Anda di halaman 1dari 71

Software Defined Networking

Lab
Using Mininet
and the
POX Controller
Last Update 2014.02.04
2.1.0

Copyright 2014 Kenneth M. Chipps Ph.D.


www.chipps.com

Sources
This lab uses the OpenFlow Tutorial
sample lab from
http://archive.openflow.org/wk/index.php
/OpenFlow_Tutorial#Download_Files
and content from the book Software
Defined Networking with OpenFlow by
Siamak Azodolmolky

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

The SDN Lab


For this lab on SDN we will be using
Mininet to create the SDN hardware and
OpenFlow commands to define how the
hardware acts

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

What is Mininet
Mininet is a network emulator, not a
simulator
It can be used to create virtual hosts,
hubs, switches, controllers, and links
The code used in Mininet can be used with
no or minimal changes on real SDN
OpenFlow networks

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Flow of the Lab


In this lab you will
Simulate a multi-switch, multi-host network
with Mininet
Create flow tables from the command line
Setup a controller to download the flow entries
View OpenFlow messages with Wireshark

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Flow of the Lab


After the tutorial, you can apply what
you've learned to physical networks
based on software switches or SDN
capable hardware switches at line rate
Here are the steps we will go through

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Flow of the Lab


Download the virtual machine
Setup the virtual machine
Check the setup in Linux
Create the network
Examine the network
Work with basic OpenFlow commands
Add a controller

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Download the Virtual Machine


For this lab a virtual machine appliance in
ovf format must be downloaded from the
OpenFlow Tutorial website here
https://github.com/downloads/mininet/mininet
/mininet-2.0.0-113012-amd64-ovf.zip

Download this file


Expand the zip file
You should see these files
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Download the Virtual Machine

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

Setup the Virtual Machine


To import this appliance into VirtualBox
Select
File
Import Appliance
Select the ovf image
Press the Import button

This lab requires two virtual NICs


The first one should be set to host-only
network
The second one to NAT
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

10

Check Linux
Mininet is a command line tool that runs in
Linux
The Mininet prompt looks like this
mininet>

The Linux prompt ends with a $ for a


normal user
It ends in # for the root account
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

11

Check Linux
We will use the sudo command to run the
Linux commands with root privileges at
the normal user prompt

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

12

Check Linux
Start the virtual machine
Login to Linux
The login is
mininet
mininet

The screen should look like this

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

13

Check Linux

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

14

Check Linux
Lets see if the two network interfaces are
setup correctly
At the Linux prompt enter
ifconfig

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

15

Check Linux
Three interfaces should appear
Two physical interfaces called
eth0
eth1
And the loopback interface

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

16

Check Linux
One of the physical interfaces should have
a 192 address and the other a 10 address
We will access the virtual machine using a
terminal program using the 192 address
If either of the eth Ethernet interfaces are
missing, run this command
sudo dhclient ethx

Where the x in ethx is the number of the


interface
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

17

Check Linux

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

18

Check Linux
As you can see the eth1 interface is
missing
After the dhclient command is run this
appears

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

19

Check Linux

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

20

Create the Network


Pay close attention to the prompt shown
for each command
It makes a difference
The basic network we will start with looks
like this

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

21

Create the Network

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

22

Create the Network


H2 H3 and H4 are just generic end
devices
In the real world they would be PCs,
printers, VOIP telephones and so forth
The others are the SDN devices - a switch
and a controller

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

23

Create the Network


These commands can be entered in the
VirtualBox window from the keyboard
Or a terminal program such as Putty can
be used so the commands can be pasted
Lets start Putty and connect to the virtual
machine
Use the 192 IP address
Putty defaults to SSH
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

24

Create the Network


So just enter the address and click open
The login in is the same as before
mininet
mininet

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

25

Create the Network

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

26

Create the Network


To paste a command, copy it from here
and right click on the command prompt
shown in Putty
The virtual machine is setup with Mininet
installed and ready to run
Issue this command to create the SDN
devices and links for this lab

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

27

Create the Network


It all goes on one line in Linux
$ sudo mn --topo single,3 --mac --switch ovsk --controller remote

This tells Mininet to start up a three host,


single openvSwitch based - switch
topology, set the MAC address of each
host equal to its IP, and point to a remote
controller which defaults to the localhost
The screen should look like this
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

28

Create the Network

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

29

Create the Network


Here's what Mininet just did
Created three virtual hosts
Created a single OpenFlow software switch
with three ports
Connected each virtual host to the switch with
a virtual Ethernet cable
Set the MAC address of each host equal to its
IP address
Configured the OpenFlow switch to connect to
the controller
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

30

Create the Network


These devices do the following
An OpenFlow Controller
The controller creates and transfer to the flow
commands to the switches

An OpenFlow Switch
This is a software based switch that takes
commands from the controller that are used to
handle the frames it receives

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

31

Examine the Network

Notice that the Linux prompt is gone


This is the mininet prompt
Lets see what we made
At the Mininet prompt enter
mininet>nodes

This should appear

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

32

Examine the Network

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

33

Examine the Network


We can also see the network using
mininet>net

And see information about all the nodes


with
mininet>dump

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

34

Examine the Network

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

35

Work With OpenFlow


In OpenFlow to look at a switchs flow
table the dpctl data path control
command can be used
Most OpenFlow switches start up with a
passive listening port - 6634 - from which
you can poll the switch, without having to
add debugging code to the controller

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

36

Work With OpenFlow


For example the command
$ dpctl show tcp:127.0.0.1:6634

will connect to the switch and dump out its


port state and capabilities
This command can be run from the
Mininet prompt as well in this form
mininet>dpctl show

I am going to open another Putty


connection to do this
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

37

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

38

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

39

Work With OpenFlow


This command looks at the flow table
$ dpctl dump-flows tcp:127.0.0.1:6634
or
mininet>dpctl dump-flows

Since we haven't started a controller yet,


the flow-table should be empty

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

40

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

41

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

42

Work With OpenFlow


With the virtual hardware setup lets check
network connectivity from the Mininet
console
mininet>h1 ping c3 h2

The syntax for ping in mininet is


Ping from h1 here
Number of pings 3 times in this example
Ping to h2 here
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

43

Work With OpenFlow


For a continuous ping h1 ping h2
CRTL c to stop the ping

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

44

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

45

Work With OpenFlow


Did you get any replies
As you saw before, the switch flow table is
empty
Besides that, the controller is not yet
configured to provide flow handling
instructions to the switch and therefore
the switch doesn't know what to do with
incoming traffic, leading to ping failure
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

46

Work With OpenFlow


Lets add some flows using dpctl first
The dpctl command can do this on an
individual switch without a controller
These flows are meant to be transitory
As we are working with this in a lab rather
than in a realtime line rate network we
need to increase the timeout before we
add any flows or we will have to keep
reentering the flows
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

47

Work With OpenFlow


To increase the timeout to 5 minutes enter
this command
$dpctl add-flow tcp:127.0.0.1:6634 in_port=1,idle_timeout=300,actions=output:2

Now we can add the flow commands


This is an example of a proactive entry to
the flow table as it will be added before
the traffic it will handle has crossed the
network
In the other lab we will use reactive mode
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

48

Work With OpenFlow


Type this all on one line
$ dpctl add-flow tcp:127.0.0.1:6634 in_port=1,actions=output:2

And this also all on one line


$ dpctl add-flow tcp:127.0.0.1:6634 in_port=2,actions=output:1

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

49

Work With OpenFlow


This will forward packets coming to port 1
to port 2 and vice-versa
Verify this by checking the flow-table with
$ dpctl dump-flows tcp:127.0.0.1:6634

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

50

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

51

Work With OpenFlow


Run the ping command again in the
mininet console
mininet> h1 ping -c3 h2

Did you get replies now

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

52

Work With OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

53

Work With OpenFlow


Check the flow-table again and look at the
statistics for each flow entry
Is this what you expected to see based on
the ping traffic

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

54

Activate Wireshark
Wireshark is useful here to examine the
traffic generated by OpenFlow
The virtual machine being used for this lab
has Wireshark already installed
Lets see how we get it working in this
environment
We will have to use a new SSH session
using X11 as Wireshark uses a GUI
interface
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

55

Activate Wireshark
To run an application that uses a GUI X11
is required
This can be done at either end
Under Windows, the Xming server must
be running, and you must make an SSH
connection with X11 forwarding enabled

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

56

Activate Wireshark
First, search the Internet for and download
the Xming server
Install it
Start Xming
Xming will not show any window, but you
can verify that it is running by looking for
its process in Window's task bar
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

57

Activate Wireshark
Second, make an SSH connection with
X11 forwarding enabled
If you are using Putty, you can connect to
the lab by entering the VM's IP address
for the 192 address NIC and enabling X11
forwarding

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

58

Activate Wireshark
To enable X11 forwarding from Putty's
GUI, go to PuttyConnection | SSH | X11,
then click on Enable X11 Forwarding, as
shown in the following screenshot

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

59

Activate Wireshark

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

60

Activate Wireshark
Or X11 can be added to the VM itself
To install X11 and a simple window
manager, from the VM console window
enter
$ sudo apt-get update
$ sudo apt-get install xinit flwm

Start an X11 session in the VM console


window by typing
$ startx
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

61

Activate Wireshark
Now start Wireshark as a background
process
$sudo wireshark $

Click on OK to clear any error messages

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

62

Observe SDN Traffic


Start a capture in Wireshark using the
loopback interface
Create and apply a filter for just the
OpenFlow traffic by entering a display
filter in Wireshark using the string
of

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

63

Load the Controller


To generate some traffic we will load a
controller as that is the next step anyway
There are a number of software based or
hardware based controllers that can be
used in an SDN
In this example we will load the POX
controller
The developers of this controller say this
about it
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

64

POX Controller
POX is NOXs younger sibling
At its core, its a platform for the rapid
development and prototyping of network
control software using Python
Meaning, at a very basic level, its one of a
growing number of frameworks (including
NOX, Floodlight, Trema, etc., etc.) for helping
you write an OpenFlow controller

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

65

POX Controller
POX also goes beyond this
As well as being a framework for interacting
with OpenFlow switches, were using it as the
basis for some of our ongoing work to help
build the emerging discipline of Software
Defined Networking
Were using it to explore and prototype
distribution, SDN debugging, network
virtualization, controller design, and
programming models
Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

66

Load the Controller


To start POX enter these commands
$cd pox
./pox.py forwarding.l2_learning

If the command prompt does not appear


after running this command, press enter

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

67

Load the Controller

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

68

Observe SDN Traffic


Switch back to the Wireshark window to
see the activity as the controller loads

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

69

Observe SDN Traffic

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

70

Summary
We now have a complete Software
Defined Network whose actions are
defined by OpenFlow

Copyright 2014 Kenneth M. Chipps Ph.D. www.chipps.com

71

Anda mungkin juga menyukai