Wednesday, March 26, 2014

Opendaylight (ODL) Controller Debugging using OSGI Commands


Most of the commands will work with CPqD Switch, there are some limitations/bugs with OVSK.
Few commands work for openflowplugin and few for controller.

removeMeter
removeMeters
addMeter
addMeters
modifyMeter
modifyMeters
removeGroup
addGroup
modifyGroup
portDescStats
flowStats

tableStats
groupStats
meterStats
meterConfigStats
aggregateStats
descStats
addMDFlow

modifyMDFlow
removeMDFlow

startSync
addFlows
modifyFlows
removeFlows
modifyTable
addGroups
modifyGroups
removeGroups
tbegin

tcommit
trollback
cacheinfo
setLogLevel
getLogLevel
create
destroy
listen
unlisten
myController
getClusterNodes
listcaches
put
remove
dumper
get
listenActive
unlistenActive
putComplex
updateComplex
printUserLink
addUserLink
deleteUserLink
printNodeEdges
readflows
readflow
readports
readport
readtable
readdescr
modifyflow
removeflow
addflowv6
removeflowv6
umAddUser
umRemUser
umGetUsers
addAAAServer
removeAAAServer
printAAAServers
ofdumpstatsmgr
resetSwitchCapability
ofbw
txratewindow
ofstatsmgrintervals
prlh
prll
psl
pht
pet
ptick
pcc
ptm
psize
page
sage
eage
dage
scc
ecc
dcc
psnp
esnp
dsnp
spause
sdi
sports
addsw
remsw
pthrot
ethrot
dthrot
pem
bwfactor
px2r
px2rc
controllerShowQueueSize
controllerShowSwitches
controllerReset
controllerShowConnConfig
dumpPendingARPReqList
dumpFailedARPReqList
pencs
pdm
psc
pfc
psd
psp
psm
addContainer
createContainer
removeContainer
addContainerEntry
removeContainerEntry
addContainerFlow
removeContainerFlow
containermgrGetRoles
containermgrGetAuthorizedGroups
containermgrGetAuthorizedResources
containermgrGetResourcesForGroup
containermgrGetUserLevel
containermgrGetUserResources
saveConfig
api3ut
scheme


printNodes




Tuesday, March 25, 2014

OpenFlow 1.3 Protocol Packet Structure: OFPT_HELLO

OpenFlow protocol is used for communication between ODL Controller and Switches supporting OpenFlow (OVSK, CPqD, Cisco Switches(N3K, Cat3K etc.), Brocade, HP, Juniper etc.). Each OpenFlow message begins with OpenFlow header which has Version(0x04, 1 byte), Type(1 byte), length(2 bytes), transaction ID (4 bytes). In OF1.3 we have 30 different types of Messages which start with OFPT_

192.168.56.103        Controller
192.168.56.104        Mininet (OVSK)
192.168.56.102         Mininet (CPqD)



If Protocol field is seen as TCP instead of OpenFlow, right click on the packet of interest -> Decode As -> Transport tab -> select Openflow -> OK

Following are different messages as per OF v1.3.2
1) OFPT_HELLO     /* Symmetric message */
2) OFPT_ERROR     /* Symmetric message */
3) OFPT_ECHO_REQUEST     /* Symmetric message */
4) OFPT_ECHO_REPLY /* Symmetric message */
5) OFPT_EXPERIMENTER    /* Symmetric message */
6) OFPT_FEATURES_REQUEST /* Controller/switch message */
7) OFPT_FEATURES_REPLY /* Controller/switch message */
8) OFPT_GET_CONFIG_REQUEST /* Controller/switch message */
9) OFPT_GET_CONFIG_REPLY /* Controller/switch message */
10) OFPT_SET_CONFIG /* Controller/switch message */
11) OFPT_PACKET_IN /* Async message */
12) OFPT_FLOW_REMOVED /* Async message */
13) OFPT_PORT_STATUS /* Async message */
14) OFPT_PACKET_OUT /* Controller/switch message */
15) OFPT_FLOW_MOD /* Controller/switch message */
16) OFPT_GROUP_MOD /* Controller/switch message */
17) OFPT_PORT_MOD /* Controller/switch message */
18) OFPT_TABLE_MOD /* Controller/switch message */
19) OFPT_MULTIPART_REQUEST /* Controller/switch message */
20) OFPT_MULTIPART_REPLY /* Controller/switch message */
21) OFPT_BARRIER_REQUEST /* Controller/switch message */
22) OFPT_BARRIER_REPLY /* Controller/switch message */
23) OFPT_QUEUE_GET_CONFIG_REQUEST /* Controller/switch message */
24) OFPT_QUEUE_GET_CONFIG_REPLY /* Controller/switch message */
25) OFPT_ROLE_REQUEST /* Controller/switch message */
26) OFPT_ROLE_REPLY /* Controller/switch message */
27) OFPT_GET_ASYNC_REQUEST /* Controller/switch message */
28) OFPT_GET_ASYNC_REPLY /* Controller/switch message */
29) OFPT_SET_ASYNC /* Controller/switch message */
30) OFPT_METER_MOD /* Controller/switch message */

Writing Flow entries to Switches Programmaticallyhttp://blog.disects.com/2014/04/opendayligtht-odl-controller-write-flow.html

Monday, March 24, 2014

SDN Opendaylight Controller: Add/Remove Flow Entries using REST


Start Controller
$ ./run.sh

Start Open vSwitches using Mininet
$ sudo mn --topo single,2 --controller remote,ip=192.168.56.101 --switch ovsk,protocols=OpenFlow13


192.168.56.101     Virtual Machine (VM) where Opendaylight(ODL) Controller is running
192.168.56.102     VM where Mininet is running

We will be using f206.xml for our testing.

Before using REST request Click on Basic Auth tab and configure username/password as admin/admin which are default credentials for accessing Controller GUI, click Refresh Headers. And configure Content-Type and Accept as shown below

To add a Flow Entry on to OpenvSwitch need to use PUT request method.

table_id, id tags of the XML will be part of REST request URL

http://192.168.56.101:8080/restconf/config/opendaylight-inventory:nodes/node/openflow:1/table/2/flow/133

Select raw-> XML as data format and copy f206.xml to the text body and click on Send tab. It should return us "200 OK" status code which indicates Flow is successfully sent to Controller without any issues, and the information will be saved in Controllers cache(Configuration Data Store).



Flow being successfully sent to Switch or not can be verified using ovs-ofctl command.

To remove a flow from Switch using REST request use DELETE request instead of PUT.

Following articles might be of interested
SDN Opendaylight Controller: Add/Remove Flow Entries using OSGI CLI
http://blog.disects.com/2014/03/sdn-opendaylight-controller-addremove_24.html

ovs-ofctl OVS action commands for OpenFlow 1.3
http://blog.disects.com/2014/01/ovs-ofctl-ovs-action-commands-for.html

ovs-ofctl commands on OpenFlow 1.3 Mininet Open vSwitch (OVSK)
http://blog.disects.com/2014/01/ovs-ofctl-commands-on-openflow-13.html 

Interested in Ethical Hacking!
http://blog.disects.com/2012/05/cain-and-abel-password-cracking.html