Hi Iwase,
Thanks for your reply.
So if this is the case, can we run rest_firewall and rest_router at the
same time ?
Best Regards,
Hong Panha
On Thu, Dec 8, 2016 at 1:50 PM, Iwase Yusuke <iwase.yusu...@gmail.com>
wrote:
> Hi again,
>
>
> On 2016年12月06日 15:39, ホンパンニャー wrote:
> >
> > Hi everyone,
> >
> > I am doing an experiment with my mini-server running
> >
> > OVS
> >
> > ryu 4.7
> >
> > mininet
> >
> >
> > In mininet, i used below command to create a network topology which has
> one switch and 2 hosts.
> >
> >
> > sudo mn --topo single,3 --mac --switch ovsk --controller remote -x
> >
> >
> > and then i changed the ip of each host as below
> >
> >
> > h1: 10.0.0.1/28 <http://10.0.0.1/28>
> >
> > h2: 10.0.0.17/28 <http://10.0.0.17/28>
> >
> >
> > I want to implement the firewall into my network topology by running
> rest_firewall.py through ryu-manager. After running rest_firewall.py on ryu
> controller, I execute these command:
> >
> >
> > # Enable firewall on switch dpid=1
> >
> > $ curl -X PUT http://localhost:8080/firewall/module/enable/
> 0000000000000001
> >
> >
> > # Install rules for ICMP connectivity.
> >
> > $ curl -X POST -d '{"nw_src": "10.0.0.0/28 <http://10.0.0.0/28>",
> "nw_dst": "10.0.0.16/28 <http://10.0.0.16/28>", "nw_proto": "ICMP"}'
> http://localhost:8080/firewall/rules/0000000000000001
> >
> > $ curl -X POST -d '{"nw_src": "10.0.0.16/28 <http://10.0.0.16/28>",
> "nw_dst": "10.0.0.1/28 <http://10.0.0.1/28>", "nw_proto": "ICMP"}'
> http://localhost:8080/firewall/rules/0000000000000001
> >
> >
> > Then i tried to ping from h1 to h2 from mininet but i got an error
> message which said "network couldn't be reached". It seems like there is no
> route to each network. So my question are:
> >
> > 1. Does rest_firewall.py work across the networks ?
> > 2. If it works, How to set the route to each network ?
>
> This is because rest_firewall does not provide L3 routing features, I
> guess.
> As rest_router doing, you need to resolve L3 reachability at your switch,
> first.
>
> Thanks,
> Iwase
>
>
> >
> > Best Regards,
> > Hong Panha
> > --
> > 東京工科大学 コンピュータサイエンス学部 ネットワークコース 4年次
> > ホン パンニャー
> > HONG Panha
> > Tel: 090 6523 1168
> > Email: c011361...@edu.teu.ac.jp <mailto:c011361...@edu.teu.ac.jp>
> > 〒192-0372 東京都八王子市下柚木1987-1大学セミナーハウス102号室
> >
> >
> > ------------------------------------------------------------
> ------------------
> > Developer Access Program for Intel Xeon Phi Processors
> > Access to Intel Xeon Phi processor-based developer platforms.
> > With one year of Intel Parallel Studio XE.
> > Training and support from Colfax.
> > Order your platform today.http://sdm.link/xeonphi
> >
> >
> >
> > _______________________________________________
> > Ryu-devel mailing list
> > Ryu-devel@lists.sourceforge.net
> > https://lists.sourceforge.net/lists/listinfo/ryu-devel
> >
>
--
東京工科大学 コンピュータサイエンス学部 ネットワークコース 4年次
ホン パンニャー
HONG Panha
Tel: 090 6523 1168
Email: c011361...@edu.teu.ac.jp
〒192-0372 東京都八王子市下柚木1987-1大学セミナーハウス102号室
------------------------------------------------------------------------------
Developer Access Program for Intel Xeon Phi Processors
Access to Intel Xeon Phi processor-based developer platforms.
With one year of Intel Parallel Studio XE.
Training and support from Colfax.
Order your platform today.http://sdm.link/xeonphi
_______________________________________________
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
