My SDN Lab-1
Here is the my first SDN lab test with Cisco XNC (Extended Network Controller). You can use this topology with Floodlight or OpenDaylight controller if possible for you. The pre-requesities are; once before you had XNC controller installation with specific controller modules like ‘Troubleshoot’, ‘TIF Manager’ and ‘Network Properties’.
This is my screenshot with this pre-requsities.
And the other pre-requisite is you must have a network running with SDN like www.mininet.org.
Now we can start to our SDN simulation lab with this command on the remote controller side.
Last login: Mon Feb 2 12:45:55 2015 [root@CISCO_XNC ~]# [root@CISCO_XNC ~]# [root@CISCO_XNC ~]# [root@CISCO_XNC ~]# [root@CISCO_XNC ~]# iptables -L INPUT -n --line-numbers Chain INPUT (policy ACCEPT) num target prot opt source destination 1 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 state RELATED,ESTABLISHED 2 ACCEPT icmp -- 0.0.0.0/0 0.0.0.0/0 3 ACCEPT all -- 0.0.0.0/0 0.0.0.0/0 4 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:22 5 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpt:80 6 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:2001:3024 7 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW tcp dpts:32768:61000 8 ACCEPT tcp -- 0.0.0.0/0 0.0.0.0/0 state NEW multiport dports 6633,8022,8080,8443 9 REJECT all -- 0.0.0.0/0 0.0.0.0/0 reject-with icmp-host-prohibited [root@CISCO_XNC ~]# export JAVA_HOME=/usr/java/latest/ [root@CISCO_XNC ~]# cd /opt/xnc/ [root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -start 8022 Another instance of controller running, check with /opt/xnc/runxnc.sh -status [root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -status Controller with PID: 1364 -- Doesn't seem to exist [root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -status Doesn't seem any Controller daemon is currently running, at least no PID file has been found [root@CISCO_XNC xnc]# fuser -n tcp 8022 [root@CISCO_XNC xnc]# fuser -n tcp 8022 [root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -stop Doesn't seem any Controller daemon is currently running [root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -start 8022 Running controller in background with PID: 1411, to connect to it please SSH to this host on port 8022
Let us attention to firstly we have to stop current runxnc.sh script and then run again this runxnc.sh script. !!!
Also we can reach Cisco’s XNC web interface. Type your web-browser http://[your-controller’s-ip-address:8080] In my lab topology my controller’s IP address is http://10.206.24.24:8080
Here is my screenshot.
username: admin
password: admin
Controller is OK. Then we can start mininet topology and let us see hosts and router’s (h1,h2,h3) IP, default gateway assignments and we can not ping from h1 to h2 with below commands.
mininet@mininet-vm:~$ sudo mn --controller=remote,ip=10.206.24.24 --topo=single,3 --mac -x mininet> h1 ifconfig h1-eth0 192.168.1.1 netmask 255.255.255.0 mininet> h1 route add default gw 192.168.1.254 mininet> h2 ifconfig h2-eth0 192.168.2.2 netmask 255.255.255.0 mininet> h2 route add default gw 192.168.2.254 mininet> h3 ifconfig h3-eth0:1 192.168.1.254 mininet> h3 ifconfig h3-eth0:2 192.168.2.254 mininet> h1 ping -c1 192.168.2.2 PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. From 192.168.1.1 icmp_seq=1 Destination Host Unreachable --- 192.168.2.2 ping statistics --- 1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms
This is my SDN Lab topology.
We can not ping. Why? Because h1 and h2 are in different network subnets. We must configure these following flows to our Cisco XNC controller. Via these flows in this topology our fake router h3 will route the ICMP packet as in source IP address 192.168.1.1 and destination IP address 192.168.2.2.
mininet> dpctl add-flow arp,actions=flood *** s1 ------------------------------------------------------------------------ mininet> dpctl add-flow ip,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:03,nw_dst=192.168.2.2,actions=mod_dl_dst:00:00:00:00:00:02,output:2 *** s1 ------------------------------------------------------------------------ mininet> dpctl add-flow ip,dl_src=00:00:00:00:00:02,dl_dst=00:00:00:00:00:03,nw_dst=192.168.1.1,actions=mod_dl_dst:00:00:00:00:00:01,output:1 *** s1 ------------------------------------------------------------------------ mininet> dpctl add-flow dl_dst=00:00:00:00:00:03,actions=drop *** s1 ------------------------------------------------------------------------
Then dump these flows with following command.
mininet> dpctl dump-flows *** s1 ------------------------------------------------------------------------ NXST_FLOW reply (xid=0x4): cookie=0x0, duration=10.946s, table=0, n_packets=0, n_bytes=0, idle_age=10, dl_dst=00:00:00:00:00:03 actions=drop cookie=0x0, duration=52.094s, table=0, n_packets=0, n_bytes=0, idle_age=52, ip,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:03,nw_dst=192.168.2.2 actions=mod_dl_dst:00:00:00:00:00:02,output:2 cookie=0x0, duration=25.993s, table=0, n_packets=0, n_bytes=0, idle_age=25, ip,dl_src=00:00:00:00:00:02,dl_dst=00:00:00:00:00:03,nw_dst=192.168.1.1 actions=mod_dl_dst:00:00:00:00:00:01,output:1 cookie=0x0, duration=82.373s, table=0, n_packets=0, n_bytes=0, idle_age=82, arp actions=FLOOD
OK. We saw 4 switch flows on our controller. Now let us ping again from h1 to h2.
mininet> h1 ping -c5 192.168.2.2 PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data. 64 bytes from 192.168.2.2: icmp_seq=1 ttl=64 time=0.675 ms 64 bytes from 192.168.2.2: icmp_seq=2 ttl=64 time=0.089 ms 64 bytes from 192.168.2.2: icmp_seq=3 ttl=64 time=0.142 ms 64 bytes from 192.168.2.2: icmp_seq=4 ttl=64 time=0.096 ms 64 bytes from 192.168.2.2: icmp_seq=5 ttl=64 time=0.094 ms --- 192.168.2.2 ping statistics --- 5 packets transmitted, 5 received, 0% packet loss, time 4001ms rtt min/avg/max/mdev = 0.089/0.219/0.675/0.228 ms
Success!!! Everything looks fine. We have a look from the controller’s web-interface side. First as in flows;
after as in ports GUI.
All counters on ports GUI Rx and Tx bytes, packets are increasing. Flows are populated on xnc controller.
Yes this is SDN revolution. I want make my own router running openflow. And also one day, I want that every protocol will be open.
Special thanks to my wife Aysegul Kiraba Gol for her valuable efforts on me.