wiki:Tutorials/m0SDN/aHowTo

Version 18 (modified by seskar, 15 years ago) ( diff )

Name changed from Documentation/OpenFlow/OFHowTo to Documentation/OpenFlowHowTo

OpenFlow How-To

Sandbox 9 uses the OpenFlow capable switch as part of its setup as a means to provide a testbed for experimentation with the OpenFlow protocol. This tutorial covers the following:

  • The network topology of the testbed
  • Installation of the OpenFlow Reference System and NOX
  • Operating the controller
  • Performance analysis tools

OpenFlow Protocol

OpenFlow is a protocol that allows for the creation of overlay networks over pre-existing network infrastructure. This allows a researcher to run experiments on production networks without the fear of affecting any of the legacy installations or setups, while having control over how data is handled across the network.

"OpenFlow Protocol" specifically refers to the protocol that is used by a network device and its controller to pass information about flows, or instructions on how to handle data packets based on the packet header, to each other.

Detailed information can be found here: http://www.openflowswitch.org/

The Testbed

Sandbox 9 consists of eight nodes (currently three are available) connected to the SB9 Console through a OpenFlow enabled gigabit switch. The network topology is shown below:

No image "OFSetup.jpg" attached to Documentation/OpenFlow/OFHowTo

The dotted box (labeled sw_sb09) represents the OpenFlow enabled NEC IP8800/S3640-48T2XW switch, currently running firmware supporting OpenFlow v0.8.9. The switch is pre-configured so that ports 25-36 (the data VLAN, in red) is an OpenFlow virtual switch that listens for a controller running on the SB9 Console. There exists a virtual connection between the controller and virtual switch, represented by the dotted red line. Two trunked connections exist on the sw_sb09 - one connects the setup with the ORBIT network (through sw_sb_top), and the other not only allows the console to communicate with the nodes, but also provides the secure controller-switch VLAN needed for the OpenFlow setup. The experimenter would be able to monitor and manipulate the setup from the Console.


The Controller

We can run the controller on the Console or on one of the nodes as they each can have equal access the the OpenFlow Control VLAN. Two distinct controllers, one from the OpenFlow reference System (v0.8.9r2) and another from NOX-core (v0.5.0), have been successfully installed and tested on the Console. These may be installed in your userspace if you wish to run one of these controllers from the Console.

Installing the controller on a node

The software can be downloaded from the following places:

The former is a simple implementation that comes with a few tests; latter is a full-blown network operating system/ development tool that comes with a Network API that can be used to write and develop your own controller in C++ or Python.

Both can also be installed using Git. Git can be installed with the following command:

apt-get install git-core   

Installing the OpenFlow Reference System

While presented, it is not recommended to install from tarball. The detailed instructions may be found here: http://www.openflowswitch.org/wp/getstarted/

  1. Download software and required packages. If using git:
    sudo apt-get install git-core automake m4 pkg-config libtool
    git clone http://openflowswitch.org/openflow
    cd openflow
    ./boot.sh
    

if installing from tarball:

mkdir openflow
cd openflow
wget http://openflowswitch.org/downloads/openflow-0.9.0.tar.gz
tar xzf openflow-0.9.0.tar.gz
cd openflow-0.9.0
sudo apt-get install gcc linux-headers-`uname -r`
  1. Make and install.
    ./configure --with-l26=/lib/modules/`uname -r`/build
    make
    make install
    

Installing NOX

It is not only recommended but also much simpler to use git to install NOX. Therefore the following instructions assume you are using git. The full instructions are found at noxrepo.org: http://noxrepo.org/manual/installation.html

Dependencies
NOX requires the following packages to be installed on the Console:

  • GNU Libtool (libtool)
  • Boost C++ libraries (libboost1.35-dev)
  • Apache HTTP Server (apache2)
  • Xerces C++ parser (libxerces-c28)
  • Xerces development files (libxerces-c2-dev)
  • SSL development libraries (libssl-dev)
  • SQLite 3 development files (libsqlite3-dev)
  • Simple JSON for Python (python-simplejson)

Note, this is with respect to the Console, not the node - you may need to install additional packages before NOX can be installed properly.

If all dependencies are taken care of, NOX will install with the following steps.

git clone git://noxrepo.org/noxcore
cd noxcore/
./boot.sh
mkdir build/
cd build/
../configure --with-python=yes
make
make check 

Controllers on the Console

A sub-set of these instructions can be used to install a "custom" controller in userspace on the console. Most of the requisite libraries should already be installed. Use the following commands to install the Reference system in your userspace:

for the OpenFlow Reference System :

cd
git clone http://openflowswitch.org/openflow
cd openflow
./boot.sh
./configure --with-l26=/lib/modules/`uname -r`/build
make
make install

for NOX :

cd
git clone git://noxrepo.org/noxcore
cd noxcore/
./boot.sh
mkdir build/
cd build/
../configure --with-python=yes
make
make check 

Starting the controller

Both commands start the controller and establish a connection with the OpenFlow switch. The -v is for verbose. -h for both will give you the help files for the controllers. In the reference system, the controller is found under …/openflow/controller/

./controller -v ptcp:6633 

and in NOX, it is found under …/noxcore/build/src/

./nox-core -v -i ptcp:6633 

ptcp:6633 refers to a passive connection to TCP 6633, the default OpenFlow port. An active connection method using standard TCP exists, however this does not work on this setup. In the OpenFlow reference system, a log of the verbose output can be saved by appending --log-file [filename].




Available Tools

Some of these tools require root privileges and will thus require a custom installation on a node. Others can be run from the console directly in an unprivileged mode.

the Wireshark plugin

The OpenFlow Reference system comes with an OpenFlow wireshark dissector.

Permissions:
You must be root in order to use Wireshark; Therefore you must install it on a node.

Prerequisites:
glib (and of course, wireshark) is required for the plugin to work:

apt-get install wireshark libgtk2.0-dev

Installation:
The patch is located under the utilities directory:

cd utilities/wireshark_dissectors/openflow
make
sudo make install

Usage:
To use wireshark, you need to do some X11 tunneling. To do this, add the -X option when using SSH to access the Console and the nodes.

tcpdump pcap files can also be opened using wireshark - once the plugin has been installed, OpenFlow packets can be interpreted from these files as well.

Iperf

For performance testing, you may want to run some bandwidth tests. iperf is a tool that measures maximum network performance using TCP for throughput and UDP for jitter and datagram loss. The standard image used for the Sandbox nodes when booted with command omf tell on comes with iperf. To take measurements, you need at least two nodes. One node becomes the server, the other(s), clients.

Permissions:
Iperf does not require root access.

Usage:
Initially, eth0 (the OpenFlow interface for the nodes) will be disabled. Additionally, there is no DHCP service on that VLAN - you need to enable the interface and statically set the IP address (i.e. using ifconfig). 192.168.x.y is the block associated with the OpenFlow VLAN.

To start the server:

iperf -s 

and on the client:

iperf -c 192.168.x.y 

Where 192.168.x.y is the IP address of the iperf server. A caveat is that iperf cannot take real-time bandwidth measurements. Real-time bandwidth use can be monitored using BWM-ng.

On the Console
Iperf is also installed on the Console. The interfaces available on the Console are the following:

  • eth1 - 192.168.100.28
  • eth1.27 / Control - 10.19.0.10
  • eth1.28 / OF virtual switch - 192.168.1.28
  • eth1.100 / OFP interface - 172.16.100.1

BWM-ng

BWM-ng is a tool capable of taking real-time throughput measurements of different interfaces of a host.

Permissions:
BWM-ng does not require root access, and is installed on the Console.

Usage:
By default, the tool will monitor all interfaces on the Console. To monitor just the OpenFlow interface, you must specify eth1.100. To output this to a csv, use the following command:

bwm-ng -I eth1.100 -o csv -t 1000 -F <file-name>
  • -I : interface
  • -o : output, either in csv or html
  • -t : specifies sampling rate in msec. Here, it is 1000 msec, or 1 sample/sec
  • -F : Filename of output

Installation on a node
The following command will install BWM-ng:

apt-get install bwm-ng

Development

The files defining OpenFlow Protocol can be found in the following locations:

  • OpenFlow reference system: openflow/include/openflow/openflow.h
  • NOX: noxcore/src/include/openflow.hh

In addition, NOX provides a Web API that allows you to do development in C++ or Python.

Demo Video

TODO move this onto the orbit webserver.

A video Demonsration of the usage of the refrence controller can be found at: http://www.winlab.rutgers.edu/~ssugrim/Projects.html

Note: See TracWiki for help on using the wiki.