Floodlight Tutorial - Duke Database...
Transcript of Floodlight Tutorial - Duke Database...
![Page 1: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/1.jpg)
CPS 514 Duke University
Floodlight Tutorial
CPS514September 23, 2015Brendan Tschaen
![Page 2: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/2.jpg)
CPS 514 Duke University
Reminder - SDN Stack● Separation of Control Plane
○ “Brains of the network”
● From Data Plane○ Routers/Switches
2
![Page 3: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/3.jpg)
CPS 514 Duke University
Reminder - SDN Stack● Control Plane => Floodlight
● Data Plane => Mininet
3
![Page 4: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/4.jpg)
CPS 514 Duke University
What is Mininet?● Mininet1 is a network prototyping tool● Simulate an entire network on your laptop!● Design network topology● Test your topology
4[1] Bob Lantz, Brandon Heller, and Nick McKeown. 2010. A network in a laptop: rapid prototyping for software-defined networks. In Proceedings of the 9th ACM SIGCOMM Workshop on Hot Topics in Networks (Hotnets-IX). ACM, New York, NY, USA, , Article 19 , 6 pages. DOI=10.1145/1868447.1868466 http://doi.acm.org/10.1145/1868447.1868466
![Page 5: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/5.jpg)
CPS 514 Duke University
Creating Mininet Topology● Built in topologies: linear, tree
5
s1 s2 s3 s4
h1 h2 h3 h4
$ sudo mn --topo=tree,3$ sudo mn --topo=linear,4
1 1 1 1
2 2 2 23 3
![Page 6: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/6.jpg)
CPS 514 Duke University
Creating Mininet Topology● Mininet has an API to design your own network topology● Create a switch
○ s = self.addSwitch(‘s1’)
● Create a host○ h = self.addHost(‘h1’)
● Create a link○ self.addLink(h, s)○ First link added to the switch connects to port 1, then port 2…
$ sudo mn --custom ~/mininet/custom/topo-2sw-2host.py --topo mytopo --test pingall
http://mininet.org/walkthrough/#custom-topologies
6
![Page 7: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/7.jpg)
CPS 514 Duke University
Connecting to a Controller● Mininet includes a controller, by default● Often you want to test with your SDN controller
○ Specify connection to “remote controller”○ mininet> sudo mn --controller=remote,ip=127.0.0.1,port=6633
7VM
Controller(Floodlight) mininet
![Page 8: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/8.jpg)
CPS 514 Duke University
Testing the topology● After configuration, test that packets are routed correctly● Pings are a good way to check connectivity
○ mininet> h1 ping h2○ mininet> pingall
● Use iperf for TCP packets○ source h1, destination h2:
■ mininet> h2 iperf -s &■ mininet> h1 iperf -c h2
● Analyze the rules inserted at each switch○ mininet> dpctl dump-flows
8
![Page 9: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/9.jpg)
CPS 514 Duke University
Address Resolution Protocol (ARP)● Host A (10.0.0.1) wants to talk to Host B (10.0.0.2)
○ A broadcast request:■ “I need to talk to the MAC address of IP 10.0.0.2”■ with a broadcast MAC address of ff:ff:ff:ff:ff:ff
○ B is the one (and only one) that responds with its MAC address○ A caches the mapping and can now communicate directly with B
● ARP requests are forwarded to the controller by default○ You may need to handle these by forwarding out the appropriate port
● Mininet can pre-populate host arp tables○ sudo mn --arp
9
![Page 10: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/10.jpg)
CPS 514 Duke University
Reminder - SDN Stack● Control Plane => Floodlight
● Data Plane => Mininet
10
![Page 11: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/11.jpg)
CPS 514 Duke University
What is Floodlight?● Open-source SDN Controller Platform● Java based controller● Supports OpenFlow protocol● Allows developers to create SDN applications● v0.91
11
![Page 12: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/12.jpg)
CPS 514 Duke University
Basic Controller Functionality● Install/Remove forwarding rules on switches
○ Need to route flows along the correct path○ Flows are packets with same header
● Topology Discovery○ Need to know what the network looks like○ Link Layer Discovery Protocol
● Statistics○ Need to know what is happening in the network
12
![Page 13: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/13.jpg)
CPS 514 Duke University
Basic Controller Functionality● Install/Remove forwarding rules on switches
○ Need to route flows along the correct path○ Flows are packets with same header
● Topology Discovery○ Need to know what the network looks like○ Link Layer Discovery Protocol
● Statistics○ Need to know what is happening in the network
13
![Page 14: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/14.jpg)
CPS 514 Duke University
Flows Rules● Flows consist of <match,action>● Match - routing information● Action - where to forward the packet
14
Match
src ip: 10.0.0.1dst ip: 10.0.0.2
Action
output: port 2
![Page 15: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/15.jpg)
CPS 514 Duke University
Flow Rules: Match● Flow - set of packets that have same value in certain
fields● Match - composition of all same fields
examples:<dst ip: 8.8.8.8, port 80><src mac address: 01:23:45:67:89:ab><protocol: ipv4, in port: 5>
15
![Page 16: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/16.jpg)
CPS 514 Duke University
Creating a MatchOFMatch match = new OFMatch();
match.setWildcards(Wildcards.FULL.matchOn(Flag.DL_TYPE).matchOn(Flag.NW_DST).withNwDstMask(24) );
match.setDataLayerType( Ethernet.TYPE_IPv4 );
match.setNetworkSource( IPv4.toIPv4Address(“152.3.140.0”) );
● Wildcards determine what information is ignored● <ip packet, ip=152.3.140.0/24>
16
![Page 17: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/17.jpg)
CPS 514 Duke University
Flow Rules: Action● In SDN switches are dumb● Action tells them what to do with a matched packet● Important actions:
○ Send packet out a port○ Modify the packet’s header
examples:<output=3><mod_nw_src=123.45.67.89, output=1>
17
![Page 18: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/18.jpg)
CPS 514 Duke University
Creating an ActionArrayList<OFAction> actions = new ArrayList<OFAction>();
OFActionOutput action = new OFActionOutput().setPort((short) 3);
OFActionNetworkLayerSource ofanls = new OFActionNetworkLayerSource();
ofanls.setNetworkAddress( IPv4.toIPv4Address(“8.8.8.8”) );
examples:<output = port 3, modify IP address to = 8.8.8.8>
18
![Page 19: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/19.jpg)
CPS 514 Duke University
Putting it togetherOFFlowMod flowMod = new OFFlowMod();
flowMod.setMatch( match );
flowMod.setActions( actions );
flowMod.setLength( OFFlowMod.MINIMUM_LENGTH + OFActionOutput.MINIMUM_LENGTH +
OFActionNetworkLayerSource.MINIMUM_LENGTH) );
try {
sw.write(flowMod, cntx);
sw.flush();
} catch (IOException e) {
log.error("Failure writing flowMod", e);
}
19
![Page 20: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/20.jpg)
CPS 514 Duke University
Getting messages from switches
20
![Page 21: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/21.jpg)
CPS 514 Duke University
Getting messages from switches● Switches can let you know when they see a packet● Apps need to register themselves as being interested in
types of messages● Apps need to have a handler for each type of message● Every message from a switch matching this type of
message will be forwarded to the switch
21
![Page 22: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/22.jpg)
CPS 514 Duke University
IOFMessageListenerFirst you must register your module:
… implements IFloodlightModule, IOFMessageListener{
protected IFloodlightProviderService floodlightProvider;
…
public void init(FloodlightModuleContext context) throws FloodlightModuleException {
floodlightProvider = context
.getServiceImpl(IFloodlightProviderService.class);
floodlightProvider.addOFMessageListener(OFType.PACKET_IN, this);
…
}
…
}22
![Page 23: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/23.jpg)
CPS 514 Duke University
IOFMessageListenerThen you must handle the messages:
… implements IFloodlightModule, IOFMessageListener{
…
public Command receive(IOFSwitch sw, OFMessage msg, FloodlightContext cntx) {
OFPacketIn pi = (OFPacketIn) msg;
Ethernet eth = IFloodlightProviderService.bcStore.get(cntx,
IFloodlightProviderService.CONTEXT_PI_PAYLOAD);
…
}
…
}
23
![Page 24: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/24.jpg)
CPS 514 Duke University
Basic Controller Functionality● Install/Remove forwarding rules on switches
○ Need to route flows along the correct path○ Flows are packets with same header
● Topology Discovery○ Need to know what the network looks like○ Link Layer Discovery Protocol
● Statistics○ Need to know what is happening in the network
24
![Page 25: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/25.jpg)
CPS 514 Duke University
Topology Discovery● Floodlight discovers and maintains the network topology
for you○ it uses Link Layer Discovery Protocol (LLDP)
● 2 options:○ Query the controller for the topology○ Listen to the changes in topology
25
![Page 26: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/26.jpg)
CPS 514 Duke University
Link DiscoveryFirst you must register your module:
… implements IFloodlightModule, IOFMessageListener{
protected IFloodlightProviderService floodlightProvider;
protected ILinkDiscoveryService linkDiscoverer;
…
public void init(FloodlightModuleContext context) throws FloodlightModuleException {
floodlightProvider = context
.getServiceImpl(IFloodlightProviderService.class);
linkDiscoverer = context.getServiceImpl( ILinkDiscoveryService.class );
linkDiscoverer.addListener( this );
…
}
…
}
26
![Page 27: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/27.jpg)
CPS 514 Duke University
Link DiscoveryThen you can get the topology:
… implements IFloodlightModule, IOFMessageListener{
protected IFloodlightProviderService floodlightProvider;
protected ILinkDiscoveryService linkDiscoverer;
…
public void myFunction() {
Map<Link, LinkInfo> linkMap = linkDiscoverer.getLinks();
for( Map.Entry<Link, LinkInfo> linkEntry : linkMap.entrySet() ){
Link link = linkEntry.getKey();
//link.getSrc(), link.getDst(), link.getSrcPort, link.getDstPort
}
}
}
…
}
27
![Page 28: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/28.jpg)
CPS 514 Duke University
Running your application● Need to tell Floodlight where the application is
○ add your application path to: src/main/resources/META-INF/services/net.floodlightcontroller.core.module.IFloodlightModule
● Tell floodlight to run your application○ add your application to:
src/main/resources/META-INF/floodlightproperties
28
![Page 29: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/29.jpg)
CPS 514 Duke University
Your turn!Modify the included hub (net.floodlightcontroller.hub) into a firewall that drops ICMP packets
29
![Page 30: Floodlight Tutorial - Duke Database Devilsdb.cs.duke.edu/courses/cps214/fall15/FloodlightTutorial.pdf · CPS 514 Duke University Floodlight Tutorial CPS514 September 23, 2015 Brendan](https://reader031.fdocuments.us/reader031/viewer/2022022017/5b82f8097f8b9a934f8c2f39/html5/thumbnails/30.jpg)
CPS 514 Duke University
ResourcesMininet:http://mininet.org/walkthrough/
Floodlight:https://floodlight.atlassian.net/wiki/display/floodlightcontroller/TutorialsLook at other apps included in Floodlight
30