edit

SoftFIRE OpenSDNcore Turorial

Fraunhofer FOKUS provides two datacenter as part of its testbed for the SoftFIRE Project. The testbed identified as fokus-dev will provide SDN features based on OpenSDNcore.

Setting up the Experiment

Note

How to create and upload a CSAR file to deploy your resources view a the more generic NFV tutorial.

  1. Define the experiment to use the fokus-dev testbed to launch virtual machines.
  2. Include the resource sdn-controller-opensdncore-fokus to enable access to the SDN features.
  3. after the successfill deployment of the experiment the sdn-manager resurnes the details needed to access the OpenSDNcore API.

{
    "resource_id": "sdn-controller-opensdncore-fokus",
    "flow-table-range": [30, 31, 32],
    "token": "secret",
    "URI": "http://172.20.30.5:8001/api"
}
1. Copy the token value and navigate to the provided URI using a web browser (please remove the /api at the end). The website provides the needed information and an simple user interface to run JSON-RPC request against the OpenSDNcore Northbound-API. Use the provided token value to identify your experiment when doing API requests.

Port Mirroring tutorial

The following example will utilize a custom flow entry to duplicate all network traffic directed at a Virtual Machine and forward it to the network interface of another Virtual Machine.

  1. after all the instances are bootet up correctly use the ofc.list.channels command to list all switches in the setup.
  2. in our case there is only one switch with dpid "0x0000000000000001" present

{
    "jsonrpc": "2.0",
    "result": [
        "0x0000000000000001"
    ],
    "id": 1
}
1. find the port number to which the traffic should be mirrored to by using the ofc.send.multipart.flow function to list all rules of flow_table 0x04 and searching for the MAC address of the target instance. ex: {"jsonrpc": "2.0", "method": "ofc.send.multipart.flow", "params":{"dpid":"0x01","ofp_multipart_flow":{"table_id":"3"}}, "id": 4}. 1. use the discovered port_no, dpid and the provate IP-address of the instance which traffic should be duplicted to construct a openflow definition that will duplicate each network-packet to the target port of the monitoring instance. 1. add the new flow via the following json-rpc query to the switch into one of the flow tables that are assigned to your experiment (ex. 30,31,32).

{
   "id":2342,
   "jsonrpc":"2.0",
   "method":"ofc.send.flow_mod",
   "params":{
      "dpid":"0x0000000000000001",         /* address of the target switch */
      "ofp_flow_mod":{
         "command":"add",
         "flags":[
            "reset_counts",
            "send_flow_rem"
         ],
         "idle_timeout":100,
         "ofp_instructions":{
            "apply_actions":[
               {
                  "output":{
                     "port_no":"0x10"           /* port number of the mirror port */
                  }
               }
            ],
            "write_actions":[
               {
                  "output":{
                     "port_no":"0x12"           /* port number of the original destination instance */
                  }
               }
            ]
         },
         "ofp_match":[
            {
               "match_class":"openflow_basic",
               "field":"ipv4_dst",
               "value":"192.168.100.4"  /* the private ip address of the target virtual machine */
            }
         ],
         "priority":400,
         "table_id":"0x1e"              /* flow_table 30 in hex notation */
      }
   }
}