SDN Bootcamp

Session 1

Install Controller

You may use either Floodlight (Java-based) or POX (Python-based). Note, the examples we present during the sessions will use Floodlight, but the same applications can be constructed in POX.

Floodlight

Option 1: Use your favorite text-editor and ant

  1. Download Floodlight in the VM.
  2. Untar.
  3. Run ant in the floodlight directory.

Option 2: Use Eclipse

  1. Install Eclipse on your host machine.
  2. Download Floodlight to your host machine.
  3. Untar.
  4. Setup Eclipse for Floodlight development
    • ant eclipse
    • Open eclipse and create a new workspace
    • File -> Import -> General -> Existing Projects into Workspace. Then click "Next".
    • From "Select root directory" click "Browse". Select the parent directory where you placed floodlight earlier.
    • Check the box for "Floodlight". No other Projects should be present and none should be selected.
    • Click Finish.
    • Click Run -> Run Configurations.
    • Right Click Java Application -> New.
    • For Name use "FloodlightLaunch".
    • For Project use "Floodlight".
    • For Main use "net.floodlightcontroller.core.Main".
    • Click Apply.

See also: Floodlight Installation Guide

POX

POX is already installed in the VM at: ~/pox

See also: POX Versions/Downloads

Introductions

Say your name, title (grad, staff, ugrad), and department

Mininet

What is Mininet?

Mininet emulates an OpenFlow network and end-hosts within a single machine. It includes built-in support to create several common topologies, plus it allows for construction of custom topologies using a python script.

Launch Mininet

The network you'll use for the first exercise includes 3 hosts and a switch.

To launch Mininet with this configuration, run the following command (either directly in the VM console or in an SSH session to the VM):

sudo mn --topo single,3 --mac --arp --switch ovsk --controller remote --ip <host_ip>

Each of the part of the command does the following:
sudo: runs as root
mn: runs Mininet
--topo single,3: creates a single switch with 3 ports
--mac: makes the mac address of Mininet hosts the same as their node number
--arp: installs static ARP entries in all hosts
--switch ovsk: uses Open vSwitch in kernel mode for each of the switches
--controller remote: the SDN controller will run outside of Mininet
--ip : switches should connect to the controller running either in your VM (127.0.0.1) on your local machine

Topology Details

Once Mininet is running, you can obtain information about the network, generate traffic, and run commands on individual hosts.

To display all of the elements in the network, run the nodes command within Mininet:

mininet> nodes
Nodes starting with "h" are hosts, and nodes starting with "s" are switches.

To display the list of links in the network, run the net command within Mininet:

mininet> net
This will output a list of switches, and for each switch, list the hosts and switches connected to that switch (along with the network interface on each host and switch that is used for the link).

To check the IP of a virtual host, run the ifconfig command on a specific host within Mininet:

mininet> h2 ifconfig

Generate Traffic

One option to generate traffic is to run ping or iperf on individual hosts. To do so, you need to run a command on a specific host within Mininet. This is achieved by typing the hosts name, followed by the command. For example, to send 10 ping packets to h2 from h1, run:

mininet> h1 ping -c 10 h2

To run iperf, you’ll need to start the iperf server on one host, running the command in the background, and then start the iperf client on another host. For example, to run an iperf server on h1 and an iperf client on h2, run:

mininet> h1 iperf -s &
mininet> h2 iperf -c h1
You can also provide other options to iperf, if desired. Also, you should kill the iperf server on h1, when you are finished:
mininet> h1 kill `ps | grep iperf | cut -f2 -d“ “`
Note that if you run ping or iperf without an SDN controller running on your local machine, no traffic will be sent across the switches (since there are no OpenFlow rules in the switches) and the commands will timeout.

You can also send simple messages between two hosts using netcat (nc). On the host functioning as the "server", run:

mininet> h1 nc -l 80
On the host functioning as the "client", run:
mininet> h2 nc h1 80

An alternative option to generate traffic is to to use the mininet commands pingpair, pingall, and iperf. Using these commands avoids the need to run commands on individual hosts. You can use the mininet help command or consult the Mininet Walkthrough to learn more about these commands.

Reset Mininet

If Mininet is not working correctly (or has crashed and needs to be restarted), first quit Mininet if necessary (using the exit command, or control-D), and then try clearing any residual state or processes using:

sudo mn -c

See also: Mininet Walkthrough

Background on OpenFlow

Hub vs. Switch vs. Router

OpenFlow Software Stack

OpenFlow Rules

Rules consist of match fields and actions

Installing OpenFlow Rules

dpctl is a utility that comes with the OpenFlow reference distribution and enables visibility and control over a single switch's flow table. It is especially useful for debugging, by viewing flow state and flow counters. Most OpenFlow switches can start up with a passive listening port (in your current setup this is 6634), from which you can poll the switch, without having to add debugging code to the controller.

The 'show' command connects to the switch and dumps out its port state and capabilities:

dpctl show tcp:127.0.0.1:6634

The 'dump-flows' command outputs the current set of rules:

dpctl dump-flows tcp:127.0.0.1:6634

To manually install a rule, run something like:

dpctl add-flow tcp:127.0.0.1:6634 in_port=1,actions=output:2

Rule Timeouts

When you do a "dpctl dump-flows" you can see an "idle_timeout" option for each entry, which defaults to 60s. This means that the flow will expire after 60secs if there is no incoming traffic. Run again respecting this limit, or install a flow-entry with longer timeout.

dpctl add-flow tcp:127.0.0.1:6634 in_port=1,idle_timeout=120,actions=output:2

Rule Counters

Each rule tracks the number of packets and bytes

Events

Hub Application

Launch Controller & Application