Context Navigation

QuickStart

Timestamp:: Jul 26, 2010, 8:44:02 PM (14 years ago)
Author:: akoshibe
Comment:: —

Legend:

: Unmodified
: Added
: Removed
: Modified

Internal/OpenFlow/QuickStart

-              v2
+              v3
 = The IP8800 Packet Switch =
+The IP8800/S3640 is a smart switch built by NEC capable of running firmware compliant with !OpenFlow networking. WINLAB utilizes IP8800 switches in its experimental network infrastructure. This is a quick-start guide (hopefully) suitable for anyone trying to learn how to deploy the NEC IP8800 on the network. The !OpenFlow aspect of the switch will not be discussed here in too much detail as it involves a whole different set of network configurations.
+''' References ''' [[BR]]
+The full IP8800 operations manual can be found online. Then why am I taking my time to make this handbook? For one, the online manual is in Japanese. Even if you are literate in Japanese, the manual is quite extensive. So, to sum things up -- the purpose of this guide is to provide a quick reference so that no-body has to dig through the handbook to find out, say, how to safely shut the switch down. But, for those of you who want to check out the whole shebang, here are the links:
+ * Vol. 1: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide/index.html
+ * Vol. 2: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide2/index.html
+ * Vol. 3: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide3/index.html
+The switches may also come with 2 CDs containing the English translated version of the manual.
+'''Before we begin...'''[[BR]]
+Here are the assumptions that are made in this handbook:
+ * You are using the NEC IP8800/S3640-48T2XW switch. Commands vary even amongst similar lines of devices.
+ * You are familiar with, and running some form of *nix on your PC (We are, for the most part, using Ubuntu unless specified)
+ * You have a serial port on your machine, and have either minicom or kermit installed on your machine.
+'''Conventions'''[[BR]]
+Text in `console font` and in quotations are commands that can be entered at the command line. When in quotations, the quotes should be omitted.
+Each section outlined in the index starts with a short overview, followed by step-by-step instructions (if applicable), and ends with troubleshooting error messages that are associated with each.
+[[BR]]
+----
+The IP8800/S3640 is a smart switch built by NEC capable of running firmware compliant with !OpenFlow networking. WINLAB utilizes IP8800 switches in its experimental network infrastructure. This is a quick-start guide (hopefully) suitable for anyone trying to learn how to deploy the NEC IP8800 on the network as an !OpenFlow device.
 == Index == #index
+ [#preamble Before we begin...] [[BR]]
  [#I I Introduction] [[BR]]
   [#Serial 1.1 Connection via serial] [[BR]]
 …
 ----
+== Before we begin... == #preamble
+A few things before moving onto business. Firstly, Here are the assumptions that are made in this handbook:
+ * You are using the NEC IP8800/S3640-48T2XW switch. Commands vary even amongst similar lines of devices.
+ * You are familiar with, and running some form of *nix on your PC (We are, for the most part, using Ubuntu unless specified)
+ * You have a serial port on your machine, and have either minicom or kermit installed on your machine.
+''' References ''' [[BR]]
+The full IP8800 operations manual can be found online. Then why am I taking my time to make this handbook? For one, the online manual is in Japanese. Even if you are literate in Japanese, the manual is quite extensive, and doesn't cover the !OpenFlow side of things. So, to sum things up -- the purpose of this guide is to provide quick reference to the switches' basic functionalities so that no-body has to dig through the handbook to find out, say, how to safely shut the switch down. But, for those of you who want to check out the whole shebang, here are the links:
+ * Vol. 1: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide/index.html
+ * Vol. 2: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide2/index.html
+ * Vol. 3: http://www.nec.co.jp/ip88n/s36_sw/html/cfguide3/index.html
+The switches may also come with 2 CDs containing the English translated version of the manual. The !OpenFlow manual comes with the firmware.
+'''Conventions'''[[BR]]
+Text in `console font` and in quotations are commands that can be entered at the command line. When in quotations, the quotes should be omitted. Words surrounded by carets are various options for a command. If delimited by pipes (|), one out of the several commands separated by pipes can be entered in that spot. For example:
+{{{
+interface gigabitethernet <src port> <tx|rx|both>
+}}}
+Here, <src port> is a value between 0/1 and 0/48, and can be followed by keyword `tx`, `rx`, or `both`.
+Each section outlined in the index starts with a short overview, followed by step-by-step instructions (if applicable), and ends with troubleshooting error messages that are associated with each.
+[[BR]][[BR]]
+----
 = I Introduction = #I
 Many "Smart" switches, including the IP8800 series switches, must be configured using the Command-line-interface(CLI). This usually involves a serial, telnet, or ssh session through a terminal. This chapter explains how to connect to the switch via serial, and covers some basic commands and operational tasks to get started with these switches.
 …
 = IV !OpenFlow Switching = #IV
 This section goes over the !OpenFlow aspects of the switch.
+[[BR]]
 == 4.1 What is !OpenFlow? == #intro
 !OpenFlow is a virtualization technology developed by Stanford. Ideally, it allows administrators and researchers to configure the switch's behavior freely, without constraints of TCP/IP or the native firmware. This is achieved by removing traffic switching decisions off of the switch and onto an external, highly configurable controller. More on !OpenFlow can be found at http://www.openflowswitch.org.
+The switch supports !OpenFlow in the form of virtual switches, or "datapaths" that overlay VLAN configurations; Each separate VLAN residing on the same device can be instantiated as a virtual switch that can be controlled by separate controllers and/or scripts, or be kept as a traditional VLAN that does commodity switching.
+The switch supports !OpenFlow in the form of virtual switches, or "datapaths" that overlay VLAN configurations; Each separate VLAN residing on the same device can be instantiated as a virtual switch that can be controlled by separate controllers and/or scripts, or be kept as a traditional VLAN that does commodity switching.
+[[BR]]
+[#index return to main index]
+[[BR]]
+[[BR]]
 == 4.2 Outline == #outline
 In order to make the switch !OpenFlow capable, you need to flash the switch with an SD card containing specialized firmware. The rough outline of the steps are the following:
 …
 . configure virtual switches
+Since it is easier to describe using examples, this process will be described using the steps involved in configuring [http://orbit-lab.org/wiki/Internal/OpenFlow/OrbitSwitches/sw-sb-combined sw-sb-01], one of the aggregate Sand Box switches currently running in !OpenFlow mode.
+Since it'd be easier to describe what's going on, this process will be using the configurations for [http://orbit-lab.org/wiki/Internal/OpenFlow/OrbitSwitches/sw-sb-combined sw-sb-01] as an example. You should take a bit of time to graze over the configs for the switch before going on.
+[[BR]]
+[[BR]]
 == 4.3 Configuring the switch == #ofconf
+This section corresponds to steps 1 and 2 in the Outline. Because virtual switches are based on VLANs, all port and VLAn configs should be done before flashing. This part of the setup is just normal configuration using `vlan`, `interface vlan`, and `interface gigabitethernet` contexts.
+This section corresponds to steps 1 and 2 in the Outline.
+'''''1. Disable Spanning Tree (STP)'''''. STP compromises both !OpenFlow and ORBIT nodehandler/nodeagent functionalities, so both STP and Per-VLAN Spanning Tree (PVST) must be shut down using the `spanning-tree` context from the (config)# prompt.
+{{{
+spanning-tree disable
+no spanning-tree vlan 1,3,11-14,19-26
+}}}
+The first line disables STP. The second line disables PVST for each VLAN used.
+[[BR]][[BR]]
+'''''2. configure VLANs and ports, telnet'''''. Because virtual switches are based on VLANs, all port and VLAN configs should be done before flashing. This part of the setup is just normal configuration using `vlan`, `interface vlan`, and `interface gigabitethernet` contexts.
+[[BR]]
+[#index return to main index]
+[[BR]]
+[[BR]]
+== 4.4 Preparing the SD card == #sdprep
+When flashing, the switch is booted off of an SD card containing the firmware, license, and a configuration file. Each switch should have come with an SD card; if not (or if the SD card is shoddy), it's ok to use another 128MB card. Anything larger may be affected by a known bug that causes filesystem corruption (see 'errors' section below ).
+== 4.4 Preparing the SD card == #sdprep
+licenses, image file, openflow.conf
+== 4.5 OpenFLow Commands == #ofcom
+instantiating vswitches/datapaths
+This section is comprised of steps 3 and 4. Technically, it's better explained as three steps:
+'''''1. Copy license to SD card'''''. The switch will refuse to boot from an SD card without the proper license file. Each license file should be named after a particular switch's serial ID, which can be found on a silver stcker on the lower righthand corner on the front of the device, or through the `show ver` command:
+{{{
+> sh ver
+Date 2010/07/26 15:42:50 UTC
+Model: AX3640S-48T2XW
+S/W: OS-L3L Ver. 11.1.C
+H/W: Main board
+       AX-3640-48T2XWE-L [WA13CL48T2XVS400E05A005:80330300:307:1B514-1B512]
+     Module slot1 PS-M(AC)
+       AX-F2430-PSA01 [WA0PSA010000C110005A005]
+     Module slot2 FAN-M
+       AX-F2430-FAN01 [WA2FAN010000C140005A005]
+}}}
+The string in square brackets right underneath "H/W: Main board" is the full serial number of the switch.
+In this case, the proper license for this switch would be named 'WA13CL48T2XVS400E05A005.dat'. This should be renamed to 'license.dat' before being saved to the card.
+'''''2. Copy firmware image file to card'''''. The firmware is named 'k.img'. This doesn't need to be renamed.
+'''''3. Create openflow.conf'''''. Create a new file named 'openflow.conf' and save it to the card.
+With the three files saved, the card is ready for use.
+[[BR]]
+== 4.5 Flashing the switch == #flash
+The switch has an SD slot next to the serial port. Slap the card in and reboot the switch with a `reload` as user admin.
+{{{
+sw-sb09-da# reload
+Dump information extracted? (y/n): y
+old dump file(rmdump  07/21 21:16) delete OK? (y/n): y
+}}}
+If connected by serial, you should be able to see the following startup sequence, which should take about 2 minutes:
+{{{
+sw-sb09-da#
+ROM 00.03.52
+.......................................................................................
+BOOT 00.03.00
+Loading from dev2 100%
+login:
+}}}
+'Loading from dev2' indicates that the switch has successfully found, and is booting off of, the firmware on the SD card.
+=== errors ===
+If you forget the license, or use the wrong one (e.g. one whose name doesn't match the serial ID of the switch), The switch will restart in the ROM prompt.
+The switch may also boot with the default image if the image on the SD card is corrupt. This is usually indicated by the message "Loading from dev0" and not recognizing [#ofcom OpenFlow specific commands].
+The worst case scenario is a corrupted SD card. This may be caused by various reasons, including buggy firmware, improper restart, or using a card over 128MB. Symptoms include:
+ * the device not starting up/loading the default image
+ * scrambled/truncated filenames (e.g. 'openflow.conf' showing up as 'openf~l.con')
+ * inability to create virtual switches
+The most surefire way to fix this is to reformat the SD card. The easiest way to do it is to use a Windows machine. When the card shows up under "Devices", right click and go to 'Format'. A window saying "Format Secure Digital Storage Device" should pop up. Set "Allocation Unit size" to "default allocation size", and click 'Start'. You may need to confirm that you want to reformat the card. The card should be good to go in about a minute or so.
+[[BR]]
+[#index return to main index]
+[[BR]]
+[[BR]]
+== 4.6 OpenFLow Commands == #ofcom
+=== Index === #ofindex
+these are the sub-sections to this section:
+ [#ofback 4.6.1. Background] [[BR]]
+ [#setv 4.6.2. Virtual switch instantiation] [[BR]]
+ [#delvsi 4.6.3. Virtual switch deletion] [[BR]]
+ [#ctvsi 4.6.4. Manipulating virtual switches] [[BR]]
+ [#ofmon 4.6.5. Monitoring OpenFlow stats] [[BR]]
+ [#others 4.6.6. other commands] [[BR]]
+The !OpenFlow capable firmware supports a suite of commands that can be used to configure !OpenFlow datapaths. These commands are located in /usr/local/bin/; try greping (is that a word?) for "vsi", or "port" for a list of commands.
+Once the switch is booted up, we can move to the final step of actually instantiating virtual switches using these commands.
+[[BR]]
+=== 4.6.2. Virtual switch instantiation === #setv
+'''setvsi''' [[BR]]
+sw-sb-01's data VLAns are all !OpenFlow virtual switches instantiated using the command `setvsi`. `setvsi` takes on the following minimal syntax:
+{{{
+setvsi <VLAN ID> <ports> tcp <IP addr:port> dpid <datapath ID>
+}}}
+ * <VLAN ID> - the VLAN ID of the VLAn you want to overlay a virtual switch onto
+ * <ports> - the ports, without the '0/', that are going to be part of the virtual switch
+ * <IP addr:port> - IP address of the !OpenFlow controller you want the virtual switch to listen to, and port number (default is 6633)
+ * <datapath ID> - 12-digit hex value defining the MAC address for the virtual switch. Always begins with '0x'
+a full synopsis can be found by typing "setvsi" at the CLI.
+setvsi basically echos the whole command into openflow.conf. This is handy since you can follow the exact commands used to instantiate the virtual switches on a particular switch by simply doing a `cat /mnt/openflow.conf`.
+'''implementation''' [[BR]]
+Here's sw-sb-01's conf file:
+{{{
+sw-sb-01> cat /mnt/openflow.conf
+setvsi 12 31,32,48.12 tcp 172.16.0.4:6633 dpid 0x001010123132
+setvsi 14 33,34,48.14 tcp 172.16.0.4:6633 dpid 0x001010143134
+setvsi 20 35,36,48.20 tcp 172.16.0.4:6633 dpid 0x001010203230
+setvsi 22 37,38,48.22 tcp 172.16.0.4:6633 dpid 0x001010223232
+setvsi 24 39,40,48.24 tcp 172.16.0.4:6633 dpid 0x001010243234
+setvsi 26 41,42,48.26 tcp 172.16.0.4:6633 dpid 0x001010263236
+}}}
+Each line is the exact command that was typed at the prompt. As you can see, sw-sb-01 has 6 virtual switches overlaying VLANs 12,14,20,22,24,and 26. All of them are pointed towards IP address 172.16.0.4, the ORBIT !OpenFlow controller.
+'''ORBIT DPID conventions''' [[BR]]
+There are a few home-brew conventions that are used for the dpid's:
+ * first 3 bytes are always '001010'
+ * the 4th byte is the VLAN ID, in decimal
+ * the last two bytes are the VLAN ID in ascii hex notation. ASCII maps decimal 0-9 to hex 30-39.
+So, for example, if we have VLAN 12, the last 3 bytes will be '12', '31', and '32'. That's the dpid from the first setvsi line in the terminal output above.
+'''trunk ports''' [[BR]]
+If you look at the list of ports from the conf file above, you'll notice that all of them end with "48.n", n being the VLAN ID for the virtual switch being instantiated. This value lets the switch know which VLAN ID to tag the traffic to/from a particular datapath with on a particular trunk port. For example, "48.12" means "tag virtual switch 12's traffic with VLAN ID 12 on trunk port 0/48." This is needed if you are using trunking the switch.
+[[BR]]
+[#ofindex return to section index] [[BR]]
+[#index return to main index]
+[[BR]]
+=== 4.6.3. Virtual switch deletion === #delvsi
+`deletevsi` deletes a certain virtual switch instantiation. The syntax is as follows:
+{{{
+deletevsi <VLAN ID>
+}}}
+nice and simple.
+[[BR]]
+=== 4.6.4. Manipulating virtual switches === #ctvsi
+You don't want to have to keep deleting and redoing virtual switches just to add or remove ports from an instantiation.
+ * `addport <VLAN ID> <port>` - add ports to virtual switch for VLAN of <VLAN ID>
+ * `deleteport <VLAN ID> <port>` - delete ports from virtual switch for VLAN of <VLAN ID>
+Nor do you want to keep setvsi-ing them because you didn't want a virtual switch one moment, and then you wanted it the next.
+ * `disablevsi <VLAN ID>` - temporarily disable the virtual switch. As far as the switch is concerned, it's not there when it's disabled.
+ * `enablevsi <VLAN ID>` - enable a disabled virtual switch.
+[[BR]]
+[#ofindex return to section index] [[BR]]
+[#index return to main index]
+[[BR]]
+=== 4.6.5. Monitoring !OpenFlow stats === #ofmon
+There are a few commands to pull stats about flows, virtual switches, ect.
+ * `showswitch <VLAN ID|cr> <detail|cr>` - displays virtual switch information. VLAN ID and "detail" are optional parameters.
+ * `showflow <VLAN ID|cr> <detail|cr>` - display current flows. Same deal with parameters.
+ * `showofinfo` - display all !OpenFlow and system (akin to doing a dmesg and sysctl -a back-to-back) stats
+'''example''' [[BR]]
+Displaying all datapaths:
+{{{
+sw-sb-01> showswitch
+vlan    ports                                           secure channel
+----    -----                                           --------------
+      31, 32, 48.12                                   connected
+      33, 34, 48.14                                   connected
+      35, 36, 48.20                                   connected
+      37, 38, 48.22                                   connected
+      39, 40, 48.24                                   connected
+      41, 42, 48.26                                   connected
+}}}
+Here you can see that all of the virtual switches are registered ("connected") with the controller.
+Now, if you want to focus on one virtual switch, say VLAN 12:
+{{{
+sw-sb-01> showswitch 12 detail
+Virtual switch 12
+  Datapath ID  : 68989104434(0x1010123132)
+  Datapath name: sw-sb-01
+  Port         : gigabitethernet 0/31 (link down)
+                 gigabitethernet 0/32 (link down)
+                 gigabitethernet 0/48.12 (link up, 1G full)
+  Conn mode    : tcp
+  Controller   : 172.16.0.4:6633 (connected)
+  Exact match  : 01-24, 49-50 hw 0 / hw max 3046
+-48        hw 0 / hw max 3046
+  Exact match  : sw 0 / sw max 131072
+  Wildcard     : sw 1 / sw max 100
+  Emerg        : sw 0 / sw max 100
+  Packet buff  : 256 packets / 4294967295 MB
+  Miss sendlen : 128 bytes
+  Wcard mode   : S/W only
+  Counter type : Packet Counter
+  MAC learning : On
+  Min EQ       : 0
+  Max EQ       : 7
+  Default EQ   : 4
+  VSI Enable   : yes
+}}}
+=== 4.6.6. other commands === #others
+I really haven't used the other commands e.g, for queue manipulation, so I can't really describe them. But here's the list of what I believe is all the commands for !OpenFlow datapath manipulation:
+{{{
+-r-xr-xr-x  1 root  wheel   221139 Jun  9 05:20 addport
+-r-xr-xr-x  1 root  wheel   211566 Jun  9 05:20 deleteflow
+-r-xr-xr-x  1 root  wheel   221162 Jun  9 05:20 deleteport
+-r-xr-xr-x  1 root  wheel   202225 Jun  9 05:20 deletevsi
+-r-xr-xr-x  1 root  wheel   202579 Jun  9 05:20 disablevsi
+-r-xr-xr-x  1 root  wheel   202513 Jun  9 05:20 enablevsi
+-r-xr-xr-x  1 root  wheel   521925 Jun  9 05:20 max-queue-rate
+-r-xr-xr-x  1 root  wheel      436 Jun  9 05:20 ofconf_mng.sh
+-r-xr-xr-x  1 root  wheel   202688 Jun  9 05:20 settrace
+-r-xr-xr-x  1 root  wheel   231122 Jun  9 05:20 setvsi
+-r-xr-xr-x  1 root  wheel   229570 Jun  9 05:20 showflow
+-r-xr-xr-x  1 root  wheel     2146 Jun  9 05:20 showofinfo
+-r-xr-xr-x  1 root  wheel   232831 Jun  9 05:20 showswitch
+}}}
+[[BR]]
+[#ofindex return to section index] [[BR]]
+[#index return to main index]