Scribd
Upload
9 views13 pages

SDN Practical

This document provides a step-by-step guide for setting up a Software Defined Networking (SDN) environment using Mininet and the POX controller, including installation instructions, topology creation, and firewall configuration. It details the necessary configuration files, commands to run Mininet, and how to test connectivity and firewall functionality. Additionally, it includes Python code snippets for implementing routing and firewall policies within the network setup.

Uploaded by

nikhilkasab7777
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
9 views13 pages

SDN Practical

This document provides a step-by-step guide for setting up a Software Defined Networking (SDN) environment using Mininet and the POX controller, including installation instructions, topology creation, and firewall configuration. It details the necessary configuration files, commands to run Mininet, and how to test connectivity and firewall functionality. Additionally, it includes Python code snippets for implementing routing and firewall policies within the network setup.

Uploaded by

nikhilkasab7777
Copyright
© © All Rights Reserved
We take content rights seriously. If you suspect this is your content, claim it here.
Available Formats
Download as PDF, TXT or read online on Scribd
You are on page 1/ 13

.

1. Install Mininet and POX controller:


Follow the installation guide at http://mininet.org/download/ to
install Mininet
Follow the installation guide at
https://github.com/noxrepo/pox/wiki/Installation to install POX
controller
2. Create a simple topology:
Open a terminal and run sudo mn --topo single,3 --mac --switch
ovsk --controller remote
This will create a topology with one switch and three hosts, and set
the controller as remote.
3. Configure the switch to provide firewall functionality:
Open a new terminal and navigate to the POX controller directory
Create a new Python file called firewall.py
Copy and paste the following code into the firewall.py file:

python

from pox.core import core


import pox.openflow.libopenflow_01 as oflog =

core.getLogger()

class Firewall(object):

def init (self):


core.openflow.addListeners(self)
log.info("Firewall initialized.")

def _handle_ConnectionUp(self, event):msg =


of.ofp_flow_mod() msg.priority = 65535
msg.match.dl_type = 0x0800
msg.match.nw_proto = 6
msg.match.tp_dst = 80
msg.actions.append(of.ofp_action_output(port=of.OFPP_CONTROLLER)
)
event.connection.send(msg)
def launch():
core.registerNew(Firewall)

4. Run the POX controller:


In the terminal where you created the firewall.py file, run ./pox.py
log.level --DEBUG openflow.discovery openflow.spanning_tree
--no-flood --hold-down firewall
This will run the POX controller with the firewall.py module.
5. Test the firewall functionality:
In the Mininet terminal, run h1 ping h2
The ping should be successful
In the Mininet terminal, run h1 wget h2
The wget should fail because port 80 is blocked by the firewall.

That's it! You have created an SDN environment on Mininet and configured aswitch to
provide firewall functionality using POX controller.
Configuration Files

There will be two configuration files:


* ~/krish/IP_CONFIG: Listed out the IP addresses assigned to the emulated hosts.
* ~/krish/router/rtable (also linked to ~/krish/rtable): The static routing table used
for the simple router.

The default IP_CONFIG and rtable should look like the following:

> cat ~/krish/IP_CONFIG


server1 192.168.2.2
server2 172.64.3.10
client 10.0.1.100
sw0-eth1 192.168.2.1
sw0-eth2 172.64.3.1
sw0-eth3 10.0.1.1
> cat ~/krish/rtable
10.0.1.100 10.0.1.100 255.255.255.255 eth3

192.168.2.2 192.168.2.2 255.255.255.255 eth1


172.64.3.10 172.64.3.10 255.255.255.255 eth2

Test Connectivity of Your Emulated Topology:

Configure the environment by running the config.sh file

> cd ~/krish/
> ./config.sh

Start Mininet emulation by using the following command

> cd ~/krish/
> ./run_mininet.sh

You should be able to see some output like the following:

*** Shutting down stale SimpleHTTPServers


*** Shutting down stale webserversserver1
192.168.2.2
server2 172.64.3.10
client 10.0.1.100
sw0-eth1 192.168.2.1
sw0-eth2 172.64.3.1
sw0-eth3 10.0.1.1
*** Successfully loaded ip settings for hosts
{'server1': '192.168.2.2', 'sw0-eth3': '10.0.1.1', 'sw0-eth1':
'192.168.2.1', 'sw0-eth2': '172.64.3.1', 'client': '10.0.1.100', 'server2':
'172.64.3.10'}
*** Creating network
*** Creating network
*** Adding controller
*** Adding hosts:
client server1 server2
*** Adding switches:
sw0
*** Adding links:
(client, sw0) (server1, sw0) (server2, sw0)
*** Configuring hosts client
server1 server2
*** Starting controller
*** Starting 1 switchessw0
*** setting default gateway of host server1server1
192.168.2.1
*** setting default gateway of host server2server2
172.64.3.1
*** setting default gateway of host clientclient
10.0.1.1

*** Starting SimpleHTTPServer on host server1


*** Starting SimpleHTTPServer on host server2
*** Starting CLI:
mininet>

Keep this terminal open, as you will need the mininet command line for debugging. Now,
useanother terminal to continue the next step. (Do not press ctrl-z.)

Mininet requires a controller, which we implemented in POX (revision


f95dd1a81584d716823bbf565fa68254416af603). To run the controller, use the following
command:

> cd ~/krish/
> ln -s ../pox
> ./run_pox.sh

You should be able to see some output like the following:

POX 0.0.0 / Copyright 2011 James McCauley


DEBUG:.home.ubuntu.krish.pox_module.cs144.ofhandler:*** ofhandler:
Successfully loaded ip settings for hosts
{'server1': '192.168.2.2', 'sw0-eth3': '10.0.1.1', 'sw0-eth1':
'192.168.2.1', 'sw0-eth2': '172.64.3.1', 'client': '10.0.1.100', 'server2':
'172.64.3.10'}

INFO:.home.ubuntu.krish.pox_module.cs144.srhandler:created server
DEBUG:.home.ubuntu.krish.pox_module.cs144.srhandler:SRServerListener listening on 8888
DEBUG:core:POX 0.0.0 going up...
DEBUG:core:Running on CPython (2.7.3/Aug 1 2012 05:14:39)
INFO:core:POX 0.0.0 is up.
This program comes with ABSOLUTELY NO WARRANTY. This program is freesoftware,
and you are welcome to redistribute it under certain conditions.Type
'help(pox.license)' for details.
DEBUG:openflow.of_01:Listening for connections on 0.0.0.0:6633Ready.
POX>

Please note that you have to wait for Mininet to connect to the POX controller before
you continue to the next step. Once Mininet has connected, you will see the following
output:

INFO:openflow.of_01:[Con 1/249473472573510] Connected to e2-e5-11-b6-b0-46


DEBUG:.home.ubuntu.krish.pox_module.cs144.ofhandler:Connection [Con
1/249473472573510]
DEBUG:.home.ubuntu.krish.pox_module.cs144.srhandler:SRServerListener catchRouterInfo
even, info={'eth3': ('10.0.1.1', '86:05:70:7e:eb:56', '10Gbps',
3), 'eth2': ('172.64.3.1', 'b2:9e:54:d8:9d:cd', '10Gbps', 2), 'eth1':
('192.168.2.1', '36:61:7c:4f:b6:7b', '10Gbps', 1)}, rtable=[]
Keep POX running. Now, open yet another terminal to continue the next step. (Don’t
pressctrl-z.)

Now you are ready to test out the connectivity of the environment setup. To do so, run the
binary file of the solution, sr_solution:

> cd ~/krish/
> ./sr_solution

You should be able to see some output like the following:

Loading routing table from server, clear local routing table.Loading routing
table
Destination Gateway Mask Iface
10.0.1.100 10.0.1.100 255.255.255.255 eth3
192.168.2.2 192.168.2.2 255.255.255.255 eth1
172.64.3.10 172.64.3.10 255.255.255.255 eth2

Client ubuntu connecting to Server localhost:8888Requesting


topology 0
successfully authenticated as ubuntu
Loading routing table from server, clear local routing table.Loading routing
table
Destination Gateway Mask Iface
10.0.1.100 10.0.1.100 255.255.255.255 eth3
192.168.2.2 192.168.2.2 255.255.255.255 eth1
172.64.3.10 172.64.3.10 255.255.255.255 eth2

Router interfaces:
eth3 HWaddr86:05:70:7e:eb:56
inet addr 10.0.1.1
eth2 HWaddrb2:9e:54:d8:9d:cd
inet addr 172.64.3.1
eth1 HWaddr36:61:7c:4f:b6:7b
inet addr 192.168.2.1
<-- Ready to process packets -->

In this particular setup, 192.168.2.2 is the IP for server1, and 172.64.3.10 is the IP for
server2. You can find the IP addresses in your IP_CONFIG file.

Now, back to the terminal where Mininet is running. To issue an command on the
emulatedhost, type the host name followed by the command in the Mininet console. For
example, thefollowing command issues 3 pings from the client to server1.

mininet> client ping -c 3 192.168.2.2

You should be able to see the following output.


PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data.
64 bytes from 192.168.2.2: icmp_req=1 ttl=63 time=66.9 ms
64 bytes from 192.168.2.2: icmp_req=2 ttl=63 time=49.9 ms
64 bytes from 192.168.2.2: icmp_req=3 ttl=63 time=68.8 ms

You can also use traceroute to see the route between client to server1.

mininet> client traceroute -n 192.168.2.2

You should be able to see the following output.


traceroute to 192.168.2.2 (192.168.2.2), 30 hops max, 60 byte packets
1 10.0.1.1 146.069 ms 143.739 ms 143.523 ms
2 192.168.2.2 226.260 ms 226.070 ms 225.868 ms

Finally, to test the web server is properly working at the server1 and server2, issue an
HTTPrequest by using wget or curl.

mininet> client wget http://192.168.2.2


You should be able to see the following output.

--2012-12-17 06:52:23-- http://192.168.2.2/


Connecting to 192.168.2.2:80... connected. HTTP request
sent, awaiting response... 200 OKLength: 161 [text/html]
Saving to: `index.html'

0K
100% 17.2M=0s

2012-12-17 06:52:24 (17.2 MB/s) - `index.html' saved [161/161]


def task1_shortest_path_routing(src, dst):
# Initialize an empty list called path
path = []
# Get the switch name of the source host by using the host_to_switch
dictionary
src_switch = host_to_switch[src]
dst_switch = host_to_switch[dst]
switch_path = get_shortest_path(src_switch, dst_switch)
# Append src_switch to path
path.append(src_switch)
# Loop through switch_path from index 1 to the end and append each
element to path
for i in range(1, len(switch_path)):
path.append(switch_path[i])
# Append dst_switch to path
path.append(dst_switch)
# Return path
return path

def task2_firewall_policies(src, dst, app):


# Initialize a variable called blocked with False
blocked = False
# Loop through the firewall_policies list and check if there is a tuple
that matches the parameters
for policy in firewall_policies:
# If there is a match, set blocked to True and break out of the loop
if policy == (src, dst, app):
blocked = True
break
# Return blocked
return blocked
def task3_virtual_network_slicing(src, dst, app):
# Get the tenant name of the source host by using the
host_to_tenant dictionary
src_tenant = host_to_tenant[src]
# Get the tenant name of the destination host by using the
host_to_tenant dictionary
dst_tenant = host_to_tenant[dst]
# Check if the source and destination hosts belong to the
same tenant if src_tenant == dst_tenant:
# If they do, return True to allow the
traffic return True
else:
# If they don't, check if there is a virtual network slice that
allows traffic between them for that application
# Use the virtual_network_slices dictionary to get the list of
applications that are allowed for each pair of tenants
# Use the tuple (src_tenant, dst_tenant) as the key to access
the dictionary
allowed_apps = virtual_network_slices[(src_tenant,
dst_tenant)] # Check if the application is in the list
of allowed apps
if app in allowed_apps:
# If it is, return True to allow the
traffic return True
else:
# If it isn't, return False to block the
traffic return False

You might also like