I am trying to pause an OVS with POX as described in
http://www.openvswitch.org/support/dist-docs/ovs-ofctl.8.txt
The respective add-flow command is (thanks to pchaigno for his answer):
sudo ovs-ofctl add-flow c2 "dl_dst=00:00:00:00:00:01,actions=controller(pause)"
(switch name c2)
But, I cannot find in the POX documentation a way of sending such command to the switch.
Related
I'm experimenting with mininet in ubuntu 14 in order to create a basic firewall which blocks the udp packets from one host ( h1= 10.0.0.1 ) to another ( h4= 10.0.0.4 ).
Those hosts are in the same vlan and in different switchs (if that can be of any help). Also I would like to block it the udp packets which the destination port as 5001.
To do it so, i have launch two xterm in h1(in mininet) in order to check the ping is working correctly and also launch the packets to h4. xterm h1: "iperf -u -c10.0.0.4 -p 5001 -i 5 -b 200K -t 360".
In mininet I also have open a xterm h4 to set it up as a server listening in the port 5001. xterm h4: "iperf -s -u -p 5001 -i 5".
When I guess the rule I have to introduce is this one "sh ovs-ofctl add-flow s1 udp_dst=5001,nw_proto=17,actions=drop"
But, it doesnt work due to the packets are still arriving. The ping works fine, but ( and here comes the main problem) the packet arrives at the server and it shouldn't.
Any help please?
Thank you very much
Here I leave you the screenshots of the network topology and also what I appear in the xterm windows.
i have to create a virtual topology with miniedit that has to talk using the mqtt sub/pub system.
i'm working on virtualbox (mininet-wifi)
i have installed mosquitto & the clients... using the terminals i have no problem with:
mosquitto_sub -t test
mosquitto_pub -t test -m hello!
but when i emulate the topology on Miniedit with (controller,switch and two hosts), the hosts cannot talk using mosquitto, i think that there is no broker that can handle the communications in the virtual topology, any suggestions?
I tried to connect also to a remote server, using cloudmqtt but i only got failed connection
i expect that using
xterm h1 h2
on the Comand Line Interface of miniedit, i would be capable of make the two hosts talks beetween them using
mosquitto_sub/pub system, because also in the xterm of the host, if i type
service mosquitto status
i obtain that
mosquitto is active
UPDATE
solved.
i just have to run another host in which i type "mosquitto" and the others hosts would just reach it using "mosquitto_sub/pub - h 10.0.0.3 for example
2 brokers (1 on each hosts) won't automatically discover each other when the "link" comes up.
You will have to either manually configure the a bridge between the 2 brokers if you want messages to be shared.
Or pick one and have the clients explicitly connect to that one broker. e.g. the -h option for the mosquitto_pub or mosquitto_sub commands.
I agree with the solution. Let me give more in depth explanation.
Run basic mininet topo with 4 hosts and 4 switches.
mn --topo linear,4
Then open xterm for 3 hosts
xterm h1 h2 h3
Three terminals will pop up. One of them will be the host. on h3's(10.0.0.3) xterm terminal run
mosquitto
On h2(10.0.0.2) subscribe to the topic with;
mosquitto_sub -h 10.0.0.3 -t "home/bedroom/light"
On h1(10.0.0.1) publish a message by;
mosquitto_pub -h 10.0.0.3 -t "home/bedroom/light" -m "ON"
You can now see the message on h2's terminal. Hope it helps.
I want running iptables on Mininet OVS.
I do this
'xterm s1'
'iptables -A INPUT(or FOWARD or OUTPUT) -i s1-eth1 -j DROP' on s1 terminal.
But it is not work.
When I use iptables on Mininet Host, it is work.
How can I running iptables or different packet filter?
please teach me.
You could not use iptables to do packet filter, because OpenvSwitch hooked network device.
All of the packets will through to OpenvSwitch datapath (OpenvSwitch kernel module).
If you want to filter packet in OpenvSwitch, please set flow entry to control your flow tables.
I am trying to make mininet topology L3 OVS OF13 such as:
sudo mn --controller=remote,ip=127.0.0.1 --topo linear,2 --switch ovsk,protocols=OpenFlow13
H1: IP 10.0.0.1/24
H2: IP 10.0.1.1/24
Add route:
h1 route add default gw 10.0.0.254
h2 route add default gw 10.0.1.254
I add the following flows:
sh ovs-ofctl add-flow -OOpenflow13 s1 priority=500,dl_type=0x800,nw_src=10.0.0.0/24,nw_dst=10.0.1.0/24,actions=normal
sh ovs-ofctl add-flow -OOpenflow13 s2 priority=500,dl_type=0x800,nw_src=10.0.1.0/24,nw_dst=10.0.0.0/24,actions=normal
sh ovs-ofctl add-flow -OOpenflow13 s1 arp,nw_dst=10.0.0.1,actions=ouput:1
sh ovs-ofctl add-flow -OOpenflow13 s2 arp,nw_dst=10.0.1.1,actions=ouput:1
In the interface s1-eth1 IP 10.0.0.254 and interface s2-eth1 IP 10.0.1.254. i do ping to see connection but i have always Destination Host Unreachable
Can anyone help me thanks..
It is not recommended to configure IP address on the switch data ports. The IP addresses on the data ports should ideally be configured using OpenFlow, that is, we should add flows in such a way that the controller responds to the ARP requests for default gateway IP address. Please refer to the link https://github.com/mininet/openflow-tutorial/wiki/Router-Exercise.
If you configure IP address on the data ports of the switch, you will have to setup complete routing in Linux, that is, you will need to enable forwarding on the switches possibly the IP addresses on the interfaces connecting the two switches.
I'm using cygrunsrv and autossh on windows XP to create a service building a tunnel to a remote server but i also want to create another tunnel from the remote server to another server.
I can achieve it with this command line :
autossh -M 5432 serverA -t 'autossh -M 4321 serverB -N'
but when I want to set it up in cygwin through cygrunsrv to make it works as a service :
cygrunsrv -I TUNNEL -p /usr/bin/autossh -a "-M 5432 serverA -t 'autossh -M 4321 serverB -N'" -e AUTOSSH_NTSERVICE=yes -e AUTOSSH_POLL=20 -e AUTOSSH_GATETIME=30
It's not fully working. The service is creating the tunnel correctly to ServerA but it's not sending the autossh command "autossh -M 4321 serverB -N" to ServerA.
I tried to escape the quote but all my efforts didn't make any difference and I'm not seeing any command sent in the autossh logs.
I think the problem is related to pseudo terminal that is not created through the cygrunsrv.
I'd like to know if there's a way to fix my cygrunsrv command line to make it work or should I consider a different approach ?
Lionel, try removing the AUTOSSH_NTSERVICE=yes from the cygrunsrv invocation. As /usr/share/doc/autossh/README.Cygwin explains:
Setting AUTOSSH_NTSERVICE=yes in the calling environment ...
change[s] autossh's behavior in three useful
ways:
(1) Add an -N flag to each invocation of ssh, thus disabling shell
access. The idea is that if you're running autossh as a system
service, you're using it to forward ports; it wouldn't make sense to
run a shell session as a system service. (If you think this reasoning
is wrong, please send a bug report to the author or Cygwin maintainer,
and tell us what you're trying to do.)
Despite what the above says, it seems that you may have a good reason for not wanting -N (which suppresses command execution) in your service's ssh invocation. Removing AUTOSSH_NTSERVICE=yes should take care of it. It will have a couple of other minor disadvantages, but you can probably live with it. Read the rest of README.Cygwin for the details.