Thanks a lot for your prompt reply, Yes, thanks for your suggestions, even I'm inclined towards using l2_learning.py as the base but since l3_learning has already built-in some ipv4 packet handling so thought of choosing it as a base and l3_learning seems to be strange for me now(after spending some time to understand l2_learning seems to be straight forward). Anyhow I decided to use l2_learning.py as my base.
My second requirement is as follows: ****** #This module will implement the feature of providing the user with an option to group flows into broadcast domains based on ingress ports of the switch. This is a pseudo VLAN implementation using OpenFlow. Except, VLANs are tied to ports and it is exhaustive to make management changes to VLAN configuration. Here, the administrator only needs to enter the ports in the configuration file. So for example consider a switch s1 (1,2,3,4,5,6,7,8,9,10) with ten ports and now I configure ports (5,6,7) to be in one domain, and all broadcast traffic from these ports should be sent only among these ports (broad cast traffic from port 5 --> flood on port 6, 7 or Broadcast traffic on port 6 --> flood on ports 5, and 7). 1) Could you please let me know how can I achieve this requirement? Since in this case I need to keep track configuration of each switch in the network and then form policies on those switch ports to redirect traffic accordingly. ******* # Now, for implementing blocking flows for IP addresses and application ports based on l2_learning.py 1) After, I parse the packet (packet = event.parsed), could you redirect me to complete list of properties of this parsed packet so that I can use it in my code. 2) In this I also need to access application port (TCP/UDP port) can I get it from parsed packet properties. As you mentioned "You can examine which switches are currently connected by iterating over core.openflow.connections. That will give you each of the Connection objects. You can then inspect their "ports" attributes to see their ports,..." 3) Could you also redirect me to some links that will provide complete list of properties or methods that I can access the contents of the packet_in message, (In Mininet I saw the communication between switch and the controller exchange a lot of openflow messages - packet_in , packet_out, and flowmod) as a Newbie to openflow I'm finding it difficult with accessing the properties of each message. ******** # Finally, we have very short span of time to complete our project, I would admire any prompt help from you and as we are planning a demo of our project on GENI platform do you think there will be any portability issues? Thanks and Regards, Shashaankar *Research Assistant (Systems Research Lab)* *North Carolina State University* *Computer Science Dept.* 314-609-9035 On Fri, Nov 23, 2012 at 6:55 PM, Murphy McCauley <[email protected]>wrote: > *From: *shashaankar reddy <[email protected]> > *Subject: **L3_learning blocking flows* > *Date: *November 23, 2012 11:14:26 AM PST > *To: *[email protected] > > > 2) Implementing Broadcast domain dissection (VLAN) of switch > ingress/outgress ports i.e. grouping switch ports so that broadcast traffic > will be sent on these ports itself. > > > See below, but l3_learning doesn't broadcast at all except sometimes for > ARP, so I'm not sure I know what this means in the context of l3_learning. > > For the above requirements I'm using l3_learning.py for making changes to > implement the above two requirements. > > > I don't think I would. I think I'd base it on l2_learning if I were you. > l3_learning is a bit of a strange animal; unless you've taken the time to > understand what it does, you probably don't want it. > > I have couple of question regarding the l3_learning > > *1) Does it work for multiple switches in the network.* > Since I have to use a network as follows: > c0-controller, (s1 - s2) (s1 - s3) (h1 - s2) (s2 - h2) (s3 - h3) (s3 - h4) > where controller will be running on c0 and there are 3 switches in the > network. > For the above requirements I need to maintain separate configuration for > each and every switch in the network in this case it is 3 switches. > > > Yes, l3_learning does handle multiple switches, but you'll have to > separate out your configuration yourself (by having a dictionary keyed the > the individual switch DPIDs or something). > > l2_learning, on the other hand, creates an individual class for each > connection from a switch, which I think will make it easier for you to keep > separate configuration. > > 2)* How can I implement the drop functionality for blocking flows based > on ip addresses and application port numbers.* > Can I use a similar function that is used in l2_learning.py > > > In the PacketIn handler, check properties of the incoming packet (the > event's "parsed" attribute). If you don't want it, you should send back a > packet_out referencing the buffer but with no actions (this will cause the > switch to throw the buffer away). Alternately, you might install a > short-lived flow to match the packet so that if there are a bunch of > similar packets, you don't have to handle them separately. There's a > function in l2_learning that does either of these, which is probably what > you were referring to. So yes, you can do that. > > *3) Is there a way where I can capture all the switches configuration in > the network*. This I need it because I need to input flow policies based > on number of switches available and the number of ingress/outgress ports > available at each switch. > > > I'm not sure what you mean. Maybe you can explain further what you need? > > You can examine which switches are currently connected by iterating over > core.openflow.connections. That will give you each of the Connection > objects. You can then inspect their "ports" attributes to see their ports, > but I don't know what you mean by ingress/outgress in this context. > > -- Murphy >
