Hey there Mort,
i'm trying to use nox/openflow simply as an python API to control the
networking stack on a linux box. (this may be overkill - alternate
suggestions welcome!) i believe i've got everything running
(nox_core, ofprotocol, ofdatapath), using the latest repo versions of
each (NOX 0.8.0~full~beta, ofprotocol/ofdatapath 1.0.0). i've also
got a basic python script plugged into NOX that is handling packet_in
events, installing flows on that basis, and successfully receiving and
printing flow_mod and flow_remove events. the ofdatapath component is
running against eth0,eth1,wlan0 although only eth0 is actually
connected to anything else.
so far so good. what i'd like to do now is to cause the linux box to
start dropping packets selectively. from past messages i understand i
should be able to do this by
- returning STOP from the packet_in handler; or
- installing a flow in the datapath with a blank action (action=[]).
STOP is only useful within Nox. It doesn't translate to an OF message.
So yes, if you simply drop a packet-in at Nox without setting up a flow,
it will be dropped. But if a flow is being set up anyway, then all
packets of that flow will get through.
Setting a flow with no action should drop all matching packets. Have
you verified that the byte counters for that flow are increasing? (i.e.
it is actually matching subsequent packes?)
however, in neither case are packets dropped - if i test by pinging
one of the interfaces against which ofdatapath is running then tcpdump
still shows me the ECHO request and reply; similarly if i try
connecting to a simple client/server TCP app, the handshake and data
transfer still occurs. ie., it looks like traffic still flows
unimpeded in and out of eth0.
Would be good to know what is going on in the datapath. Also, what nox
components are you running?
(1) is what i'm trying to do possible? (and if not, can someone explain why?)
Absolutely
(2) in the python script i believe i'm handling datapath_join and
datapath_leave events; when i "ifconfig down" one of the interfaces
managed by ofdatapath, i see ofdatapath report to the console that the
interface went down, but i don't see any event delivered to the
controller; when i "ifconfig up" the interface, i see nothing reported
anywhere. should i expect to see anything either on the console, or
at the controller? if not, is there any way that i can cause an event
to be generated at the controller when an interface goes down or up?
Interfaces are sent as port status events, not datapath_join/leave
(3) as i understand it, the openflow kernel module is not currently
supported in NOX 0.8/Openflow 1.0; are there plans to bring this back,
and if so, what's the timeline?
You really should be using Open vSwitch for this. http://vswitch.org.
.martin
_______________________________________________
nox-dev mailing list
[email protected]
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
