found here: http://www.openflowswitch.org/ === The Testbed === Sandbox 9 consists of three nodes connected to the SB9 Console through a !OpenFlow enabled gigabit switch. The network topology is shown below: [[BR]] [[BR]] [[Image(wiki:Documentation/OpenFlow/OFHowTo:OFSetup.jpg, 450)]] The dotted box (labeled sw_sb09) represents the !OpenFlow enabled NEC IP8800/S3640-48T2XW switch, currently running firmware supporting !OpenFlow v0.8.9. The switch is pre-configured so that ports 25-36 (the data VLAN, in red) is an !OpenFlow virtual switch that listens for a controller running on the SB9 Console. There exists a virtual connection between the controller and virtual switch, represented by the dotted red line. Two trunked connections exist - one connects the setup with the ORBIT network (through sw_sb_top), and the other not only allows the console to communicate with the nodes, but also provides the secure controller-switch VLAN needed for the !OpenFlow setup. The experimenter would be able to monitor and manipulate the setup from the Console. ---- == The Console == We can run the controller on the console or on one of the nodes as they each can have equal access the the openflow controling vlan. === Installing the controller (on a node) === Two distinct controllers, one from the !OpenFlow reference System (v0.8.9r2) and another from NOX-core (v0.5.0), have been successfully installed and tested on the Console. These can be downloaded from the following places: * !OpenFlow reference system: http://www.openflowswitch.org/wp/downloads/ * NOX-core: http://noxrepo.org/wp/ The former is a simple implementation that comes with a few tests; latter is a full-blown network operating system/ development tool that comes with a Network API that can be used to write and develop your own controller in C++ or Python. Both can also be installed using Git. Git can be installed with the following command: {{{ apt-get install git-core }}} === Installing the !OpenFlow Reference System === While presented, it is not recommended to install from tarball. The detailed instructions may be found here: http://www.openflowswitch.org/wp/getstarted/ 1. Download software and required packages. If using git: {{{ sudo apt-get install git-core automake m4 pkg-config libtool git clone http://openflowswitch.org/openflow cd openflow ./boot.sh }}} if installing from tarball: {{{ mkdir openflow cd openflow wget http://openflowswitch.org/downloads/openflow-0.9.0.tar.gz tar xzf openflow-0.9.0.tar.gz cd openflow-0.9.0 sudo apt-get install gcc linux-headers-`uname -r` }}} 2. Make and install. {{{ ./configure --with-l26=/lib/modules/`uname -r`/build make make install }}} === Installing NOX (on a node) === It is not only recommended but also much simpler to use git to install NOX. Therefore the following instructions assume you are using git. The full instructions are found at noxrepo.org: http://noxrepo.org/manual/installation.html [[BR]] ''' Dependencies ''' [[BR]] NOX requires the following packages to be installed on the Console: * GNU Libtool (libtool) * Boost C++ libraries (libboost1.35-dev) * Apache HTTP Server (apache2) * Xerces C++ parser (libxerces-c28) * Xerces development files (libxerces-c2-dev) * SSL development libraries (libssl-dev) * SQLite 3 development files (libsqlite3-dev) * Simple JSON for Python (python-simplejson) If all dependencies are taken care of, NOX will install with the following steps. {{{ cd git clone git://noxrepo.org/noxcore cd noxcore/ ./boot.sh mkdir build/ cd build/ ../configure --with-python=yes make make check }}} == Controllers on the Console == A sub-set of these instructions can be used to install a "custom" controller in userspace on the console. Most of the requsite libraries should already be installed. ''TODO'' list subset. === Starting the controller === Both commands start the controller and establish a connection with the !OpenFlow switch. The -v is for verbose. -h for both will give you the help files for the controllers. In the reference system, the controller is found under .../openflow/controller/ {{{ ./controller -v ptcp:6633 }}} and in NOX, it is found under .../noxcore/build/src/ {{{ ./nox-core -v -i ptcp:6633 }}} `ptcp:6633` refers to a passive connection to TCP 6633, the default !OpenFlow port. An active connection method using standard TCP exists, however this does not work on this setup. In the !OpenFlow reference system, a log of the verbose output can be saved by appending `--log-file [filename]`. ---- == Available Tools == Some of these tools require root privlages and will thus require a custom installation on a node. Otherse can be run from the console directly in an unprivlaged mode. ''TODO'' indicate what credentails are required for each tool. === the Wireshark plugin === The !OpenFlow Reference system comes with an !OpenFlow wireshark dissector. glib is required for the plugin to work: {{{ apt-get install wireshark libgtk2.0-dev cd utilities/wireshark_dissectors/openflow make sudo make install }}} tcpdump pcap files can also be opened using wireshark - once the plugin has been installed, !OpenFlow packets can be interpreted from these files as well. === Iperf === For performance testing, you may want to run some bandwidth tests. iperf is a tool that measures maximum network performance using TCP for throughput and UDP for jitter and datagram loss. The standard image used for the Sandbox nodes when booted with command `omf tell on` comes with iperf. To take measurements, you need at least two nodes. One node becomes the server, the other(s), clients. To start the server: {{{ iperf -s }}} and on the client: {{{ iperf -c 192.168.x.y }}} 192.168.x.y is the IP address block associated with the !OpenFlow VLAN. When setting the node IP addresses (i.e. using ifconfig), x.y should be made unique to each node. A caveat is that iperf cannot take real-time bandwidth measurements. Real-time bandwidth use can be monitored using BWM-ng. === BWM-ng === By default, the tool will monitor all interfaces on the Console. To monitor just the !OpenFlow interface, you must specify `eth1.100`. To output this to a csv, use the following command (-t specifies a sampling rate of 1000 msec, or 1 sample/sec): {{{ bwm-ng -I eth1.100 -o csv -t 1000 -F }}} === Development === The files defining !OpenFlow Protocol can be found in the following locations: * !OpenFlow reference system: openflow/include/openflow/openflow.h * NOX: noxcore/src/include/openflow.hh In addition, NOX provides a [http://noxrepo.org/manual/app.html Web API] that allows you to do development in C++ or Python. === Demo Video === ''TODO'' move this onto the orbit webserver. A video Demonsration of the usage of the refrence controller can be found at: http://www.winlab.rutgers.edu/~ssugrim/Projects.html