Workshop on Software Defined Networks
36
Workshop on Software Defined Networks Network Programming, Mininet and Other Tools Spring 2014 (many) slides stolen from Yotam Harchol and David Hay (HUJI)
description
Workshop on Software Defined Networks. Network Programming, Mininet and Other Tools Spring 2014 (many) slides stolen from Yotam Harchol and David Hay (HUJI). Agenda. Introduction to mininet Introduction to Python Networking tools Installing mininet and its prerequisites - PowerPoint PPT Presentation
Transcript of Workshop on Software Defined Networks
Workshop on Software Defined Networks
Network Programming, Mininet and Other ToolsSpring 2014
(many) slides stolen from Yotam Harchol and David Hay (HUJI)
2
Agenda
• Introduction to mininet
• Introduction to Python
• Networking tools
• Installing mininet and its prerequisites
• Write a simple OpenFlow controller
3
mininet
• MiniNet creates scalable Software-Defined Networks (up to hundreds of nodes) using OpenFlow, on a single PC
• It allows to quickly create, interact with and customize a software defined network prototype with complex topologies, and can be used to emulate real networks – all on your PC
• MiniNet can work with any kind of OpenFlow controller
• It takes seconds to install it
• Easy to program
• Of course, it is an open source project
4
Python
• Python is a very easy-to-use programming (scripting) language
• Interpreter based language
• We will use it to program the RYU OpenFlow controller
• We begin with a short introduction…
5
Values and Types• Python is dynamically typed (no need to declare variables, or
their type; parameters have no types)
• Indentation is crucial: there are no { } blocks. Blocks are determined according to the indentation of the text
• Indentation recommendations:– Be consistent – always use the same indentation sequence
– Use editor indent support , e.g. auto replace tab with spaces
– Our Convention: 4 spaces
• We use Python 2.7.x, NOT Python 3
• Detailed documentation: http://www.python.org/doc/
• A nice beginners’ book: http://thinkpython.com
6
Python Functions
Defining functions in Python is easy:
def say_hello(first_name, last_name):
full_name = first_name + ' ' + last_name
print 'Hello ' + full_name + '!'
And calling it later:
say_hello('John', 'Doe')
Function name Parameters
Four spaces
7
Python Classes
Python can be used as an Object-Oriented language
Let's define a new class:import math
class Point2D: def __init__(self, x, y): self.x = x self.y = y
def get_distance(self, p): d = math.sqrt(math.pow(self.x - p.x, 2) + math.pow(self.y - p.y, 2)) return d
To create an instance:p1 = Point(1, 1)p2 = Point(2, 2)print p1.get_distance(p2)
We need this for math functions
Everything inside the block is the classConstructorself is the new this
Class methodself must be expected in every class
method as the first parameter. However, when calling these methods we do not
pass an argument for it
8
Python Classes
We can also inherit other classes:# continues from previous slide...
class Point3D(Point2D): def __init__(self, x, y, z): Point2D.__init__(self, x, y) self.z = z
def get_distance(self, p): d = math.sqrt(math.pow(self.x - p.x, 2) + math.pow(self.y - p.y, 2) + math.pow(self.z - p.z, 2)) return d
Defines superclass(can be more than one)!
Call whatever super-constructor you would like
Overriding method
9
Python Decorators• Decorators are used to twist functions/methods.def log_on_entry(method): def _method(self): print 'on-entry‘, return method(self) return _method
class aClass(object):
@log_on_entry def a_method(self): print self, 'a_method is called'
a = aClass()a.a_method()
Same as:class aClass(object)
def a_method(self): print 'a_method is called'
a_method = log_on_entry(a_method)
The output will be:on-entry <main.aClass object at 0x7fc75eaf4d10> a_method is called.
A function that get a function and return a function
Used as a decorator for a class method
More Reading:- Python Decorators- PEP 318 -- decorators for functions and methods
10
ifconfig
• ifconfig is a unix command-line tool that prints the available network interfaces of the machine
• Example:
11
TcpDump
• tcpdump is a unix command-line tool for packet sniffing and capturing
• It is highly customizable and very easy to use
• We will use tcpdump to capture traffic in our mininet network, in order to verify that things work as expected
• Example:
12
WireShark
• WireShark is a GUI software that provides capabilities that are similar to tcpdump
• It allows easy filtering of packets, TCP stream grouping, and more advanced features
13
Ping
• ping sends ICMP echo request and waits for response
• Useful for quickly testing your network
• Example:
14
hping3
• hping (or hping3) is a command-line tool for generating traffic
• It can also modify and spoof layers 3/4 header fields
• Example:
hping3 is not installed by default on the mininet VM. You should install it using the command:sudo apt-get install hping3
15
Scapy
• Scapy is a python package for packet manipulation
• It can be used to manually create packets with customized L2-L7 data
• Packets can be sent to network or stored in a PCAP file
• http://www.secdev.org/projects/scapy/
16
SSH (Secure Shell)
• ssh is a tool for secure shell connection between unix machines
• Native in Linux
• In windows can be found in Cygwin project or use PUTTY
• We will use ssh to connect to the mininet machine and work with it
• Example:
17
SCP (Secure Copy)
• scp uses ssh to securely transfer files between hosts
• We can use scp to transfer files to/from the mininet machine
• In windows we have WinSCP
• Example:
18
Environment StructureHosting System - Linux
Network Simulator - Mininet
Software Switch imp.
Open vSwitch
Hosts:
import switches:
Binaries (e.g. wget, tcpdump)
controller:
OpenFlow
NOXRYU
import
19
Hosting Machine / OS - Any
VM player aplication - VirtualBox
Virtual Machine (VM)
Hosting System - Linux
Environment Illustration
Network Simulator Mininet
NOX
???
???
Shared folder
Xming
20
Setup• Install VirtualBox
– available for Windows, Linux and Mac
– Or use existing Linux machine
• follow the instructions for parts 1 through 4 of the OpenFlow Tutorial
• With a few exceptions and additions:
– Use MiniNet OVA image from here:http://www.cs.princeton.edu/courses/archive/fall13/cos597E/assignments/tester.ova
– When adding a new network adapter (in Settings>Network>Adapter2) Make sure that you select "Cable Connected" under "Advanced“.
– You might need to disable windows firewall for the host-only adapter (e.g. adapter name “VirtualBox Host-Only Network”).
– You can share a folder from you PC inside the VM (instead of copying files).
21
Connecting to the MiniNet VM
• Start mininet VM (and the management VM if applicable)
• In the mininet VM, login using the user/pass mininet/mininet, then run ifconfig to find the IP address of the mininet machine
• In the linux machine, open a Terminal window (in Mac, open Xterm or XQuartz)
• ssh to the mininet machine with X forwarding:ssh -YX mininet@<IP Address>when prompted for password, type: mininet– You can later setup public key exchange to avoid typing password each login
• You are connected!
22
Share a folder with VM
• From virtual box:– Set CDROM from image: "%ProgramFiles%\Oracle\
VirtualBox\VBoxGuestAdditions.iso“
– set shared shared folder (e.g. sdn_code)
• From VM console:– mount -t iso9660 -o ro /dev/cdrom1 /media/cdrom
– cd /media/cdrom
– sudo sh ./VBoxLinuxAdditions.run
– sudo mount -t vboxsf sdn_code /mnt
23
Run MiniNet• Now that you are connected to the mininet machine, you can
start the simulation:– Type:
sudo mn -csudo mn --topo single,3 --mac --switch ovskThis will run mininet with the default controller (NOX), a single Open vSwitch switch and three hosts that are connected to it
– In the mininet console, type:xterm h1 h2 h3This will open three terminal windows, each one for a different host
– In the window of host h1, type:tcpdump -XX -i h1-eth0
– In the window of host h2, type:ping –c 4 10.0.0.1
– You are supposed to see the relevant ARP and ICMP packets in h1 terminal
24
Running mininet with External Controllers
• Mininet can also work with a controller that runs somewhere else in the network, or just outside the VM
• There are many choices for OpenFlow controllers, such as NOX (C++), POX and RYU (Python), FloodLight (Java), and more
• To use mininet with such a controller, just specify its IP and port when starting mininet:sudo mn -csudo mn --topo single,3 --mac --switch ovsk \
--controller remote \--ip=<controller ip> \--port=<openFlowPort (6633 by default)>
• If the remote controller is located on the same machine, there is no need to specify the IP address
25
Running mininet from pythonfrom mininet.net import Mininet…
def scratchNet( cname='controller', cargs='-v ptcp:' ): info( "*** Creating nodes\n" ) controller = Node( 'c0', inNamespace=False ) switch = Node( 's0', inNamespace=False ) h0 = Node( 'h0' ) h1 = Node( 'h1' )
info( "*** Creating links\n" ) Link( h0, switch ) Link( h1, switch )
info( "*** Configuring hosts\n" ) h0.setIP( '192.168.123.1/24' ) h1.setIP( '192.168.123.2/24' ) … h0.cmdPrint( 'ping -c1 ' + h1.IP() )
…if __name__ == '__main__': info( '*** Scratch network demo (kernel datapath)\n' ) Mininet.init() scratchNet()
26
RYU
• We will use the RYU controller as it cross-platform and supports the advanced OpenFlow1.3 features.
• RYU is available in a Mininet VM
• RYU is written in Python
27
A Simple OpenFlow Controller
• We will now write our own controller logic, as a Python class that will be loaded by RYU instead of its own native code
• At first, OpenFlow switches have nothing in their flow tables– Unless the controller does something, switches will ask it what to do
every time they receive a packet
– With no controller (or non-responsive controller as we begin with), they will not forward packets at all
• Let's start with a very simple controller, that makes switches to behave as simple hubs…
28
A Simple OpenFlow Controller
Switch 1
Host 1MAC:
…00-00-01
Host 3MAC:
…00-00-03
Host 2MAC:
…00-00-02
Host 4MAC:
…00-00-04
From:…00-00-03To:…00-00-02
From:…00-00-03To:…00-00-02
From:…00-00-03To:…00-00-02
From:…00-00-03To:…00-00-02
Hub Behavior
Port 1 Port 2
Port 3 Port 4
29
Write a Simple OpenFlow Controller
• To make the behavior of a hub, once receiving a packet from a switch, the controller should tell the switch to simply flood the packet
• It can also teach the switch to flood packets forever
Switch 1
Host 1MAC:
…00-00-01
Host 3MAC:
…00-00-03
Host 2MAC:
…00-00-02
Host 4MAC:
…00-00-04
OpenFlowController
From:…00-00-03To:…00-00-02
OpenFlow Packet
buffer_id=1in_port = 3
Port 1 Port 2
Port 3 Port 4
OpenFlow Packetbuffer_id=1out_port = FLOOD
From:…00-00-03To:…00-00-02
From:…00-00-03To:…00-00-02
From:…00-00-03To:…00-00-02
30
A Simple OpenFlow Controller
31
Helpful Materials
• OpenFlow specifications (we work with 1.3)
• RYU documentation
• Mininet API reference and examples
• This presentation (temporary): http://www.cs.tau.ac.il/~schiffli/sdn/
32
Projects
• Router– Create a network router over OpenFlow devices in a large
dynamic network with sub-nets and VLANs.
• Load-balancer– Implement a dynamic load balancer according to current
traffic status. An advanced feature might be to turn on\off server Virtual Machines when traffic is very high/low (requires interaction with the virtualization platform)
• Firewall– Implement a stateful firewall with a configurable policy. It
should be able to enforce policy even when a host changed its position in the network.
33
• Manage multicast traffic– Build a controller over OF switches to enable a reliable
robust and efficient multicast video streaming across the network. The network contains: video streamer servers and clients. The controller should route the efficiently the video stream from the servers to the clients. The controller should be able to new servers, duplicate servers (servers providing the same data), new clients, server failures etc.
• Distributed controller– Implement a framework to support splitting a controller
app to several control servers allowing to load balance control traffic and backups for the controller.
34
• Hierarchical controller– Implement a controller library that allow to
encapsulate a sub-network as a single SDN switch and control it with higher level controller.
• Fault tolerant SDN – Implement a controller app that allow to transmit
messages from any node to any node as long as there is connectivity. The mechanisim should work without intervation of the controller during the failure but allows the conroller to optimise the network.
35
Coming soon
• Workshop forum (in English!)
36
• Questions?
