02 February 2015 ~ 0 Comments

My SDN Lab-1

SDN

Here is the my first SDN lab test with Cisco XNC (Extended Network Controller). You can use this topology with Floodlight or OpenDaylight controller if possible for you. The pre-requesities are; once before you had XNC controller installation with specific controller modules like ‘Troubleshoot’, ‘TIF Manager’ and ‘Network Properties’.

This is my screenshot with this pre-requsities.

cisco_xnc

And the other pre-requisite is you must have a network running with SDN like www.mininet.org.

Now we can start to our SDN simulation lab with this command on the remote controller side.

 

Last login: Mon Feb  2 12:45:55 2015
[root@CISCO_XNC ~]# 
[root@CISCO_XNC ~]# 
[root@CISCO_XNC ~]# 
[root@CISCO_XNC ~]# 
[root@CISCO_XNC ~]# iptables -L INPUT -n --line-numbers
Chain INPUT (policy ACCEPT)
num  target     prot opt source               destination         
1    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           state RELATED,ESTABLISHED 
2    ACCEPT     icmp --  0.0.0.0/0            0.0.0.0/0           
3    ACCEPT     all  --  0.0.0.0/0            0.0.0.0/0           
4    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:22 
5    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpt:80 
6    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpts:2001:3024 
7    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW tcp dpts:32768:61000 
8    ACCEPT     tcp  --  0.0.0.0/0            0.0.0.0/0           state NEW multiport dports 6633,8022,8080,8443 
9    REJECT     all  --  0.0.0.0/0            0.0.0.0/0           reject-with icmp-host-prohibited 
[root@CISCO_XNC ~]# export JAVA_HOME=/usr/java/latest/
[root@CISCO_XNC ~]# cd /opt/xnc/
[root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -start 8022
Another instance of controller running, check with /opt/xnc/runxnc.sh -status
[root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -status
Controller with PID: 1364 -- Doesn't seem to exist
[root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -status
Doesn't seem any Controller daemon is currently running, at least no PID file has been found
[root@CISCO_XNC xnc]# fuser -n tcp 8022
[root@CISCO_XNC xnc]# fuser -n tcp 8022
[root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -stop
Doesn't seem any Controller daemon is currently running
[root@CISCO_XNC xnc]# /opt/xnc/runxnc.sh -start 8022
Running controller in background with PID: 1411, to connect to it please SSH to this host on port 8022

Let us attention to firstly we have to stop current runxnc.sh script and then run again this runxnc.sh script. !!!

Also we can reach Cisco’s XNC web interface. Type your web-browser http://[your-controller’s-ip-address:8080] In my lab topology my controller’s IP address is http://10.206.24.24:8080

Here is my screenshot.

username: admin

password: admin

xnc_login

Controller is OK. Then we can start mininet topology and let us see hosts and router’s (h1,h2,h3) IP, default gateway assignments and we can not ping from h1 to h2 with below commands.

 

mininet@mininet-vm:~$ sudo mn --controller=remote,ip=10.206.24.24 --topo=single,3 --mac -x

mininet> h1 ifconfig h1-eth0 192.168.1.1 netmask 255.255.255.0
mininet> h1 route add default gw 192.168.1.254
mininet> h2 ifconfig h2-eth0 192.168.2.2 netmask 255.255.255.0
mininet> h2 route add default gw 192.168.2.254
mininet> h3 ifconfig h3-eth0:1 192.168.1.254
mininet> h3 ifconfig h3-eth0:2 192.168.2.254

mininet> h1 ping -c1 192.168.2.2
PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data.
From 192.168.1.1 icmp_seq=1 Destination Host Unreachable

--- 192.168.2.2 ping statistics ---
1 packets transmitted, 0 received, +1 errors, 100% packet loss, time 0ms

 This is my SDN Lab topology.

my_sdn_lab_topology

We can not ping. Why? Because h1 and h2 are in different network subnets. We must configure these following flows to our Cisco XNC controller. Via these flows in this topology our fake router h3 will route the ICMP packet as in source IP address 192.168.1.1 and destination IP address 192.168.2.2.

 

mininet> dpctl add-flow arp,actions=flood
*** s1 ------------------------------------------------------------------------
mininet> dpctl add-flow ip,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:03,nw_dst=192.168.2.2,actions=mod_dl_dst:00:00:00:00:00:02,output:2
*** s1 ------------------------------------------------------------------------
mininet> dpctl add-flow ip,dl_src=00:00:00:00:00:02,dl_dst=00:00:00:00:00:03,nw_dst=192.168.1.1,actions=mod_dl_dst:00:00:00:00:00:01,output:1
*** s1 ------------------------------------------------------------------------
mininet> dpctl add-flow dl_dst=00:00:00:00:00:03,actions=drop
*** s1 ------------------------------------------------------------------------

Then dump these flows with following command.

 

mininet> dpctl dump-flows
*** s1 ------------------------------------------------------------------------
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=10.946s, table=0, n_packets=0, n_bytes=0, idle_age=10, dl_dst=00:00:00:00:00:03 actions=drop
 cookie=0x0, duration=52.094s, table=0, n_packets=0, n_bytes=0, idle_age=52, ip,dl_src=00:00:00:00:00:01,dl_dst=00:00:00:00:00:03,nw_dst=192.168.2.2 actions=mod_dl_dst:00:00:00:00:00:02,output:2
 cookie=0x0, duration=25.993s, table=0, n_packets=0, n_bytes=0, idle_age=25, ip,dl_src=00:00:00:00:00:02,dl_dst=00:00:00:00:00:03,nw_dst=192.168.1.1 actions=mod_dl_dst:00:00:00:00:00:01,output:1
 cookie=0x0, duration=82.373s, table=0, n_packets=0, n_bytes=0, idle_age=82, arp actions=FLOOD

OK. We saw 4 switch flows on our controller. Now let us ping again from h1 to h2.

 

mininet> h1 ping -c5 192.168.2.2
PING 192.168.2.2 (192.168.2.2) 56(84) bytes of data.
64 bytes from 192.168.2.2: icmp_seq=1 ttl=64 time=0.675 ms
64 bytes from 192.168.2.2: icmp_seq=2 ttl=64 time=0.089 ms
64 bytes from 192.168.2.2: icmp_seq=3 ttl=64 time=0.142 ms
64 bytes from 192.168.2.2: icmp_seq=4 ttl=64 time=0.096 ms
64 bytes from 192.168.2.2: icmp_seq=5 ttl=64 time=0.094 ms

--- 192.168.2.2 ping statistics ---
5 packets transmitted, 5 received, 0% packet loss, time 4001ms
rtt min/avg/max/mdev = 0.089/0.219/0.675/0.228 ms

Success!!! Everything looks fine. We have a look from the controller’s web-interface side. First as in flows;

flows

after as in ports GUI.

ports

All counters on ports GUI Rx and Tx bytes, packets are increasing. Flows are populated on xnc controller.

Yes this is SDN revolution. I want make my own router running openflow. And also one day, I want that every protocol will be open.

Special thanks to my wife Aysegul Kiraba Gol for her valuable efforts on me.

Written by: Kursat Gol

Leave a Reply