OpenDaylight: OpenFlow FLOW_MOD messages - sdn

I'm studying SDNs and using different controllers (Floodlight 1.1, OpenDaylight Lithium-SR2). I have 2 VMs which can communicate via a private network. In the first VM there is the SDN controller, while in the second VM I can setup a network topology with Mininet via a Python script.
My goal is to find out the controller behaviour: given a topology with 5 switches (with loops) and only 2 hosts, after a "ping" command, which switch does the controller select for the path between hosts?
A "ping" command in Mininet implies ARP traffic (discovering hosts' MAC addresses) and ICMP echo requests/replies.
After a ARP_REPLY we see a PACKET_IN from the switch linked to the answering host and the controller sends a FLOW_MOD message to all the switches it selects for the path, according with OpenFlow 1.0 protocol. Look at this Sequence Diagram for an example.
I captured the traffic with "tcpdump" tool and studied it with Wireshark.
Using Floodlight I can see FLOW_MOD messages which include "src" and "dst" MAC addresses (to create the path), but not with OpenDaylight (there are FLOW_MOD messages, but only before ARP traffic and only with broadcast "src" and "dst" MAC addresses).
I would like to understand why I'm not able to see FLOW_MOD messages with correct MAC addresses "src" and "dst" AFTER ARP replies (and not BEFORE). I don't know if it depends on controller's code or on OpenFlow protocol.
Thanks in advance for your help.

I found the problem: ODL works in Proactive mode as default, so I wasn't able to see Flow_Mod messages with attached MAC addresses after ARP traffic. I set ODL in Reactive mode modifying some configuration files which are located in the [ODL-folder]/etc/opendaylight/karaf/ directory of the Controller folder:
54-arphandler.xml: by default, the property <is-proactive-flood-mode>
is setted to true, so ODL works in Proactive mode. If you want Hybrid
mode set that property to false and <is-hybrid-mode> to true. If both
properties are setted to false ODL works in Reactive mode.
58-l2switchmain.xml: set the property <is-install-dropall-flow> to
false. In this way switches send packets that don't have a match (in
the switch flow table) to the controller without dropping.
Now I can see Flow_Mod messages with attached MAC addresses and check which switch is choosen by ODL to build the path between hosts.

Related

How to determine on which Root Hub Port is connected a usb device after an Enable Slot Command with the Intel's xHC?

I am writing a small driver for the Intel's xHC in a small hobby OS I boot with UEFI.
After I reset all Root Hub Ports, I get 2 Port Status Change Events which is because I asked QEMU to emulate a usb keyboard and a usb mouse in the command line. One Port Status Change Event for each device seems fair. After this, I follow the initialization steps for a USB device. As stated in the xHCI spec:
After the port successfully reaches the Enabled state, system software shall obtain a Device Slot for the newly attached device using an Enable Slot Command, as described in section 4.3.2.
I thus send an Enable Slot Command to each Root Hub Port for which there was a Port Status Change Event. This seems to work because I get 2 Command Completion Events on the Event Ring which both trigger an interrupt. Both of these events are marked with a completion code of 1 which indicates success.
My problem starts here. In the Port Status Change Event is a Port ID field which allows to determine which port triggered the event. In the Command Completion Event, there is none of that. I can link to the Command TRB which triggered the event but the Command TRB doesn't include the Port ID. My problem is that after an Enable Slot Command I need to create an Input Context including a Slot Context which should contain the Root Hub Port number.
I could keep a list of the ports to which I sent an Enable Slot Command but that opens up to race conditions especially once multiprocessing is enabled.
How do I properly get which Root Hub Port triggered the Command Completion Event?
A similar question has been asked on the linux-usb maillist.
There, Mathias Nyman, points out that the Enable Slot is misleading because it doesn't enable the slot of a specific port instead the command just returns a free index in the Device Context Base Address Array.
This index is the Slot ID value.
The programmer has to set the corresponding entry (i.e. dev_ctx_base_addr[slot_id]) with a pointer to a Device Context structure and fill its Slot Context with whatever Port Number and Route String they deem appropriate.
It's important to stress out that there is no a priori relationship between the Slot ID and the Port Number/Route String.
So you can just have a queue of slots to initialize and dequeue them as the Command Completion Events arrive.

Using 'connmanctl config' to set static IP without wired connection

I am currently using 'connmanctl config' to set static and DHCP settings with a wired connection. I'm curious if anyone has been successful with applying settings with the wire unplugged?
I would typically use 'connmanctl services' for a list of services then perform a string.match(blah, "ethernet_%w+_cable") to use that wired service name. I have been able to find and apply that service name with the ethernet cable unplugged BUT now when using 'connmanctl config':
connmanctl config ethernet_f8dc7a04ea82_cable --ipv4 manual 192.168.91.108 255.255.255.0 192.168.91.1 --nameservers 8.8.8.8
I get this error:
Error ethernet_f8dc7a04ea82_cable: Method "SetProperty" with signature "sv" on interface "net.connman.Service" doesn't exist
As you can see I have the service applied to the command and this is the same service name as when the cable is plugged in. This feature would be nice for equipment that needs to be pre-programmed before reaching the customer. I have also researched this error but can't find it being an issue with others the same as it is with my situation. Have also read many blogs, articles, etc...on trying to achieve this with nothing that jumps out at me.
...Any ideas ?
I had to perform this action via back-end with the code that I am using to configure. Just an example...settings are applied to /var/lib/connman/ethernet_?????cable/settings. I created the adapter name with the MAC address because it does not exist until the network is detected, created the directory /ethernet?????_cable then created an empty settings file on the fly. When programming and saving the settings via the equipment I am using I just insert the settings manually. When a network cable is plugged in and detected the settings you have applied work wonderfully.

Is it possible to configure the gr-ieee-80211 wifi_rx file to receive higher level layers?

I would like to ask if it is possible to receive UDP or TCP packets instead of just the Physical layer by configuring the wifi_rx.grc 1 flow graph in GNU Radio.
wifi_rx.grc 1 is from the example in gr-ieee80211
I am using a LimeSDR-Mini as rx source
You can use the Wireshark Connector block to write the decoded frames in a PCAP file and inspect all layers with Wireshark/tcpdump/tshark just with like a normal WLAN card.
The flow graph you are referring to already contains these blocks albeit they are disabled by default. Click on them and click Enable in the context menu. Then run the flow graph and open the file in Wireshark. If you want live decoding you can write to a Linux pipe. See the rx_demo.sh script in the apps folder on how to do that.

iOS 9 SimpleTunnel sample - Starting a new tunnel

I am trying hard to follow the example of SimpleTunnel given by Apple.
I try to track how they make the customized call.
However I cannot link the relationship between the connect button action with starting a new tunnel.
I tried to track it with PacketTunnelProvider but without success.
I know they are override classes. I cannot find the point where the whole VPN connection starts.
My goal is to create a SSL VPN tunnel.
After asking Apple and a few trial and error, I can finally trigger the extension part.
Prerequisite: (Network Extension permission)
Add a new target -> Packet Tunnel Provider
Trigger the extension by
NEVPNConnection *conn = [manager connection];
NSError *connError;
[conn startVPNTunnelWithOptions:settingsDict andReturnError:&connError];
Debug with the following steps
(1) Build & run the app
(2) Stop the app
(3) Debug > attach to process by PID or name > Enter "PacketTunnel"
(4) Start the app from your iPhone screen and you can debug for the extension
Hope the small steps I experienced can help the others to start.
However, there are more upcoming questions and I need to check!
The sample application and Packet Tunnel provider runs as a separate process. sample application is called as container app and the packet tunnel provider runs as app extension. These two components uses IPC for communication.
In sample application whenever connect toggle button is enabled startVPNTunnel() API will be called and the OS starts the packet tunnel provider which in turn calls your overrided method startTunnelWithOptions(). So this is where you start your connection to the VPN server.
To answer your question link the connect action to a method that invokes startVPNTunnel() which in turn triggers packet tunnel provider. You cannot directly invoke start packet tunnel provider without the container application.
Same gets applied to stop your VPN tunnel
Hope this answer helps you
if you are asking about the connect / enable buttons inside the SimpleTunnel app, then startVPNTunnel() is the call used in startStopToggled() method of StatusViewController.swift file
if you are asking about how the extension handles vpn connection start (after configuration is done), then OS network system calls startTunnelWithOptions() in PacketTunnelProvider.swift depending on how the tunnel is configured. for eg: of on-demand is enabled for this tunnel, OS will try to setup/start the tunnel whenever there is network activity. if not, OS will try to start tunnel, when you go to Settings|VPN and try to switch ON the config. This is similar to the iOS8 personal vpn connection stuff.

Force Glassfish to bind to a network interface

We are using Glassfish on multi homed servers and I would like to force Glassfish just to use one interface.
I updated domain.xml by
substituting every occurrence of 0.0.0.0 by the IP address
everywhere a port was mentioned without an address address=<IP> was added
every host=localhost was substituted with host=<IP>
After starting Glassfish several listeners are still listening on every available IP address:
3820: I tried to specify an address but the option is ignored
<iiop-listener port="3820" id="SSL" address="<IP>" security-enabled="true">
3920: same as above
<iiop-listener port="3920" id="SSL_MUTUALAUTH" address="127.0.0.1" security-enabled="true">
has no effect
7776: no idea
The next listeners use some dynamically generated ports
53491
53495
53496
53497
Now my question:
is there a way to make sure Glassfish will be using one and just one network interface?
if this cannot be achieved with Glassfish is there a way on a Linux system to trick an application to see only one interface?