Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305.

Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305

Course Objectives Hands-on experience in classical network protocols Getting to know state-of-the-art research and developments in the field 2

Course Tasks The course will be based on programming assignments: – Mostly Python or Java In addition, we will work closely with networking simulators and tools: – Wireshark – Mininet – POX – OpenDayLight – Some other tools as necessary 3

Grading and Schedule Task 0 – Getting to know the basic tools – No grade 3 Tasks during the semester – Each of the task is worth 20% One final project which will involve some innovation and not only implementation – Project is 40% of the grade – Oral interview after submission Submission is in pairs You must submit ALL tasks and the project to pass to course! 4

Course Schedule In general, no lectures beyond this one We may have a class occasionally on Tuesday 10:00-12:00 – A message will be posted in moodle prior to such classes – You must attend such classes Reception hours: (Yotam) – Sundays, 14:00-15:00 – Rothberg A305 – Must schedule in advance! 5

Tasks Tasks will require: – Extensive programming – Some reading of related material – Sometimes reading a paper or two – Some “reverse-engineering” – Some technical difficulties (installing and setting environments, etc.) Each task will be given 4-5 weeks 6

Tasks Disclaimer: – The course is about a very active domain of research and development – The tasks may not give you precise instructions for every step, and you will have to figure out things by yourself, by reading, or by googling them and digging into it 7

Tentative Schedule 3/3Introduction Lecture – Software Defined Networks, Task 0 release 17/3Task 0 deadline; Task 1 release 14/4Task 1 deadline; Task 2 release 19/5Task 2 deadline; Task 3 release 9/6Task 3 deadline; Project Introduction 1/8Project deadline – THIS IS HARD DEADLINE TBDProject oral interview (Both students must be present) 8

Software Defined Networking Slides based on Jennifer Rexford slides COS 461: Computer Networks and slides from Nick McKeown

The Internet: A Remarkable Story Tremendous success – From research experiment to global infrastructure Brilliance of under-specifying – Network: best-effort packet delivery – Hosts: arbitrary applications Enables innovation in applications – Web, P2P, VoIP, social networks, virtual worlds But, change is easy only at the edge… 

The Internet’s Landscape Applications: Internet Protocols: routing, congestion control, naming, … (TCP/IP, BGP, DNS, OSPF, ECMP,…) Technologies: constant innovation stagnant! constant innovation

Inside the ‘Net: A Different Story… Closed equipment – Software bundled with hardware – Vendor-specific interfaces Over specified – Slow protocol standardization Few people can innovate – Equipment vendors write the code – Long delays to introduce new features Impacts performance, security, reliability, cost…

Networks are Hard to Manage Operating a network is expensive – More than half the cost of a network – Yet, operator error causes most outages Buggy software in the equipment – Routers with 20+ million lines of code – Cascading failures, vulnerabilities, etc. The network is “in the way” – Especially a problem in data centers – … and home networks

Rethinking the “Division of Labor” 14

Traditional Computer Networks Data plane: Packet streaming Forward, filter, buffer, mark, rate-limit, and measure packets

Traditional Computer Networks Track topology changes, compute routes, install forwarding rules Control plane: Distributed algorithms

Traditional Computer Networks Collect measurements and configure the equipment Management plane: Human time scale

The Internet Network layer forwarding table Routing protocols path selection RIP, OSPF, BGP IP protocol addressing conventions datagram format packet handling conventions ICMP protocol error reporting router “signaling” Transport layer: TCP, UDP Link layer physical layer Network layer

Control Plane Example: Distance Vector Routing Bellman-Ford Equation (dynamic programming) Define d x (y) := cost of least-cost path from x to y Then d x (y) = min v {c(x,v) + d v (y) } where min is taken over all neighbors v of x

Bellman-Ford example u y x wv z 2 2 1 3 1 1 2 5 3 5 Clearly, d v (z) = 5, d x (z) = 3, d w (z) = 3 d u (z) = min { c(u,v) + d v (z), c(u,x) + d x (z), c(u,w) + d w (z) } = min {2 + 5, 1 + 3, 5 + 3} = 4 Node that achieves minimum is next hop in shortest path ➜ forwarding table B-F equation says:

Distance Vector Algorithm D x (y) = estimate of least cost from x to y Node x knows cost to each neighbor v: c(x,v) Node x maintains distance vector D x = [D x (y): y є V ] Node x also maintains its neighbors ’ distance vectors – For each neighbor v, x maintains D v = [D v (y): y є V ]

Distance vector algorithm Basic idea: From time-to-time, each node sends its own distance vector estimate to neighbors Asynchronous When a node x receives new DV estimate from neighbor, it updates its own DV using B-F equation: D x (y) ← min v {c(x,v) + D v (y)} for each node y ∊ N

x y z x y z 0 2 7 ∞∞∞ ∞∞∞ from cost to from x y z x y z 0 from cost to x y z x y z ∞∞ ∞∞∞ cost to x y z x y z ∞∞∞ 710 cost to ∞ 2 0 1 ∞ ∞ ∞ 2 0 1 7 1 0 time x z 1 2 7 y node x table node y table node z table D x (y) = min{c(x,y) + D y (y), c(x,z) + D z (y)} = min{2+0, 7+1} = 2 D x (z) = min{c(x,y) + D y (z), c(x,z) + D z (z)} = min{2+1, 7+0} = 3 32

x y z x y z 0 2 7 ∞∞∞ ∞∞∞ from cost to from x y z x y z 0 2 3 from cost to x y z x y z 0 2 3 from cost to x y z x y z ∞∞ ∞∞∞ cost to x y z x y z 0 2 7 from cost to x y z x y z 0 2 3 from cost to x y z x y z 0 2 3 from cost to x y z x y z 0 2 7 from cost to x y z x y z ∞∞∞ 710 cost to ∞ 2 0 1 ∞ ∞ ∞ 2 0 1 7 1 0 2 0 1 7 1 0 2 0 1 3 1 0 2 0 1 3 1 0 2 0 1 3 1 0 2 0 1 3 1 0 time x z 1 2 7 y node x table node y table node z table D x (y) = min{c(x,y) + D y (y), c(x,z) + D z (y)} = min{2+0, 7+1} = 2 D x (z) = min{c(x,y) + D y (z), c(x,z) + D z (z)} = min{2+1, 7+0} = 3

Seems simple, but… What happens on link cost change? – If the link cost decreases, the nodes will learn quickly of the change and will update their distance vector. (“good news travel fast”) – If the link cost increases, we may end up with count to infinity scenario

One Solution: Poisoned Reverse More of a patch than a “real” solution If Z routes through Y to get to X : Z tells Y its (Z’s) distance to X is infinite (so Y won’t route to X via Z) Solves the problem in the example Doesn’t solve scenario where the loop is larger…

A different approach – Link State Each node gathers global information of the entire networks – Practically, each node holds the graph G=(V,E) Each node runs by itself Dijkstra’s algorithm to determine shortest path to each destination Updates its own forwarding table accordingly Implantation: OSPF Solves many problems of DV – Still more minor problems (Oscillations)

OSPF on the control plane Control plane: each router compute shortest path by Dijkstra OSPF advertisements are exchanged between nodes to compute topology and track changes

Software Defined Networking (SDN) API to the data plane (e.g., OpenFlow) Logically-centralized control Switches Smart, slow Dumb, fast

Death to the Control Plane! Simpler management – No need to “invert” control-plane operations Faster pace of innovation – Less dependence on vendors and standards Easier interoperability – Compatibility only in “wire” protocols Simpler, cheaper equipment – Minimal software

SDN is not only about Layer 3 Think of a Layer 2’s learning switch… – Learns where hosts are, by looking at source MAC addresses of packets … This doesn’t work when they are loops in the graphs – Wrong learning, leading to oscillations and infinite forwarding loops Solution: Spanning Tree Protocol – Distributed algorithm, many messages, many details SDN: Spanning Tree Algorithm in the controller is enough! Many more details in TASK 1 in three weeks!

A Helpful Analogy From Nick McKeown’s talk “Making SDN Work” at the Open Networking Summit, April 2012 32

Vertically integrated Closed, proprietary Slow innovation Small industry Specialized Operating System Specialized Operating System Specialized Hardware Specialized Hardware App Specialized Applications Specialized Applications Horizontal Open interfaces Rapid innovation Huge industry Microprocessor Open Interface Linux Mac OS Mac OS Windows (OS) Windows (OS) or Open Interface Mainframes

Vertically integrated Closed, proprietary Slow innovation App Horizontal Open interfaces Rapid innovation Control Plane Control Plane Control Plane Control Plane Control Plane Control Plane or Open Interface Specialized Control Plane Specialized Control Plane Specialized Hardware Specialized Hardware Specialized Features Specialized Features Merchant Switching Chips Merchant Switching Chips Open Interface Routers/Switches

OpenFlow Networks 35

Controller OpenFlow Switch Flow Table Flow Table Secure Channel Secure Channel PC OpenFlow Protocol SSL hw sw OpenFlow Switch specification OpenFlow Switching

Flow Table Entry “Type 0” OpenFlow Switch Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport RuleActionStats 1.Forward packet to port(s) 2.Encapsulate and forward to controller 3.Drop packet 4.Send to normal processing pipeline + mask Packet + byte counters

OpenFlow Definition in progress – OpenFlow 1.1 was released in Feb 2011. – Current version is OpenFlow 1.4; OpenFlow 2.0 is being drafted Additional actions Rewrite headers; Map to queue/class; Encrypt More flexible header  Allow arbitrary matching of first few bytes Support multiple controllers  Load-balancing and reliability

Data-Plane: Simple Packet Handling Simple packet-handling rules – Pattern: match packet header bits – Actions: drop, forward, modify, send to controller – Priority: disambiguate overlapping patterns – Counters: #bytes and #packets 1.src=1.2.*.*, dest=3.4.5.*  drop 2.src = *.*.*.*, dest=3.4.*.*  forward(2) 3. src=10.1.2.3, dest=*.*.*.*  send to controller 1.src=1.2.*.*, dest=3.4.5.*  drop 2.src = *.*.*.*, dest=3.4.*.*  forward(2) 3. src=10.1.2.3, dest=*.*.*.*  send to controller

Unifies Different Kinds of Boxes Router – Match: longest destination IP prefix – Action: forward out a link Switch – Match: destination MAC address – Action: forward or flood Firewall – Match: IP addresses and TCP/UDP port numbers – Action: permit or deny NAT – Match: IP address and port – Action: rewrite address and port 40

Controller: Programmability 41 Network OS Controller Application Events from switches Topology changes, Traffic statistics, Arriving packets Commands to switches (Un)install rules, Query statistics, Send packets

Example OpenFlow Applications Dynamic access control Seamless mobility/migration Server load balancing Network virtualization Using multiple wireless access points Energy-efficient networking Adaptive traffic monitoring Denial-of-Service attack detection See http://www.openflow.org/videos/

E.g.: Dynamic Access Control Inspect first packet of a connection Consult the access control policy Install rules to block or route traffic

E.g.: Seamless Mobility/Migration See host send traffic at new location Modify rules to reroute the traffic

E.g.: Server Load Balancing Pre-install load-balancing policy Split traffic based on source IP 45 src=0* src=1*

E.g.: Network Virtualization 46 Partition the space of packet headers Controller #1Controller #2Controller #3

In-Depth Example 47 PriorityPatternActionCounters 0-65535Physical Port, Link Source/Destination/Type, VLAN, Network Source/Destination/Type, Transport Source/Destination Forward Modify Drop Bytes, Count OpenFlow Switch Flow Table Controller Switches Network Events Flow table miss Port status Join/leave Query responses Control Messages Send packet Add/remove flow Statistics Queries

In-depth Example: Simple Repeater 48 Simple Network Repeater – Forward packets received on port 1 out 2; vice versa 12 Controller Switch

Simple Repeater 49 def simple_repeater(): # Repeat Port 1 to Port 2 p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, DEFAULT, a1) # Repeat Port 2 to Port 1 p2 = {IN_PORT:2} a2 = [(OFPAT_OUTPUT, PORT_1)] install(switch, p2, DEFAULT, a2) def simple_repeater(): # Repeat Port 1 to Port 2 p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, DEFAULT, a1) # Repeat Port 2 to Port 1 p2 = {IN_PORT:2} a2 = [(OFPAT_OUTPUT, PORT_1)] install(switch, p2, DEFAULT, a2) PriorityPatternActionCounters DEFAULTIN_PORT:1OUTPUT:2(0,0) DEFAULTIN_PORT:2OUTPUT:1(0,0) Controller (NOX) Program Flow Table 12 Controller Switch

Web Traffic Monitor 50 def web_monitor(switch): # Web traffic from Internet pat = {inport:2,tp_src:80} install(switch, pat, DEFAULT, []) query_stats(switch, pat) def stats_in(switch, pat, bytes, …) print bytes sleep(30) query_stats(switch, pat) def web_monitor(switch): # Web traffic from Internet pat = {inport:2,tp_src:80} install(switch, pat, DEFAULT, []) query_stats(switch, pat) def stats_in(switch, pat, bytes, …) print bytes sleep(30) query_stats(switch, pat) Monitor Web (“port 80”) traffic 12 Web traffic When a switch joins the network, install one monitoring rule.

Composition: Repeater + Monitor def switch_join(switch): pat1 = {inport:1} pat2 = {inport:2} pat2web = {in_port:2, tp_src:80} install(switch, pat1, DEFAULT, None, [forward(2)]) install(switch, pat2web, HIGH, None, [forward(1)]) install(switch, pat2, DEFAULT, None, [forward(1)]) query_stats(switch, pat2web) def stats_in(switch, xid, pattern, packets, bytes): print bytes sleep(30) query_stats(switch, pattern) def switch_join(switch): pat1 = {inport:1} pat2 = {inport:2} pat2web = {in_port:2, tp_src:80} install(switch, pat1, DEFAULT, None, [forward(2)]) install(switch, pat2web, HIGH, None, [forward(1)]) install(switch, pat2, DEFAULT, None, [forward(1)]) query_stats(switch, pat2web) def stats_in(switch, xid, pattern, packets, bytes): print bytes sleep(30) query_stats(switch, pattern) Repeater + Monitor Must think about both tasks at the same time.

Per Host Monitoring 52 Simple Network Repeater – Forward packets received on port 1 out 2; vice versa – Monitor incoming HTTP traffic totals per host 12 Controller Switch with Host Monitoring

Simple Repeater with Host Monitoring 53 # Repeat port 1 to 2 def port1_to_2(): p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, HIGH, a1) # Callback to generate rules per host def packet_in(switch, inport, pkt): p = {DL_DST:dstmac(pkt)} pweb = {DL_DST:dstmac(pkt), DL_TYPE:IP,NW_PROTO:TCP, TP_SRC:80} a = [(OFPAT_OUTPUT, PORT_1)] install(switch, pweb, HIGH, a) install(switch, p, MEDIUM, a) def main(): register_callback(packet_in) port1_to_2() # Repeat port 1 to 2 def port1_to_2(): p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, HIGH, a1) # Callback to generate rules per host def packet_in(switch, inport, pkt): p = {DL_DST:dstmac(pkt)} pweb = {DL_DST:dstmac(pkt), DL_TYPE:IP,NW_PROTO:TCP, TP_SRC:80} a = [(OFPAT_OUTPUT, PORT_1)] install(switch, pweb, HIGH, a) install(switch, p, MEDIUM, a) def main(): register_callback(packet_in) port1_to_2() PriorityPatternActionCounter s HIGH{IN_PORT:1}OUTPUT:2(0,0) HIGH{DL_DST:mac,DL_TYPE:IP_TYPE,NW_PROTO:TCP, TP_SRC:80}OUTPUT:1(0,0) MEDIUM{DL_DST:mac}OUTPUT:1(0,0) def simple_repeater(): # Port 1 to port 2 p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, HIGH, a1) # Port 2 to Port 1 p2 = {IN_PORT:2} a2 = [(OFPAT_OUTPUT, PORT_1)] install(switch, p2, HIGH, a2) def simple_repeater(): # Port 1 to port 2 p1 = {IN_PORT:1} a1 = [(OFPAT_OUTPUT, PORT_2)] install(switch, p1, HIGH, a1) # Port 2 to Port 1 p2 = {IN_PORT:2} a2 = [(OFPAT_OUTPUT, PORT_1)] install(switch, p2, HIGH, a2)

OpenFlow in the Wild Open Networking Foundation – Google, Facebook, Microsoft, Yahoo, Verizon, Deutsche Telekom, and many other companies Commercial OpenFlow switches – HP, NEC, Quanta, Dell, IBM, Juniper, … Network operating systems – NOX, Beacon, Floodlight, Nettle, ONIX, POX, Frenetic Network deployments – Eight campuses, and two research backbone networks – Commercial deployments (e.g., Google backbone)

What is SDN’s “Killer App”? From Scott Shenker, UC Berkley

Current Networks: Topology = Policy Network topology determines: – Broadcast domains – Effectiveness of ACLs and firewalls – Equivalence classes –…–… When moving network to cloud, want to retain policy – But often don’t have abstract formulation of that policy

SDN and Multitenant Datacenters SDN allows users to specify virtual topology to cloud – Each tenant can specify own topology (i.e., policy) SDN-enabled cloud network implements policies – SDN compiles set of policies into low-level configuration Tenants can migrate VMs to/from own network – Because policies driven from same topology This is what people are paying money for…. – Enabled by SDN’s ability to virtualize the network

Mysteries Solved Why does networking lag? – Lack of control plane abstractions – Hopefully we can start teaching networking differently What is the killer app? – Multitenant datacenters Why couldn’t status quo handle this? – Lack of abstractions made it impossible to meet these needs in a scalable manner – Needed a “compiler” (virtualization layer)

OpenFlow/SDN in the course 59

Two Complimentary Purposes! We will use SDN/OpenFlow to simulate (traditional) network protocols – We will touch at least layer 2-4 – Easier to get quickly to the interesting stuff than traditional simulation large-scale network simulations SDN and OpenFlow principles are interesting by themselves – Large networks (e.g., Gmail G-Bone!) are now SDN- based. This is multi-billion market. – A lot of place for research and innovation! 60

Some Challenges 61

Heterogeneous Switches Number of packet-handling rules Range of matches and actions Multi-stage pipeline of packet processing Offload some control-plane functionality (?) 62 access control MAC look-up IP look-up

Controller Delay and Overhead Controller is much slower the the switch Processing packets leads to delay and overhead Need to keep most packets in the “fast path” 63 packets

Distributed Controller 64 Network OS Controller Application Network OS Controller Application For scalability and reliability Partition and replicate state … and: where to put the controller(s)? Taking into account latency, resiliency, load balancing...

Testing and Debugging OpenFlow makes programming possible – Network-wide view at controller – Direct control over data plane Plenty of room for bugs – Still a complex, distributed system Need for testing techniques – Controller applications – Controller and switches – Rules installed in the switches 65

Programming Abstractions Controller APIs are low-level – Thin veneer on the underlying hardware Need better languages – Composition of modules – Managing concurrency – Querying network state – Network-wide abstractions Example: – http://www.frenetic-lang.org/ 66 Controller Switches

Interesting SDN Architectures and Applications What's going on out there?

Overlay Networks Aim: inside a data center, have the flexibility of SDN for hosted VMs – Easily create tunnels – Control endpoint routing – Services: NAT, filtering, ACL, etc. Problem: hypervisor machines are connected on a non-SDN network – Would not like to replace the network equipment of the whole data center – Might not fully trust the new SDN technology Solution: virtualize the network as well! 68

Overlay Networks Overlay SDN: – Put a virtual (software) switch as the gateway of each hypervisor – Central control manages all virtual switches – Virtual switches are connected through the legacy fabric 69 From Teemu Koponen (Nicira/VMWare)

Overlay Networks 70 IBM SDN Virtual Environment (very similar to Nicira/VMWare)

Monitoring Networks Monitoring is a big deal for network operators So far: tapped selected points in network and sent data to adjacent monitoring devices – Requires lots of monitoring devices – Each tapping and monitoring point is managed separately – Multiple moderators must cooperate in order to use the same equipment together 71

Monitoring Networks 72 Big Switch Networks – Big Tap

Fabric Management Use the centralized control to smartly manage the network fabric 73 Cisco eXtensible Network Controller (XNC)

Fabric Management 74 Juniper Network Contrail Network virtualization + Legacy fabric control

Fabric Management + Monitoring 75

SwitchLight – Extended OpenFlow 76 Open Source Physical and Virtual Switch

Management + Security 77 NEC Networking Suite OF Switches, Controller, Hypervisor with OF vSwitch, and applications for DoS attack mitigation, QoS, and more.

mininet MiniNet creates scalable Software-Defined Networks (up to hundreds of nodes) using OpenFlow, on a single PC It allows to quickly create, interact with and customize a software defined network prototype with complex topologies, and can be used to emulate real networks – all on your PC MiniNet can work with any kind of OpenFlow controller It takes seconds to install it Easy to program Of course, it is an open source project 78

Python Python is a very easy-to-use programming (scripting) language Interpreter based language We will use it to program the POX OpenFlow controller We begin with a short introduction… 79

Values and Types Python is dynamically typed (no need to declare variables, or their type; parameters have no types) Indentation is crucial: there are no { } blocks. Blocks are determined according to the indentation of the text Indentation MUST NOT be done with the TAB character. Instead, in Python we use four spaces Most text editors allow setting this as default We use Python 2.7.x, NOT Python 3 Detailed documentation: http://www.python.org/doc/http://www.python.org/doc/ A nice beginners’ book: http://thinkpython.comhttp://thinkpython.com 80

Python Functions Defining functions in Python is easy: def say_hello(first_name, last_name): full_name = first_name + ' ' + last_name print 'Hello ' + full_name + '!' And calling it later: say_hello('John', 'Doe') 81 Function nameParameters Four spaces

Python Classes Python can be used as an Object-Oriented language Let's define a new class: import math class Point2D: def __init__(self, x, y): self.x = x self.y = y def get_distance(self, p): d = math.sqrt(math.pow(self.x - p.x, 2) + math.pow(self.y - p.y, 2)) return d To create an instance: p1 = Point(1, 1) p2 = Point(2, 2) print p1.get_distance(p2) 82 We need this for math functions Everything inside the block is the class Constructor self is the new this Class method self must be expected in every class method as the first parameter. However, when calling these methods we do not pass an argument for it

Python Classes We can also inherit other classes: # continues from previous slide... class Point3D(Point2D): def __init__(self, x, y, z): Point2D.__init__(self, x, y) self.z = z def get_distance(self, p): d = math.sqrt(math.pow(self.x - p.x, 2) + math.pow(self.y - p.y, 2) + math.pow(self.z - p.z, 2)) return d 83 Defines superclass (can be more than one!) Call whatever super- constructor you would like Overriding method

ifconfig ifconfig is a unix command-line tool that prints the available network interfaces of the machine Example: 84

TcpDump tcpdump is a unix command-line tool for packet sniffing and capturing It is highly customizable and very easy to use We will use tcpdump to capture traffic in our mininet network, in order to verify that things work as expected Example: 85

Ping ping sends ICMP echo request and waits for response Useful for quickly testing your network Example: 86

hping3 hping (or hping3) is a command-line tool for generating traffic It can also modify and spoof layers 3/4 header fields Example: 87 hping3 is not installed by default on the mininet VM. You should install it using the command: sudo apt-get install hping3

iperf A tool to measure network performance Creates traffic and measures performance on various scales 88

SSH (Secure Shell) ssh is a tool for secure shell connection between unix machines Native in Linux In windows can be found in Cygwin project We will use ssh to connect to the mininet machine and work with it Example: 89

SCP (Secure Copy) scp uses ssh to securely transfer files between hosts We will use scp to transfer files to/from the mininet machine Example: 90

Installing a Virtual Machine Player MiniNet comes as a virtual machine image, which can be executed using any virtual machine player that supports OVF (Open Virtualization Format) We recommend VMWare Player or Oracle VirtualBox – Both are freewares – Both take about a minute to install VMWare Player is easier to configure – VMWare Player is available for Windows and Linux – VirtualBox is available for Windows, Linux and Mac – Mac users can also use VMWare Fusion MiniNet can also be installed natively on Linux 91

Install MiniNet Download MiniNet OVF image from here: http://downloads.mininet.org/mininet-2.2.0-150106-ubuntu-14.04-server-amd64.zip http://downloads.mininet.org/mininet-2.2.0-150106-ubuntu-14.04-server-amd64.zip Unzip and import/open using the virtual machine player – Make sure that the network interface of the virtual machine is set to use NAT In VirtualBox, NAT does not allow host-guest communication, use "Host Only" instead – When asked about the source of the image, answer "I copied it" Start the virtual machine – You have MiniNet! 92

Install a Management Machine The mininet machine is a linux server. We will control it remotely using ssh Linux and OS-X has ssh natively and therefore do not need anything else Windows users: – Option 1: Install Cygwin (cygwin.com) – Option 2: Install GUI (X server) on the mininet VM – Option 3: Install a Linux VM with GUI: Get a clean installation disk image of a linux distribution and install it in a virtual machine Start the virtual machine 93

Alternatives Use Amazon EC2 free tier Register here: http://aws.amazon.com/freehttp://aws.amazon.com/free – Should provide credit card for excess billing Create a mininet machine: – Option 1: (A bit older version but should be OK) In Management Console go to Images > AMIs Search for ‘mininet’, choose ‘coursera-sdn-vm-64bit’ Create a private key file and login with SSH/PuTTY – Option 2: Install mininet yourself Start an Ubuntu 64 bit machine Install mininet natively on this machine as instructed here: http://mininet.org/download/ (option 2) http://mininet.org/download/ Remember to shut the machine down Recommended: Set billing alerts 94

Alternatives Use qemu on CS computers – You may need extra quota for storing the VM image so contact Yotam for that – See setup instructions here: http://mininet.org/vm-setup-notes/ 95

Connecting to the MiniNet VM Start both VMs In the mininet VM, login using the user/pass mininet/mininet, then run ifconfig to find the IP address of the mininet machine In the GUI Linux VM (or in your native linux machine), open a Terminal window (in Mac, open Xterm or XQuartz) ssh to the mininet machine: ssh -YX mininet@ when prompted for password, type: mininet – You can later setup public key exchange to avoid typing password each login You are connected! 96

Run MiniNet Now that you are connected to the mininet machine, you can start the simulation: – Type: sudo mn -c sudo mn --topo single,3 --mac --switch ovsk This will run mininet with the default controller (NOX), a single Open vSwitch switch and three hosts that are connected to it – In the mininet console, type: xterm h1 h2 h3 This will open three terminal windows, each one for a different host – In the window of host h1, type: tcpdump -XX -i h1-eth0 – In the window of host h2, type: ping –c 4 10.0.0.1 – You are supposed to see the relevant ARP and ICMP packets in h1 terminal 97

Running mininet with External Controllers Mininet can also work with a controller that runs somewhere else in the network, or just outside the VM There are many choices for OpenFlow controllers, such as NOX (C++), POX (Python), FloodLight (Java), and more To use mininet with such a controller, just specify its IP and port when starting mininet: sudo mn -c sudo mn --topo single,3 --mac --switch ovsk \ --controller remote \ --ip= \ --port= If the remote controller is located on the same machine, there is no need to specify the IP address 98

Downloading POX We will use the POX controller as it is widely supported, cross- platform and easy to program To download the sources, use the following command on the mininet machine shell: cd ~ git clone http://github.com/noxrepo/pox As this controller is written in Python there is no need to compile anything 99

Write a Simple OpenFlow Controller We will now write our own controller logic, as a Python class that will be loaded by POX instead of its own native code At first, OpenFlow switches have nothing in their flow tables – Unless the controller does something, switches will ask it what to do every time they receive a packet – With no controller (or non-responsive controller as we begin with), they will not forward packets at all Let's start with a very simple controller, that makes switches to behave as simple hubs… 100

Write a Simple OpenFlow Controller 101 Switch 1 Host 1 MAC: …00-00-01 Host 3 MAC: …00-00-03 Host 2 MAC: …00-00-02 Host 4 MAC: …00-00-04 From: …00-00-03 To: …00-00-02 From: …00-00-03 To: …00-00-02 From: …00-00-03 To: …00-00-02 From: …00-00-03 To: …00-00-02 Hub Behavior Port 1 Port 2 Port 3 Port 4

Write a Simple OpenFlow Controller To make the behavior of a hub, once receiving a packet from a switch, the controller should tell the switch to simply flood the packet It can also teach the switch to flood packets forever 102 Switch 1 Host 1 MAC: …00-00-01 Host 3 MAC: …00-00-03 Host 2 MAC: …00-00-02 Host 4 MAC: …00-00-04 OpenFlow Controller From: …00-00-03 To: …00-00-02 OpenFlow Packet buffer_id=1 in_port = 3 Port 1 Port 2 Port 3 Port 4 OpenFlow Packet buffer_id=1 out_port = FLOOD From: …00-00-03 To: …00-00-02 From: …00-00-03 To: …00-00-02 From: …00-00-03 To: …00-00-02

Write a Simple OpenFlow Controller Open the file of_lecture.py – This is a Python class that will be used by the POX controller (we will load it instead of POX's default implementation) – The code runs on the controller! (not on the switch!) – Each class instance corresponds to an OpenFlow connection between the controller and a single OF switch – Each instance registers as an event handler for the connection it handles. This will cause triggering of the _handle_PacketIn method for every OF message the switch sends to the controller 103

Write a Simple OpenFlow Controller Complete the method act_like_hub(...) in the file of_lecture.py Put the file into the mininet VM using scp: (in terminal on the non-mininet machine, from the directory where the file reside) scp./of_lecture.py mininet@ :~/pox/pox/samples/ Open two terminals and connect both to the mininet VM using ssh – In the first terminal, run POX with the code we just wrote: cd ~/pox./pox.py log.level --DEBUG samples.of_lecture – In the second terminal, run mininet with a remote controller: sudo mn -c sudo mn --topo single,3 --mac --switch ovsk \ --controller remote 104

Exercise Make the switches in your network layer-2 learning switches – Part 1: Controller teaches switches how to forward layer-2 packets according to the destination MAC address – Part 2: Controller learns network topology, and avoids loops in the network by building a spanning tree over the graph of network links Not a trivial exercise! 105

Network With a Loop 106 Switch 1 Switch 4 Switch 3Switch 2 Host 1 Host 2 From: Host 1 To: Host 2 From: Host 1 To: Host 2 Switch 4 learns that Host 1 comes from port 1 12 3 Switch 4 learns that Host 1 comes from port 2 Switch 3 learns that Host 1 comes from port 1 1 2 1 2 23 1 Switch 3 learns that Host 1 comes from port 2 From: Host 1 To: Host 2

Loop Handling – Spanning Tree Loops are resolved by computing a spanning tree over the graph of links Only links that are in the spanning tree are used In case of link failure, the tree may change to include the link that was previously excluded 107 Switch 1 Switch 4 Switch 3Switch 2 Host 1 Host 2

Loop Handling – Spanning Tree Many questions: – How controller knows the links? – How controller finds changes? – How controller makes switches avoid sending on specific links? – Synchronization issues? You will answer these questions yourself in the exercise. 108 Switch 1 Switch 4 Switch 3Switch 2 Host 1 Host 2

Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305.

Similar presentations

Presentation on theme: "Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305."— Presentation transcript:

Similar presentations

About project

Feedback

Log in

Auth with social network:

Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305.

Similar presentations

Presentation on theme: "Workshop In Communication Networks - 67613 Lecturers: Dr. David Hay, Rothberg A411 Dr. Michael Schapira, Rothberg A413 TA: Yotam Harchol, Rothberg A305."— Presentation transcript:

Similar presentations

About project

Feedback