Re: [Ryu-devel] TLS fails, **ssl_args empty
On Fri, 15 Nov 2019 00:53:35 +0900,
William Stout wrote:
> Tried on Ubuntu 18.04/16.04, Python 3.6/2.7 with Ryu 4.34
> Set up TLS according the latest Ryu readthedocs, using five ovs bridges.
> Tested PKI with ovs-testcontroller, everything works.
> When using Ryu with same PKI, only the first switch connects, all others fail
> citing "no certfile for server side."
>
> I added some print statements to hub.py and controller.py (FUNC, ARGS,
> KWARGS, etc..); I've boldfaced the ssl_args for the and
> attempted connections.
>
>
> FUNC .wrap_and_handle at
> 0x7f5ea6053730>
> ARGS (,
> ('172.16.0.4', 36972))
> KWARGS {}
> SSL_ARGS {'server_side': True}
> hub: uncaught exception: Traceback (most recent call last):
> File "/home/wmstout/.local/lib/python3.6/site-packages/ryu/lib/hub.py",
> line 63, in _launch
> return func(*args, **kwargs)
> File "/home/wmstout/.local/lib/python3.6/site-packages/ryu/lib/hub.py",
> line 146, in wrap_and_handle
> handle(ssl.wrap_socket(sock, **ssl_args), addr)
> File
> "/home/wmstout/.local/lib/python3.6/site-packages/eventlet/green/ssl.py",
> line 415, in wrap_socket
> return GreenSSLSocket(sock, *a, **kw)
> File
> "/home/wmstout/.local/lib/python3.6/site-packages/eventlet/green/ssl.py",
> line 106, in __init__
> ca_certs, do_handshake_on_connect and six.PY2, *args, **kw)
> File "/usr/lib/python3.6/ssl.py", line 739, in __init__
> raise ValueError("certfile must be specified for server-side "
> ValueError: certfile must be specified for server-side operations
As written in the error message, you need to supply a certfile.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Bug Report on using RYU and Open vSwitch
On Sat, 28 Sep 2019 11:15:54 +0900, Jiahao Cao wrote: > > [1 ] > [1.1 ] > Dear Sir or Madam, >I am a Ph.D. student studying on SDN. I have been using several >SDN controllers including RYU to conduct my research. Recently, I >find a possible bug when conducting my experiments with RYU and >Open vSwitch (OVS). If the controller sends a flow-mod message to >install flow rules and meanwhile releases a buffered packet in >switches (Here, the buffered packet is due to previous packet-in >messages), the buffered packet can be directly forwarded >according to the actions in the flow rule no matter whether the >buffered packet matches the match fields. The bug may decrease >the robustness on forwarding flows in SDN. As the bug can only be >triggered by the controller, fixing the bug may require adding >extra checking in the controller or in the switch. I put the >detailed description in the attachment. Have you checked this? https://github.com/openvswitch/ovs/commit/c184807ce As written in the commit diff, your controller must read the entire packet within a packet-in message and send it back as a packet-out message. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Using Ryu ActionCT
On Mon, 13 May 2019 22:20:01 +0900, Muhammad Tauseef Khan wrote: > > Hi, > I have been trying to use conntrack with RYU and I am experiencing the > following error messages. I am using a simple match statement and the > ActionCT as given on the Ryu's documents page but that is giving me the > following errors. I have tried using ovs verion 2.10 as well but no success. > Could you please give me an example working code that I can use? I guess you are hitting this error. https://github.com/openvswitch/ovs/blob/d58b59c17c70137aebdde37d3c01c26a26b28519/lib/ofp-actions.c#L6467 Specifing a 16 bit value zone_ofs_nbits (or simply omitting the entire zone thing) should fix the problem. > 1. EVENT ofp_event->SimpleSwitch13 EventOFPPacketIn > 2. packet in 2 00:00:00:00:00:04 00:00:00:00:00:03 2 > 3. EventOFPErrorMsg received. > 4. version=0x4, msg_type=0x1, msg_len=0x9c, xid=0xb3115c64 > 5. `-- msg_type: OFPT_ERROR(1) > 6. OFPErrorMsg(type=0x2, code=0xe, > data=b'\x04\x0e\x00\x90\xb3\x11\x5c\x64\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\xff\xff\xff\xff\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x00\x01\x00\x0a\x80\x00\x0a\x02\x08\x00\x00\x00\x00\x00\x00\x00\x00\x04\x00\x50\x00\x00\x00\x00\x00\x00\x00\x10\x00\x00\x00\x03\xff\xe5\x00\x00\x00\x00\x00\x00\xff\xff\x00\x38\x00\x00\x23\x20\x00\x23\x00\x01\x00\x01\x00\x04\x01\x1b\xff\x00\x00\x00\x00\x00\xff\xff\x00\x20\x00\x00\x23\x20\x00\x24\x00\x00\x00\x01\x00\x33\x0a\x01\x0c\x00\x0a\x01\x0d\xff\x00\x01\x03\xff\x00\x00\x00\x00') > 7. |-- type: OFPET_BAD_ACTION(2) > 8. |-- code: OFPBAC_BAD_SET_LEN(14) > 9. `-- data: version=0x4, msg_type=0xe, msg_len=0x90, xid=0xb3115c64 > 10. `-- msg_type: OFPT_FLOW_MOD(14) > 11. EventOFPErrorMsg received. > > I just tried with a small change in this section and it didn't work. > 1. if dst in self.mac_to_port[dpid]: > 2. out_port = self.mac_to_port[dpid][dst] > 3. else: > 4. out_port = ofproto.OFPP_FLOOD > 5. > 6. > 7. actions = [parser.OFPActionOutput(out_port)] > 8. > 9. # install a flow to avoid packet_in next time > 10. if out_port != ofproto.OFPP_FLOOD: > 11. match = parser.OFPMatch(ct_state=(0, 32)) > 12. actions += [parser.NXActionCT( > 13. flags=1, > 14. zone_src="reg0", > 15. zone_ofs_nbits=nicira_ext.ofs_nbits(4, 31), > 16. recirc_table=4, > 17. alg=0, > 18. actions=[])] > 19. if msg.buffer_id != ofproto.OFP_NO_BUFFER: > 20. self.add_flow(datapath, 1, match, actions, msg.buffer_id) > 21. return > 22. else: > 23. self.add_flow(datapath, 1, match, actions) > > Thanks in advance and looking for help > Tauseef -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
[Ryu-devel] [PATCH 1/1] Choose the highest TLS version
Please note that this is a stop-gap measure. Also add a basic SSL
server test.
Co-authored-by: alex
Signed-off-by: IWAMOTO Toshihiro
---
ryu/controller/controller.py | 23 +---
ryu/lib/hub.py | 13 ++-
ryu/tests/unit/controller/cert.crt | 21 +++
ryu/tests/unit/controller/cert.key | 28 +++
ryu/tests/unit/controller/test_controller.py | 52
5 files changed, 132 insertions(+), 5 deletions(-)
create mode 100644 ryu/tests/unit/controller/cert.crt
create mode 100644 ryu/tests/unit/controller/cert.key
diff --git a/ryu/controller/controller.py b/ryu/controller/controller.py
index 62135339..b3d2d35b 100644
--- a/ryu/controller/controller.py
+++ b/ryu/controller/controller.py
@@ -165,6 +165,23 @@ class OpenFlowController(object):
def server_loop(self, ofp_tcp_listen_port, ofp_ssl_listen_port):
if CONF.ctl_privkey is not None and CONF.ctl_cert is not None:
+if not hasattr(ssl, 'SSLContext'):
+# anything less than python 2.7.9 supports only TLSv1
+# or less, thus we choose TLSv1
+ssl_args = {'ssl_version': ssl.PROTOCOL_TLSv1}
+else:
+# from 2.7.9 and versions 3.4+ ssl context creation is
+# supported. Protocol_TLS from 2.7.13 and from 3.5.3
+# replaced SSLv23. Functionality is similar.
+if hasattr(ssl, 'PROTOCOL_TLS'):
+p = 'PROTOCOL_TLS'
+else:
+p = 'PROTOCOL_SSLv23'
+
+ssl_args = {'ssl_ctx': ssl.SSLContext(getattr(ssl, p))}
+# Restrict non-safe versions
+ssl_args['ssl_ctx'].options |= ssl.OP_NO_SSLv3 |
ssl.OP_NO_SSLv2
+
if CONF.ca_certs is not None:
server = StreamServer((CONF.ofp_listen_host,
ofp_ssl_listen_port),
@@ -172,15 +189,13 @@ class OpenFlowController(object):
keyfile=CONF.ctl_privkey,
certfile=CONF.ctl_cert,
cert_reqs=ssl.CERT_REQUIRED,
- ca_certs=CONF.ca_certs,
- ssl_version=ssl.PROTOCOL_TLSv1)
+ ca_certs=CONF.ca_certs, **ssl_args)
else:
server = StreamServer((CONF.ofp_listen_host,
ofp_ssl_listen_port),
datapath_connection_factory,
keyfile=CONF.ctl_privkey,
- certfile=CONF.ctl_cert,
- ssl_version=ssl.PROTOCOL_TLSv1)
+ certfile=CONF.ctl_cert, **ssl_args)
else:
server = StreamServer((CONF.ofp_listen_host,
ofp_tcp_listen_port),
diff --git a/ryu/lib/hub.py b/ryu/lib/hub.py
index bd15fc89..e847f656 100644
--- a/ryu/lib/hub.py
+++ b/ryu/lib/hub.py
@@ -42,6 +42,7 @@ if HUB_TYPE == 'eventlet':
import ssl
import socket
import traceback
+import sys
getcurrent = eventlet.getcurrent
patch = eventlet.monkey_patch
@@ -128,7 +129,17 @@ if HUB_TYPE == 'eventlet':
if ssl_args:
def wrap_and_handle(sock, addr):
ssl_args.setdefault('server_side', True)
-handle(ssl.wrap_socket(sock, **ssl_args), addr)
+if 'ssl_ctx' in ssl_args:
+ctx = ssl_args.pop('ssl_ctx')
+ctx.load_cert_chain(ssl_args.pop('certfile'),
+ssl_args.pop('keyfile'))
+if 'cert_reqs' in ssl_args:
+ctx.verify_mode = ssl_args.pop('cert_reqs')
+if 'ca_certs' in ssl_args:
+ctx.load_verify_locations(ssl_args.pop('ca_certs'))
+handle(ctx.wrap_socket(sock, **ssl_args), addr)
+else:
+handle(ssl.wrap_socket(sock, **ssl_args), addr)
self.handle = wrap_and_handle
else:
diff --git a/ryu/tests/unit/controller/cert.crt
b/ryu/tests/unit/controller/cert.crt
new file mode 100644
index ..e1b2afc4
--- /dev/null
+++ b/ryu/tests/unit/controller/cert.crt
@@ -0,0 +1,21 @@
+-BEGIN CERTIFICATE-
+MIIDaDCCAlCgAwIBAgIJAKL09YuU92JPMA0GCSqGSIb3DQEBCwUAMEgxCzAJBgNV
+BAYTAkpQMRMwEQYDVQQIDApTb21lLVN0YXRlMSQwIgYDVQQKDBtSeXUgU0ROIEZy
+YW1ld29yayBDb21tdW5pdHkwIBcNMTkwMzI1MDE1NzQzWhgPMjI5MzAxMDYwMTU3
+NDNaMEgxCzAJBgNVBAYTAkpQMRMwEQYDVQQIDApTb21lLVN0YXRlMSQwIgYDVQQK
+DBtSeXUgU0ROIEZyYW1ld29yayBDb21tdW5pdHkwggEiMA0GCSqGSIb3DQEBAQUA
+A4IBDwAwggEKAoIBAQDLT29
[Ryu-devel] [PATCH 0/1] Choose the highest TLS version
This patch is based on a patch posted by alex in the mailing list in February. It uses the new ssl library API if possible and try to use a secure TLS version. alex, are you fine with this patch? IWAMOTO Toshihiro (1): Choose the highest TLS version ryu/controller/controller.py | 23 +--- ryu/lib/hub.py | 13 ++- ryu/tests/unit/controller/cert.crt | 21 +++ ryu/tests/unit/controller/cert.key | 28 +++ ryu/tests/unit/controller/test_controller.py | 52 5 files changed, 132 insertions(+), 5 deletions(-) create mode 100644 ryu/tests/unit/controller/cert.crt create mode 100644 ryu/tests/unit/controller/cert.key -- 2.11.0 ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Topology discovery for multidomain controllers
On Wed, 20 Mar 2019 07:35:02 +0900, willian C wrote: > I am new to Ryu and studying about how to perform topology discovery for > multidomain controllers. It would be helpful if anyone could provide a > hint/solution. Have you checked this? https://ryu.readthedocs.io/en/latest/gui.html I cannot provide useful advice for the multidomain thing, though. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Something about link bandwidth
On Sat, 16 Mar 2019 03:35:37 +0900, jiahaoPlus wrote: > > Hello, i want to use mininet and ryu to simulate a multicast algorithm. I > need to get the free link bandwidth of topology, but i didn’t find something > about it. Any good suggestions? You can get theoretical max bandwidth from ofp_port_desc or other methods, but I don't think there's a good way to measure packet rates in OpenFlow. OpenFlow can count numbers of packets in some duration, though. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu/Mininet link down (Stranger things)
On Thu, 14 Mar 2019 20:44:01 +0900, Jose Carlos Ferreira de Melo Junior wrote: > Something is not Right with Ryu and Mininet. > > Is there any possibility to ryu automatically add an one flow after a link > down on mininet > on a Ring Topology? > > What is weird to me is that, when a link is down I can't reach the hosts > but after some > seconds an ARP packet unexpectelly is sent and then a new flow > automatically is added > and finally I can reach all the hosts again. (???) > > > > How is that possible, I didn't do anything. There isn't any AI on ryu only > a DFS algorithm Is the controller-switch connection also disconnected when the link is down? If so, please check the fail_mode setting of your ovs switch. See ovs-vswitchd.conf.db(5) for details. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Fix the BW and Delay for Flow
On Tue, 12 Mar 2019 20:25:09 +0900, Munim Shabir wrote: > I need to set bandwidth and delay in ryu app for a flow based off external > parameter I'll pass later on. Can somebody pls point me to the right > direction. > This page may serve as a starting poirt. http://osrg.github.io/ryu-book/en/html/rest_qos.html -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu and IPv6
On Thu, 07 Mar 2019 16:48:21 +0900, Diarmuid O Briain wrote: > > [1 ] > [1.1 ] > Hi, > > I have Ryu control two switches, one is an OvS with a bridge into which is > connected a couple of BIRD routers. I have a number of physical routers > connected to a Netgear OpenFlow switch. I am doing nothing special, I match > on in_port, src_mac, dst_mac and add flows to both switches otherwise the > packet is sent out. > > >From an IPv4 perspective, things converge (slowly but they do) and the > physical routers establish peerings with the soft routers OK. In the case > of IPv6, however, it appears like that one physical router gets > connectivity with one soft router and the IPv6 address are not pingable for > the others let along setup BGP peerings. Are there particular got ya's > regarding the IPv6 multicast frames that need to be done? > > Note: I am not doing anything at the IP or IPv6 level in the switch_13.py > sub-class. The ryu simple_switch_13 thing seems to lack special handling for broadcast MAC addresses. I'm not sure if that's okay. Please check the values of SimpleSwitch13.mac_to_port and "ip neigh" results on these hosts. I guess that'll reveal something. > + - + > | IPv4 BGP State Table | > + + + --- + - + > | Server | Name | State | Info | > + + + --- + - + > | rs1| AS5111 | up | Established | > | | AS5222 | up | Established | > | | AS5333 | up | Established | > + + + --- + - + > | cs1| AS5111 | up | Established | > | | AS5222 | up | Established | > | | AS5333 | up | Established | > + + + --- + - + > | bs1| AS5111 | up | Established | > | | AS5222 | up | Established | > | | AS5333 | up | Established | > + + + --- + - + > > + - + > | IPv6 BGP State Table | > + + + --- + - + > | Server | Name | State | Info | > + + + --- + - + > | rs1| AS5111 | up | Established | > | | AS5222 | start | Connect | > | | AS5333 | start | Connect | > + + + --- + - + > | cs1| AS5111 | start | Connect | > | | AS5222 | start | Connect | > | | AS5333 | up | Established | > + + + --- + - + > | bs1| AS5111 | up | Established | > | | AS5222 | start | Connect | > | | AS5333 | start | Connect | > + + + --- + - + > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu controller struct.error when adding a new table flow
On Wed, 06 Mar 2019 23:56:06 +0900, Daniel Gomes wrote: > i'm writing a layer 4 switch application and i'm trying to do the > following: when a TCP/UDP packet is identified the application checks in a > local database to see if the packet parameters are from a known attacker > (source IP, destination IP , destination port). > > If the packet matches one logged in the attacker database a flow is added > to the switch to drop the specific packet (this flow has a duration of 2 > hours), if the packet doesn't match a flow is added to forward a specific > switch port (this flow has a duration of 5 minutes). > > For more information (full code) please visit my stack overflow question: > https://stackoverflow.com/questions/55013032/ryu-controller-struct-error-when-adding-a-new-table-flow This is happening while trying to struct.pack using ofproto.OFP_FLOW_MOD_PACK_STR0, which have three 'H's. You specified 432000 for hard_timeout. I think that is the cause. > The problem occurs when the controller is going to add the "security flow" > (the one with 2 hours of duration) : > > SimpleSwitch13: Exception occurred during handler processing. > Backtrace from offending handler [_packet_in_handler] servicing event > [EventOFPPacketIn] follows.Traceback (most recent call last):File > "/root/SecAPI/Code/lib/python3.5/site-packages/ryu/base/app_manager.py", > line 290, in _event_loop > handler(ev)File "/root/SecAPI/Flasks/Code/SDN/switchL3.py", line 237, > in _packet_in_handler > self.add_security_flow(datapath, 1, match, actions)File > "/root/SecAPI/Flasks/Code/SDN/switchL3.py", line 109, in > add_security_flow > datapath.send_msg(mod)File > "/root/SecAPI/Code/lib/python3.5/site-packages/ryu/controller/controller.py", > line 423, in send_msg > msg.serialize()File > "/root/SecAPI/Code/lib/python3.5/site-packages/ryu/ofproto/ofproto_parser.py", > line 270, in serialize > self._serialize_body()File > "/root/SecAPI/Code/lib/python3.5/site-packages/ryu/ofproto/ofproto_v1_3_parser.py", > line 2738, in _serialize_body > self.out_group, self.flags)File > "/root/SecAPI/Code/lib/python3.5/site-packages/ryu/lib/pack_utils.py", > line 25, in msg_pack_into > struct.pack_into(fmt, buf, offset, *args) > struct.error: 'H' format requires 0 <= number <= 65535 > > What am i doing wrong? Can someone please give me a light -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Packet parsing
On Wed, 06 Mar 2019 10:32:47 +0900, knet solutions wrote: > I am trying to parse the NDN header (UDP Application), inside my > application. > > As i understand from the lib(and existing packet parser code), payload is > passed as bytearray. > > > When i print the packet,i get the below traces. > > pkt = packet.Packet(msg.data) > self.logger.info(pkt) > > > ethernet(dst='be:15:43:a7:96:91',ethertype=2048,src='7a:27:88:05:5b:88'), > ipv4(csum=5878,dst='10.0.0.1',flags=0,header_length=5,identification=20297,offset=0,option=None,proto=17,src='10.0.0.2',tos=0,total_length=172,ttl=64,version=4), > udp(csum=25487,dst_port=6363,src_port=6363,total_length=152), > '\x05\x8e\x07~\x08\x08localhop\x08\x03ndn\x08\x04nlsr\x08\x04sync\x08\x02\xfd\x06\x08]x\x9cc`\xa0>`\x04\xe2C/Z\xed\xf8\xc5\xb8\x84i` > >From the library i understand, i can access the payload as "pkt.data". > Just trying to decode first two bytes and print it. > > _NDN_PACK_STR = '!BB' > (t,l) = struct.unpack(_NDN_PACK_STR, pkt) pkt isn't a bytearray and I think this code raises an exception. I guess you want to unpack pkt.protocols[-1] instead? > self.logger.info(t) > self.logger.info(l) > But its not returning the correct values seen as per the header. > > Any suggestions? > Thanks > suresh > > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Simple Host Loopback Configuration Not Working
> === This OFPFlowMod is intended to drop all other traffic that doesn't > === match the previous two rules > == > mod: > version=None,msg_type=None,msg_len=None,xid=None,OFPFlowMod(actions=[],buffer_id=4294967295,command=0,cookie=0,flags=1,hard_timeout=0,idle_timeout=0,match=OFPMatch(dl_dst='\x00\x00\x00\x00\x00\x00',dl_src='\x00\x00\x00\x00\x00\x00',dl_type=0,dl_vlan=0,dl_vlan_pcp=0,in_port=0,nw_dst=0,nw_proto=0,nw_src=0,nw_tos=0,tp_dst=0,tp_src=0,wildcards=4194303),out_port=65535,priority=0) > switch is running > > > == > === Mellanox switch output > == > switch-5ecae6 (config) # enable > switch-5ecae6 (config) # configure terminal > switch-5ecae6 (config) # show openflow flows > > Flow id: 52 > priority: 32768 > hard timeout: infinite > idle timeout: 0 sec > ingress interface:Eth1/6 > actions: > output port Eth1/5 > statistics: > 0 packets, 0 bytes > > Flow id: 53 > priority: 32768 > hard timeout: infinite > idle timeout: 0 sec > ingress interface: Eth1/5 > actions: > output port Eth1/6 > statistics: > 558740 packets, 0 bytes The statistics suggests that packets are matched, at least. > Flow id: 54 > priority: 0 > hard timeout: infinite > idle timeout: 0 sec > actions: > output drop > statistics: > 0 packets, 0 bytes > > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] send a message from control plane to data plane
On Tue, 05 Mar 2019 11:31:49 +0900, Sagar Ramani wrote: > > [1 ] > [1.1 ] > Hi, > I am working on the contract base application, if i want to send a message > from control plane(controller) to data plane(mininet) then how I can do > that? I think packet-outs can be used for your purpose. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] host mobile
On Wed, 27 Feb 2019 19:45:04 +0900, sim1vale--- via Ryu-devel wrote: > i'm a student and I'm trying to use mininet-wifi and ryu. if a station is > moving from access point to another, is it possible send an event to > controller when station change access point? Ryu doesn't have WiFi support. Asking in the mininet-wifi mailing list would be better. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Even Driven
On Tue, 26 Feb 2019 13:25:59 +0900, Khalid Rahman wrote: > > [1 ] > [1.1 ] > Dear, I am learning SDN Ryu for my final project in my undergraduate > studies. I already seen the source code but i am a bit confused about which > source code have responsibility to drive event in ryu programming. And what > kind of event ryu can process? http://osrg.github.io/ryu-book/en/html/switching_hub.html#event-handler Have you checked this URL? Starting with an example may help you. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] unknown error xid
On Mon, 25 Feb 2019 18:36:57 +0900, nail göksel wrote: > > [1 ] > [1.1 ] > Hi all, > > When i import api from the "ryu.app.ofctl" i get this error: > > unknown error xid 3337929515 > > The number after the xid changes and it generates many of this error > message about 30 seconds after starting the simulation. Do you have any > idea on this issue? Please look at ryu.app.ofctl.service. It means OfctlService got an OF reply with an unexpected xid. For xid, please look at the OpenFlow spec. It is likely OfCtlService is receiving replies to requests which the OfctlService didn't sent. Maybe there's some OF other controller or multiple OfctlService instances? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Extract url from an http packet
On Sat, 23 Feb 2019 22:14:11 +0900, Nirav Patel wrote: > > [1 ] > [1.1 ] > Hello, > I am trying to build a firewall kind of application which involves > filtering url from an http packet. > > Is there a way i can > 1. Identify an http packet upon a packet in event. > 2 extract url from that packet . > > I know its a pretty losely defined requirement, but i tried to read ryu > documentation and ryu packet library. I could not find a usable solution. > Please do help me out You can write OpenFlow match fields to filter tcp/80 packets but OpenFlow isn't capable of handling TCP payloads. tcp/80 packets can be sent to a ryu controller via packet-ins and TCP payloads can be reconstructed in a ryu application but it would require some work and I'm not sure if OpenFlow is good for such a use case. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] (no subject)
On Tue, 26 Feb 2019 03:51:11 +0900, Arthur Zopellaro wrote: > I'm researching SDN controllers and I can't find any information on > whether Ryu has official support for backup controllers (distributed > controller). Is it correct to say it doesn't support backup controllers? > Thank you, You are right. Though such a thing can be implemented with ryu, there's no such code in ryu. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] RYU Controller Nicira Extended Match Structures Support in ARUBA Switches
On Thu, 14 Feb 2019 21:42:36 +0900, Ramzah Rehman wrote: > I want to know are Nicira Extended Match Structures of RYU Controller > supported in ARUBA 2930F LJ253A switches?I tried it, and got OFPET_BAD_ACTION > error even though these extensions work fine with OVS (OpenVswitch). I'm not aware of that hardware switch but it seems it doesn't support Nicira extensions. If a hardware switch doesn't support some extension, there's nothing Ryu can help. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] preventing packet in messages for specific host
On Thu, 14 Feb 2019 21:28:26 +0900, nail göksel wrote: > > [1 ] > [1.1 ] > Hi all, > > I need to prevent switches to send packet in messages for specific hosts. > At this time, i need to not to prevent ongoing flows of these hosts. > > For Example, if a flow entry exists for host h0, i want to only prevent > creating new flow entries and creating packet in messages for that host as > well, thus i need to create a drop rule from switch to controller regarded > only h0, this rule musn't affect the packet in creation regarded other > hosts connected to this switch. > > How can i achieve this, regards, If multiple flows match against a packet, the flow with the highest priority get processed. Add a flow for the host h0 that doesn't generate packet-ins with a higher priority. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu behaviour
I checked your PDF document. Packet counts of the table-miss flow entry is strange in the hardware switch setup. Maybe the controller isn't getting expected packet-ins, which can be the reason why the forwarding flow entries aren't populated. I have no idea if this is due to hardware problems or configuration issuese. On Sun, 17 Feb 2019 02:56:35 +0900, Diarmuid O Briain wrote: > > [1 ] > [1.1 ] > Maen, > > Interesting, I compared the *simple_switch13.py* file you linked me to and > the one that comes with the *python3-ryu* package (installed with apt-get > install python3-ryu). > > $ *diff /usr/lib/python3/dist-packages/ryu/app/simple_switch_13.py > maen_version_simple_switch_13.py* > 105c105 > < match = parser.OFPMatch(in_port=in_port, eth_dst=dst) > --- > > match = parser.OFPMatch(in_port=in_port, eth_dst=dst, > eth_src=src) > 120d119 > < > > That would seem to bear out what you say. I am a little lost as to what > that means though. Why the difference? The diff is due to the following commit, but I don't think it matters in your case. commit 3b946c01929c6f390721731c9d31aa09feeb858a Author: Jerico Moeyersons Date: Tue Nov 28 10:28:12 2017 +0900 app: Fix simple_switch for multi switch env > regards, > > Diarmuid > -- > > *Irish by birth, located in Uganda but Munster by the grace of God.* > > > > > On Sat, 16 Feb 2019 at 19:04, Maen Artimy wrote: > > > Diarmuid, > > There is something odd about the application you are running. The > > simple_switch_13.py should match three fields not two. Also it should not > > output the packet to the same input port (see line 105) . So I would start > > by checking if the application is correct. > > https://github.com/osrg/ryu/blob/master/ryu/app/simple_switch_13.py > > > > Regards, > > Maen > > > > On Sat, Feb 16, 2019 at 11:36 AM Diarmuid O Briain > > wrote: > > > >> Hi, > >> > >> I have spent ages playing with Ryu and mininet and decided to try some > >> actual physical switches. I compared using Ryu with an OvS switching for > >> physical ports in a server with Ryu controlling a Netgear M4300-48G in > >> OpenFlow v1.3 mode. The response in both cases were different and I > >> documented it in the attached. I would appreciate it if someone who knows > >> more about the Ryu controller than me would look and try explain the > >> different outcomes from scenarios on A and B. > >> > >> much appreciated. > >> > >> Diarmuid O'Briain > >> -- -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] extracting TOS values from ev.msg
On Sat, 09 Feb 2019 14:44:29 +0900, David Liew wrote: > > [1 ] > [1.1 ] > hi, > kindly for all, > i have a question please, > i had read the ryu book follow it exactly, but honestly i could not make > it. > How can i extract the TOS values from the ev.msg to track specific value, Do you plan to use packet-in messages to extract TOS values? In OpenFlow specs, the TOS field is separated into ECN and DSCP fields. Use those keywords to program flows. > and then apply it in flow table matching, cause it has "ox" at the > beginning g of each value, i want to work in decimal not in "ox". The values and arguments are of integer type and I'm not sure how can it be a problem. You can convert base if necessary. https://docs.python.org/3/library/functions.html?highlight=int#int -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Error while sending http request to RYU server
On Tue, 12 Feb 2019 17:45:01 +0900,
Nirav Patel wrote:
>
> [1 ]
> [1.1 ]
> [1.1.1 ]
> Hello
> I am trying to send a GET request to RYU api
> Server running RYU controller
> http://192.168.52.142:8080/stats/switches
> When i send this request from a web browser or through POSTMAN application
> i get the response.
>
> But when i try to use a javaScript i get CORS error.
> *Access to XMLHttpRequest at 'http://192.168.52.142:8080/stats/switches
> <http://192.168.52.142:8080/stats/switches>' from origin 'null' has been
> blocked by CORS policy: No 'Access-Control-Allow-Origin' header is present
> on the requested resource.*
>
> I am new to javascripting and I am unable to resolve this issue. I am
> posting my Java script along with the headers that i receive in response.
> Can someone help me resolve this issue/
I'm not quite familiar to javascript but AFAIK the CORS thing is to
limit cross-site attacks. Maybe you put your javascript somewhere else
than 192.168.52.142 or as a local file?
>
> function switchCount(){
> var xhttp = new XMLHttpRequest();
> xhttp.open("GET", "http://192.168.52.142:8080/stats/switches;, true);
> xhttp.send();
> //when xhttp state changes
> xhttp.onreadystatechange = function() {
> if (this.readyState == 4 && this.status == 200) {
> // Typical action to be performed when the document is ready:
> console.log('Request Successful');
> http_request.withCredentials = true;
> document.getElementById("flowrule").innerHTML = xhttp.responseText;
> }
> };
> }
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] OpenFlow experimenter match
On Thu, 07 Feb 2019 17:15:53 +0900, Markel Sainz Oruna wrote: > > [1 ] > [1.1 ] > Hi there, > > I'm currently working at my PhD dissertation and I want to develop an > OpenFlow extension to be able to match arbitrary payload bytes in an > industrial network protocol with intrusion detection purposes... > > I was wondering if there exists any project sample or documentation to > start with in order to gain the required expertise. > OpenFlow EXT-109 is quite simple but may serve as an example. The spec is in the OpenFlow Extensions 1.3.x package 2 and you may also want to look at relevant commits in ryu. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Odp.: Error
On Mon, 04 Feb 2019 11:24:20 +0900,
Pelcner, Lukasz wrote:
> As as a response for a . I get something like that
> ryu-manager --app-lists .base-switch.py
> loading app .base-switch.py
> Traceback (most recent call last):
> File "/home/vagrant/.local/bin/ryu-manager", line 11, in
> sys.exit(main())
> File "/home/vagrant/.local/lib/python2.7/site-packages/ryu/cmd/manager.py",
> line 98, in main
> app_mgr.load_apps(app_lists)
> File
> "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py",
> line 415, in load_apps
> cls = self.load_app(app_cls_name)
> File
> "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py",
> line 392, in load_app
> mod = utils.import_module(name)
> File "/home/vagrant/.local/lib/python2.7/site-packages/ryu/utils.py", line
> 108, in import_module
> return importlib.import_module(modname)
> File "/usr/lib/python2.7/importlib/__init__.py", line 30, in import_module
> raise TypeError("relative imports require the 'package' argument")
> TypeError: relative imports require the 'package' argument
You don't need ".py" suffix.
You need to set up PYTHONPATH and maybe need to prepare empty
__init__.py files. There should be online resources for this kind of
stuff but I cannot find one handy.
> Od: Pelcner, Lukasz
> Wysłane: poniedziałek, 4 lutego 2019 02:19:36
> Do: IWAMOTO Toshihiro
> DW: ryu-devel@lists.sourceforge.net
> Temat: Odp.: [Ryu-devel] Error
>
>
> Thanks,
>
>
> so If I understand correctly ryu-manager --app-lists
> ~/base/base/base-switch.py instead of / just use . ? ryu-manager --app-lists
> base.base-switch.py
>
>
> Od: IWAMOTO Toshihiro
> Wysłane: poniedziałek, 4 lutego 2019 02:12:25
> Do: Pelcner, Lukasz
> DW: ryu-devel@lists.sourceforge.net
> Temat: Re: [Ryu-devel] Error
>
> On Mon, 04 Feb 2019 09:16:43 +0900,
> Pelcner, Lukasz wrote:
> >
> > [1 ]
> > [1.1 ]
> > Dear Sir/Madam,
> >
> >
> > Trying to set up Ryu I constantly get the following error running
> > simple_switch for OpenFlow 1.3
>
> http://osrg.github.io/ryu-book/en/html/switching_hub.html#executing-the-switching-hub
>
> A python path notation (with delimiter '.') should be used instead of
> a Unix path notation (with delimiter '/').
>
> > Traceback (most recent call last):
> > File "/home/vagrant/.local/bin/ryu-manager", line 11, in
> > sys.exit(main())
> > File
> > "/home/vagrant/.local/lib/python2.7/site-packages/ryu/cmd/manager.py", line
> > 98, in main
> > app_mgr.load_apps(app_lists)
> > File
> > "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py",
> > line 415, in load_apps
> > cls = self.load_app(app_cls_name)
> > File
> > "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py",
> > line 392, in load_app
> > mod = utils.import_module(name)
> > File "/home/vagrant/.local/lib/python2.7/site-packages/ryu/utils.py",
> > line 104, in import_module
> > return importlib.import_module(modname)
> > File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module
> > __import__(name)
> > ImportError: Import by filename is not supported.
> >
>
> --
> IWAMOTO Toshihiro
> [1.2 ]
> [2 ]
>
> [3 ]
> ___
> Ryu-devel mailing list
> Ryu-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ryu-devel
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] IGMPv3 support on IGMP Library
On Tue, 05 Feb 2019 05:36:56 +0900, Lucas Viera wrote: > > [1 ] > Hi Iwamoto & RYU Team, how are you today? > > Did have an opportunity to check my last email? > El jue., 31 ene. 2019 a las 13:42, Lucas Viera () > escribió: > > > Hi Iwamoto, thanks for your answer. > > > > So you think we can get similar or better functionalities using Scapy? > > > > We’ve encountered this suggestion in other opportunities but we were not > > sure about it because we’re not familiar with scapy. Sorry. Neither am I. I just recall scapy uses some bizzare syntax. ;-) https://scapy.readthedocs.io/en/latest/usage.html#stacking-layers > > On Thu, Jan 31, 2019 at 1:28 AM IWAMOTO Toshihiro > > wrote: > > > >> On Thu, 31 Jan 2019 06:19:30 +0900, > >> Lucas Viera wrote: > >> > > >> > [1 ] > >> > [1.1 ] > >> > Hi RYU team! > >> > > >> > My partner and I are working on out Final Project using Mininet and RYU > >> and > >> > we've got some questions. > >> > > >> > Out project involves IGMP packet treatment so we're planning on using > >> > IGMPlib file. > >> > > >> > But we found, according to code comments, that is does not support > >> IGMPv3 > >> > and that is does not represent fully IGMP RFC. > >> > > >> > *Can you please explian which IGMPv3 functionalities are not supported > >> by > >> > IGMPlib ? Or is there any forum we can see it?* > >> > >> I'm not very familiar with IGMP but ryu.lib.packet.igmp has some v3 > >> support. You might also want to consider other packet libraries such > >> as scapy. And scapy implements here. I'm afraid it's the best to check and compare these functionalities by yourself. https://github.com/secdev/scapy/blob/master/scapy/contrib/igmpv3.py > >> -- > >> IWAMOTO Toshihiro > >> > >> -- > > Atte. Lucas Viera. > > lucasvier...@gmail.com || *+598 99 977 968* > > LinkedIn: http://uy.linkedin.com/in/lucasviera > > > [2 ] ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] [PATCH] Choose the highest TLS version
Thanks for working on this.
On Sat, 02 Feb 2019 00:39:34 +0900,
alex wrote:
>
> Signed-off-by: alex
> ---
> ryu/controller/controller.py | 6 ++
> ryu/lib/hub.py | 24 +---
> 2 files changed, 23 insertions(+), 7 deletions(-)
>
> diff --git a/ryu/controller/controller.py b/ryu/controller/controller.py
> index 62135339..f316f0bc 100644
> --- a/ryu/controller/controller.py
> +++ b/ryu/controller/controller.py
> @@ -172,15 +172,13 @@ class OpenFlowController(object):
>keyfile=CONF.ctl_privkey,
>certfile=CONF.ctl_cert,
>cert_reqs=ssl.CERT_REQUIRED,
> - ca_certs=CONF.ca_certs,
> - ssl_version=ssl.PROTOCOL_TLSv1)
> + ca_certs=CONF.ca_certs)
I think ssl_version should be set here so that any other potential
StreamServer user can override. Also, if we add a config option to
restrict unsafe TLS versions in future, the logic should be here.
> else:
> server = StreamServer((CONF.ofp_listen_host,
> ofp_ssl_listen_port),
>datapath_connection_factory,
>keyfile=CONF.ctl_privkey,
> - certfile=CONF.ctl_cert,
> - ssl_version=ssl.PROTOCOL_TLSv1)
> + certfile=CONF.ctl_cert)
ditto
> else:
> server = StreamServer((CONF.ofp_listen_host,
> ofp_tcp_listen_port),
> diff --git a/ryu/lib/hub.py b/ryu/lib/hub.py
> index bd15fc89..18ba6e4a 100644
> --- a/ryu/lib/hub.py
> +++ b/ryu/lib/hub.py
> @@ -42,6 +42,7 @@ if HUB_TYPE == 'eventlet':
> import ssl
> import socket
> import traceback
> +import sys
>
> getcurrent = eventlet.getcurrent
> patch = eventlet.monkey_patch
> @@ -127,9 +128,26 @@ if HUB_TYPE == 'eventlet':
>
> if ssl_args:
> def wrap_and_handle(sock, addr):
> -ssl_args.setdefault('server_side', True)
> -handle(ssl.wrap_socket(sock, **ssl_args), addr)
> -
> +if sys.version_info < (2,7,9):
> +#anything less than python 2.7.9 supports only TLSv1
> or less, thus we choose TLSv1
> +ssl_args.setdefault('server_side', True)
> +ssl_args.update(ssl_version = 'PROTOCOL_TLSv1')
> +handle(ssl.wrap_socket(sock, **ssl_args), addr)
> +else:
> +# from 2.7.9 and versions 3.4+ ssl context creation
> is supported. Protocol_TLS from 2.7.13 and from 3.5.3 replaced SSLv23.
> Functionality is similar.
> +if hasattr(ssl, 'PROTOCOL_TLS'):
> +p = 'PROTOCOL_TLS'
> +else:
> +p = 'PROTOCOL_SSLv23'
> +
> +ctx = ssl.SSLContext(getattr(ssl, p))
> +ctx.load_cert_chain(ssl_args['certfile'],
> ssl_args['keyfile'])
> +ctx.options |= ssl.OP_NO_SSLv3 | ssl.OP_NO_SSLv2
> #Restrict non-safe versions
> +if 'cert_reqs' in ssl_args:
> +#if --ca-certs is specified
> +ctx.verify_mode = ssl.CERT_REQUIRED
> +ctx.load_verify_locations(ssl_args["ca_certs"])
> +handle(ctx.wrap_socket(sock,server_side=True), addr)
>
> self.handle = wrap_and_handle
> else:
> self.handle = handle
> --
> 2.16.4
>
>
>
> ___
> Ryu-devel mailing list
> Ryu-devel@lists.sourceforge.net
> https://lists.sourceforge.net/lists/listinfo/ryu-devel
>
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Error
On Mon, 04 Feb 2019 09:16:43 +0900, Pelcner, Lukasz wrote: > > [1 ] > [1.1 ] > Dear Sir/Madam, > > > Trying to set up Ryu I constantly get the following error running > simple_switch for OpenFlow 1.3 http://osrg.github.io/ryu-book/en/html/switching_hub.html#executing-the-switching-hub A python path notation (with delimiter '.') should be used instead of a Unix path notation (with delimiter '/'). > Traceback (most recent call last): > File "/home/vagrant/.local/bin/ryu-manager", line 11, in > sys.exit(main()) > File "/home/vagrant/.local/lib/python2.7/site-packages/ryu/cmd/manager.py", > line 98, in main > app_mgr.load_apps(app_lists) > File > "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py", > line 415, in load_apps > cls = self.load_app(app_cls_name) > File > "/home/vagrant/.local/lib/python2.7/site-packages/ryu/base/app_manager.py", > line 392, in load_app > mod = utils.import_module(name) > File "/home/vagrant/.local/lib/python2.7/site-packages/ryu/utils.py", line > 104, in import_module > return importlib.import_module(modname) > File "/usr/lib/python2.7/importlib/__init__.py", line 37, in import_module > __import__(name) > ImportError: Import by filename is not supported. > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Implementing MPLS in RYU
On Thu, 31 Jan 2019 05:40:28 +0900, Alexandre Alves dos Santos de Campos wrote: > > [1 ] > [1.1 ] > Dear, I need to implement MPLS in RYU, because of many of the APIs that I > found to be presenting an error, and in Ryu Book, I did not find any > examples that I could use. Ryu has MPLS packet library [1] as well as OpenFlow support of MPLS match fields and actions. I'm not sure if there's any readily usable example on MPLS. [1] https://ryu.readthedocs.io/en/latest/library_packet_ref/packet_mpls.html -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Add flow table using controller ryu
On Thu, 31 Jan 2019 12:58:35 +0900, Khalid Rahman wrote: > > [1 ] > [1.1 ] > Dear, i had already try learning switch with ryu, the ryu controller > automatically creating our flow table. > > How abou we add flow table manually without the learning switch algorithm? > Is it possible? > > Let say i want all traffic from port 1 out to port 2, and all traffic form > port 4 out to port 3. Is it possible using python script? Or maybe it must > be using another application like postman or something? Of course you can do such a thing in a RyuApp. Create such flows and send OFPFlowMod messages. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] IGMPv3 support on IGMP Library
On Thu, 31 Jan 2019 06:19:30 +0900, Lucas Viera wrote: > > [1 ] > [1.1 ] > Hi RYU team! > > My partner and I are working on out Final Project using Mininet and RYU and > we've got some questions. > > Out project involves IGMP packet treatment so we're planning on using > IGMPlib file. > > But we found, according to code comments, that is does not support IGMPv3 > and that is does not represent fully IGMP RFC. > > *Can you please explian which IGMPv3 functionalities are not supported by > IGMPlib ? Or is there any forum we can see it?* I'm not very familiar with IGMP but ryu.lib.packet.igmp has some v3 support. You might also want to consider other packet libraries such as scapy. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] ryu support NXT_RESUME message
On Wed, 30 Jan 2019 10:05:31 +0900, Gao Zhenyu wrote: > > [1 ] > [1.1 ] > ping. Please allow a few days delay on this mailing list. ;-) > Gao Zhenyu 于2019年1月29日周二 下午5:15写道: > > > Hi ryu team, > > > >I am trying to consume ryu in my sdn project, but I found the ryu > > doesn't support sending NXT_RESUME message back. > > > > You know a action like controller(pause) in ovs cause the switch to > > freeze the packet's trip. Then our controller can later send the > > continuation back to the switch in an NXT_RESUME message, which > > will restart the packet's traversal. > > > > I search the ryu source code and cannot found any clew about > > NXT_RESUME. So just want to know if ryu team has a plan to support it? It is a Nicira extension and Nicira extension coverage is not complete. I guess you need to implement it if necessary. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] [PATCH] Choose the highest TLS version
On Thu, 24 Jan 2019 17:26:02 +0900,
alex wrote:
>
> [1 ]
> [1.1 Re: [Ryu-devel] [PATCH] Choose the highest TLS version (7bit)>]
> [1.1.1 ]
> Hi IWAMOTO,
>
> Currently I am quite busy. When I will have some spare time I will come
> back to you, with a more complete implementation,along with comments so
> that we stand on the same ground.
>
> With a quick look at ssl/tls python documentation, you are right. There
> are cases that the attacker can initiate a downgrade attack and thus
> chooses a protocol version even bellow TLSv1(which btw it is also an
> unsafe protocol choice[1]; TLS 1.2 and above are considered safe).
It has been on my TODO list a while. Thanks for working on this.
IMO we need to make some decision on compatibily and security.
The below is some my untested code. Use this (or don't) as you wish.
Signed-off-by: IWAMOTO Toshihiro
diff --git a/ryu/lib/hub.py b/ryu/lib/hub.py
index bd15fc89..f239101a 100644
--- a/ryu/lib/hub.py
+++ b/ryu/lib/hub.py
@@ -126,9 +126,17 @@ if HUB_TYPE == 'eventlet':
self.server = eventlet.listen(listen_info)
if ssl_args:
-def wrap_and_handle(sock, addr):
-ssl_args.setdefault('server_side', True)
-handle(ssl.wrap_socket(sock, **ssl_args), addr)
+if getattr(ssl, 'SSLContext', None):
+def wrap_and_handle(sock, addr):
+sslcontext =
ssl.SSLContext(ssl_args.pop('ssl_version'))
+sslcontext.options |= getattr(ssl, 'OP_NO_SSLv2', 0)
+sslcontext.options |= getattr(ssl, 'OP_NO_SSLv3', 0)
+ssl_args.setdefault('server_side', True)
+handle(sslcontext.wrap_socket(sock, **ssl_args), addr)
+else:
+def wrap_and_handle(sock, addr):
+ssl_args.setdefault('server_side', True)
+handle(ssl.wrap_socket(sock, **ssl_args), addr)
self.handle = wrap_and_handle
else:
> [1] https://techblog.topdesk.com/security/developers-need-know-tls-1-0/
>
> On 1/24/19 5:17 AM, IWAMOTO Toshihiro wrote:
> > Thanks.
> > I researched the ssl module changes, but it's a bit confusing to me.
> >
> >
> > On Thu, 24 Jan 2019 02:53:56 +0900,
> > alex wrote:
> >> Signed-off-by: alex
> >> ---
> >> ryu/controller/controller.py | 8 ++--
> >> 1 file changed, 6 insertions(+), 2 deletions(-)
> >>
> >> diff --git a/ryu/controller/controller.py b/ryu/controller/controller.py
> >> index 62135339..9198bfb1 100644
> >> --- a/ryu/controller/controller.py
> >> +++ b/ryu/controller/controller.py
> >> @@ -164,6 +164,10 @@ class OpenFlowController(object):
> >> client.stop()
> >>
> >> def server_loop(self, ofp_tcp_listen_port, ofp_ssl_listen_port):
> >> +if hasattr(ssl, 'PROTOCOL_TLS'):
> >> +p = "PROTOCOL_TLS"
> > It's better to disable SSL in this case.
> > To do that, SSLContext.wrap_socket should be used in
> > ryu.lib.hub.StreamServer in order to use OP_NO_SSLv3, IIUC.
> >
> >> +else:
> >> +p = "PROTOCOL_SSLv23"
> > To prevent SSL v2 or v3 on python <2.7.9, I think this should be
> > PROTOCOL_TLSv1.
> >
> >
> >> if CONF.ctl_privkey is not None and CONF.ctl_cert is not None:
> >> if CONF.ca_certs is not None:
> >> server = StreamServer((CONF.ofp_listen_host,
> >> @@ -173,14 +177,14 @@ class OpenFlowController(object):
> >>certfile=CONF.ctl_cert,
> >>cert_reqs=ssl.CERT_REQUIRED,
> >>ca_certs=CONF.ca_certs,
> >> - ssl_version=ssl.PROTOCOL_TLSv1)
> >> + ssl_version=getattr(ssl, p))
> >> else:
> >> server = StreamServer((CONF.ofp_listen_host,
> >> ofp_ssl_listen_port),
> >>datapath_connection_factory,
> >>keyfile=CONF.ctl_privkey,
> >>certfile=CONF.ctl_cert,
> >> - ssl_version=ssl.PROTOCOL_TLSv1)
> >> + ssl_version=getattr(ssl, p))
> >> else:
> >> server = StreamServer((CONF.ofp_listen_host,
> >>
Re: [Ryu-devel] (no subject)
On Mon, 28 Jan 2019 03:32:45 +0900, johan cahya wrote: > what is the actual function of GoBGP, and what is used when GoBGP, does > this include the development of network routing from BGP (Border Gateway > Protocol) As the mailing list name suggests, gobgp is off-topic here. GoBGP is a BGP implementation and the following github page contains some documents. Please use GoBGP Slack (https://slackin-gobgp.now.sh/) if you have further questions. https://github.com/osrg/gobgp -- IWAMOTO Toshihior ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] inbound and outband
On Sat, 26 Jan 2019 16:28:51 +0900, David Liew wrote: > i know the different between inbound and outbound controller, > but i don't know how to implement the inbound controller to communicate > with ryu implementation. I'm not quite sure what an inbound controller means. Is --ofp-switch-address-list what you are looking for? https://github.com/osrg/ryu/commit/f7752903 https://github.com/osrg/ryu/blob/56e8fb3f57894bca73f2445de9eb3ce282862f4e/ryu/controller/controller.py#L70 -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] [PATCH] Choose the highest TLS version
Thanks. I researched the ssl module changes, but it's a bit confusing to me. On Thu, 24 Jan 2019 02:53:56 +0900, alex wrote: > > Signed-off-by: alex > --- > ryu/controller/controller.py | 8 ++-- > 1 file changed, 6 insertions(+), 2 deletions(-) > > diff --git a/ryu/controller/controller.py b/ryu/controller/controller.py > index 62135339..9198bfb1 100644 > --- a/ryu/controller/controller.py > +++ b/ryu/controller/controller.py > @@ -164,6 +164,10 @@ class OpenFlowController(object): > client.stop() > > def server_loop(self, ofp_tcp_listen_port, ofp_ssl_listen_port): > +if hasattr(ssl, 'PROTOCOL_TLS'): > +p = "PROTOCOL_TLS" It's better to disable SSL in this case. To do that, SSLContext.wrap_socket should be used in ryu.lib.hub.StreamServer in order to use OP_NO_SSLv3, IIUC. > +else: > +p = "PROTOCOL_SSLv23" To prevent SSL v2 or v3 on python <2.7.9, I think this should be PROTOCOL_TLSv1. > if CONF.ctl_privkey is not None and CONF.ctl_cert is not None: > if CONF.ca_certs is not None: > server = StreamServer((CONF.ofp_listen_host, > @@ -173,14 +177,14 @@ class OpenFlowController(object): >certfile=CONF.ctl_cert, >cert_reqs=ssl.CERT_REQUIRED, >ca_certs=CONF.ca_certs, > - ssl_version=ssl.PROTOCOL_TLSv1) > + ssl_version=getattr(ssl, p)) > else: > server = StreamServer((CONF.ofp_listen_host, > ofp_ssl_listen_port), >datapath_connection_factory, >keyfile=CONF.ctl_privkey, >certfile=CONF.ctl_cert, > - ssl_version=ssl.PROTOCOL_TLSv1) > + ssl_version=getattr(ssl, p)) > else: > server = StreamServer((CONF.ofp_listen_host, > ofp_tcp_listen_port), > -- > 2.16.4 > > > > ___ > Ryu-devel mailing list > Ryu-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/ryu-devel > ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Importing tensorflow in ryu program
On Thu, 24 Jan 2019 02:47:24 +0900, uttam kamalia wrote: > > [1 ] > [1.1 ] > Hello sir, > > I am building a project on routing in sdn based on reinforcement learning. > > I am not able to import tensorflow in ryu application. Kindly guide me how > to merge the tensorflow module into ryu app. Did you properly install tensorflow? What error messages do you get? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to match packet on the basis of ttl
On Mon, 21 Jan 2019 23:47:56 +0900, Ramzah Rehman wrote: > Hi. I am trying to implement packet spraying load balancing scheme where I > need to match ttl (Time To Live) value of a packet to map it to a flow. Is > is possible via RYU controller? I read the documentation here: > https://ryu.readthedocs.io/en/latest/ofproto_v1_3_ref.html > but did not find ttl option in OFPMatch function. Please help > > I can achieve this in open vswitch by matching nw_ttl field. > nw_ttl is a Nicira extension and supported by Ryu. See: https://ryu.readthedocs.io/en/latest/nicira_ext_ref.html#module-ryu.ofproto.nicira_ext -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] measuring the server workload
On Tue, 08 Jan 2019 20:09:50 +0900,
Soliman Awad Alshra´a Abdullah TU Ilmenau wrote:
> Hello Ryu,
>
> In my topology I defined a host as a server
>
>info( '\n*** Starting web server ***\n')
>
>server = net.get('server')
>
>server.cmd('iperf -s -p 80 &')
>
>server.cmd('tcpdump tcp port 80 -i server-eth0 -w server.pcap &')
>
> My inquiry is how to measure the server workload (Cup , Memory )
This question is not related to OpenFlow at all.
Please look at vmstat, sar or similar commands.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to properly use a OFPFC_MODIFY
On Wed, 09 Jan 2019 05:04:13 +0900, Jose Carlos Ferreira de Melo Junior wrote: > > [1 ] > [1.1 ] > Has someone already have sucess using a *OFPFC_MODIFY *to modify some flows > at the same time?? > > How 's the sintaxe on code? OFPFC_MODIFY should update actions of matched flow entries. Maybe your match isn't matching against flow entries for some reason? I guess actset_output is a OF 1.5+ thing. Does Trying with some other match field make any difference? > Mine is the following and *isn't working*: > > *match = ofp_parser.OFPMatch(actset_output=ports)* > *actions = [ofp_parser.OFPActionOutput(port=out_put)]* > > *inst = [ofp_parser.OFPInstructionActions(ofp.OFPIT_APPLY_ACTIONS, * > *actions)]* > > > *req1 = ofp_parser.OFPFlowMod(datapath, cookie, cookie_mask,* > > *table_id, ofp.OFPFC_MODIFY,* > > *idle_timeout, hard_timeout,* > > *priority, buffer_id,* > > * ofp.OFPP_ANY, ofp.OFPG_ANY,* > > *ofp.OFPFF_SEND_FLOW_REM,* > *match, inst)* > > > please any help would be a blessing...this is very stressful LoL > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to obtain packet count of flow match?
On Tue, 08 Jan 2019 02:23:14 +0900, James Aiken wrote: > In the example Traffic Monitor Ryu application, within the flow stats reply > handler there is some code which writes to the log. > > Within which there is "stat.packet_count". I was wondering how I could get > the packet_count of only TCP SYN packets within a flow? How would I begin > to write this in Python? > > I have been reading the documentation however have struggled to find > anything that helps me. Packets can be matched against tcp_flags using the Nicira extension or OpenFlow 1.5 (EXT-109). Create flows that matches tcp syn packets and observe flow counters. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] 3 layer router
On Mon, 07 Jan 2019 20:58:29 +0900, תומר גלבר wrote: > > [1 ] > [1.1 ] > Thank you for your replay! > > This is not exactly what I was looking for. > For switches, ryu can create a topology view (app name is > ryu.topology.switches.Switches). > I would like to see something like that for routers. > Also, the L3 router implemention is limited and I can't define l3 entities > like nat, and then to do port forwarding. Also, I can't forward by 4 tuple > DST ip,DST port,src ip,src port. > Web searches show several experimental router implementations based on OpenFlow, but I guess you need to create your own, possible based on one of such implementations. For NAT, ovs has a conntrack stateful NAT extension if you can depend on ovs. > On Mon, Jan 7, 2019, 11:13 IWAMOTO Toshihiro wrote: > > > On Wed, 26 Dec 2018 01:09:27 +0900, > > תומר גלבר wrote: > > > > > I looked for a way to control my routers with RYU with no success. I had > > to > > > write a new app for my self, and thought maybe you know on an app like > > > that. > > > > There's an example L3 router implementation in ryu/app/rest_router.py > > (cf. http://osrg.github.io/ryu-book/en/html/rest_router.html ) > > but I guess that's not what you are looking for. > > > > What kind of things do you want to implement? ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Get the packet loss for link
On Fri, 28 Dec 2018 16:14:24 +0900, Sagar Ramani wrote: > > [1 ] > [1.1 ] > Hi, > Is it possible to get the packet loss in the network topology link of the > network ? Port Stats have rx_dropped and tx_dropped. Is that what you want? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Flow handling rate
On Thu, 27 Dec 2018 12:48:51 +0900, knet solutions wrote: > Is it possible to measure performance stats of RYU Controller such the flow > setup rate, number of packet in messages served per second, Of course you can create benchmark apps using ryu. Profiling tools such as eventlet.green.profile might be also useful. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Connecting Ryu controllers on a bus
On Wed, 09 Jan 2019 05:24:45 +0900, alex g wrote: > I use a Ryu controller for distributed SDN network, and I > would like to connect four Ryu controllers on a bus. Does anyone has idea how > to do this? Such a question on inter-controller connections is a kind of FAQ here. Unfortunately, ryu doesn't provide such a thing. You need to design the protocol and the code by yourself. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] 3 layer router
On Wed, 26 Dec 2018 01:09:27 +0900, תומר גלבר wrote: > I looked for a way to control my routers with RYU with no success. I had to > write a new app for my self, and thought maybe you know on an app like > that. There's an example L3 router implementation in ryu/app/rest_router.py (cf. http://osrg.github.io/ryu-book/en/html/rest_router.html ) but I guess that's not what you are looking for. What kind of things do you want to implement? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Issue in OFPBucket in OpenFlow version 1.5
On Fri, 04 Jan 2019 20:32:14 +0900, Ramzah Rehman wrote: > I tried to add a Group Entry in my OVS version 2.8.6 switch via RYU > controller using ofproto_v1_5 (switch has been configured to support > OpenFlow 1.5 ). I found send_group_mod > <https://ryu.readthedocs.io/en/latest/ofproto_v1_5_ref.html> function here. > I used the exact code to check if it's working but got this > OFPGMFC_BAD_BUCKET(12) error. > Anyhow, since I had been initializing my OFPButcket wrongly, I > modified my code as follows. This time, the actions list was being set > properly in the bucket but still, I got bad_BUCKET(12) error. Please > help. > *Modified Code:* > > def send_group_mod(self, datapath): > ofp = datapath.ofproto > ofp_parser = datapath.ofproto_parser > > port = 1 > max_len = 2000 > actions = [ofp_parser.OFPActionOutput(port, max_len)] > > weight = 100 > #watch_port = ofproto_v1_5.OFPP_ANY > #watch_group = ofproto_v1_5.OFPQ_ALL > > bucket = datapath.ofproto_parser.OFPBucket(bucket_id=1, > actions=actions, properties=None, len_=32,action_array_len=None) > buckets = [bucket] > #buckets = [ofp_parser.OFPBucket(weight, watch_port, > watch_group,actions)] > > group_id = 1 > command_bucket_id = 1 > req = ofp_parser.OFPGroupMod(datapath, ofp.OFPGC_ADD, > ofp.OFPGT_SELECT, group_id, > command_bucket_id, buckets) > datapath.send_msg(req) > > *Error:* > > EventOFPErrorMsg received. > version=0x6, msg_type=0x1, msg_len=0x3c, xid=0x1d46ee73 > `-- msg_type: OFPT_ERROR(1) > OFPErrorMsg(type=0x6, code=0xc, > data=b'\x06\x0f\x00\x30\x1d\x46\xee\x73\x00\x00\x01\x00\x00\x00\x00\x01\x00\x18\x00\x00\x00\x00\x00\x01\x00\x18\x00\x10\x00\x00\x00\x01\x00\x00\x00\x10\x00\x00\x00\x01\x07\xd0\x00\x00\x00\x00\x00\x00') > |-- type: OFPET_GROUP_MOD_FAILED(6) > |-- code: OFPGMFC_BAD_BUCKET(12) > `-- data: version=0x6, msg_type=0xf, msg_len=0x30, xid=0x1d46ee73 > `-- msg_type: OFPT_GROUP_MOD(15) ovs-vswitchd should emit warn logs when returning those BAD_BUCKET errors, if the verbose level is set appropriately. Please check ovs-vswitchd log level settings and its log file. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] simplemonitor13
On Tue, 25 Dec 2018 22:21:38 +0900, Edison Albuquerque wrote: > I need to write an api to process data collected from the switch, via > simplemonitor13. > The attribute I need to process is "body" of the statreply message. > I happens that body is a local variable. > Since I am still learning Python, I need someone to teach me how to write a > code that will capture the body content. > I solved the problem tweaking simplemonitor13 to send body content to an > open file that I can read from my code. But there must be a better way. > Thanks and MERRY XMAS. Of course there are. It depends on how and where your API code is written, but several possible solutions are: 1. Use global variables or a global class instance cf. https://stackoverflow.com/questions/6760685/creating-a-singleton-in-python 2. If your API code resides in SimpleMonitor13 or its derived class, store the data as a class variable 3. If you want to send statrequests synchronously from your API code, kill _request_stats and use send_msg with a reply_cls arg Merry christmas and a happy new year -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Error in datapath
On Thu, 20 Dec 2018 00:41:57 +0900,
marcosab...@inf.ufg.br wrote:
>
> Hello,
>
> I got the follow error when i send Rule to switch:
>
> [DEBUG - 2018-12-17 15:33:00,235] Log.debug - --- SET RULE ---
> [INFO- 2018-12-17 15:33:00,247] Log.info - Starting rule match of OF 1.0
> [DEBUG - 2018-12-17 15:33:00,255] EventOFPErrorMsg received.
> version=0x1, msg_type=0x1, msg_len=0x4c, xid=0x1edfe32b
> `-- msg_type: OFPT_ERROR(1)
> [ERROR - 2018-12-17 15:33:00,255] Error in the datapath
> cc4e24425c00 from ('10.16.0.192', 7802)
> [DEBUG - 2018-12-17 15:33:00,256] EVENT ofp_event->switches
> EventOFPStateChange
> [ERROR - 2018-12-17 15:33:00,257] hub: uncaught exception: Traceback
> (most recent call last):
> File "/usr/local/lib/python2.7/dist-packages/ryu/lib/hub.py", line
> 59, in _launch
> return func(*args, **kwargs)
> File
> "/usr/local/lib/python2.7/dist-packages/ryu/controller/controller.py",
> line 536, in datapath_connection_factory
> datapath.serve()
> File
> "/usr/local/lib/python2.7/dist-packages/ryu/controller/controller.py",
> line 454, in serve
> self._recv_loop()
> File
> "/usr/local/lib/python2.7/dist-packages/ryu/controller/controller.py",
> line 196, in deactivate
> method(self)
> File
> "/usr/local/lib/python2.7/dist-packages/ryu/controller/controller.py",
> line 355, in _recv_loop
> handler(ev)
> File
> "/usr/local/lib/python2.7/dist-packages/ryu/controller/ofp_handler.py",
> line 281, in error_msg_handler
> if msg.type == ofp.OFPET_EXPERIMENTER:
> AttributeError: 'module' object has no attribute 'OFPET_EXPERIMENTER'
>
> The error is in datapath?
It seems to be error_msg_handler has been broken for OF1.0 for a
while. The attached patch should fix.
>From 7cdc07787be7b153889fcb8fe081436e1a49bbab Mon Sep 17 00:00:00 2001
From: IWAMOTO Toshihiro
Date: Thu, 20 Dec 2018 15:36:35 +0900
Subject: [PATCH] Fix error_msg_handler exception
OFPET_EXPERIMENTER isn't defined in OF1.0.
Signed-off-by: IWAMOTO Toshihiro
---
ryu/controller/ofp_handler.py | 2 +-
1 file changed, 1 insertion(+), 1 deletion(-)
diff --git a/ryu/controller/ofp_handler.py b/ryu/controller/ofp_handler.py
index 5c4d46de..dc0b543c 100644
--- a/ryu/controller/ofp_handler.py
+++ b/ryu/controller/ofp_handler.py
@@ -278,7 +278,7 @@ class OFPHandler(ryu.base.app_manager.RyuApp):
hex(msg.version), hex(msg.msg_type), hex(msg.msg_len),
hex(msg.xid),
ofp.ofp_msg_type_to_str(msg.msg_type))
-if msg.type == ofp.OFPET_EXPERIMENTER:
+if ofp.OFP_VERSION > 0x01 and msg.type == ofp.OFPET_EXPERIMENTER:
self.logger.debug(
"OFPErrorExperimenterMsg(type=%s, exp_type=%s,"
" experimenter=%s, data=b'%s')",
--
2.11.0
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Regarding stop the flow during execution
On Sun, 16 Dec 2018 14:00:14 +0900, Sagar Ramani wrote: > I am trying to stop the flow during the execution if certain conditions > satisfy ,can I do that ? If yes then how I can do that ? Do you want to drop some kind of packets? It can be achieved by a flow entry with an empty instruction set. Refer to Section 5.12 Actions of the OpenFlow spec 1.3. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Single flow deletion
On Sun, 09 Dec 2018 06:51:02 +0900, Raffaele Viterbo wrote: > I was wondering if there is a way to delete a single flow entry matching a > specific field. In my case, I want to delete a flow that has a certain > priority. How can I do that? Thanks in advance. Please check the OpenFlow spec. Or, there was a similar question in the past. https://sourceforge.net/p/ryu/mailman/message/35320085/ -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Add messages between the controller and switch to encrypt OpenFlow protocol messages
On Thu, 06 Dec 2018 07:05:20 +0900, Suadad Safaa wrote: > I want to encryption openflow message with new methods for key exchange. > so,i want add new messages between controller and switch over socket before > start openflow protocol to agree on key and authentication and then encrypt > messages. > i need help to known how can communication between switch and controller > and where ? The OpenFlow spec states that TLS can be used to secure the controller connections and Ryu supports TLS. You can develop your own encryption algorithm in Ryu but several things need to be considered to develop a secure encryption algorithm. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] TCP traffic
On Tue, 27 Nov 2018 06:00:33 +0900, Raffaele Viterbo wrote: > > [1 ] > [1.1 ] > Hello everyone. > > I am doing a project on my own with a custom topology in mininet and a > controller that I wrote in Python. Basically I am using an MPLS tunnel > between two hosts and ping is perfectly working, but when I go and test the > TCP bandwidth with the iperf command it says ‘Connection timed-out’. How can > I solve this issue? Do I have to put some fields when I match an incoming > packet? And if so, could you please tell me what to match/sketch a part of > the code? Use tcpdump on both ends and watch per flow entry packet counts to debug your problem. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to get information of routing table and flow table using RYU
On Thu, 29 Nov 2018 12:56:54 +0900, Modi Tejas Maheshbai wrote: > > [1 ] > Thanks a lot. for response. > > Yes, I want to set up tunnels between VMs and then I want to check flow > entries in Ryu controller. So my doubt is how to check final flow table of > the controller means controller actions for each and every packet > transmission Then OFPFlowStatsRequest would be what you need. In its reply there are packets and bytes counters per flow entry. If you really need to know which packet matches which flow entry, packet-in actions can be used. > On Thu, Nov 29, 2018 at 9:24 AM IWAMOTO Toshihiro > wrote: > > > On Wed, 28 Nov 2018 18:16:19 +0900, > > Modi Tejas Maheshbai wrote: > > > If I'm creating host VMs, OpenVswitch VMs and Ryu controller VM in ESXI > > > server and connecting all and now I want to generate routing information > > > with specific origin-destination pair flows then how I can get the flows > > > detail. > > > > I'm not familiar with ESXi and don't know how those VMs are wired. > > > > If you want to read the flow table you can use ovs-ofctl dump-flows or > > OFPFlowStatsRequest. Or do you want to set up tunnels between VMs? > > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to get information of routing table and flow table using RYU
On Wed, 28 Nov 2018 18:16:19 +0900, Modi Tejas Maheshbai wrote: > If I'm creating host VMs, OpenVswitch VMs and Ryu controller VM in ESXI > server and connecting all and now I want to generate routing information > with specific origin-destination pair flows then how I can get the flows > detail. I'm not familiar with ESXi and don't know how those VMs are wired. If you want to read the flow table you can use ovs-ofctl dump-flows or OFPFlowStatsRequest. Or do you want to set up tunnels between VMs? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] issue report at gui_topology.py when simple_switch_13.py added
On Fri, 23 Nov 2018 05:46:30 +0900, Joaquin Gonzalez wrote: > I was doing some tests trying to add simple_switch_13.py application to Ryu > at the same time Im using gui_topology.py, but the websocket is closed when > add_flow function is executed (as far as I could see doing some > troubleshooting). When this happens eventually no more real time > interaction between Topology Viewer and actual topology changes. As you see in the error message, eventlet.websocket is shut down with an internal server error. I guess if the two RyuApps are interacting badly. Could you see the detail of the websocket error by putting a debug printf in eventlet.websocket? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] OVSDB question
On Fri, 16 Nov 2018 18:19:24 +0900,
Rodriguez Felipe wrote:
>
> [1 ]
> [1.1 ]
> Hello,
>
>
> I'm currently trying to remove one of the existing queues in the QoS database
> using
>
> OVSDB. The command is coded as follows:
>
>
> ovsdb_address="tcp:{}:6640".format(address)
> ovs_vsctl = vsctl.VSCtl(ovsdb_address)
>
> command3 = vsctl.VSCtlCommand('remove', ["QoS",
> "{}".format(json.dumps(uuids[0])),
> "queues", "0={}".format(json.dumps(uuids[1]))])
> ovs_vsctl.run_command([command3])
json.dumps() generates extra quotes. Please try without them.
>
> However, I getting the following error: "ovsdb error: is not a valid
> UUID".
> I've checked and the UUID are correct, I mean they belong to the QoS table
> and Queue respectively.
> Could you please help me, I haven't been able to find a example of the syntax.
>
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] ryu/app/rest_router.py module bug report
On Fri, 16 Nov 2018 03:49:45 +0900, Efe Balo wrote: > > [1 ] > [1.1 ] > Hi Sir > > When I use router module, after adding address_id = 1 to the system I > cannot delete it anyway. In attachment I send the screenshot. Looking at the code I cannot see that address_id = 1 is a special case. 255.255.255.255/32 doesn't look like a valid address. Could you confirm if the problem persists with a different IP address? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] send flowmod message to multiple switches at once
On Thu, 15 Nov 2018 12:43:40 +0900, Eitetsu Gen wrote: > My network consists of two switches(A, B) and single controller. The > controller receives a packet_in message from switchA. The packet_in handler > of the controller creates flow_mod message using parser.OFPFlowMod(). I > want to send this message to switchA and switchB at once. How can I do it? > > Do i need to modify the framework? There was a similar question a while ago. https://sourceforge.net/p/ryu/mailman/message/36448134/ The handler needs the Datapath object to the other switch. It is up to you how to implement that. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] add a constant to a packet header field
On Wed, 14 Nov 2018 08:36:52 +0900, michael johnson wrote: > I want to modify a packet header field MPLS LABEL by adding a constant to > it. Openflow 1.3 supports "set field" action by which we can assign a new > value to a packet header. But I am not able to find any way to add a > constant to an existing value of a packet header. > One direction which I can think of is to copy the content of MPLS LABEL > field to the metadata field supported by OpenFlow 1.3 and then do an add > operation on the metadata field. But I do not know if this is possible or > not. > Another direction I can think is to pop the MPLS header, add the constant > to MPLS LABEL field and then push the modified MPLS header. Is this > possible? You can match on a specific MPLS label value and use pop_mpls and push_mpls actions, but I don't think it is possible to do arithmetics with flow entries (except for MPLS TTL). -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] VLAN tag doesn't match the instruction sometimes
On Thu, 08 Nov 2018 21:25:54 +0900, Soliman Awad Alshra´a Abdullah TU Ilmenau wrote: > Hello all, > > I am using a Fat tree topology with Spanning Tree protocol(STP), and I use a > VLAN tag at all switches in order to pass the packet if the packet have a > VLAN tag. > For example: > > actions = [parser.OFPActionOutput(4)] > match = parser.OFPMatch(vlan_vid =(0x1000,0x1000) ) > self.add_flow(datapath, 1, match, actions) > > I note that the VLAN instructions it sometimes matches the packet and in > other times it doesn't, especially, when I use STP. > > My question : is this problem a common and how to solve it !! I'm not sure if your question is about OpenFlow/ryu and I can answer, but your question needs to be more specific to be answered. 1. How does your network topology look like? 2. Are you using VLAN aware STP such as MSTP? 3. Who are in charge of adding/removing VLAN tags? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Drop packets for a mac
On Mon, 05 Nov 2018 04:39:18 +0900,
Munim Shabir wrote:
> Hi all,
>
> I am trying to add a flow entry to drop all packets sourced from specific
> mac. any leads on that?
A flow entry with an empty action causes packets to be dropped.
Something like this should work. Just make sure to put it in a correct
table with high priority.
ofpp.OFPFlowMod(dp, ..., match=ofpp.OFPMatch(eth_src="..."), ...,
instructions=[])
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Extracting Log File For Data Plane in RYU controller
On Sun, 04 Nov 2018 01:04:41 +0900, Soe Ye Htet wrote: > I am trying to develop the software defined wireless mesh network by using > the RYU controller with node failure rerouting scenario. I am trying to > output log file for the rerouting data plane such as using networking > sniffiing tool. Can we apply tcpdump inside the RYU application to prove > rerouting scenario. You should be able to use tcpdump as usual regardless of ryu and ovs. If you want to log packets from packet-ins for later analysis, look at ryu.lib.pcaplib and ryu/doc/source/library_pcap.rst. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Question - Flow Deletion
On Thu, 08 Nov 2018 00:30:32 +0900,
Rodriguez Felipe wrote:
>
> [1 ]
> [1.1 ]
> Hi,
>
>
> In the del_flow function please assume command=ofproto.OFPFC_DELETE not
> ofproto.OFPFC_DELETE_STRICT
>
>
> Thank you
>
>
> From: Rodriguez Felipe
> Sent: Wednesday, November 7, 2018 5:18:32 PM
> To: ryu-devel@lists.sourceforge.net
> Subject: Question - Flow Deletion
>
>
> Hi!
>
>
> I'm using Open Flow 1.3 and I'm trying to delete the flow from the attached
> image with the matching fields tcp,in_port=1,nw_dst=10.0.1.21
>
>
> For deleting the flows I have the following functions:
>
> def del_flow(self, datapath, match, cookie=DEFAULT_COOKIE):
> ofproto = datapath.ofproto
> parser = datapath.ofproto_parser
> # construct flow_mod message and send it.
> # TODO: Now using table_id=1 because rest_qos.py is done QoS stuff in
> table_id=0
> mod = parser.OFPFlowMod(datapath=datapath, match=match,
> command=ofproto.OFPFC_DELETE_STRICT,
> out_port=ofproto.OFPP_ANY,
> out_group=ofproto.OFPG_ANY,
> table_id=ofproto.OFPTT_ALL,
> cookie=cookie, cookie_mask=0x)
> msg = datapath.send_msg(mod)
>
>
> def make_match(self, parser, in_port, match_args={}):
> match_args['in_port'] = in_port
> return parser.OFPMatch(**match_args)
>
>
> Which are called in the following way:
>
>
> qos_match_args = {'ip_proto': 6, 'in_port': 1, 'ipv4_dst':
> str(ipaddress.IPv4Address(167772437))}
> match1 = self.make_match(self.datapaths[entry_dp].ofproto_parser,
> edge_port_nr, qos_match_args)
> self.del_flow(self.datapaths[entry_dp], match1)
>
> When I try to delete the flow by using only in_port as a match argument it
> works, but when
> I try to add other matching fields then the flow doesn't get erased. I
> receive absolutely no
> errors when running the code. I know the other fields "ip_proto" and
> "ipv4_dst" are included
> in the ofproto_v1_3.py in ryu.
Please check the section 7.2.3.6 Flow Match Field Prerequisite of the
OpenFlow spec 1.3. Adding eth_type and etc might fix your problem.
I'm not sure why you didn't get an error message.
It may have been logged.
> For the record, when running ovs-ofctl del-flows "bridge name"
> tcp,in_port=1,nw_dst=10.0.1.21
> in the command window the desired flow gets deleted.
>
AFAIK ovs-ofctl automatically appends required prerequisites.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] The flow entries are not being installed on the switches
On Thu, 01 Nov 2018 04:50:51 +0900, Moh'd Reza Abbasi wrote: > > [1 ] > [1.1 ] > Hey there everyone, > I am working on this simple routing application where it proactively finds > the shortest and the longest paths from a source to a destination, and > installs the flow entries on the switches in a path. > > It uses networkx.shortest_simple_paths() to calculate the paths (this > function calculates the paths and sort them from the shortest to the > longest). In small network topologies the app works fine. In denser > topologies (e.g. 3x3 torus topology) when I use shortest path to forward > traffic it works. However, when I try to install the flow entries for the > longest paths, nothing happens. Even though, the match and flow rules are > created and sent to the switches. They are not being installed and no error > is raised. When I use ovs-ofctl it shows that the flow tables are empty. I > would appreciate it, if someone could tell me what are some of the possible > causes of this behavior. It seems you are trying to install multiple flow entries with the same match field and priority. This will not work and only the last flow_mod command takes effect. See the section 6.4 of the OpenFlow spec 1.3.5. : For non-overlapping add requests, or those with no overlap checking, : the switch must insert the flow entry in the requested table. If a : flow entry with identical match fields and priority already resides in : the requested table, then that entry, including its duration, must be : cleared from the table, and the new flow entry added. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Controlling only control traffic rate
On Tue, 30 Oct 2018 19:03:40 +0900, Soe Ye Htet wrote: > Please allow me to raise another different question. I face the traffic > congestion problem between control traffic and data traffic as I apply > in-band approach scenario. I would like to limit traffic rate for only > control traffic. How I can control the control traffic rate only? If anyone > has already done it, please let me know your implementation scenario. Rather than trying to set up QoS, setting controller_rate_limit and etc would be better. Check out ovs-vswitchd.conf.db(5). -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Using OvS and RYU controller
On Tue, 30 Oct 2018 14:40:57 +0900, Soe Ye Htet wrote: > > [1 ] > Dear RYU Team, > > Please let me share my observation. First of all please let me represent > simple testing topology. OvS1(RYU)-OvS2. Iperf3 sever is > running at OvS1 and Iperf3 client is running at OvS2. Then the wireless > interface of OVS2 cannot transmit any packet after 30 minutes of Iperf > connection. Then I test another scenario. OvS1---OvS2 without RYU > controller. Iperf3 server at OvS1 and Iperf3 client and Ovs2. In this > case, OvS2 can send TCP packets to OvS1 for 24 hours during iperf3 > connection. The main reason for running iperf3 for 24 hours is testing for > reliablity. In those first two scenarios, I really do not understand why > the interface of OVS2 cannot transmit data packet to OvS1 when RYU > controller is installed at OvS1. This is why I rasise this question whether > RYU controller and OvS can use in the same physical machine. IP address of > OvS1 is 10.0.0.8 and IP address of OVS2 is 10.0.0.1. 10.0.0.8 is used as > both control IP and data IP which means I use in-band scenario in my > testing case. I think you need to debug on your own but some ideas: Did you replace the possibly faulty WiFi hardware? Do you have a problem in flow tables when traffic is down? Is it caused by a failure in the controller connection? Does changing set-fail-mode to standalone make any diffrence? > Best regards, > Soe Ye Htet > Master Engineering student > > On Tue, Oct 30, 2018 at 12:03 PM IWAMOTO Toshihiro > wrote: > > > On Sat, 27 Oct 2018 20:01:43 +0900, > > Soe Ye Htet wrote: > > > > > > [1 ] > > > [1.1 ] > > > Dear RYU Team, > > > > > > Can we use a RYU controller and OvS at the same machine. The > > configuration > > > of OvS are > > > sudo ovs-vsctl --if-exist del-br br0 > > > sudo ovs-vsctl add-br br0 > > > sudo ovs-vsctl set bridge br0 other-config:datapath_id=1008 > > > sudo ovs-vsctl add-port br0 wlan0 -- set Interface wlan0 ofport_request=1 > > > sudo ifconfig wlan0 0 > > > sudo ifconfig br0 10.0.0.8 netmask 255.0.0.0 up > > > sudo ovs-vsctl set-controller br0 tcp:127.0.0.1 > > > sudo ovs-vsctl set controller br0 connection-mode=out-of-band > > > sudo ovs-vsctl set-fail-mode br0 secure > > > sudo ovs-vsctl set bridge br0 stp_enable=true > > > . That configuration is installed at OvS and that OvS is at the same > > > machine at RYU controller. Another simple question is that can we use > > > > Of course you can. Have you tried? > > > > > iperf3 server port and openflow port at the same machine. For example > > > iperf3 server port is 5201 and RYU controller port is 6633. Iperf3 server > > > IP address and IP address of RYU controller is also the same. > > > > I cannot think of a problem if the port numbers are different. > > What is your concern? > > > > -- > > IWAMOTO Toshihiro > > > [2 ] ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to estimate queing delay?
On Wed, 24 Oct 2018 13:28:38 +0900, Sagar Ramani wrote: >I am trying to estimate different types of delay during packet routing > in from its path. Now I am trying to find packet queuing delay during its > routing but I am not getting any idea how to proceed ? AFAIK OpenFlow does not have such a feature. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How does controller know when switches leave?
On Mon, 22 Oct 2018 18:09:47 +0900, Jade Manapee wrote: > > I am a bit confused, I know that they open a TCP session, but did they > exchange message all the time? and when it got time-out it terminates > session? then how "_event_switch_leave_handler" works? I read on ryu > page but it didn't say anything. Am I missing something? It works just like a TCP session disconnect detection. If the connection is dead and a controller tries to send something it knows the connection is gone. If you aren't satisfied with this, check the maximum-unreplied-echo-requests config option. EventSwitchLeave is ryu/topology specific and generated from EventOFPStateChange. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Patch fix pep8 name.
On Wed, 24 Oct 2018 18:48:06 +0900, Natal Ngétal wrote: > > [1 ] > Hi, > > The project pep8 was renamed. > [2 0001-Configuration-Fix-pep8.patch ] > >From 719b81e467c4da2467ba7f0f7758c10ab3e21a93 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Natal=20Ng=C3=A9tal?= > Date: Wed, 24 Oct 2018 11:45:01 +0200 > Subject: [PATCH] [Configuration] Fix pep8. > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > The pep8 was renamed pycodestyle. > > Signed-off-by: Natal Ngétal > --- > tools/test-requires | 2 +- > tox.ini | 10 +- > 2 files changed, 6 insertions(+), 6 deletions(-) This is already done by the commit bdf35495 last year. Please check out the latest version. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Using OvS and RYU controller
On Sat, 27 Oct 2018 20:01:43 +0900, Soe Ye Htet wrote: > > [1 ] > [1.1 ] > Dear RYU Team, > > Can we use a RYU controller and OvS at the same machine. The configuration > of OvS are > sudo ovs-vsctl --if-exist del-br br0 > sudo ovs-vsctl add-br br0 > sudo ovs-vsctl set bridge br0 other-config:datapath_id=1008 > sudo ovs-vsctl add-port br0 wlan0 -- set Interface wlan0 ofport_request=1 > sudo ifconfig wlan0 0 > sudo ifconfig br0 10.0.0.8 netmask 255.0.0.0 up > sudo ovs-vsctl set-controller br0 tcp:127.0.0.1 > sudo ovs-vsctl set controller br0 connection-mode=out-of-band > sudo ovs-vsctl set-fail-mode br0 secure > sudo ovs-vsctl set bridge br0 stp_enable=true > . That configuration is installed at OvS and that OvS is at the same > machine at RYU controller. Another simple question is that can we use Of course you can. Have you tried? > iperf3 server port and openflow port at the same machine. For example > iperf3 server port is 5201 and RYU controller port is 6633. Iperf3 server > IP address and IP address of RYU controller is also the same. I cannot think of a problem if the port numbers are different. What is your concern? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Patch to fix pip import.
On Wed, 24 Oct 2018 03:04:03 +0900, Natal Ngétal wrote: > > [1 ] > Hi, > > The import of pip have change. It seems you are using an old version of ryu. The imports have been removed by the following commit: commit a27c56a0542388f3d2390a9f013ba21b99c854b0 Author: IWASE Yusuke Date: Fri Mar 23 10:24:35 2018 +0900 > [2 0001-Core-Fix-pip-import.patch ] > >From 79efefcfeca6d0baf4e3cebc31ffca1cb40786f4 Mon Sep 17 00:00:00 2001 > From: =?UTF-8?q?Natal=20Ng=C3=A9tal?= > Date: Tue, 23 Oct 2018 19:33:49 +0200 > Subject: [PATCH] [Core] Fix pip import. > MIME-Version: 1.0 > Content-Type: text/plain; charset=UTF-8 > Content-Transfer-Encoding: 8bit > > It's not recommend to use pip as library. This modules is now > in internals. > > Signed-off-by: Natal Ngétal > --- > ryu/tests/unit/test_requirements.py | 4 ++-- > ryu/utils.py| 4 ++-- > 2 files changed, 4 insertions(+), 4 deletions(-) > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu question
On Fri, 19 Oct 2018 18:53:13 +0900, floriangirault2610 wrote: > > [1 ] > [1.1 ] > Hello, My name is Florian Girault and I am a student specialized in IT.OPS > and I got really interested by various RYU implementations .And I wanted to > ask if there is way to have some kind of inter vlan routing (i mean by that > communications between two PCs that have two differents VLAN IDs ) because it > is not explained in the ryubook.pdf .I also wanted to know if there is any > kind of discord or slack channel to discuss with the ryu community. If you are looking for examples to add/remove/remap VLAN tags, the following link contains some examples. https://wiki.openstack.org/wiki/Neutron/TrunkPort There are also a lot of OpenStack API related stuff, which is not probably what you want. ;-) -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Assigning Flow Rules to the specific Datapath ID during Failure of node
On Mon, 22 Oct 2018 14:08:47 +0900, Soe Ye Htet wrote: > > [1 ] > Dear IWAMOTO, > > Exactly what i want to do. Monitoring aliveness of raspis and sending flow > to raspi2 when necessary. How can I send flowmod message to raspi2? > Normally I define switch feature handler and packet in handler to send flow > mod. Is there another way to send flowmod message when necessary by not > using packet-in message. Switch feature handler can only allow to send flow > mod message to the switch when switch is connected to the controller. In my Why cannot you do that? I think Datapaths can be stored in a global variable and can be used from those handlers. > case, I want to send flowmod message to the switch whenever i want. I use > to get this feature by using packet-in message in order to change routing > scenario. But the problem is controller is stopped due to memory error as > there are a lot of packet -in message. Is there anyway to send flowmod when > i want to send without packet-in message please let me see some of the > example if you have. I am so sorry for my simple question. > > Best regards, > Soe Ye Htet > Future Internet and Wireless Research Group > Chulalongkorn Thailand > > On Thu, Oct 18, 2018 at 1:56 PM IWAMOTO Toshihiro > wrote: > > > On Fri, 12 Oct 2018 21:44:53 +0900, > > Soe Ye Htet wrote: > > > I am developing some rerouting scenario when there is some node failure. > > I > > > have attached my testing topology testbed. RYU controller is at the > > gateway > > > 1 and raspi 1 and raspi 2 are directly connected to gateway 1. raspi 3 is > > > connected to raspi 2 and raspi 1. The primary route for raspi3 to > > gateway 1 > > > is raspi 3 - raspi 1 - gateway 1. what i am trying to do is when raspi 1 > > is > > > down, RYU controller want to assign the flow rules to raspi 2 to relay > > the > > > data from raspi 3 to gateway 1. So that raspi 3 can be connected to the > > > > I'm not sure this objective is achievable sorely with flows, but let's > > go on. > > > > > gateway 1 through the route of raspi 3 - raspi 2 - gateway 1. But I > > cannot > > > assign the flow rules to raspi 2 when raspi 1 is failed. Is there any way > > > to assign the flow rules to other node when the node is failure. Any > > > suggestions are warmly welcomed. > > > > What errors do you get? > > I assume the openflow controller on gateway1 controls raspi 1 and 2. > > Isn't it a matter of just monitoring aliveness of raspis and sending > > flowmods to raspi 2 when necessary? > > > > -- > > IWAMOTO Toshihiro > > > [2 ] ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Assigning Flow Rules to the specific Datapath ID during Failure of node
On Thu, 18 Oct 2018 16:41:57 +0900, Soe Ye Htet wrote: > > [1 ] > Dear, > > The problem is I dont know how to send flowmod message to raspi2 when > raspi1 is down to relay the data from raspi3 to gateway1. As far as i know > there is two ways to assign flow table to switch ID. By the switch feature > message to assign flow table proactively or packet in message to assign > flow table reactively. The problem is that i do not want to apply packet in > message for rerouting because packet in measage can consume a lot of memory > in ryu controller. What I am trying to do,is, monitoring node status all > the time, and send flowmod message to raspi2 to,relay data from raspi3 only > when raspi1 is down. How to assign the flow table in state change handler > function. In order to send OpenFlow messages, you'll only need Datapath of the other alive side of raspis. Something like ryu.app.simple_monitor_13 would work, I guess. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Synchronize time in packet-in message
On Mon, 15 Oct 2018 01:09:52 +0900, Soe Ye Htet wrote: > > [1 ] > [1.1 ] > Dear RYU controller, > > I am developing the software-defined wireless network topology. I am trying > to focus on the routing scenario based on packet-in message. I just want to > know how to control the time for packet-in message. For example, i just > want to send the packet-in message only every 1 second or every 2 second. > Can we adjust the timing for packet-in message inside the configuration of > ryu controller? Packet-ins are generated by switches not controllers. If you are using ovs, check controller_rate_limit in ovs-vswitchd.conf.db(5). -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Route management function
On Wed, 17 Oct 2018 13:42:00 +0900, Sagar Ramani wrote: > Is there any route management function in the ryu through which we can > manage and get all the parameters related to route management? Please ask a more specific question. Although ryu implements a BGP speaker, if you are asking about the routing function in the linux kernel, ryu doesn't offer much. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Assigning Flow Rules to the specific Datapath ID during Failure of node
On Fri, 12 Oct 2018 21:44:53 +0900, Soe Ye Htet wrote: > I am developing some rerouting scenario when there is some node failure. I > have attached my testing topology testbed. RYU controller is at the gateway > 1 and raspi 1 and raspi 2 are directly connected to gateway 1. raspi 3 is > connected to raspi 2 and raspi 1. The primary route for raspi3 to gateway 1 > is raspi 3 - raspi 1 - gateway 1. what i am trying to do is when raspi 1 is > down, RYU controller want to assign the flow rules to raspi 2 to relay the > data from raspi 3 to gateway 1. So that raspi 3 can be connected to the I'm not sure this objective is achievable sorely with flows, but let's go on. > gateway 1 through the route of raspi 3 - raspi 2 - gateway 1. But I cannot > assign the flow rules to raspi 2 when raspi 1 is failed. Is there any way > to assign the flow rules to other node when the node is failure. Any > suggestions are warmly welcomed. What errors do you get? I assume the openflow controller on gateway1 controls raspi 1 and 2. Isn't it a matter of just monitoring aliveness of raspis and sending flowmods to raspi 2 when necessary? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Packet count per flow entry when 50 new packets coming to OpenvSwitch
On Fri, 12 Oct 2018 15:04:56 +0900, Hòa Nguyễn Thanh wrote: > > [1 ] > [1.1 ] > Hi all, > > I'm doing a project about DDos detection on SDN with Ryu. > So I have a problem that I can not know the right moment when there are > exactly 50 new packets coming to switch via openflow stats request from Ryu > Controller. > > If we don't know that moment, is there any solution for me to know the > order of that 50 packets. I want to count packets match each flow entry in > flow table every new 50 or 100 packets coming to switch to calculate > entropy of IP dst, IP src. > Does someone give me a solution? I don't have a good idea. You can count packets with Packet-ins if packet rates are very low, but I guess that's not a feasible solution. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Raising a event from custom app
On Thu, 11 Oct 2018 23:17:55 +0900,
Rodriguez Felipe wrote:
>
> [1 ]
> Hello, sorry for the delay.
>
>
> Yes, I, have tried. The problem is that the topology is a bit complex, so I'm
> running the applications in the following way:
>
>
> tc.cmdPrint("ryu-manager --verbose --observe-links --wsapi-host 192.168.100.1
> --wsapi-port 8080 --ofp-listen-host=10.0.0.100 --ofp-tcp-listen-port=6653
> ../ryu/transport_operator.py ../ryu/ryu_view/ryu_view.py
> ryu.app.transport_rest_topology ryu.app.ofctl_rest
> ryu.app.transport_ws_topology ryu.app.rest_conf_switch &> /tmp/tc-out &")
>
> tc.cmdPrint("ryu-manager --verbose --wsapi-host 192.168.100.1 --wsapi-port
> 8081 --ofp-listen-host=10.0.0.100 --ofp-tcp-listen-port=6654
> ryu.app.almost_intelligent_switch_13 ryu.app.gui_topology.tenant_gui_topology
> ryu.app.tenant_rest_topology ryu.app.ofctl_rest &> /tmp/t1-out &")
>
>
> Those two lines are executed one after the other. Now, the problem is, how
> can I send a event from one app executed in the first
>
> command to another executed in the second one? I want to send the event from
> transport_operator.py to tenant_rest_topology.
Event is just a python object and doesn't work between processes.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Packet-in Queue Size
On Thu, 11 Oct 2018 14:22:50 +0900, nail göksel wrote: > > [1 ] > [1.1 ] > Thanks Iwamoto, you are very helpful. Yes, i need number of outstanding > packet-in events. > > I didnt understand one thing, is that queue structure built-in already or > do i need to implement it? You can use eventlet.queue.LightQueue, for example. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Implementing a custom OXM match
Hi,
On Fri, 12 Oct 2018 06:29:33 +0900,
Alan Kayahan wrote:
>
> Hello,
>
> I have implemented a custom OXM match in OVS that works fine over
> OpenFlow13 when used in a rule installed via ovs-ofctl add-flow. The match
> definition in OVS looks as following
> diff --git a/ryu/ofproto/ofproto_v1_3.py b/ryu/ofproto/ofproto_v1_3.py
> index d599c1c..018bdad 100644
> --- a/ryu/ofproto/ofproto_v1_3.py
> +++ b/ryu/ofproto/ofproto_v1_3.py
> @@ -175,10 +175,11 @@
> # enum ofp_oxm_class
> OFPXMC_NXM_0 = 0x # Backward compatibility with NXM
> OFPXMC_NXM_1 = 0x0001 # Backward compatibility with NXM
> OFPXMC_OPENFLOW_BASIC = 0x8000 # Basic class for OpenFlow
> OFPXMC_EXPERIMENTER = 0x# Experimenter class
> +OFPXMC_TRH = 0x # TRF
>
> # enum ofp_vlan_id
> OFPVID_PRESENT = 0x1000 # bit that indicate that a VLAN id is set.
> OFPVID_NONE = 0x# No VLAN id was set.
>
> @@ -1227,10 +1228,12 @@
> # EXT-109 TCP flags match field Extension
> oxm_fields.ONFExperimenter('tcp_flags', 42, type_desc.Int2),
> # EXT-233 Output match Extension
> # NOTE(yamamoto): The spec says uint64_t but I assume it's an error.
> oxm_fields.ONFExperimenter('actset_output', 43, type_desc.Int4),
> +#TRH
> +oxm_fields.Trh('trh_nextuid', 45, type_desc.Int4),
> ] + nicira_ext.oxm_types
>
> oxm_fields.generate(__name__)
Please look at what oxm_fields.generate does.
> diff --git a/ryu/ofproto/ofproto_v1_3_parser.py
> b/ryu/ofproto/ofproto_v1_3_parser.py
> index 0324c82..41977e8 100644
> --- a/ryu/ofproto/ofproto_v1_3_parser.py
> +++ b/ryu/ofproto/ofproto_v1_3_parser.py
> @@ -2244,21 +2256,29 @@
> def __init__(self, header, value, mask=None):
> super(MTTunnelId, self).__init__(header)
> self.value = value
> self.mask = mask
>
> -
> @OFPMatchField.register_field_header([ofproto.OXM_OF_IPV6_EXTHDR,
>ofproto.OXM_OF_IPV6_EXTHDR_W])
> class MTIPv6ExtHdr(OFPMatchField):
> pack_str = '!H'
>
> def __init__(self, header, value, mask=None):
> super(MTIPv6ExtHdr, self).__init__(header)
> self.value = value
> self.mask = mask
>
> +@OFPMatchField.register_field_header([ofproto.OXM_TRH_NEXTUID,
> + ofproto.OXM_TRH_NEXTUID_W])
> +class MTTrhNextuid(OFPMatchField):
> +pack_str = '!I'
> +
> +def __init__(self, header, value, mask=None):
> +super(MTTrhNextuid, self).__init__(header)
> +self.value = value
> +self.mask = mask
>
> @_register_parser
> @_set_msg_type(ofproto.OFPT_PACKET_IN)
> class OFPPacketIn(MsgBase):
> """
> And the following is the error when I try to launch the controller app
>
> File
> "/root/.local/lib/python2.7/site-packages/ryu/ofproto/ofproto_protocol.py",
> line 22, in
> from ryu.ofproto import ofproto_v1_3_parser
> File
> "/root/.local/lib/python2.7/site-packages/ryu/ofproto/ofproto_v1_3_parser.py",
> line 2271, in
> @OFPMatchField.register_field_header([ofproto.OXM_TRH_NEXTUID,
> AttributeError: 'module' object has no attribute 'OXM_TRH_NEXTUID'
The error message has the answer. :)
Other header constants such as OXM_OF_IPV6_EXTHDR are genereted in
oxm_fields.generate. You can modify this to accomodate constant
generation, or more simply, you can just define the needed constants
as done for NXM_NX_* constants in nicira_ext.py.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Explanation for project Hierarchy SDN routing control for multiple domain
On Thu, 04 Oct 2018 17:34:45 +0900,
Imen Souidene via Ryu-devel wrote:
>
> [1 ]
> [1.1 ]
> Hi,Please, I have a problem when i executed :
> SDN-Work-hiearch-ryu/MultiControl/hierarchy# python test_net.py
> Unable to contact the remote controller at 10.10.10.10:6633
> Unable to contact the remote controller at 10.10.10.10:6634Unable to contact
> the remote controller at 10.10.10.10:6635mininet>
> Despite, I followed all the steps (How to use with test environment (mininet)
>
> Also, for python global.py
> INFO:__main__:Waiting for connection.connected
> socket:
> address:('127.0.0.1', 47728)connected
> socket:
> address:('127.0.0.1', 47730)connected
> socket:
> address:('127.0.0.1', 47732)INFO:__main__:Remove agent 0INFO:__main__:Remove
> agent 1INFO:__main__:Remove agent 2
>
> Please, help me how can i solve it to connect each controllers , I need it in
> my studies.
It doesn't seem to be a Ryu problem. Is the error message from this?
https://github.com/mininet/mininet/blob/bfda33544ae673ba29c7eac2d56dda61f3547bb4/mininet/node.py#L1555
I guess somehow the ovs aren't properly set up and not listening at
those ports.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] How to establish a connectivity between two mininet topologies in two separate VMs using virtualbox in a single PC
On Wed, 03 Oct 2018 21:38:26 +0900, Pynbiang Hadem wrote: > > [1 ] > [1.1 ] > Hi, > > I want to setup two mininet topologies in two VMs(Ubuntu 16LTS) within the > same physical system using VirtualBox as below. > > VM1: VM2: > h1 s1 -- s2-h3 > || > h2h4 > > N.B: The topologies are created using python mininet scripts. > > How can i establish a connection from *h1 to h3* so that i can have a ping > connectivity from *host h1 to host h3*?. > I have tried with GRE tunnel its working fine. However i want to do it > without GRE tunnel. Is this possible? If another tunnelling protocol such as VXLAN could be used, that would be a easy solution. Or, you can set up route entries in s1 and s2 so that packets between h1 and h3 are correctly routed at s1 and s2. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] PacketINs bootstraping
On Wed, 03 Oct 2018 20:22:08 +0900, Munim Shabir wrote: > > [1 ] > [1.1 ] > Guys, > > you've always been a great support to me. I am stuck again. How can I store > two consecutive packetINs coming and then use them for my research algo. Just queue packet-ins in the packet-in handler function, and handle the queue from another eventlet thread. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Delete qos row in OVSDB port Table using JSON-RPC
On Thu, 04 Oct 2018 20:54:20 +0900, Faisal amin wrote: > > [1 ] > [1.1 ] > Hi Iwamoto > > Thank you for your email. Could you please send me the link and > documentation for implementing Openstack Neutron. The agent I mentioned uses ryu only for OpenFlow programming and uses the ovsdbapp library for such DB operations. But I think you can get the idea. http://git.openstack.org/cgit/openstack/neutron/tree/neutron/agent/common/ovs_lib.py#n879 > On Thu, Oct 4, 2018 at 4:37 AM IWAMOTO Toshihiro > wrote: > > > On Mon, 01 Oct 2018 20:11:23 +0900, > > Faisal amin wrote: > > > > > > [1 ] > > > [1.1 ] > > > Hi IWAMOTO > > > It is not deleting anything. I have specified the column QoS. So it was > > > supposed to delete the Qos of corresponding port. But it is showing > > nothing. > > > > OpenStack Neutron agent seems to clear a qos field from the Port table > > and delete the record from the QoS table (and also from corresponding > > record from the Queue table if exists). > > Please try both. > > > > > On Tue, Aug 28, 2018 at 6:40 AM IWAMOTO Toshihiro > > > > > wrote: > > > > > > > On Sun, 26 Aug 2018 23:53:48 +0900, > > > > Faisal amin wrote: > > > > > I want to delete a qos UUID of from OVSDB port table using JSON-RPC. > > But > > > > > the qos is not removed from the port.Could any please check bellow > > > > snapshot > > > > > and give me a solution: > > > > > This code is used to delete the qos UUID: > > > > > [image: image.png] > > > > > > > > > > I got the bellow result . The qos UUID is still there. > > > > > [image: image.png] > > > > > > > > I don't know much about the json-rpc, but doesn't the delete op mean a > > > > deletion of a row (an entire port in this case)? > > > > > > > > Does ovsdb-server leave any error message under /var/log? > > > > -- > > IWAMOTO Toshihiro > > > [1.2 ] > [2 ] > > [3 ] > ___ > Ryu-devel mailing list > Ryu-devel@lists.sourceforge.net > https://lists.sourceforge.net/lists/listinfo/ryu-devel ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Delete qos row in OVSDB port Table using JSON-RPC
On Mon, 01 Oct 2018 20:11:23 +0900, Faisal amin wrote: > > [1 ] > [1.1 ] > Hi IWAMOTO > It is not deleting anything. I have specified the column QoS. So it was > supposed to delete the Qos of corresponding port. But it is showing nothing. OpenStack Neutron agent seems to clear a qos field from the Port table and delete the record from the QoS table (and also from corresponding record from the Queue table if exists). Please try both. > On Tue, Aug 28, 2018 at 6:40 AM IWAMOTO Toshihiro > wrote: > > > On Sun, 26 Aug 2018 23:53:48 +0900, > > Faisal amin wrote: > > > I want to delete a qos UUID of from OVSDB port table using JSON-RPC. But > > > the qos is not removed from the port.Could any please check bellow > > snapshot > > > and give me a solution: > > > This code is used to delete the qos UUID: > > > [image: image.png] > > > > > > I got the bellow result . The qos UUID is still there. > > > [image: image.png] > > > > I don't know much about the json-rpc, but doesn't the delete op mean a > > deletion of a row (an entire port in this case)? > > > > Does ovsdb-server leave any error message under /var/log? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] bgp extended community
On Fri, 28 Sep 2018 03:01:06 +0900, Rinaldo Buratti wrote: > i want to add an extended community to a bgp announcement. > In ryu.lib.packet.bgp i see that there is the > BGPPathAttributeExtendedCommunities class, but i don't understand how to > use that. > I thought that i could build the entire packet, but it would be very > complex. The BGP packet implementation resides in ryu.lib.packet.bgp and the speaker part resides in ryu.services.protocols.bgp. By setting an attribute into a pathattr_map, extcommunity would be advertised to peers, AFAIK. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] connection failed, maybe the central controller doesn't start, retry .
Sounds unrelated to ryu, but let's go on...
On Fri, 28 Sep 2018 19:35:18 +0900,
Imen Souidene via Ryu-devel wrote:
> Hi, I created a hierarchical control plane for SDN with a central controller
> and several local controllers.The local agent is run on ryu, and the topology
> can be based on mininet. I followed the PARC project on github
> (https://github.com/ppgirl/PARC) , but when i run lc_level_topo.py , it show
> me an error that :
> Traceback (most recent call last):
> File "lc_level_topo.py", line 11, in LC_LEVEL_TOPO.add_node(1,
> {'type': 'controller', 'win_dpid': [3]})TypeError: add_node() takes exactly 2
> arguments (3 given)
> Despite , I wrote correctly
Please fix the error.
> Also , when i run the (ryu-manager --observe-links layer_2_switch.py) , it
> show me : cc_agent: connection failed, maybe the central controller doesn't
> start, retry .
>
>
> PLease , how can i solve it ?
This is possibly due to the above error.
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] local preference bgp announcements
On Tue, 25 Sep 2018 21:18:30 +0900,
Rinaldo Buratti wrote:
>
> [1 ]
> [1.1 ]
> Dear all,
>
> i'm trying to set local preference for some bgp announcements. To do this
> i'm using the method speaker.attribute_map_set.
> When i run the controller it seems to work properly because i see this
> message:
>
> "*API method neighbor.attribute_map.set called with args: {'ip_address':
> '75.0.0.3', 'attribute_map':
> [AttributeMap(filters=[PrefixFilter(prefix=100.0.0.0/24,policy=PERMIT,ge=None,le=None)
> <http://100.0.0.0/24,policy=PERMIT,ge=None,le=None)>],attribute_type=LOCAL_PREF,attribute_value=150)]}*
> "
>
> however when announcements arrive, local preference is not set properly (in
> the RIB i can't see the value), and also the best route is not the one that
> i expect.
How those paths are provided to the bgp speaker? Via iBGP or from a
local config file?
local_pref must be set in the path attributes but I guess that isn't
happening somehow.
ryu.services.protocols.bgp.processor has the best path calculation
implementation. Debug logging can be added there to analyze this issue.
> Here the code i'm using:
>
> "pref_filter = PrefixFilter('100.0.0.0/24', PrefixFilter.POLICY_PERMIT)
> attribute_map = AttributeMap([pref_filter], AttributeMap.ATTR_LOCAL_PREF,
> 150)
> self.RyuBGPSpeaker.speaker.attribute_map_set('75.0.0.2', [attribute_map])"
>
> Thanks to all,
>
> Rinaldo Buratti
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu rest_topology shows no links between datapaths
On Wed, 26 Sep 2018 18:56:31 +0900, Lorenzo Mignone wrote: > > [1 ] > [1.1 ] > Hi, > Yes, you are right. > In my case, messages between switches and controller are: > > Switch: OFPT_HELLLO ---> Controller > Controller: OFPT_HELLO ---> Switch > Controller: OFPT_FEATURES_REQUEST ---> Switch > Switch: OFPT_FEATURES_REPLY ---> Controller > This message includes a field capabilities where all is set to true except > from OFPC_IP_REASM > Controller: OFPT_MULTIPART_REQUEST, OFPMP_PORT_DESC ---> Switch > Switch: OFPT_MULTIPART_REPLY, OFPMP_PORT_DESC ---> Controller > This message includes port information (MAC address, name, state, advertised, > ...) > Controller: OFPT_FLOW_MOD ---> Switch > This message sets a flow entry which matches the controller's MAC and > ethertype LLDP > > Then some OFPT_ECHO_REQUEST and OFPT_ECHO_REPLY follow. > TCP ACKs are sent/received too. > Sometimes packets like these are sent: > > Controller: OFPT_MULTIPART_REQUEST, OFPMP_FLOW ---> Switch > Switch: OFPT_MULTIPART_REPLY, OFPMP_FLOW ---> Controller > This message includes all the switch statistics and flow entries > I think ryu.app.ws_topology needs to be run in order to generate LLDP packets. > > > Il giorno mer 26 set 2018 alle ore 07:39 IWAMOTO Toshihiro > > ha scritto: > > On Mon, 24 Sep 2018 17:16:27 +0900, > > Lorenzo Mignone wrote: > > > > > > Hi, I am trying to use Ryu REST applications (ofctl_rest and > > > rest_topology) > > > in my exam project. > > > I am not using mininet but an alternative called Kathara that was > > > developed > > > at my university and it is based on docker. > > > > > > Whenever I use rest_topolgy /v1.0/topology/links and /v1.0/topology/hosts > > > endpoints I get back an empty array as answer. > > > Any other request does work (/stats/switches, /stats/desc/, > > > /v1.0/topology/switches, ...). > > > So, I suppose the problem is thath the controller does not manage to get > > > links between switches. > > > > > > I edited ryu/topology/event.py to print switches and links when > > > EventSwitchBase and EventLinkBase are called and then I run this command: > > > *ryu-manager --observe-links --install-lldp-flow > > > /app/rest_topology.py /app/ofctl_rest.py* > > > > > > The lines I added to print switches and links produced these lines only: > > > > > > > > > *Switch > > > Port Port > > port_no=3, DOWN> >Switch > > port_no=1, DOWN> Port > > > >Switch > > > Port Port > > port_no=3, DOWN> >* > > > > > > This information is right but links have not ben printed, so I run the > > > same > > > command with the original event.py file and the *--verbose *option and I > > > got this: > > > > > > > I guess LLDP packets are not generated or delivered for some reason. > > Could you confirm that? > > > > -- > > IWAMOTO Toshihiro -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Ryu rest_topology shows no links between datapaths
On Mon, 24 Sep 2018 17:16:27 +0900, Lorenzo Mignone wrote: > > Hi, I am trying to use Ryu REST applications (ofctl_rest and rest_topology) > in my exam project. > I am not using mininet but an alternative called Kathara that was developed > at my university and it is based on docker. > > Whenever I use rest_topolgy /v1.0/topology/links and /v1.0/topology/hosts > endpoints I get back an empty array as answer. > Any other request does work (/stats/switches, /stats/desc/, > /v1.0/topology/switches, ...). > So, I suppose the problem is thath the controller does not manage to get > links between switches. > > I edited ryu/topology/event.py to print switches and links when > EventSwitchBase and EventLinkBase are called and then I run this command: > *ryu-manager --observe-links --install-lldp-flow > /app/rest_topology.py /app/ofctl_rest.py* > > The lines I added to print switches and links produced these lines only: > > > *Switch > Port Port port_no=3, DOWN> >Switch port_no=1, DOWN> Port > >Switch > Port Port port_no=3, DOWN> >* > > This information is right but links have not ben printed, so I run the same > command with the original event.py file and the *--verbose *option and I > got this: > I guess LLDP packets are not generated or delivered for some reason. Could you confirm that? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Raising a event from custom app
On Thu, 20 Sep 2018 17:11:59 +0900,
Rodriguez Felipe wrote:
>
> [1 ]
> [1.1 ]
> Hi!
>
>
> I'm trying to raise one event for sharing it from one app to another,
> unfortunately I'm not able to set
>
> the first app as a event provider (checked when running the app in --verbose
> mode). I've already done this
>
> one time with the app 2. Can you help me with this issue?
Have you tried to send_event EventEntryPoint?
With the debug logging turned on, it should report if a event is
delivered or not.
> Code of event file:
>
>
> import logging
> from ryu.controller import ofp_event, event
> from ryu.controller import handler
>
> class EventEntryPointBase(event.EventBase):
> def __init__(self, dpid):
> super(EventEntryPointBase, self).__init__()
> self.dpid = dpid
>
> def __str__(self):
> return '%s<%s>' % (self.__class__.__name__, self.dpid)
>
> class EventEntryPoint(EventEntryPointBase):
> def __init__(self, dpid):
> super(EventEntryPoint, self).__init__(dpid)
>
>
>
>
> Code of app 1:
>
>
> class TransportOperator(app_manager.RyuApp):
> OFP_VERSIONS = [ofproto_v1_3.OFP_VERSION]
> _CONTEXTS = {'wsgi': WSGIApplication}
>
> _EVENTS = [pointEvent.EventEntryPoint]
>
>
> def __init__(self, *args, **kwargs):
> super(TransportOperator, self).__init__(*args, **kwargs)
>
>
> .
>
> .
>
> .
>
> .
>
> Rest of code
>
> .l
>
> .
>
> .
>
>
>
> Code of app 2:
>
>
> class SimpleSwitch(app_manager.RyuApp):
> OFP_VERSIONS = [ofproto_v1_3.OFP_VERSION]
> _CONTEXTS = {
> 'dpset': dpset.DPSet
> }
>
> _EVENTS = [tenantEvent.EventTenantHostAdd]
>
> def __init__(self, *args, **kwargs):
> super(SimpleSwitch, self).__init__(*args, **kwargs)
> self.mac_to_port = {}
> self.arp_cache = {}
> self.arp_info = {}
> self.dpset = kwargs['dpset']
>
> .
>
> .
>
> .
>
> code
>
> .
>
> .
>
>
> @set_ev_cls(pointEvent.EventEntryPoint)
> def data_switch_handler(self, dpid):
> value.append(dpid)
> self.logger.info("An Entry Point has been added")
>
>
>
> Thank you,
>
>
>
> Felipe Rodriguez
>
>
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] TCP IPerf is hung between RYU controller and SDN Switch
On Thu, 20 Sep 2018 01:00:31 +0900, Soe Ye Htet wrote: > > [1 ] > Dear, > > Thanks you for your reply. Let me recall back my wireless topology > Gateway1(RYU Controller)Node 1---Node 2Gateway2. > Iperf -s command at Gateway 2 (default window size: 85.3 KByte) and iperf > -c -t 86400 -i 10 at Node 2. The testing for > iperf between Node 2 and Gateway 2 could be run for 24 hours. > Running iperf -s command at Gateway1(default window size: 85.3 Kbyte) and > iperf -c -t 86400 -i 10 at Node 1. The testing of > iperf between Node 2 and Gateway 2 could be only run 200 seconds. Then > increasing window size up to 195 Kbyte at Gateway 1 increase the running > time up to 1 seconds for TCP iperf experiment between Gateway 1 and > Node 1. I will share the experience for the root cause after the > investigation has been done. Sounds like a radio interference. Have you checked packet drops or TCP retransmission counts (as seen in netstat -s)? -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] TCP IPerf is hung between RYU controller and SDN Switch
On Tue, 18 Sep 2018 21:07:41 +0900, Soe Ye Htet wrote: > > Dear, > > Please let me extend my case in this problem. The real wireless network > topology I have applied is Gateway1--Node 1--Node > 2Gateway2. RYU controller is installed in Gateway 1. The control > type is in-band control type by sharing Control TCP packet and Data TCP > packet on the same physical wireless interface. Then the experiment has > been executed to investigate about the TCP wireless link throughput. At the > side of Gateway1, iperf -s is executed. At the side of Node 1, iperf -c address of gateway1> -t 1 -i 10. At the side of Gateway2, iperf -s is > executed. At the side of Node 2, iperf -c -t 1 > -i 10. Strangely, the iperf testing between Gateway 1 and Node 1 is stopped > at the time of 1000 seconds while the iperf testing between Gateway 2 and > Node 2 can be executed up 1 seconds. I define the same flows for iperf > testing at the gateway 1 and gateway 2. For eg, i define the flow rules for > TCP at gateway 1 to receive the TCP packet from node 1. I also define the > same way of flow rules for TCP at gateway 2 to receive the TCP packet from > node 2. If anyone face same kind of issue, please let me know your > experience in solving for this problem. You seem to have already asked at the iperf mailing list. Unless you changed the flow tables during the experiment, I don't think ovs is an issue. You might be able to confirm this by having a table-miss flow entry and checking matched packet counts. I guess more likely cause is radio interference. Somebody may have used a microwave oven or other WiFi communcitation. > Best Regards, > Soe Ye Htet > Future Internet and Wireless Research Group > Chulalongkorn University > > On Sun, Sep 16, 2018 at 8:15 PM Soe Ye Htet wrote: > > > Dear RYU Team, > > > > I am trying to test the TCP link throughput between RYU controller and OF > > Switch in my software defined wireless network. The implementation of > > control plane is in-band by sharing the control traffic and the data > > traffic in same physical wireless link. I plan to execute TCP throughput > > between RYU controller and one OF switch by executing iperf command. At the > > side of RYU controller, the command line of " iperf3 -s -d" is executed and > > the command line of " iperf3 -c -t 1 -i 10" at the > > OF Switch. Iperf3 was be operated up to 9600 seconds and then the TCP > > connection between RYU controller and OF Switch. I am trying to investigate > > what is real root cause of this problem. Can it be because of the failure > > of TCP handshake between RYU controller and the OF switch. > > > > Best Regards, > > Soe Ye Htet > > Future Internet and Wireless Research Group > > Chulalongkorn University, Thailand > > -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] [PATCH] app/ofctl: fix possible deadlock when the datapath disconnects
On Thu, 13 Sep 2018 12:24:28 +0900,
Atzm Watanabe wrote:
>
> Signed-off-by: Atzm Watanabe
Looks good to me. Thanks.
> ---
> ryu/app/ofctl/service.py | 20 +---
> 1 file changed, 17 insertions(+), 3 deletions(-)
>
> diff --git a/ryu/app/ofctl/service.py b/ryu/app/ofctl/service.py
> index ce60495..08ee75b 100644
> --- a/ryu/app/ofctl/service.py
> +++ b/ryu/app/ofctl/service.py
> @@ -112,6 +112,7 @@ class OfctlService(app_manager.RyuApp):
> msg = req.msg
> datapath = msg.datapath
> parser = datapath.ofproto_parser
> +is_barrier = isinstance(msg, parser.OFPBarrierRequest)
>
> try:
> si = self._switches[datapath.id]
> @@ -130,7 +131,16 @@ class OfctlService(app_manager.RyuApp):
> si.xids[xid] = req
> si.barriers[barrier_xid] = xid
>
> -if isinstance(req.msg, parser.OFPBarrierRequest):
> +def _cancel(barrier_xid, exc):
> +xid = si.barriers.pop(barrier_xid)
> +si.results.pop(xid)
> +si.xids.pop(xid)
> +if not is_barrier and req.reply_cls is not None:
> +self._unobserve_msg(req.reply_cls)
> +self.logger.error('failed to send message <%s>', msg)
> +self.reply_to_request(req, event.Reply(exception=exc))
> +
> +if is_barrier:
> barrier = msg
> datapath.set_xid(barrier)
> _store_xid(barrier.xid, barrier.xid)
> @@ -141,9 +151,13 @@ class OfctlService(app_manager.RyuApp):
> barrier = datapath.ofproto_parser.OFPBarrierRequest(datapath)
> datapath.set_xid(barrier)
> _store_xid(msg.xid, barrier.xid)
> -datapath.send_msg(msg)
> +if not datapath.send_msg(msg):
> +return _cancel(barrier.xid,
> + exception.InvalidDatapath(result=datapath.id))
>
> -datapath.send_msg(barrier)
> +if not datapath.send_msg(barrier):
> +return _cancel(barrier.xid,
> + exception.InvalidDatapath(result=datapath.id))
>
> @set_ev_cls(ofp_event.EventOFPBarrierReply, MAIN_DISPATCHER)
> def _handle_barrier(self, ev):
> --
> 2.7.4
>
--
IWAMOTO Toshihiro
___
Ryu-devel mailing list
Ryu-devel@lists.sourceforge.net
https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Help with auth in Ryu Controller
On Sun, 09 Sep 2018 06:18:54 +0900, Gabriel Kerschner wrote: > Hello. I'm building a structure with 2 Ryu controllers. I'm trying to > implement authentication between controllers using Shibboleth IdP. Do you > have any documentation regarding the preparation of the drivers to provide > authentication between them? Ryu doesn't have controller-to-controller communication thing. You'll need to build one yourself. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] bgp announcements and protocol modifies
On Thu, 06 Sep 2018 22:51:00 +0900, Rinaldo Buratti wrote: > Dear all, > > I'm interest on modify some bgp announcements. In particular i want to add > to an existing announcement an extended community, how can i do that? I don't have much experience in this field. Some Extended communities are defined in ryu.lib.packet.bgp. I guess you'll need to set extended attributes in Path.pattrs. VrfTable.insert_vrf_path may serve as an example. > Moreover i would like to modify some bgp decisions, like announcements > propagation that should be done using certain criteria. Is there a way to > do that?Even if you can tell me which part of the Ryu code to modify would > be helpfull. The best path calculation logic is in ryu.services.protocols.bgp.processor. Hope this helps. -- IWAMOTO Toshihiro ___ Ryu-devel mailing list Ryu-devel@lists.sourceforge.net https://lists.sourceforge.net/lists/listinfo/ryu-devel
Re: [Ryu-devel] Memory Error in RYU Controller
On Sat, 08 Sep 2018 23:53:20 +0900,
Soe Ye Htet wrote:
>
> [1 ]
> [1.1 ]
> Dear,
>
> I am so sorry for sending email again. Memory error means out of RAM
> problem. However, the specification of my machine is core i7-7th
> generation, 16 GB RAM with ubuntu-mate(32 bit) version. Can it be related
> with 32 bit version.
In 32bit linux, the userland memory space is probably limited to 3GiB.
But 3GiB is not so small. I doubt if there are some memory leaks.
Maybe you can use the gc module to diagnose what python objects are in
the memory.
https://docs.python.org/2.7/library/gc.html
> Best Regards,
> Soe Ye Htet
>
> On Sat, Sep 8, 2018 at 7:50 PM Soe Ye Htet wrote:
>
> > Dear RYU Team,
> >
> > I think the the out of memory message is occured due to a lot of packet-in
> > message is generated from Switch to Controller. This is because my current
> > focusing is about the dynamic routing which need to be changed by the RYU
> > controller. Currently, my setting is generating the packet-in message from
> > OF Switch without buffer ID. I think that is main cause of memory problem
> > in RYU controller. Is my guess wrong? When I see the main root cause, i
> > will share in this group so that next person can avoid the similar problem.
> >
> > Best Regards,
> > Soe Ye Htet
> >
> >
> > On Tue, Sep 4, 2018 at 8:58 PM Soe Ye Htet
> > wrote:
> >
> >> Dear RYU Team,
> >>
> >> I have faced the memory error in running RYU application. I try to fix
> >> this but it was not successful. My error statement as per attached log.
> >>
> >> gateway1@gateway1:~/Desktop/ryu-master(Edited)/ryu/app$ ryu-manager
> >> finalrerouting.py
> >> loading app finalrerouting.py
> >> loading app ryu.topology.switches
> >> loading app ryu.controller.ofp_handler
> >> instantiating app finalrerouting.py of node_failure
> >> instantiating app ryu.topology.switches of Switches
> >> instantiating app ryu.controller.ofp_handler of OFPHandler
> >> Switch_ID 1152921504606846979 (IP address ('10.0.0.3', 54266)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846979L: ('10.0.0.3', 54266)}
> >> Switch_ID 1152921504606846980 (IP address ('10.0.0.4', 39202)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846979L: ('10.0.0.3', 54266),
> >> 1152921504606846980L: ('10.0.0.4', 39202)}
> >> Switch_ID 1152921504606846981 (IP address ('10.0.0.5', 35620)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846979L: ('10.0.0.3', 54266),
> >> 1152921504606846980L: ('10.0.0.4', 39202), 1152921504606846981L:
> >> ('10.0.0.5', 35620)}
> >> Switch_ID 1152921504606846985 (IP address ('10.0.0.9', 34164)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846985L: ('10.0.0.9', 34164),
> >> 1152921504606846979L: ('10.0.0.3', 54266), 1152921504606846980L:
> >> ('10.0.0.4', 39202), 1152921504606846981L: ('10.0.0.5', 35620)}
> >> Switch_ID 1152921504606846978 (IP address ('10.0.0.2', 33202)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846985L: ('10.0.0.9', 34164),
> >> 1152921504606846978L: ('10.0.0.2', 33202), 1152921504606846979L:
> >> ('10.0.0.3', 54266), 1152921504606846980L: ('10.0.0.4', 39202),
> >> 1152921504606846981L: ('10.0.0.5', 35620)}
> >> Switch_ID 255421810004811 (IP address ('10.0.0.8', 59836)) is connected
> >> Current_Connected_Switch {1152921504606846978L: ('10.0.0.2', 33202),
> >> 1152921504606846979L: ('10.0.0.3', 54266), 1152921504606846980L:
> >> ('10.0.0.4', 39202), 1152921504606846981L: ('10.0.0.5', 35620),
> >> 1152921504606846985L: ('10.0.0.9', 34164), 255421810004811L: ('10.0.0.8',
> >> 59836)}
> >> Switch_ID 1152921504606846982 (IP address ('10.0.0.6', 52652)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846978L: ('10.0.0.2', 33202),
> >> 1152921504606846979L: ('10.0.0.3', 54266), 1152921504606846980L:
> >> ('10.0.0.4', 39202), 1152921504606846981L: ('10.0.0.5', 35620),
> >> 1152921504606846982L: ('10.0.0.6', 52652), 1152921504606846985L:
> >> ('10.0.0.9', 34164), 255421810004811L: ('10.0.0.8', 59836)}
> >> Switch_ID 1152921504606846977 (IP address ('10.0.0.1', 35032)) is
> >> connected
> >> Current_Connected_Switch {1152921504606846977L: ('10.0.0.1', 35032),
> >> 1152921504606846978L: ('10.0.0.2', 33202), 1152921504606846979L:
> >> ('10.0.0.3', 54266), 1152921504606846980L: ('10.0.0.4', 39202),
> >> 1152921504606846981L: ('10.0.0.5', 35620), 1152921504606846982L:
> >> ('10.0.0.6', 52652), 1152921504606846985L: ('10.0.0.9', 34164),
> >> 255421810004811L: ('10.0.0.8', 59836)}
> >> Traceback (most recent call last):
> >> File "/usr/lib/python2.7/logging/__init__.py", line 861, in emit
> >> File "/usr/lib/python2.7/logging/__init__.py", line 734, in format
> >> File "/usr/lib/python2.7/logging/__init__.py", line 481, in format
> >> File "/usr/lib/python2.7/logging/__init__.py", line 439, in
> >> formatException
> >> File "/usr/lib/python2.7/traceback.py", line 125, in print_exception
> >> File "/usr/lib/python2.7/traceback.py", line 67, in print_tb
