On Fri, Oct 23, 2020 at 02:38:06PM +0000, Soliman Awad Alshra´a Abdullah TU Ilmenau wrote: > OpenFLow switch is able to keep track of the sequence number of each traffic > flow to detect MAC spoofing attack. Upon reception of a frame, the algorithm > calculates the gap G between the sequence number of the current frame and > that of the last frame received from the same source address. If G = 0, the > current frame is considered as a re-transmitted frame, while if G = 1 or G = > 2, the current frame is considered the right one. But, if the gap between the > current frame and previous frame is in between 3 and 4096, then it is > considered an abnormal sequence number. > > In my case, I use Ryu Controller and I would like to do the same work, where > the switch sends the alert to the controller after the switch detects the gap.
This doesn't make sense to me. Frames don't have sequence numbers. Can you cite the publication that makes this claim? _______________________________________________ dev mailing list d...@openvswitch.org https://mail.openvswitch.org/mailman/listinfo/ovs-dev
