Dear mailing list, I am playing with a flashed TP-Link that now run ofsoftswitch13 on top of OpenWRT: https://github.com/CPqD/openflow-openwrt, https://github.com/CPqD/ofsoftswitch13
The controller is running a ryu application: http://osrg.github.io/ryu/ At first my network was looking like this: +---------------------------------------+ +-----------------------+ | | | Controller: | | Router: 192.168.10.1/24 +--------------> 192.168.10.102| | | +------------------------+ +---------------+----------------------+ | | | | | | | WAN: 192.168.10.22 +-----------------v------------------------+ | eth1 | | | | | | OpenWRT + OpenFLOW1.3 | | | | | +---------------------------------------------------------------------+ | | | | | | eth0 | | | +---+----------------------------------+---+ | | | port 1: VLAN1 | port 2: VLAN2 | | | | | | | | | | | | | | | | | | | OPENFLOW | | | | | | | | | | | | v | | v +------------------+ | | +---------------+ | | | | | | | | | | | PC-A | | PC-B | | | | | | | | | | | | | | | +---------------+ +------------------+ | | | +----------------------------------------------------------------------+ Only the two first ports were handle by the OpenFlow pipeline whilst the WAN were handle by the normal OpenWRT stack. I managed easily to make "OpenFlow subnetwork" run happily but now I would like to connect it to the internet. Basically, I need to route and NAT the traffic which want to go "outside". At first, I didn't want to do all routing/NAT process in OpenFlow, it is quite a mess to be honest! I thought I could forward some traffic from the OpenFlow pipeline to the OpenWRT default pipeline according to some conditions. I realized I have no clues of how to do it. I therefore decide to dive into this by including my eth1 interface (WAN) into the OpenFlow space. Two solutions: either I use my TP-Link as a router and must do the routing/NAT, either I consider it as a dumb switch. In all case, there is one huge weakness in this pattern: the WAN will be handle by OpenFlow. The connection between the controller and OpenFlow also use this interface. After a bit of time and deep search into ofsoftswitch doc, I managed to fix this problem by setting the OpenFlow connection mode to "inband". Now, as an admin I also want to administrate my TP-Link remotely and here is where I struggle for few days. I don't know how to configure OpenFlow: "if someone ask for 192.168.10.22, this is for the switch, don't process this packet through the whole pipeline". Maybe I missed an action that can do this in the OpenFlow spec! I think of two solutions: - Setting two VLAN on the eth1 interface ; one for admins, one for OpenFlow. And configure all the admins PC to use this vlan. - Use another interface for admins. In a real network, you can't afford two uplinks... Is there any smart way to sort this out? Thanks, Jean
_______________________________________________ openflow-discuss mailing list openflow-discuss@lists.stanford.edu https://mailman.stanford.edu/mailman/listinfo/openflow-discuss
