Hi, Thanks for the response.
Best Regards, Hong Panha Sent from my iPhone > On 8 Dec 2016, at 14:12, Iwase Yusuke <iwase.yusu...@gmail.com> wrote: > > Hi, > > >> On 2016年12月08日 13:57, ホンパンニャー wrote: >> Hi Iwase, >> >> Thanks for your reply. >> >> So if this is the case, can we run rest_firewall and rest_router at the same >> time ? > > I saw the same question before, but unfortunately it is not possible without > any > modification, I guess. > The two Apps are not designed for working together, the flows installed by > them > might conflict each other. > So, you need to modify some by your self. > > Thanks, > Iwase > > >> >> Best Regards, >> Hong Panha >> >> >> On Thu, Dec 8, 2016 at 1:50 PM, Iwase Yusuke <iwase.yusu...@gmail.com >> <mailto:iwase.yusu...@gmail.com>> wrote: >> >> Hi again, >> >> >>> On 2016年12月06日 15:39, ホンパンニャー wrote: >>> >>> Hi everyone, >>> >>> I am doing an experiment with my mini-server running >>> >>> OVS >>> >>> ryu 4.7 >>> >>> mininet >>> >>> >>> In mininet, i used below command to create a network topology which has one >>> switch and 2 hosts. >>> >>> >>> sudo mn --topo single,3 --mac --switch ovsk --controller remote -x >>> >>> >>> and then i changed the ip of each host as below >>> >>> >>> h1: 10.0.0.1/28 <http://10.0.0.1/28> <http://10.0.0.1/28> >>> >>> h2: 10.0.0.17/28 <http://10.0.0.17/28> <http://10.0.0.17/28> >>> >>> >>> I want to implement the firewall into my network topology by running >>> rest_firewall.py through ryu-manager. After running rest_firewall.py on ryu >>> controller, I execute these command: >>> >>> >>> # Enable firewall on switch dpid=1 >>> >>> $ curl -X PUT http://localhost:8080/firewall/module/enable/0000000000000001 >>> <http://localhost:8080/firewall/module/enable/0000000000000001> >>> >>> >>> # Install rules for ICMP connectivity. >>> >>> $ curl -X POST -d '{"nw_src": "10.0.0.0/28 <http://10.0.0.0/28> >>> <http://10.0.0.0/28>", "nw_dst": "10.0.0.16/28 <http://10.0.0.16/28> >>> <http://10.0.0.16/28>", "nw_proto": "ICMP"}' >>> http://localhost:8080/firewall/rules/0000000000000001 >>> <http://localhost:8080/firewall/rules/0000000000000001> >>> >>> $ curl -X POST -d '{"nw_src": "10.0.0.16/28 <http://10.0.0.16/28> >>> <http://10.0.0.16/28>", "nw_dst": "10.0.0.1/28 <http://10.0.0.1/28> >>> <http://10.0.0.1/28>", "nw_proto": "ICMP"}' >>> http://localhost:8080/firewall/rules/0000000000000001 >>> <http://localhost:8080/firewall/rules/0000000000000001> >>> >>> >>> Then i tried to ping from h1 to h2 from mininet but i got an error message >>> which said "network couldn't be reached". It seems like there is no route >>> to each network. So my question are: >>> >>> 1. Does rest_firewall.py work across the networks ? >>> 2. If it works, How to set the route to each network ? >> >> This is because rest_firewall does not provide L3 routing features, I >> guess. >> As rest_router doing, you need to resolve L3 reachability at your switch, >> first. >> >> Thanks, >> Iwase >> >> >>> >>> Best Regards, >>> Hong Panha >>> -- >>> 東京工科大学 コンピュータサイエンス学部 ネットワークコース 4年次 >>> ホン パンニャー >>> HONG Panha >>> Tel: 090 6523 1168 >>> Email: c011361...@edu.teu.ac.jp <mailto:c011361...@edu.teu.ac.jp> >>> <mailto:c011361...@edu.teu.ac.jp <mailto:c011361...@edu.teu.ac.jp>> >>> 〒192-0372 東京都八王子市下柚木1987-1大学セミナーハウス102号室 >>> >>> >>> ------------------------------------------------------------------------------ >>> Developer Access Program for Intel Xeon Phi Processors >>> Access to Intel Xeon Phi processor-based developer platforms. >>> With one year of Intel Parallel Studio XE. >>> Training and support from Colfax. >>> Order your platform today.http://sdm.link/xeonphi >>> >>> >>> >>> _______________________________________________ >>> Ryu-devel mailing list >>> Ryu-devel@lists.sourceforge.net <mailto:Ryu-devel@lists.sourceforge.net> >>> https://lists.sourceforge.net/lists/listinfo/ryu-devel >>> <https://lists.sourceforge.net/lists/listinfo/ryu-devel> >>> >> >> >> >> >> -- >> 東京工科大学 コンピュータサイエンス学部 ネットワークコース 4年次 >> ホン パンニャー >> HONG Panha >> Tel: 090 6523 1168 >> Email: c011361...@edu.teu.ac.jp <mailto:c011361...@edu.teu.ac.jp> >> 〒192-0372 東京都八王子市下柚木1987-1大学セミナーハウス102号室 >> >> >> ------------------------------------------------------------------------------ >> Developer Access Program for Intel Xeon Phi Processors >> Access to Intel Xeon Phi processor-based developer platforms. >> With one year of Intel Parallel Studio XE. >> Training and support from Colfax. >> Order your platform today.http://sdm.link/xeonphi >> >> >> >> _______________________________________________ >> Ryu-devel mailing list >> Ryu-devel@lists.sourceforge.net >> https://lists.sourceforge.net/lists/listinfo/ryu-devel >> ------------------------------------------------------------------------------ Developer Access Program for Intel Xeon Phi Processors Access to Intel Xeon Phi processor-based developer platforms. With one year of Intel Parallel Studio XE. Training and support from Colfax. Order your platform today.http://sdm.link/xeonphi _______________________________________________ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
