wiki:Internal/OpenFlow/SandBoxSetup

Version 9 (modified by akoshibe, 15 years ago) ( diff )

Building Sandbox 9

This page describes any important-like things that happen in setting up the Sandbox 9. Sandbox 9 will first be networked using legacy switching and static VLANs. Once the controller is deployed, virtual switches will be used.

Overview

This is the strategy regarding this department:

  1. Set up static VLANs based on ORBIT network infrastructure convention.
  2. introduce virtual switching once the OpenFlow controller can be implemented.

Preliminary setup based on ORBIT Network Infrastructure

As of now (6/26/09), we still have not began work on a controller. Without the controller, the virtual switches are nonfunctional, so we first begin by trying to build Sandbox 9 using static VLANs and legacy firmware.

Conventions used

3 types of VLANs are used on the ORBIT testbed: CM, Control, and Data. While the CM VLAN spans across all 10 testbeds (Grid + 9 Sandboxes), each testbed has its own Control and Data VLANs.

On the NEC switch, the 3 VLANS and a trunk are assigned according to conventions used for the ORBIT networks, except that 12 ports are allocated to each VLAN and trunk as of 7/2 :

UsagePortsVLAN ID
CM1-123
Control13-2427
Data25-3628
Trunk37-48-

DHCP

DHCP relay agents are only needed when the DHCP server and host are on separate VLANs. You don't need to configure the relay agent since the DHCP server is on the trunk connection and beyond the ASA. The ASA behaves as a router between the VLANs, and handles the relaying and VLAN tags.

There seems to be no way of configuring the switch to be a DHCP client. The switch's IP address was statically set on native VLAN 1 (Network). The commands for this are here.

Setup

A host is connected to a Control VLAN port (0/7), and the dhcp comes from trunk port 0/48. It will be able to bind to an address from Control, but not from any other VLAN.

Console

The convention used to wire the ports are:

  • Eth0 - DMZ (10.50.x.x)
  • Eth1 - Control (10.19.x.x)

Eth1 should be down because it compromises the routing table.

Making the controller from the OpenFlow Reference System Code. (7/14, 7/15)

The OpenFlow reference system contains code for a controller that makes an OpenFlow switch into a learning switch. This was built (but not installed) on the Console by following instructions on the OpenFlow site: http://www.openflowswitch.org/wk/index.php/Ubuntu_Install

The console was then configured to be VLAN aware for VLANs 27,28, and 100. The site referenced: http://ubuntuforums.org/showthread.php?t=703387

The interfaces looked like this at the end:

# The primary network interface 
auto eth0 eth1
iface eth0 inet dhcp

iface eth1 inet static
address 192.168.100.28
netmask 255.255.255.0 
#  address 10.19.0.10
#  netmask 255.255.0.0

#auto eth1.27
iface eth1.27 inet static
address 10.19.0.10
netmask 255.255.0.0

#auto eth1.28
iface eth1.28 inet static
address 192.168.1.28
netmask 255.255.255.0

#auto eth1.100
iface eth1.100 inet static
address 172.16.100.1
netmask 255.255.255.0

Eth1 was then connected to a reconfigured trunk port that allowed VLANs 27,28, and 100. The commands used for re-configuring trunk port 0/37:

sw-sb09(config)# sh int gi 0/37 
interface gigabitethernet 0/37
  switchport mode trunk
  switchport trunk allowed vlan 1,3,27-28
  switchport trunk native vlan 1
!
sw-sb09(config)# int gi 0/37           
sw-sb09(config-if)# no switchport trunk native vlan 1
!sw-sb09(config-if)# exit                 
!sw-sb09(config)# vlan 100
!sw-sb09(config-vlan)# exit
!sw-sb09(config)# interface vlan 100
!sw-sb09(config-if)# ip address 172.16.100.10 255.255.255.0
!sw-sb09(config-if)# interface gigabitethernet 0/37
!sw-sb09(config-if)# switchport trunk native vlan 100
!sw-sb09(config-if)# switchport trunk allowed vlan remove 1
!sw-sb09(config-if)# switchport trunk allowed vlan remove 3
!sw-sb09(config-if)# switchport trunk allowed vlan add 100
!sw-sb09(config-if)# save

We later realized that VLAN interfaces for VLANs 27 and 28 also need to be assigned Ip addresses in order for the switch to be able to ping the controller's VLAN interfaces.

sw-sb09(config-if)# interface vlan 27
!sw-sb09(config-if)# ip address 10.19.0.20 255.255.0.0
!sw-sb09(config-if)# interface vlan 28 
!sw-sb09(config-if)# ip address 192.168.1.20 255.255.255.0
!sw-sb09(config-if)# save
sw-sb09(config-if)# exit
sw-sb09(config)# exit

pinging the interfaces…success.

sw-sb09# ping 10.19.0.10
PING 10.19.0.10 (10.19.0.10): 56 data bytes
64 bytes from 10.19.0.10: icmp_seq=0 ttl=64 time=2.095 ms
64 bytes from 10.19.0.10: icmp_s^C
----10.19.0.10 PING Statistics----
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max = 1.097/1.596/2.095 ms
sw-sb09# ping 192.168.1.28
PING 192.168.1.28 (192.168.1.28): 56 data bytes
64 bytes from 192.168.1.28: icmp_seq=0 ttl=64 time=2.100 ms
64 bytes from 192.168.1.28: icmp_seq=1 ttl=64 time=1.013 ms
^C
----192.168.1.28 PING Statistics----
2 packets transmitted, 2 packets received, 0.0% packet loss
round-trip min/avg/max = 1.013/1.556/2.100 ms

establishing switch-controller connections

The code for the controller is found intuitively in the controller directory. Using ptcp:[port] as the connection method seems to work. we also wanted an output and a log of everything, so the full command was this (from the controller's directory) :

./controller ptcp:6633 -v —log-file=test.log

the first part of the output - you can see the OFPT_HELLO messages, negotiation of the OpenFlow verison, the OFPT_FEATURES_REQUEST, and the switch's OFPT_FEATURES_REPLY:

Jul 16 12:25:43|00001|vlog|WARN|opened log file test.log
Jul 16 12:25:53|00002|rconn|DBG|tcp: entering ACTIVE
Jul 16 12:25:53|00003|vconn|DBG|tcp:172.16.100.10:58499: sent (Success): hello (xid=0xacec814):

Jul 16 12:25:53|00004|vconn|DBG|tcp:172.16.100.10:58499: received: hello (xid=0x9a45bcaf):

Jul 16 12:25:53|00005|vconn|DBG|tcp:172.16.100.10:58499: negotiated OpenFlow version 0x97 (we support versions 0x97 to 0x97 inclusive, peer no later than version 0x97)
Jul 16 12:25:53|00006|vconn|DBG|tcp:172.16.100.10:58499: sent (Success): features_request (xid=0x9eebe16b):

Jul 16 12:25:53|00007|vconn|DBG|tcp:172.16.100.10:58499: sent (Success): set_config (xid=0xff52f51d): (sending flow expirations) miss_send_len=128

Jul 16 12:25:53|00008|vconn|DBG|tcp:172.16.100.10:58499: received: features_reply (xid=0x9eebe16b): ver:0x97, dpid:12345678987
n_tables:2, n_buffers:256
features: capabilities:0x17, actions:0x3ff
 0(25): addr:00:12:e2:c8:1f:b5, config: 0, state:0x1
 1(26): addr:00:12:e2:c8:1f:b6, config: 0, state:0x1
 2(27): addr:00:12:e2:c8:1f:b7, config: 0, state:0x1
 3(28): addr:00:12:e2:c8:1f:b8, config: 0, state:0x1
 4(29): addr:00:12:e2:c8:1f:b9, config: 0, state:0x1
 5(30): addr:00:12:e2:c8:1f:ba, config: 0, state:0x1
 6(31): addr:00:12:e2:c8:1f:bb, config: 0, state:0x1
 7(32): addr:00:12:e2:c8:1f:bc, config: 0, state:0x1
 8(33): addr:00:12:e2:c8:1f:bd, config: 0, state:0x1
 9(34): addr:00:12:e2:c8:1f:be, config: 0, state:0x1
 10(35): addr:00:12:e2:c8:1f:bf, config: 0, state:0x1
 11(36): addr:00:12:e2:c8:1f:c0, config: 0, state:0x1

packet sniffing

The experiment that was packet-sniffed included the following steps:

  1. unplug all hosts connected to the virtual switch (VLAN 28 ports)
  2. start the controller
  3. plug in one host at a time

tcpdump was used to packet sniff on the VLAN100 interface on SB9 with this command:

tcpdump -i eth1.100 -w foo.pcap

Here, the log is saved in foo.pcap. This was later opened in wireshark on another PC (Given X11 didn't break, wireshark on sb9 would would have worked) using the command

wireshark -r foo.pcap &

Wireshark can be updated with a OpenFlow dissector that comes with the OpenFlow reference system.
Directions on updating wireshark: http://www.openflowswitch.org/wk/index.php/Ubuntu_Install#Install_Wireshark_Dissector

The experiment was later recreated with the Sandbox nodes.

  1. start packetsniffer
  2. start controller
  3. bring nodes up
  4. have one node ping another
  5. 60 second idle time
  6. ping again




go back to OpenFlow index

Attachments (1)

Download all attachments as: .zip

Note: See TracWiki for help on using the wiki.