Hello,
I'm currently trying to see if it's possible to automatically put specific
hosts in a certain VLAN with the Ryu controller as a way of automatically
quarantining devices. In my setup I have 2 Openvswitches with Ryu controller
running the simple_switch_13.py
I've had success with automatically denying devices acess to the network by
adding/deleting flowrules with a script that automatically calls the ofctl rest
api.
I'm trying to do something similar here by automatically making a flowrule
which tags frames containing a MAC-adress with a VLAN tag, so that no matter
which port the device is connected to, it will be placed in a quarantined VLAN.
Currently I'm trying to accomplish this with this call:
curl -X POST -d '{
"dpid": 1,
"priority": 100,
"match":{
"dl_type": "0x8000",
"eth_src":"xx:xx:xx:xx:xx:xx",
"in_port": -1,
"out_port": -1,
},
"actions":[
{
"type": "PUSH_VLAN",
"ethertype": 33024
},
{
"type": "SET_FIELD",
"field": "vlan_vid",
"value": 100
},
]
}' http://localhost:8080/stats/flowentry/add
The flowrule does get added to the table, but none of the packets match, while
I was hoping that every packet that had the specified source mac-address would
match.
I'm not really sure how to proceed, so if anyone has suggestions, that would be
greatly appreciated!
Thanks.
_______________________________________________
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
