Thursday, January 23, 2014

ovs-ofctl commands on OpenFlow 1.3 Mininet switch (ovsk)

ovs−ofctl program is a command line tool for monitoring and administering OpenFlow switches. It can also show the current state of an OpenFlow switch, including features, configuration, and table entries. It should work with any OpenFlow switch, not just Open vSwitch.

Before pushing the flows we need to start mininet switch. using below command(also shown in snapshot).
sudo mn --topo single,2 --controller remote,ip=192.168.56.103:6653 --switch ovsk,protocols=OpenFlow13
where,
192.168.56.103 is openflowplugin Controllers IP Address and protocols=OpenFlow13 states that we need to use OpenFlow protocol version 1.3, tcp/6653 is used for OF1.3 communication and 6633 for OF1.0.
Point to note here, Mininet and Controller are running on different Virtual Machines.


 If the above command is successfully executed we should see OF1.3 communication between OVSK(switch s1 here) and SDN Controller.
Flows can be added as
sudo ovs-ofctl -O Openflow13 add-flow s1 in_port=1,actions=nw_ttl:2,output:2

sudo ovs-ofctl -O OpenFlow13 add-flow s1 priority=11,dl_type=0x0800,nw_src=10.0.0.1,action=mod_tp_dst:8888

If the above command is successfully configured on OVSK we should successfully dump flows.
mininet@mininet-vm:~$ sudo ovs-ofctl -O OpenFlow13 dump-flows s1
OFPST_FLOW reply (OF1.3) (xid=0x2):
 cookie=0x0, duration=7.443s, table=0, n_packets=0, n_bytes=0, priority=11,ip,nw_src=10.0.0.1 actions=mod_tp_dst:8888


ovs-ofctl connects to an OpenFlow switch using ssl, tcp(ip and port), socket file, unix file etc. ovs-ofctl talks to ovs-vswitchd, and ovs-vsctl talks to ovsdb-server.

Detailed options can be found at
http://openvswitch.org/cgi-bin/ovsman.cgi?page=utilities%2Fovs-ofctl.8


22 comments:

  1. hi praveen,

    1.
    i hv installed mininet2.1. can the ovs-controller run with OF13 mode and install flows pro-actively when pinged between hosts ?

    ex: below is the cli i used

    sudo mn --topo single,3 --switch ovsk,protocols=OpenFlow13 --controller ovsc

    this means the ovsk switch is wrking with OF13 mode.

    In the example of yours, i see ur adding the flows manually in OF13 mode. Can this be done automatically when h1 pings h2 ???

    2. by default mininet21 has OF10 desector. How do i add OF13 desector ? I want both desector to be wrks 10 and 13. Or OF13 desctor shd decode OF10 pkts too ?. can you gv me step by step cmds to add OF13 desector ???

    ReplyDelete
  2. 1. ovs-ofctl -v should show if it supports OF1.3 or not. If not install 2.0.0 OVSK.
    2. Flow Programming Service adds few entries which are invisibly. I am adding flows by executing commands directly on switch but can also be added using REST/NorthBound or by writing Apps
    3. While installing mininet pass -3 as argument (./install.sh -n3fx etc.)
    4. Wireshark 1.11 by default has OF1.3/1.4 dissector (please cross verify the version) support

    ReplyDelete
  3. "./install -a" doesn't install OF1.3 dissector.
    For manual install follow
    https://github.com/CPqD/ofdissector
    https://github.com/CPqD/ofsoftswitch13/wiki/OpenFlow-1.3-Tutorial

    ReplyDelete
  4. i tried installing OF13 dissector as the link u hv given. I copied the openflow.so plugin to the plugin dir of wireshark. loaded ws and the plugin was shown in about windows fine.

    Tried with ODL-hydrogen-base controller with -of13, and was able to see the OF13 messages shown correctly. If i tried with OF10 controller, the messages are not decoded correctly. It shows as OF1.0, but fields are not shown correctly.
    IS there a plugin which wrks for both OF10 adn OF13 ???

    ReplyDelete
  5. I am using wireshark 1.11, it works fine

    ReplyDelete
  6. I'm using mininet 2.1.0+, ovswitch 2.0, ubuntu 13.04. It should be ok to use OpenFlow 1.3. But S1 still doesn't show OpenFlow 1.3 when I run mininet (using protocols=OpenFlow13 and port 6653). I try to use command "ovs-ofctl -O OpenFlow13 dump-flows s1", version negotiation failed (we support version 0x04, peer supports version 0x01)

    ryu@ryu-vm:~$ ovs-ofctl --version
    ovs-ofctl (Open vSwitch) 2.0.0
    Compiled May 14 2014 20:25:34
    OpenFlow versions 0x1:0x4
    ryu@ryu-vm:~$

    What should I do to let the ocs-ofctl command run OpenFlow1.3?

    ReplyDelete
  7. ovs-ofctl --version is showing correct version i.e. 0x4=1.3 also check ovs-vswitchd version. It might be an issue with ovs-vswitchd version

    ReplyDelete
  8. I had to do the following to make it work for me

    ovs-vsctl set bridge s1 protocols=OpenFlow13

    ReplyDelete
  9. Great, it worked! Might be helpful to others:-)

    ReplyDelete
  10. Hi Praveen,

    I have gone through your blog, it is quite informative and helpful, Thanks. Just wondering whether it would be possible to customize OpenVswitch (for example add some code changes for enhancing it) and then integrate it into mininet?

    ReplyDelete
  11. Yeah, the code is open source. I think you can change as per the requirement and commit the functionality to Mininet with proper reviews and everyone in the community feels the functionality is useful for others. Better check with mininet/ovsk for exact procedure.

    ReplyDelete
    Replies
    1. Thanks a lot Praveen for the reply.

      Delete
  12. This comment has been removed by the author.

    ReplyDelete
  13. Hi Praveen,

    I read all of your blogs they are quite useful and informative. Thanks for uploading your information. I tried to get hands on OVS, mininet and opendaylight.

    I installed mininet using install.sh -nfv and after that i installed Open vSwitch 2.1.0.
    (Basically i Followed following tutorial, to install new version of openvswitch https://github.com/mininet/mininet/wiki/Installing-new-version-of-Open-vSwitch)

    I created a topology in mininet and connected to the opendaylight controller using
    sudo mn --custom custom/trial.py --topo mytopo --switch ovsk --controller=remote,ip=192.168.44.144,port=6633

    My question is how to know whether mininet is using the new version of Open-vSwitch or the inbuilt version of openvswitch?
    what is the difference between --switch user and --switch ovsk?

    i hope ovs supports openflow version 1.1 to 1.3, because of following results

    root@ubuntu:/root/openvswitch-2.1.0# sudo ovs-ofctl --version
    ovs-ofctl (Open vSwitch) 2.1.0
    Compiled Aug 30 2014 07:07:34
    OpenFlow versions 0x1:0x4


    Thanks,
    Pankaj

    ReplyDelete
  14. @Pankaj
    Before installing new version of Open vSwitch(ovs) make sure you delete old/default installation. Installing new ovs without removing old installation might lead to unexpected behaviour. To answer you question it might be using the latest installation.
    I don't think you can run 2 different installations of OVS on a single machine.

    "--switch user" is for CPqD switch (user mode)
    "--switch ovsk" is for Open vSwitch (kernel mode)

    ReplyDelete
    Replies
    1. Thanks Praveen. I appreciate your help. You are doing a great job. :)

      Delete
  15. Dear Praveen,

    Now I got OvSwitch 2.0.1 which is installed in mininet version 2.1.0p2.

    mininet@mininet-vm:~$ ovs-ofctl --version
    ovs-ofctl (Open vSwitch) 2.0.1
    Compiled Feb 23 2014 14:45:29
    OpenFlow versions 0x1:0x4

    I set switch to support OpenFlow 1.3 using command
    ovs-vsctl set bridge s1 protocols=OpenFlow10,OpenFlow13

    Now, the switch has function of OpenFlow 1.3. I checked from
    ovs-ofctl -O OpenFlow13 dump-flows s1

    But I know that OpenFlow 1.3 has meter table.
    I try to add meter using command
    ovs-ofctl -O OpenFlow13 add-meter s1 meter_id=100,flag=KBPS,band=type:drop,rate:10000
    ovs-ofctl -O OpenFlow13 add-flow s1 in_port=1,actions=meter:100,output:2
    But the system tell that
    ovs-ofctl: unknown command 'add-meter'; use --help help

    As fas as I know, this version of OvSwitch support OpenFlow 1.3.
    I wonder why the command 'add-meter' is not available.

    Regards,

    ReplyDelete
  16. Hi Praveen,

    I am doing my master's thesis on SDN. As part of this, I need to add some extra functionality at the ovsk switch and pox controller.

    I could get source code for pox controller, but not for the ovsk switch in mininet.

    Kindly tell me where can i get the source code of ovsk? kindly give few pointers in this context. Your information in this regard is of great help as I am also most stuck at this time.

    Regards
    Sumit

    ReplyDelete
  17. @Sumit, you neet to look at mininet code. Do git clone of mininet, their wiki might be helpful.
    @Fidel, to ping from A to B you need to add 2 rules. This might be outdated info. I stopped working on ODL/Mininet long back.

    ReplyDelete
  18. Hi,
    I have a flow
    cookie=0x0, duration=577.05s, table=0, n_packets=24424, n_bytes=362177596, idle_age=2, priority=950,ip,nw_dst=10.201.11.45 actions=enqueue:3q0

    how can i delete this particular flow and not others...

    ReplyDelete
  19. Hey ,praveen I am doing my major on SDN and need to implement "Threat dtection in SDN and implement SDN Firewall" .Can you tell me how to introduce mallware in the mininet using Python .Also please point me in the right direction about the project.Please if you have the code or link also provide one.

    Thanks in advance.

    ReplyDelete
  20. I have been checking out a few of your stories and i can state pretty good stuff. I will definitely bookmark your blog Security Windows

    ReplyDelete