Re: [nox-dev] routing module
No, you need to write code to make it behave as a IP router. Please look at this earlier thread: http://noxrepo.org/pipermail/nox-dev/2011-April/007494.html On Thu, Sep 1, 2011 at 7:23 PM, linbo li...@csnet1.cs.tsinghua.edu.cn wrote: I want to know whether nox implement the function that enalbe two hosts in different subnets ping each other? Here is my topo: host1 host2 host3 host4 | | | | OFSWE1--OFSWC1---OFSWE2=== == 192.168.1.0/24 192.168.2.0/24 _||___ 1.Can host1 ping host3,the routing module can do this? 2.and I also want to know how the routing module to recompute the route path when a link failure happend? Hope someone can help me. Thank you! 2011-09-02 linbo ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] 00042|nox|ERR:bind: Address already in use
No it got stuck at 00040|openflow|DBG:Passive tcp interface bound to port 6636 00041|nox|INFO:nox bootstrap complete When you do not specify any module, the controller does not move any further. If you run it as ./nox_core -v -i ptcp:6635 pytutorial, then you will be activity when traffic is initiated or when switches connect to it. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] check if a link is in route
Hi Karim I don't think the is_on_path_location method does what you require. I guess you can look at Routing_module::setup_route and write your own method to iterate thro' the links in a route. If you already did that, it'll help the list to send a copy of your implementation. Thanks Srini. On Fri, Jul 15, 2011 at 4:55 AM, karim torkmen karim.torkm...@gmail.com wrote: Hi all, I want to know if there is any method that allows to know if a given link is in a given route and what do the following methods of the routing module bool is_on_path_location(const RouteId id, uint16_t src_port, uint16_t dst_port) and void clean_route(const RoutePtr, RoutePtr, bool) do. Thanks a lot, karim ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
[nox-dev] Issues in Ubuntu 10.04 with boost_filesystem-mt
Hi I am trying to compile the latest head of NOX-Zaku on an Ubuntu 10.04 machine. I didn't receive any errors when I ran boot.sh. But, when I ran configure, I got the following error: checking whether the Boost::UnitTestFramework library is available... yes configure: error: Could not link against boost_filesystem-mt ! I don't see any solution for others that have faced similar issues in the past. Do I need to run configure with additional command-line options or should I be installing any other package? Thanks Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Issues in Ubuntu 10.04 with boost_filesystem-mt
Hi Murphy I already had libboost-filesystem-dev installed. I now went ahead and installed libboost-all-dev. That seemed to have helped and I've managed to get it to configure. Thanks Srini. On Tue, Jun 14, 2011 at 2:29 PM, Murphy McCauley jam...@nau.edu wrote: Do you have libboost-filesystem-dev installed? -- Murphy On Tuesday, June 14, 2011 02:25:47 PM Srini Seetharaman wrote: Hi I am trying to compile the latest head of NOX-Zaku on an Ubuntu 10.04 machine. I didn't receive any errors when I ran boot.sh. But, when I ran configure, I got the following error: checking whether the Boost::UnitTestFramework library is available... yes configure: error: Could not link against boost_filesystem-mt ! I don't see any solution for others that have faced similar issues in the past. Do I need to run configure with additional command-line options or should I be installing any other package? Thanks Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] how to use Authentication component
I'm not sure. Maybe someone else in the list knows the right way to import
it.
On Sat, Jun 11, 2011 at 3:01 AM, 颜玮 yan...@bupt.edu.cn wrote:
I am wirting a program to print the location of each host.And,i think
*Authenticator* can help me with that. My plan is to call *
get_authed_locations(self,dladdr,nwaddr)* in *pyauth.py*,i don't know
wether this way can work or not,if i am wrong,please correct me.
When i imported authenticator component to my file using“*from
nox.netapps.authenticator import pyauth*”,something when wrong,the error
info :
00041|nox|DBG:authtest:
Current state: ERROR
Required state: INSTALLED
Dependencies: 'python' OK, 'python' OK
Error:
cannot import a Python module
'nox.coreapps.examples.authtest':
Traceback (most recent call last):
File ./nox/coreapps/examples/authtest.py, line 2, in
module
from nox.netapps.authenticator import pyauth
File ./nox/netapps/authenticator/pyauth.py, line 25, in
module
_pyauth = swig_import_helper()
File ./nox/netapps/authenticator/pyauth.py, line 21, in
swig_import_helper
_mod = imp.load_module('_pyauth', fp, pathname,
description)
ImportError: ./nox/netapps/authenticator/_pyauth.so:
undefined symbol: vigil::Host_auth_event::Host_auth_event(vigil::datapathid,
unsigned short, vigil::ethernetaddr, unsigned int, long long, long long,
unsigned int, vigil::Host_event::Reason)
00042|nox|ERR:Cannot change the state of 'authtest' to INSTALLED:
'authtest' ran into an error:
cannot import a Python module 'nox.coreapps.examples.authtest':
Traceback (most recent call last):
File ./nox/coreapps/examples/authtest.py, line 2, in module
from nox.netapps.authenticator import pyauth
File ./nox/netapps/authenticator/pyauth.py, line 25, in
module
_pyauth = swig_import_helper()
File ./nox/netapps/authenticator/pyauth.py, line 21, in
swig_import_helper
_mod = imp.load_module('_pyauth', fp, pathname, description)
ImportError: ./nox/netapps/authenticator/_pyauth.so: undefined
symbol: vigil::Host_auth_event::Host_auth_event(vigil::datapathid, unsigned
short, vigil::ethernetaddr, unsigned int, long long, long long, unsigned
int, vigil::Host_event::Reason)
Am i importing the component in the right way?
can anybody help me with that?
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Doubt about len parameter in packet in event
Hi Luciano I guess you're using the ofp_packet_in-total_len value? That is indeed the length of the packet that came into the port which generated the pkt_in. If you're looking to compute the overall traffic sent from a server, you can also use the flow_exp message and sum it for all the flows sent by that server. On Wed, May 25, 2011 at 11:05 PM, lignac...@inf.ufrgs.br wrote: Hello, I have developed a script to distribute flows among three servers using mininet + FlowVisor + Nox. I tested the scripts with Iperf and Wireshark and apparently it is working well. My only question is related to the len parameter in packet_in event. I am using this parameter to calculate the traffic sent for each server. Can I really use this parameter? Does it represent the length of the packet? PS. I just sum the len´s value when the switch receives a IP_TYPE packet. Thank you. My best regards. Luciano Ignaczak This message was sent using IMP, the Internet Messaging Program. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] how can nox controller get rtt time?
Hi Yi-Shou You could possibly use the following to approx for RTT time: timestamp(barrier_reply) - timestamp(fwd pkt_in), assuming the barrier_request is sent with the pkt_out of the reverse direction ICMP. On Wed, May 11, 2011 at 8:16 AM, false ladj...@yahoo.com.tw wrote: Hi, I have a problem about the nox controller get rtt time from NetFPGA based OpenFlow switch. Assuming there are two hosts connecting to a LAN network is established by NetFPGA based OF switch, and hosts can not communication with nox controller which control the NetFPGA based OF swtich because hosts do not connect to internet. Then, if hosts can not tell rtt time to nox controller, does the nox controller has any methods can know rtt time between hosts? Any suggest will be helpful! Thank you! Yi-Shou ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] how to use Authentication component
You may be able to listen for Host_event (with filter Host_event.action == Action.ADD), and track the datapath_id and port of each host. In the python side, I think it is Host_bind_event. 2011/6/10 颜玮 yan...@bupt.edu.cn: Hi all, I met difficulty in using Authontication component,and i need your help. here is my problem: I want to know the location of each host,and i think there must be a function in Authentication component that i can ues,but i don't know which one. Any one knows? also,should i import the component in my codefile like from nox.netapps.authenticator.pyauth import * ? --- yan 6/10 ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Rewrite MAC Address OpenFlow
Hi Alexander Can you be more specific about what error you're getting? You are not specifying any output action. Try adding that too like: actions = [ [openflow.OFPAT_SET_DL_DST, 00:00:00:00:00:02], ,[openflow.OFPAT_OUTPUT, [0, outport]] ] What switch are you using? Thanks Srini. On Fri, May 27, 2011 at 10:40 PM, alexander scaranti alexander.scara...@gmail.com wrote: Hi, I'm not able to change the MAC address of an HTTP packet OpenFlow follows the code I'm using to try to change, but it is coming out in error: actions = [openflow.OFPAT_SET_DL_DST, 00:00:00:00:00:02] self.install_datapath_flow (dpid, flow, 5, 0, actions, bufid, openflow.OFP_DEFAULT_PRIORITY, inport, packet) I am developing a python load balancer. What am I doing wrong? Thanks, Alexander Scaranti ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] [openflow-discuss] OpenFlow Error (type=1, code=7) (type=1, code=8)
Hi Marwen I believe this is a problem with your NOX code. Could you please mail to the nox-dev list relevant pieces of your code and folks can help you figure out what is going wrong? Please drop openflow-discuss list from the future replies. Thanks Srini. On Mon, May 2, 2011 at 3:24 AM, marwen marwen marwen.e...@gmail.com wrote: Hi Niky, Thank you for your reply. I verified that is a problem of sending two instruction to the switch with the same buffer_id. and after that the buffer_id is changed to 'None' that's why I have this error messages. In my Nox application I put in the parameters of install_datapath_flow function the same buffer_id received from the switchs. But I don't know if this problem is related to Openflow switches or the Nox application. and can I resolve this problem. Best regards Marwen 2011/5/1 Niky Riga nr...@bbn.com Hi Marwen, According to the OpenFlow 1.0.0 specification doc (http://www.openflow.org/documents/openflow-spec-v1.0.0.pdf page 39) type=1 error is a bad request error (OFPET_BAD_REQUEST) and codes 7 and 8 mean buffer empty and buffer unknown (OFPBRC_BUFFER_EMPTY, /* Specified buffer has already been used. */ OFPBRC_BUFFER_UNKNOWN /* Specified buffer does not exist. */) Make sure that you only send one instruction to the switch for each bufferid, you can specify multiple actions in the same instruction. Hope this helps, Niky marwen marwen wrote: Hi all, I'm using OpenFlow 1.0 but I have this ERROR openflow-event|ERR: received Openflow error packet from dpid=000d: type=1, code=7 and sometimes I have this ERROR openflow-event|ERR: received Openflow error packet from dpid=000a: type=1, code=8 Please can you help me to resolve this problem Thank you Best regards Marwen ___ openflow-discuss mailing list openflow-disc...@lists.stanford.edu https://mailman.stanford.edu/mailman/listinfo/openflow-discuss ___ openflow-discuss mailing list openflow-disc...@lists.stanford.edu https://mailman.stanford.edu/mailman/listinfo/openflow-discuss ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Routing problem
Hi Ibrahim Ping will not work because NOX routing module does not provide conventional IP routing. You will need to code it yourself. There is another thread that had similar concern: http://www.mail-archive.com/nox-dev@noxrepo.org/msg02563.html For IP routing to work across subnets: - The IP router should reply to ARP from both subnets - Any pkt with dst MAC being that of the IP router should be fwded to real destination, only after dest MAC is replaced. - For finding the ultimate dest MAC, the IP router should perform ARP request for the ultimate dest IP None of the above is performed by the NOX routing module. If you do manage to develop the code for this, please feel free to mail appropriate modules/code to the list. Thanks Srini. On Wed, Apr 27, 2011 at 2:39 AM, ibrahim mun ibrahim.me...@alumnos.upm.es wrote: Hi Martin , Ali, All, I'm getting crazy with nox routing module, I was looking in nox mailing list to figure out the problem and from your discussion It seems I wasn't doing things wrong! I have the following topology on mininet: host1 host2 host3 OFSWC3---host7 host8 host9 | | | | | | | | OFSWE1--OFSWC1---OFSWC2---OFSWE2= | | | | | | host4 host5 host6 host10 host11 host12 192.168.0.0/24 | 192.168.2.0 | 192.168.1.0/24 _||___ I tried to run routing to ping h12 from h1 but it doesn't work (I can ping h2 from h1) I changed routing tables, defined default gw for all hosts, removed the loop in core switches but still not working. I tried to run flowvisor to slice the net and two nox controllers as : switch to control the edges OFSWE1, OFSWE2 : routing to control the core OFSWC1,OFSWC2 I tried many more things but never achieved the connectivity ! 1. If it wasn't possible to do this at oct/2009, does it possible now with openflow 1.0 and Nox 0.9.0? 2. How can I achieve the connectivity between different subnets? could replacing edge routers with non openflow routers solve the problem? Thank you very much, --Ibrahim ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] how to add a flow entry through nox to the openflow switch
Hi linbo Could you please verify the connectivity by setting up an ethernet bridge (using brctl) between the eth1 and eth2? If the ping worked fine in the bridge, it should work fine with OpenFlow switching. Thanks Srini. 2011/4/26 linbo li...@csnet1.cs.tsinghua.edu.cn: Yes,I tried the command ./nox_core -v -i ptcp:6633 pyswitch,and ping can work well Thank you~ 2011-04-26 linbo 发件人: Kyriakos Zarifis 发送时间: 2011-04-26 16:11:35 收件人: linbo 抄送: nox-dev; openflow-discuss 主题: Re: [nox-dev] how to add a flow entry through nox to the openflow switch Hi, which NOX components are you running? You need do have some component(s) that will install flow entries on the switch for the ping to go through have a look here: http://noxrepo.org/noxwiki/index.php/FAQ#What_does_the_traversal_of_a_packet_through_a_NOX_controlled_network_look_like.3F 2011/4/26 linbo li...@csnet1.cs.tsinghua.edu.cn Hi ,all I want to verify the openflow and controller work well or not,but I get something wrong. here is my problem: 1、the openflow switch has connetected to nox ,and the topology is as follow: openflow-controller:eth0 - 192.168.1.1/24 openflow-switch:eth0 - 192.168.1.2/24 openflow-switch:eth1 - no IP (would act as a switch port) openflow-switch:eth2 - no IP (would act as a switch port) openflow-host1:eth0 - 192.168.2.1/24 openflow-host2:eth0 - 192.168.2.2/24 2、when i ping host1 from host2 ,I can't see any ping replies coming. i check out the flow table of the switch ,and the flow table of the swtich is empty。 so how can I add a flow entry through nox to the openflow switch to let the ping work welll Thank you! 2011-04-26 linbo ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Is there command line which can add flow table to openflow on NOX?
Hi There is no command line command for NOX to perform the actions. You need to write code in C++ or Python to achieve any action you need. dpctl is the command that will let you do all that you need. Thanks Srini. On Mon, Apr 25, 2011 at 7:36 PM, ??? dongwx134...@huawei.com wrote: Hi:everyone I am a person new to NOX and OpenFlow. Thanks you very much. I use OpenFlow1.0 and original NOX0.6 building system,as shown below. === + NOX + === |189.81.50.99/24 | | ETH1 | 189.81.50.77/24 = PC1-- +OpenFlow+--PC2 140.1.1.1/24 Eth0=Eth2 140.1.1.2/24 We can add flow using './dpctl add-flow ' on OpenFlow,but I can not find any command on NOX,including add-flow command、del-flow command and so on. Is there command line on NOX? If it exists,please tell me, thanks a lot. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] [openflow-discuss] Pyswitch VLAN
Hi Max This mail is more appropriate for the nox-dev list that I've copied here. I now can ping two machines across a VLAN using NOX and pyswitch. However, the latter does not seem to create a flow for the VLAN pings as each of them shows up at the controller. I assume the pyswitch isn't aware of VLAN. Yes, pyswitch and much of the code in NOX does not track VLANs. Now having looked at the code, I was wondering where I could find a writeup on how to add my own extensions and documentation on all the relevant API calls and their options. If no one wrote to you thus far, I guess there is nothing ready for public use. Please mail the nox-dev list if you manage to get this resolved and working on your own. Thanks! Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] Spanning tree module has error in NOX
Hi Yi-Shou The spanning_tree module was written for earlier version of NOX. I don't think it was ever tested with the latest version. Please let us know if you there are certain changes you can make to the spanning_tree module to make it work with NOX-Zaku. We can post that code online in the wiki. Thanks Srini. On Wed, Mar 16, 2011 at 7:05 AM, false ladj...@yahoo.com.tw wrote: i, I want to use spanning tree module in NOX, And I find the basic spanning tree web page, the URL like the following: http://www.openflow.org/wk/index.php/Basic_Spanning_Tree but I got some problem in NOX, like the following: error message 'spanning_tree' ran into an error: cannot import a Python module 'nox.netapps.spanning_tree.spanning_tree': Traceback (most recent call last): File ./nox/netapps/spanning_tree/spanning_tree.py, line 17, in module from nox.netapps.bindings_storage.pybindings_storage import pybindings_storage File ./nox/netapps/bindings_storage/pybindings_storage.py, line 7, in module import _pybindings_storage ImportError: ./nox/netapps/bindings_storage/_pybindings_storage.so: undefined symbol: vigil::applications::Bindings_Storage::get_links(vigil::datapathid, boost::functionvoid ()(std::__debug::listvigil::applications::Link, std::allocatorvigil::applications::Link ), std::allocatorvoid const) - My nox version is zaku-0.9.0-full beta, do I need to update something or what code do I need to add? Can anybody tell me how to solve this problem? Any suggest will be helpful. Thank you. Yi-Shou ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev
Re: [nox-dev] [openflow-discuss] OpenFlow- NOX compiling problem
Hi Leonardo This question is more appropriate for the nox-dev mailing list. Could you please retry git clone git://noxrepo.org/nox ? The old version you downloaded is for versions of OpenFlow earlier than 1.0. We don't really support it at this point (I hope your NetFPGA switch is also ver1.0) Thanks Srini. On Wed, Mar 2, 2011 at 7:01 AM, Leonardo Linguaglossa theleo...@gmail.com wrote: Hello everybody, I am new to OpenFlow and NOX controller and I am trying to install NOX from source. My configuration is a NetFPGA Cube, with all package installed and also the openflow is already installed, but I am having problems about the installation of Nox. At first I followed what is said in the install guide using git, but I received: git clone git://noxrepo.org/nox Cloning into noxcore... fatal: The remote end hung up unexpectedly So I tried to download the source and do the installation in this way, but after doing the ./configure (gone well), when I do the make command, the output is: openflow-event.cc: At global scope: openflow-event.cc:68: error: expected ‘,’ or ‘...’ before ‘*’ token openflow-event.cc:68: error: ISO C++ forbids declaration of ‘ofp_flow_expired’ with no type openflow-event.cc: In function ‘vigil::Event*unnamed::handle_flow_expired(vigil::datapathid, int)’: openflow-event.cc:72: error: ‘ofe’ was not declared in this scope openflow-event.cc:72: error: ‘buf’ was not declared in this scope openflow-event.cc: In function ‘vigil::Event* vigil::openflow_packet_to_event(vigil::datapathid, std::auto_ptrvigil::Buffer)’: openflow-event.cc:277: error: ‘OFPT_FLOW_EXPIRED’ was not declared in this scope openflow-event.cc:278: error: no matching function for call to ‘handle_packet(vigil::Event* ()(vigil::datapathid, int), vigil::datapathid, const ofp_header*, std::auto_ptrvigil::Buffer)’ make[5]: *** [openflow-event.lo] Error 1 make[5]: Leaving directory `/home/netfpga2/nox/nox-0.4.0~beta/src/lib' make[4]: *** [all] Error 2 make[4]: Leaving directory `/home/netfpga2/nox/nox-0.4.0~beta/src/lib' make[3]: *** [all-recursive] Error 1 make[3]: Leaving directory `/home/netfpga2/nox/nox-0.4.0~beta/src' make[2]: *** [all] Error 2 make[2]: Leaving directory `/home/netfpga2/nox/nox-0.4.0~beta/src' make[1]: *** [all-recursive] Error 1 make[1]: Leaving directory `/home/netfpga2/nox/nox-0.4.0~beta' make: *** [all] Error 2 I hope you could help me, because I don't know how to overcome this problem. Regards, Leonardo ___ openflow-discuss mailing list openflow-disc...@lists.stanford.edu https://mailman.stanford.edu/mailman/listinfo/openflow-discuss ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] [openflow-discuss] NOX, FlowVisor, SNAC qeustion
Hi Min-Hyup Kang: Generally SNAC is used as the controller for the production network and NOX is used as the controller for experiments. When you want to run both (production traffic and experiments) in your network then you need to use the FlowVisor. All 3 software can run on the same PC if you wish. You should install the 1.0 version of SNAC. Thanks Srini. 2011/2/6 Min-Hyup Kang kang-min-h...@hanmail.net Dear All, I have a basic question. I am planning to run controller for SNAC.(OS:Ubuntu Server version 10.10). but If I run NOX, SNAC, I know FlowVisor should run. Is it right ? so, I installed NOX(0.6) FlowVisor(git clone git://openflowswitch.org/flowvisor.git) and I use Pronto 3290 Openflow Switch. 1. Can I run NOX,SNAC and FlowVisor on A PC ? 2. What Should I install SNAC version ? 0.8.9 ? 1.0 ? Thank you for your attention ! ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Handling corrupted TCP header
Hi KK The patch looks right. I will push that to SNAC too. Thanks Srini. On Fri, Jan 14, 2011 at 10:47 AM, kk yap yap...@stanford.edu wrote: Okay, I think the high level point is we should expose malformed packets and let others decide how to handle it. Can someone review this patch before I push? Regards KK On 14 January 2011 01:25, Rob Sherwood rob.sherw...@stanford.edu wrote: Fwiw, I agree with what both Masa and KK. Masa's point: OFPP_TABLE shouldn't be a special case: i.e., it should be able to generate packet_in's on the second pss KK's point: this should be more explicitly called out in the spec. I think if you were to suggest a specific wording in the next week, this could still make it into the 1.1 spec. - Rob . On Thu, Jan 13, 2011 at 7:06 PM, Masayoshi Kobayashi mkoba...@stanford.edu wrote: KK, I think the implementer will read the spec the other way around. Spec requires nothing special about OFPP_TABLE action (it does not say don't generate pkt_in, if there is no match). So the switch just follows the default behavior, i.e., pkt_in will be generated. I would expect the reference design also does the same. Masa On 01/13/2011 06:38 PM, kk yap wrote: Because the action of pkt_out is OFPP_TABLE. (the packet in pkt_out does not match to the entry that is installed by flow_mod, since the matching entry says nw_proto=0). Is there anything in the spec that says that the switch should send another packet-in if there is no matching entry for a OFPP_TABLE? I am failing to find that. Can someone point to why this behavior is specified by the spec? Regards KK On 13 January 2011 18:28, Masayoshi Kobayashimkoba...@stanford.edu wrote: KK, I thought about it a little. Why is the switch doing step 7? Because the action of pkt_out is OFPP_TABLE. (the packet in pkt_out does not match to the entry that is installed by flow_mod, since the matching entry says nw_proto=0). Masa On 01/13/2011 06:06 PM, kk yap wrote: Hi Srini, I thought about it a little. Why is the switch doing step 7? Anyway, I do agree that NOX is not handling malformed packets right. I have included an invalid field in the struct flow, and created a component that ignore invalid packets. If anyone will double-check and test the patches attached, I will push it. Regards KK On 13 January 2011 16:13, Srini Seetharamanseeth...@stanford.edu wrote: I explained this to KK in person. For others, here is the sequence of events: 1. Packet arrives with (nw_proto=6, tp_src=0, tp_dst=0). Store in bufid 'X' 2. flow.cc identifies that the arrived TCP packet is corrupted, and generates pkt_in event with flow structure having (nw_proto=0, tp_src=0, tp_dst=0) 3. Authenticator generates a flow_in with flow_in.flow being same as above 3. routing.cc generates a flow_mod for the flow_in with the match pattern defined using the fields of the flow_in.flow 4. Switch inserts a flow table entry for matching (nw_proto=0, tp_src=0, tp_dst=0) 5. routing.cc generates a pkt_out for the bufid 'X' with action = OFPP_TABLE 6. Switch notices that the packet in bufid 'X' has no matching flow table entry, because there is a mismatch on the nw_proto field 7. Switch generates a new pkt_in event 8. Go to step (2) This is the infinite loop. Srini. On Thu, Jan 13, 2011 at 1:08 PM, kk yapyap...@stanford.edu wrote: Hi Srini, I think you are fixing this in the wrong place. Putting nw_proto=0 does not cause an infinite loop. Where is the loop happening? Can you provide more detailed NOX output so that we can even start looking at this. Regards KK On 13 January 2011 11:02, Srini Seetharamanseeth...@stanford.edu wrote: We don't know who sent it, but it came from outside our network. If it is easy to take down a network by just sending 1 invalid packet, I'd be worried! On Thu, Jan 13, 2011 at 10:59 AM, kk yapyap...@stanford.edu wrote: Hi Srini, What is this packet? The length of TCP is zero?!?! I wish to understand the circumstance for which we are getting the packet before commenting on the right way to handle this. Regards KK On 13 January 2011 10:38, Srini Seetharamanseeth...@stanford.edu wrote: When someone sends the attached packet to a switch, it generates an infinite loop of packet_ins in our production network. This is because this incoming tcp packet has nw_proto=6 and tcp port numbers of 0, but outgoing flow_mod has nw_proto of 0 and tcp port numbers of 0. So, the packet_out generates a new packet_in and this loop continues forever. I see the following code in src/lib/flow.cc (both in NOX-Zaku and SNAC). I believe this is what is causing the nw_proto to be 0 in the flow_mod. I'm not sure who wrote that piece of code. This is not handling corrupted packets well and rejecting this packet as a invalid TCP packet. Does anyone see problems with removing the else clause? if (nw_proto ==
[nox-dev] Handling corrupted TCP header
When someone sends the attached packet to a switch, it generates an
infinite loop of packet_ins in our production network. This is because
this incoming tcp packet has nw_proto=6 and tcp port numbers of 0,
but outgoing flow_mod has nw_proto of 0 and tcp port numbers of 0.
So, the packet_out generates a new packet_in and this loop continues
forever.
I see the following code in src/lib/flow.cc (both in NOX-Zaku and
SNAC). I believe this is what is causing the nw_proto to be 0 in the
flow_mod. I'm not sure who wrote that piece of code. This is not
handling corrupted packets well and rejecting this packet as a invalid
TCP packet. Does anyone see problems with removing the else clause?
if (nw_proto == ip_::proto::TCP) {
const tcp_header *tcp = pull_tcp(b);
if (tcp) {
tp_src = tcp-tcp_src;
tp_dst = tcp-tcp_dst;
} else {
/* Avoid tricking other code into thinking that
* this packet has an L4 header. */
nw_proto = 0;
}
}
FYI, pull_tcp is defined as below:
static const tcp_header * pull_tcp(Buffer b)
{
if (const tcp_header *tcp = b.try_attcp_header(0)) {
int tcp_len = TCP_OFFSET(tcp-tcp_ctl) * 4;
if (tcp_len = sizeof *tcp) {
return reinterpret_castconst tcp_header*(b.try_pull(tcp_len));
}
}
return 0;
}
attachment: packet_with_bad_tcp_offset.PNG___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Handling corrupted TCP header
We don't know who sent it, but it came from outside our network. If it
is easy to take down a network by just sending 1 invalid packet, I'd
be worried!
On Thu, Jan 13, 2011 at 10:59 AM, kk yap yap...@stanford.edu wrote:
Hi Srini,
What is this packet? The length of TCP is zero?!?! I wish to
understand the circumstance for which we are getting the packet before
commenting on the right way to handle this.
Regards
KK
On 13 January 2011 10:38, Srini Seetharaman seeth...@stanford.edu wrote:
When someone sends the attached packet to a switch, it generates an
infinite loop of packet_ins in our production network. This is because
this incoming tcp packet has nw_proto=6 and tcp port numbers of 0,
but outgoing flow_mod has nw_proto of 0 and tcp port numbers of 0.
So, the packet_out generates a new packet_in and this loop continues
forever.
I see the following code in src/lib/flow.cc (both in NOX-Zaku and
SNAC). I believe this is what is causing the nw_proto to be 0 in the
flow_mod. I'm not sure who wrote that piece of code. This is not
handling corrupted packets well and rejecting this packet as a invalid
TCP packet. Does anyone see problems with removing the else clause?
if (nw_proto == ip_::proto::TCP) {
const tcp_header *tcp = pull_tcp(b);
if (tcp) {
tp_src = tcp-tcp_src;
tp_dst = tcp-tcp_dst;
} else {
/* Avoid tricking other code into thinking that
* this packet has an L4 header. */
nw_proto = 0;
}
}
FYI, pull_tcp is defined as below:
static const tcp_header * pull_tcp(Buffer b)
{
if (const tcp_header *tcp = b.try_attcp_header(0)) {
int tcp_len = TCP_OFFSET(tcp-tcp_ctl) * 4;
if (tcp_len = sizeof *tcp) {
return reinterpret_castconst
tcp_header*(b.try_pull(tcp_len));
}
}
return 0;
}
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] dl_vlan not correct?
Hi Aaron
Only pure-OF switches (like Pronto switch with Indigo firmware) will
send the VLAN tag to the controller. With others, the tag is usually
added / stripped by the VLAN configs on the switch. So, you'll not get
to see them.
Srini.
On Wed, Jan 5, 2011 at 2:23 PM, Aaron Rosen aro...@clemson.edu wrote:
Hello,
I'm trying to extract the dl_vlan value from packets on a trunk port. When I
plug my computer into the trunk port and run tcpdump I see the correct
802.1Q values. Though when I attach this port to my openflow switch (running
the pronto firmware) I can't get the correct values at my controller.
In my controller I'm running these few lines of code to print out what's in
the packet.
test = extract_flow(packet)
print test.keys()
print test.values()
From this: I'm getting the following output
['dl_type', 'nw_dst', 'dl_vlan_pcp', 'dl_src', 'nw_proto', 'nw_tos',
'tp_dst', 'tp_src', 'dl_dst', 'dl_vlan', 'nw_src']
[2048, 4294967295, 0, array('B', [0, 27, 177, 2, 100, 167]), 17, 0, 698,
698, array('B', [255, 255, 255, 255, 255, 255]), 65535, 2189371010]
I'm getting 65535 for every packet and that is not correct from what I'm
seeing with tcpdump and not what I'm expecting.
Can someone point out where I'm going wrong.
Thanks,
Aaron
--
Aaron O. Rosen
Masters Student - Network Communication
306B Fluor Daniel
843.425.9777
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] dl_vlan not correct?
I'm a bit confused by what you see with Indigo. Here's what I said:
- HP switch: Packet_ins seen at the controller will not have the VLAN
tag, but outgoing packets in the dataplane will have the appropriate
tag.
- Indigo switch: Packet_ins seen at the controller will have the VLAN
tag if tagged packets are sent to it. For outgoing packets to have the
tag, the controller has to add the tag (as an additional action).
On Wed, Jan 5, 2011 at 2:37 PM, Aaron Rosen aro...@clemson.edu wrote:
Hi Srini,
In my topology I have an HP switch which I have configured a port to tag
several vlans. If I plug my laptop into this port I'm able to see the
correct vlan values. Now If I plug a switch into this port that is running
the indigo firmware when the controller gets the packets I'm seeing 0x
as the value instead of the correct value I see with my laptop using
wireshark.
(According to your response this should be fine? )
Aaron
On Wed, Jan 5, 2011 at 5:31 PM, Srini Seetharaman seeth...@stanford.edu
wrote:
Hi Aaron
Only pure-OF switches (like Pronto switch with Indigo firmware) will
send the VLAN tag to the controller. With others, the tag is usually
added / stripped by the VLAN configs on the switch. So, you'll not get
to see them.
Srini.
On Wed, Jan 5, 2011 at 2:23 PM, Aaron Rosen aro...@clemson.edu wrote:
Hello,
I'm trying to extract the dl_vlan value from packets on a trunk port.
When I
plug my computer into the trunk port and run tcpdump I see the correct
802.1Q values. Though when I attach this port to my openflow switch
(running
the pronto firmware) I can't get the correct values at my controller.
In my controller I'm running these few lines of code to print out what's
in
the packet.
test = extract_flow(packet)
print test.keys()
print test.values()
From this: I'm getting the following output
['dl_type', 'nw_dst', 'dl_vlan_pcp', 'dl_src', 'nw_proto', 'nw_tos',
'tp_dst', 'tp_src', 'dl_dst', 'dl_vlan', 'nw_src']
[2048, 4294967295, 0, array('B', [0, 27, 177, 2, 100, 167]), 17, 0, 698,
698, array('B', [255, 255, 255, 255, 255, 255]), 65535, 2189371010]
I'm getting 65535 for every packet and that is not correct from what I'm
seeing with tcpdump and not what I'm expecting.
Can someone point out where I'm going wrong.
Thanks,
Aaron
--
Aaron O. Rosen
Masters Student - Network Communication
306B Fluor Daniel
843.425.9777
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
--
Aaron O. Rosen
Masters Student - Network Communication
306B Fluor Daniel
843.425.9777
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] how to break loop?
Hi Xiefeng I believe the routing module will find the unique shortest path when there is a loop. However, it will cause a broadcast storm when the packet needs a FLOOD action. Please try using the spanning tree module to resolve the loop: http://www.openflowswitch.org/wk/index.php/Basic_Spanning_Tree On Thu, Dec 23, 2010 at 1:36 AM, 谢峰 xiefen...@gmail.com wrote: Hi, all If the network topology with a loop, the routing module can't calculate the shortest path exactly. So it will cause problem, how to solve it? xiefeng ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Setting up flows at startup
Hi Fengxie Please look in src/nox/netapps/discovery/discovery.py for the phrase link detected. That discovery module keeps track of the topology by sending our LLDPs. Srini. On Thu, Dec 16, 2010 at 3:58 AM, 谢峰 xiefen...@gmail.com wrote: Hello, Akbar, Murphy I want to dump the topology so that I can see the topology in the console. how should I do? Can I add some code into the routing.cc file, but I don't know exactly what the detailed nodes information stored in. Can you help me. thanks. regards fengxie 2010/12/16 Syed Akbar Mehdi akbar.me...@seecs.nust.edu.pk Thanks Murphy. This makes more sense, since datapaths may connect and leave at various times. On Thu, Dec 16, 2010 at 4:38 PM, Murphy McCauley jam...@nau.edu wrote: Welcome to nox-dev, Akbar. You should actually do this when the switches connect (in response to the datapath join event) rather than at NOX/component startup, as the switches won't have connected at that point. -- Murphy On Dec 16, 2010, at 3:19 AM, Syed Akbar Mehdi wrote: Hi, I am writing Nox components using C++. I want to install some 'default' flows at startup (e.g. if I want to say that all ARP packets should be sent to the controller). I understand that I should probably put the relevant code in either configure() or install() (which one should it be?). How do I get the IDs of all datapaths that are connected to the controller when initialize() or configure() is called for a component? Regards, Akbar ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org -- Feng Xie Ph.D. Candidate Network Security Lab, Research Institute of Information Technology Tsinghua National Laboratory for Information Science and Technology Dept. of Automation, Tsinghua Univ., Beijing, China, 100084. Tel.: +86-010-6277-2656 Email: xiefen...@gmail.com ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] dump the topology in the console
Hi Fengxie Please look in src/nox/netapps/discovery/discovery.py for the phrase link detected. That discovery module keeps track of the topology by sending out LLDPs. Srini. On Thu, Dec 16, 2010 at 6:02 AM, 谢峰 xiefen...@gmail.com wrote: Hello, all, I want to dump the topology so that I can see the topology in the console. how should I do? Should I add some codes into the routing.cc or nox_main.cc file, but I don't know exactly what the detailed nodes information stored in. Can anybody help me. thanks. regards fengxie -- Feng Xie Ph.D. Candidate Network Security Lab, Research Institute of Information Technology Tsinghua National Laboratory for Information Science and Technology Dept. of Automation, Tsinghua Univ., Beijing, China, 100084. Tel.: +86-010-6277-2656 Email: xiefen...@gmail.com ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] how to creat a topology?
Hi FengXie You may want to use mininet to achieve the scale you need: http://www.openflowswitch.org/foswiki/bin/view/OpenFlow/Mininet On Mon, Dec 13, 2010 at 7:45 AM, 谢峰 xiefen...@gmail.com wrote: Hi all, I want to do some experiments to test the performance of the routing algorithm that nox routing component used. so I need a huge topology with a lot of switchs and hosts. Is anyone knows how to add switchs and hosts manually. thanks! FengXie ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Error feedback from adding flows
There seems to be Error_event that is thrown. Maybe you can bind a handler for that. For the details of Error_event, please see include/error-event.hh On Fri, Dec 10, 2010 at 12:12 AM, Derek Cormier derek.corm...@lab.ntt.co.jp wrote: Hello, I'm looking for a way to see if adding a flow failed. In the OpenFlow protocol, it says an ofp_error_msg message is returned. Is there any event I can register for to catch this? I would also like to catch an error of type OFPET_FLOW_MOD_FAILED. I'm using a python component. Thanks! -Derek ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] working of switch api on link failure
Pardon my laziness in not reading the patches. I am confused here. Two points: 1) Switch does not depend on topology or discovery, so how do you get link failure? Oh, with switch, I use the port_status_change event and clear flow rules (and the archived Mac_source for the port). 2) There is no spanning tree implementation in NOX (distributed by default), i.e., you cannot have a redundant network with NOX. So, how can you possibly hope to find the host on a different route when a link failure occurs? On that note, why does handling link failure even matters? If a silent host (connected to port X) had moved to port Y, then your table will still think the host is located on port X. Even if there existed a chance of reaching host thro' port Y, the controller won't really try that. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] working of switch api on link failure
Sachin brought up a valid point that the switch and routing modules are lacking on actions to take when a port or link goes down. Note that the code available right now in NOX may cause packet loss if the dst host moved to a new location and stays silent at the new location (Ageing or host table flushing needs to be implemented for this to work) Whether you want MAC entries to expire like a learning switch, or whether you want to proactively flush out entries made, is left to you. The code for the latter is in the patch I mailed earlier. Thanks Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Hosts with Same IP
HI Rohit I'm not sure if this is a question appropriate to the nox-dev list. I believe the list is intended for questions regarding developing over NOX. You may want to lookup a previous work called Plug-n-serve, followed by an improved system called Aster*x, that builds a server farm with all hosts having same alias IP address, while having different MAC address. To achieve what you are suggesting, you might have to rewrite MAC addresses at the gateway point instead of trying to use ARP revocation to change the MAC address for each request. Srini. On Wed, Nov 17, 2010 at 10:37 AM, Rohit Manohar rdman...@ncsu.edu wrote: I am trying to simulate Server-Load Distribution. I have a farm of host behind a switch who should be addressable by a single IP because they are part of the same server service advertised to the outside world. The switch will decide which flow to assign to which host depending upon the link utilization of the hosts. So, during the topology setup, can I assign the same IP address to the farm of hosts? Regards, -- Rohit Manohar Graduate Student North Carolina State University Raleigh, US. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Flow Table Eviction Policy
You are right, the switch sends back a OFPFMFC_ALL_TABLES_FULL error message to the controller. The controller can either choose to delete some of the flows, or it can just wait for some of the flows to naturally expire before sending new flow_mods. On Tue, Oct 26, 2010 at 7:16 PM, aza...@cs.toronto.edu wrote: Hi, Is there a defined way the switches for the switches to respond if the flow table is already full or is the response just an error the table is full and then the controller needs to handle that gracefully by choosing a flow to remove? Thanks, Adam ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Version Problem
Hi Rohit Did you say you're using OpenFlow 1.0 for the switch? Which branch/repo of NOX did you install? On Sun, Nov 14, 2010 at 7:02 PM, Rohit Manohar rdman...@ncsu.edu wrote: I have installed nox and want to use a virtual testing environment using qemu. I have used Openflow1.0 to make the nox controller. When I try ./secchan nl:0 tcp:10.0.2.2:2525 I get an error 'Version Negotiation failed. We support version 0x97 to 0x97 inclusive but peer supports no later than version 0x01. Which version on openflow should I use to make the nox-contorller? -- Rohit Manohar Graduate Student North Carolina State University Raleigh, US. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] [openflow-discuss] discovery errors using nox destiny as a learning switch with flowvisor 0.6.4 and HP switches in VLAN aggregation mode
Hi KK/Chris This patch by itself won't work because it doesn't keep track of VLAN IDs to reuse in the packet_out for the LLDP. Let me rewrite one for that and send you after testing it in our HP network in Flashlab. Srini. On Fri, Nov 12, 2010 at 1:48 PM, kk yap yap...@stanford.edu wrote: Hi, I must say this patch sits very much on the gray zone. I personally think we can take it in as long as it does not affect other switch implementation. Of course, I am assuming discovery will not use VLAN tag for other purposes here. I am happy to push this as long as I can have someone else's stamp of approval. Srini, once we are a working patch, i.e., one without error. Do send that for commit review. Regards KK ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Adding flow entry
Hi Sachin If you are looking to just create entries without writing any NOX code, then you need to use dpctl. Please do following: $ git clone git://openflowswitch.org/openflow.git $ cd openflow $ git checkout -b of1.0 origin/release/1.0.0 $ ./boot.sh; ./configure; make $ cd utilities $ ./dpctl --help (To see list of commands) $ ./dpctl command tcp:switch:listener_port ...where the OpenVSwitch datapath was started with ptcp:listener_port option. You can use this command to write entries (add-flow) Srini. On Thu, Oct 14, 2010 at 2:19 AM, sachin sharma sharon_sac...@yahoo.co.in wrote: Dear All, I have connected one nox (version number 0.6) to two openVswitch ( Version 1.0). I am interested to create centralized nox where it can add or delete flow entries to both the switches. Now for this initial phase, I am interested to write entries related to each switch manually without any control plane algorithm. So, how can I do this? Is there a specific command to do that or I would have to write a code in nox related to each switch? Many thanks in advance for the answer! Best Regards, Sachin Sharma ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] discovery
Hi Ali
The following three lines in the code ensure that the HP isn't
dropping the LLDP packets. So, it is not that issue.
# To insure that the LLDP src mac address is not a multicast
# address, since we have no control on choice of dpid
eth.src = '\x00' + struct.pack('!Q',dpid)[3:8]
1. Creates a lldp packet with the 6 least significant bytes of the dpid as a
tlv (see line 65 and 66 of discovery.py).
2. The received lldp packet's tlv field is then used to compute a chassis id
(line 276), this chassis id is only 6 bytes long
You are right. The problem is that you are unable to associate
multiple Openflow instances on the same HP switch with the same
controller because the TLV contains only the least significant 48
bits. I thought this was solved with NOX-destiny branch which has
support for 64 bit dpid. I'll let the NOX team put in the patch.
Also, I noticed that the switchstats.py in the switchstats component has the
following call:
self.ctxt.send_port_stats_request(dp)
Shouldn't this call be:
self.ctxt.send_port_stats_request(dp, openflow.OFPP_NONE)
I believe the default value of OFPP_NONE for the second argument is
set elsewhere.
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] NOX performance benchmarks
Hi Nikhil If you want a program to benchmark controller, checkout cbench: http://openflow.org/wk/index.php/GEC8Tutorial#Benchmark_Your_Controller On Mon, Sep 6, 2010 at 9:49 PM, Martin Casado cas...@nicira.com wrote: Hey Nikhil, A few things to consider. - Nox is *not* a very efficient controller. The event model using argument binding and function pointers adds a lot of overhead, and significant time is wasted checking fd's which don't have any events pending. There are other scalability limitations as the number of active OpenFlow connections increases over a few hundred. If you want to test against a more efficient controller, the trivial C controller shipped with the reference solution and Open vSwitch is probably your best bet. - Both event processing latency, and throughput are useful metrics for an OpenFlow controller. Latency provides and indication of how fast a controller can respond to a single event. And throughput is useful to understand how the controller handles load. Amin Tootoonchian has done some pretty interesting latency work with Nox in which he was able to get something like 17us end-to-end latency using a tickless kernel with high-fidelity timers. Throughput with Nox is definitely CPU limited and can only be test with multiple active OpenFlow connections. - Single instance throughput is probably not a very interesting metric for most real deployment environments. Latency, and the ability for the controller to scale-out are more germane measurements. Testing the latter is difficult because it converges on the consistency overhead of the control logic implemented using the controller, and not the controller platform itself. .martin Hi, I'm looking for a way to do an apples-to-apples comparison of the performance of various controllers out there. From what I have heard NOX is a very efficient controller with some impressive performance numbers. Are there standard benchmark tools that are used to evaluate the performance of NOX? If so, are they publicly available? Thanks, Nikhil ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Sample application that is interactive
Hi Ian A few demos are public: http://www.openflowswitch.org/wk/index.php/OpenRoads_%28n-casting%29 http://www.openflowswitch.org/wk/index.php/Aggregation They all use the OpenFlow GUI: http://www.openflowswitch.org/wp/gui/ But depending on what exactly you're looking for, it might be simplest if you start from scratch with a controller app that takes simple keyboard input. Srini. On Wed, Aug 25, 2010 at 12:52 PM, Ian Ku ia...@cs.ucla.edu wrote: Hi KK, Thanks for the quick response! Are those demos currently open for download? If so, what are they called and where can I take a look at them:) SNAC is probably not an option now since I still need to change the logic of my own NOX component, and was wondering if there is a way I can let the component do different things based on some user input. Thanks again:) Ian On Wed, Aug 25, 2010 at 12:17 PM, kk yap yap...@stanford.edu wrote: Hi Ian, We have constructed demos that interact with the demos. Or you can look at SNAC. Regards KK PS I am wondering what is the correct mailing list for this question, since nox-dev is really mainly used by NOX developers. On 25 August 2010 10:22, Ian Ku ia...@cs.ucla.edu wrote: Hi all, I was wondering if there is any sample application that is interactive, i.e. a application that accepts user input to add/remove flow entries. If no, are there any suggestions/guild-lines in which how such an application can be done? Thanks! Ian Ku ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Nox + Invalid Ethernet Addr
Thanks, Michael, for sending the pcap and the debugging info offline.
I believe we may have uncovered a NOX bug. I'll let KK and team
confirm that.
The source address you have translates to:
val=array.array('B', [0, 48, 5, 204, 90, 232])
val = val.tostring()
val
'\x000\x05\xccZ\xe8'
The destination MAC addr you have translates to:
val=array.array('B', [0, 38, 85, 218, 58, 64])
val = val.tostring()
val
'\x00U\xda:@'
Unfortunately, the destination MAC address has a : character in
binary. This causes NOX to incorrectly interpret this val string as a
text (instead of binary) at Line 78 of src/nox/lib/util.py, and then
perform a text conversation (instead of binary). This leads to the
invalid ethernet address.
KK and team will patch this. In the meantime, please try the hacky
patch that I mailed you and write back to the list if that solves your
problem.
Thanks
Srini.
___
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] problem in installation snac contoller
ar...@parham-lab1:~$ sudo aptitude install libboost-filesystem1.34.1 [sudo] password for parham: Reading package lists... Done Building dependency tree Reading state information... Done Reading extended state information Initialising package states... Done Writing extended state information... Done No candidate version found for libboost-filesystem1.34.1 No candidate version found for libboost-filesystem1.34.1 Unfortunately, SNAC has a hard dependency on libboost-filesystem1.34.1. Thus, we encourage users to run SNAC on Debian systems with this package or Ubuntu 9.10. It does not support Ubuntu 10+ at this point. We will let you know once we figure out any another workaround. Setting up openflow-pki (0.8.9-rev4) ... /usr/local/bin/ofp-pki: /usr/local/share/openflow/pki already exists and --force not specified dpkg: error processing openflow-pki (--configure): subprocess installed post-installation script returned error exit status 1 Errors were encountered while processing: openflow-pki E: Sub-process /usr/bin/dpkg returned an error code (1) A package failed to install. Trying to recover: Setting up openflow-pki (0.8.9-rev4) ... /usr/local/bin/ofp-pki: /usr/local/share/openflow/pki already exists and --force not specified The openflow-pki is already installed at the location mentioned. What James suggest should help get over this issue. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] Nox controller to control mutliple Vlans
This is a problem caused because NOX uses only the 48 least significant bits of the datapathid, and in HP switches the datapathid of each VLAN differs only in the most significant bit. Jean (HP) might be able to provide a firmware to bypass this issue. On Fri, Jun 18, 2010 at 8:23 AM, Niky Riga nr...@bbn.com wrote: Hi, I am trying to setup a test but I am not sure the setup is valid. What I want to do, is have multiple Vlans being controlled by the same controller, so that we can switch packets between different Vlans. We have an HP switch. After creating the Vlans, we pointed each vlan to the same controller. What I see in the controller is that the switch registers for a specific Vlan, and when it tries to register again for a different Vlan it uses the same dpid and thus unregister and registers for the other Vlan(i.e. for a separate set of ports). Each switch, at any point in time is registered for only one Vlan. Is this the intended behavior, or there is misconfiguration somewhere? It seems that it should be possible that the same controller, can control different Vlans, somehow Thanks, Niky Riga ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
Re: [nox-dev] A question regarding Authenticator module
Just to add to Guanyao's observations: I wanted to mention that the host having two bindings is something we run across often in our Stanford setup. However, we notice it only when the topology is changed during runtime. Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
[nox-dev] Routing with NOX0.6
I notice that the routing module is behaving differently with NOX0.6 causing each switch en route to generate independent packet_ins, while NOX0.4 generates only 1 packet_in. This behavior incurs higher flow setup time. I have a topology of client - hpsw3 - hpsw1 - server . I performed a wget operation from client to server. Following is the control traffic sent/received by the controller (Timestamp was what my tcpdump captured): 1266984715.446715 PACKET_IN hpsw3 1266984715.446895 FLOW_MODhpsw3 1266984715.446936 PACKET_OUT hpsw3 1266984715.452756 PACKET_IN hpsw1 1266984715.452913 FLOW_MODhpsw1 1266984715.452937 PACKET_OUT hpsw1 Ideally, I would've expected to see the controller to push out the second FLOW_MOD soon enough (and not 6 ms after the PACKET_OUT). When I use NOX0.4, the action sequence is: 1266987591.116579PACKET_INhpsw3 1266987591.116725FLOW_MOD hpsw3 1266987591.116755FLOW_MOD hpsw1 1266987591.116787PACKET_OUT hpsw3 Any idea if there is a code change? Thanks Srini. ___ nox-dev mailing list nox-dev@noxrepo.org http://noxrepo.org/mailman/listinfo/nox-dev_noxrepo.org
