Building Sandbox 9

This page describes any important-like things that happen in setting up the Sandbox 9. Sandbox 9 will first be networked using legacy switching and static VLANs. Once the controller is deployed, virtual switches will be used.

Overview

This is the strategy regarding this department:

1. Set up static VLANs based on ORBIT network infrastructure convention.
2. introduce virtual switching once the OpenFlow controller can be implemented.

Preliminary setup based on ORBIT Network Infrastructure

As of now (6/26/09), we still have not began work on a controller. Without the controller, the virtual switches are nonfunctional, so we first begin by trying to build Sandbox 9 using static VLANs and legacy firmware.

Conventions used

3 types of VLANs are used on the ORBIT testbed: CM, Control, and Data. While the CM VLAN spans across all 10 testbeds (Grid + 9 Sandboxes), each testbed has its own Control and Data VLANs.

On the NEC switch, the 3 VLANS and a trunk are assigned according to conventions used for the ORBIT networks, except that 12 ports are allocated to each VLAN and trunk:

Usage	Ports	VLAN ID
CM	1-12	3
Control	13-24	27
Data	25-36	28
Trunk	37-48	-

DHCP

DHCP relay agents are only needed when the DHCP server and host are on separate VLANs. You don't need to configure the relay agent since the DHCP server is on the trunk connection and beyond the ASA. The ASA behaves as a router between the VLANs, and handles the relaying and VLAN tags.

There seems to be no way of configuring the switch to be a DHCP client. The switch's IP address was statically set on native VLAN 1 (Network). The commands for this are here.

Static VLAN Configuration

Configuration of the CM VLAN (VLAN 3) is shown here.

1. Create and name VLAN

   (config)# vlan 3
   !(config-vlan)# name "CM"
   !(config-vlan)# exit
   

2. Assign CM VLAN 3 to the desired ports. Unfortunately, you have to configure one port at a time. Luckily, you can use the up arrow key to go through previous commands to make things faster.

   !(config)# interface gi 0/1
   !(config-if)# switchport mode access
   !(config-if)# switchport acc vlan 3
   !(config)# interface gi 0/2
   !(config-if)# switchport mode access
   !(config-if)# switchport acc vlan 3
   !(config)# interface gi 0/3
   !(config-if)# switchport mode access
   !(config-if)# switchport acc vlan 3
   !(config)# interface gi 0/4
   !(config-if)# switchport mode access
   !(config-if)# switchport acc vlan 3
   

3. After repeating steps 1 and 2 for the Control and Data VLANs, configure the trunk ports:

   !(config-if)# interface gi 0/45
   !(config-if)# switchport mode trunk
   !(config-if)# switchport trunk allowed vlan 3,27,28
   !(config-if)# interface gi 0/46
   !(config-if)# switchport mode trunk
   !(config-if)# switchport trunk allowed vlan 3,27,28
   !(config-if)# interface gi 0/47
   !(config-if)# switchport mode trunk
   !(config-if)# switchport trunk allowed vlan 3,27,28
   !(config-if)# interface gi 0/48
   !(config-if)# switchport mode trunk
   !(config-if)# switchport trunk allowed vlan 3,27,28
   !(config-if)# exit
   !(config)# save
   (config)# exit
   

The native VLAN was set up later on — look here for native VLAN configuration.

Setup

A host is connected to a Control VLAN port (0/7), and the dhcp comes from trunk port 0/48. It will be able to bind to an address from Control, but not from any other VLAN.

Console

The convention used to wire the ports are:

• Eth0 - DMZ (10.50.x.x)
• Eth1 - Control (10.19.x.x)

Eth1 should be down because it compromises the routing table.

go back to OpenFlow index