openflow tutorials
DESCRIPTION
OpenflowTRANSCRIPT
salespica8com
supportpica8com
Pica8 Inc
1032 Elwell Court Suite 105
Palo Alto CA 94303
+1 (650) 614-5838
wwwpica8com
OpenFlow Tutorial
October 2014
Version 1
copy Copyright 2014 Pica8 Inc Pica8 is a registered trademark of Pica8 Incorporated PicOS is a trademark
of Pica8 Incorporated All rights reserved All other trademarks are property of their respective owners
Contents
Basic Bridge Configuration 4
Basic Flows Configurations 5
Connection to a Ryu Controller 6
Connection to Opendaylight controller 7
Connection to a Floodlight Controller 8
Basic Bridge Configuration 9
Basic Bridge Introduction 9
Power on Configuration 10
Configure Switch 13
Configure Bridge 14
Configure port 16
Default Bridge Behavior 16
OVS commands reference 18
Basic Flows Configurations 19
Flows Introduction 19
Modify default flow 20
Uni-directional Flow 21
1-to-Many Multicasting 24
Many-to-One Aggregation 25
OVS commands Used in this Tutorial 27
Packet address file 28
Connection to a Ryu Controller 29
Ryu Introduction 29
Introduce RYU Open Flow Controller 30
Configure OVS for RYU Open Flow Controller 31
Controller-OVS Interaction 33
RYU Simple Switch Application 35
Open flow message type 37
Ryu Guide OVS commands reference 38
Connection to Opendaylight controller 40
OpenDaylight introduction 40
Introduce OpenDaylight Open Flow Controller 41
Configure OVS for OpenDaylight Open Flow Controller 42
Opendaylight Controller-OVS Interaction 44
OpenDaylight Simple Switch Application 46
message type of open flow 47
OVS commands reference04 48
Connection to a Floodlight Controller 49
Floodlight controller Introduction 49
Floodlight Open Flow Controller 49
Why Make Changes 50
Changes to Floodlight 50
Build Floodlight 50
Test Topology 51
Configure OVS 52
Launch Floodlight 55
Floodlight REST Interface 57
curl 58
Add Flows 58
Delete Flows 58
OpenFlow Tutorial
4
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
OpenFlow Tutorial
5
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
Contents
Basic Bridge Configuration 4
Basic Flows Configurations 5
Connection to a Ryu Controller 6
Connection to Opendaylight controller 7
Connection to a Floodlight Controller 8
Basic Bridge Configuration 9
Basic Bridge Introduction 9
Power on Configuration 10
Configure Switch 13
Configure Bridge 14
Configure port 16
Default Bridge Behavior 16
OVS commands reference 18
Basic Flows Configurations 19
Flows Introduction 19
Modify default flow 20
Uni-directional Flow 21
1-to-Many Multicasting 24
Many-to-One Aggregation 25
OVS commands Used in this Tutorial 27
Packet address file 28
Connection to a Ryu Controller 29
Ryu Introduction 29
Introduce RYU Open Flow Controller 30
Configure OVS for RYU Open Flow Controller 31
Controller-OVS Interaction 33
RYU Simple Switch Application 35
Open flow message type 37
Ryu Guide OVS commands reference 38
Connection to Opendaylight controller 40
OpenDaylight introduction 40
Introduce OpenDaylight Open Flow Controller 41
Configure OVS for OpenDaylight Open Flow Controller 42
Opendaylight Controller-OVS Interaction 44
OpenDaylight Simple Switch Application 46
message type of open flow 47
OVS commands reference04 48
Connection to a Floodlight Controller 49
Floodlight controller Introduction 49
Floodlight Open Flow Controller 49
Why Make Changes 50
Changes to Floodlight 50
Build Floodlight 50
Test Topology 51
Configure OVS 52
Launch Floodlight 55
Floodlight REST Interface 57
curl 58
Add Flows 58
Delete Flows 58
OpenFlow Tutorial
4
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
OpenFlow Tutorial
5
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
Connection to a Ryu Controller 29
Ryu Introduction 29
Introduce RYU Open Flow Controller 30
Configure OVS for RYU Open Flow Controller 31
Controller-OVS Interaction 33
RYU Simple Switch Application 35
Open flow message type 37
Ryu Guide OVS commands reference 38
Connection to Opendaylight controller 40
OpenDaylight introduction 40
Introduce OpenDaylight Open Flow Controller 41
Configure OVS for OpenDaylight Open Flow Controller 42
Opendaylight Controller-OVS Interaction 44
OpenDaylight Simple Switch Application 46
message type of open flow 47
OVS commands reference04 48
Connection to a Floodlight Controller 49
Floodlight controller Introduction 49
Floodlight Open Flow Controller 49
Why Make Changes 50
Changes to Floodlight 50
Build Floodlight 50
Test Topology 51
Configure OVS 52
Launch Floodlight 55
Floodlight REST Interface 57
curl 58
Add Flows 58
Delete Flows 58
OpenFlow Tutorial
4
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
OpenFlow Tutorial
5
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
4
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
OpenFlow Tutorial
5
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
5
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
6
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
7
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
8
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
9
Basic Bridge Configuration
Basic Bridge Introduction
Power on Configuration
Configure Switch
Configure Bridge
Configure port
Default Bridge Behavior
OVS commands reference
Basic Bridge Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg
After studying this guide you will have the tools you need to configure Pica8s open switches as an
OpenFlow switch You will also gain insights on how to optimize the configuration to work in your
application environment while also learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
10
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1GbE and 4 x 10GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Power on Configuration
To start configure your terminal emulator to the following configuration
115200 8N1
No hardware flow control
No software flow control
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
11
To start the switch a console cable is required to connect the switch console port to the serial port
on the controller PC Run the terminal emulator on the console port from the controller PC then
power on the switch
Figure 2 shows the console output do not hit any keys until you have seen the booting choice
menu Enter to boot into Open vSwitch mode Next the switch asks if the switch configuration 2
should be done manually enter to enter the automatic mode In this mode the OVS processes no
will start automatically with default configuration such as log file etc
Next the switch static IP address is entered in this configuration subnet 200161x is used You
can choose your own subnet address at this point After the static IP address a gateway IP
address is entered
Next an Open vSwitch configuration database name is required to store all the configuration
information In this example database name is used If the database nameovs-vswitchdconfdb
does not exist from previous configuration it will be created in the default ovs directory based on a
database schema defined in ovsshareopenvswitchvswitchovsschema Multiple databases can
be created to provide different configurations but only one database can be entered during this
start up sequence The OVS processes can be stopped and restarted manually once the system is
running They can also be configured as cron processes The database is persistent the
configuration stored in the database will be restored once the OVS processes starts
Figure 2 ndash Power on console output
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
12
In this example the was used in a previous configuration therefore theovs-vswitchdconfdb
system found the database and created the initial configuration which will be shown later In Figure
1 the management LAN port on the switch is is connected to the in the controllereth0 eth0 eth0
PC to allow the controller PC to into the switch without the limitation of the console In thistelnet
configuration all PCs are configured with static IP addresses to form an isolated environment for
testing
Next the switch continues the boot sequence pay attention to the console messages regarding
the and They are the ovsdb server and ovs switch daemons The IPovsdb-server ovs-vswitchd
address is the switch IP address and the 6633 is the default port number used to communicate
with the ovs switch database server process A different port number can be set through the
manual configuration steps You can reference the picos-204-ovs-configuration-guidepd at _+
for manual configuration stepshttpwwwpica8comportaltrialphp+_
Figure 3 ndash Switch processes and bridge information
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
13
The IP address and the port number is often used in the and commandsovs-vsctl ovs-ofctl
discussed in later sections The was used in a previous configuration whichovs-vswitchdconfdb
contains a bridge with 4 1GbE ports After the process started a message on br0 ovs-vswitchd
is shown to indicate the bridge has been created At this point the switch is up anddevice br0
running The root level shell prompt is shown and ready for user input MultiplerootPicOS-OVS
telnet windows can be started from the controller PC to login to the switch the user id is androot
the default password is pica8
Configure Switch
Next use linux command to show the running processes The and ps -A ovsdb-server
are there to indicate the ovs switch is ready for operation Next print the content ofovs-vswitchd
the switch database by using the command to dump the switch configuration itovs-vsctl showshows the database id and a bridge named with four 1GbE ports plus an internal portbr0
In most start up cases a new database name at administrators choice will be entered As a result
an empty database is created The show command will just show the database id If a new
database is created the next step should be skipped and move on to the command In thisadd-br
example we will delete the old bridge by issuing command Check theovs-vsctl del-br br0database content by using the show command which should just show the database idThe
following is to create bridge and add ports for bridge
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
14
rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8
device br0 entered promiscuous moderootPicOS-OVS$ovs-vsctl add-port br0 te-111 vlan_mode=trunk tag=1 -- setinterface te-111 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-112 vlan_mode=trunk tag=1 -- setinterface te-112 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-113 vlan_mode=trunk tag=1 -- setinterface te-113 type=pica8 rootPicOS-OVS$ovs-vsctl add-port br0 te-114 vlan_mode=trunk tag=1 -- setinterface te-114 type=pica8 rootPicOS-OVS$rootPicOS-OVS$ovs-vsctl show d4d12890-c07a-4303-80cc-c6f79cf3afd7 Bridge br0 Port te-113 tag 1 Interface te-113 type pica8 Port te-114 tag 1 Interface te-114 type pica8 Port br0 Interface br0 type internal Port te-112 tag 1 Interface te-112 type pica8 Port te-111 tag 1 Interface te-111 type pica8rootPicOS-OVS$
Configure Bridge
To create a new bridge issue ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8command In our configuration the bridge needs four 1GbE ports for our exercise To add each
1GbE port to the bridge we will issue ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 command 4 times to add ge-111 to ge114 to the bridge To verify the configurationtype=pica8
use to show the database content As shown in the screen shot the bridge shouldovs-vsctl show
have four 1GbE ports and an internal port
Next let us monitor the port status and examine the port configuration with ovs-ofctl show br0
commandThe following commands are to show the configration of bridge
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
15
rootPicOS-OVS$ovs-ofctl show br0OFPT_FEATURES_REPLY (OF14) (xid=0x2) dpid5e3ec80aa9ae0a66n_tables254 n_buffers256capabilities FLOW_STATS TABLE_STATS PORT_STATS GROUP_STATSOFPST_PORT_DESC reply (OF14) (xid=0x4)1(te-111) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max2(te-112) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max3(te-113) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps max4(te-114) addrc80aa9ae0a66config 0state LINK_DOWNcurrent FIBERadvertised 1GB-FD FIBERsupported 1GB-FD 10GB-FD FIBER AUTO_NEGspeed 0 Mbps now 10000 Mbps maxLOCAL(br0) addrc80aa9ae0a66config 0state LINK_UPcurrent 10MB-FD COPPERsupported 10MB-FD COPPERspeed 10 Mbps now 10 Mbps maxOFPT_GET_CONFIG_REPLY (OF14) (xid=0x6) frags=normal miss_send_len=0rootPicOS-OVS$rootPicOS-OVS$rootPicOS-OVS$ovs-ofctl dump-ports br0 OFPST_PORT reply (OF14) (xid=0x2) 5 portsport 1 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=228085sport 2 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=216224sport 3 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=208941sport 4 rx pkts=0 bytes=0 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=199026sport LOCAL rx pkts=7 bytes=746 drop=0 errs=0 frame=0 over=0 crc=0tx pkts=0 bytes=0 drop=0 errs=0 coll=0duration=246761srootPicOS-OVS$
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
16
In the example provided port state is LINKDOWN because in the example set up the cable has
not been connected yet The Pica8 1GbE port supports RJ45 copper connector and auto
negotiation from 10 MB to 1 GB speed range Next let us examine the port statistics using the _
command It shows the RX and TX statistics since the link is down noovs-ofctl dump-ports br0packets are sent or received and all counters should be zeros
Configure port
A port can be added deleted turned up or turned down dynamically We have tested the add-port
command to delete a port use Port state can also be modifiedovs-vsctl del-port br0 ge-111with the command The keyword can bemodport actionovs-ofctl mod-port br0 ge-111 action
one of the following parameters
Up or down
Enable or disable the interface This is equivalent to ifconfig up or ifconfig down on a Linux system
Stp or nostp
Enable or disable 8021D spanning tree protocol (STP) on the interface OpenFlow
implementations that dont support STP will refuse to enable it
Receive or noreceivereceivestp or noreceivestp
Enable or disable OpenFlow processing of packets received on this interface When packet
processing is disabled packets will be dropped instead of being processed through the OpenFlow
table The receive or noreceive setting applies to all packets except 8021D spanning tree packets
which are separately controlled by receivestp or noreceivestp
Forward or noforward
Allow or disallow forwarding of traffic to this interface By default forwarding is enabled
Flood or noflood
Controls whether an OpenFlow flood action will send traffic out this interface By default flooding is
enabled Disabling flooding is primarily useful to prevent loops when a spanning tree protocol is not
in use
packetin or nopacketin
Controls whether packets received on this interface that do not match a flow table entry generate a
packet in message to the OpenFlow controller By default packet in messages are enabled
Again the show command displays (among other information) the configuration that modport
changes
Default Bridge Behavior
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
17
If the newly created bridge does not connect to the OpenFlow controller it will behave as a simple
L2 switch which floods l packets received from a port to all other ports This behavior is
implemented with a default low priority flow added at bridge creation time The flow can be shown
by using the command The flow will be shown as priority 0 andovs-ofctl dump-flows br0
actions=NORMAL Action NORMAL means the packet is subject to the devices normal L2L3
processing This action is not implemented by all OpenFlow switchesNow let us connect 2 PCs to
switch port 1 and port 2 with an Ethernet cable Once the PCs are connected the port state should
be changed to LINK_UP soon after the cable is connected Once both links are up use ping to test
the connectivity
Figure 4 ndash Ping test
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
18
In this example another Linux tool wireshark is also used to capture the packets sent and received
on eth0 On the wireshark screen a total of 4 pairs ping requestsreplies are captured along with
some arp packets We can connect other PCs to the switch now and ping should work for all PCs
In our set up telnetd and ftpd are installed in our linux PC reader can try the telnet and ftp
sessions to test the connectivity and bridge functionalities
Figure 5 ndash ICMP requestreply
At this point the switch is powered on and the initial switch configuration without an open flow
controller is completed Proceed to Open SDN Started Kit ndash Configure flows for flow manipulation
OVS commands reference
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-vsctl list-brovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl del-flows br0
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
19
Basic Flows Configurations
Flows Introduction
Modify default flow
Uni-directional Flow
1-to-Many Multicasting
Many-to-One Aggregation
OVS commands Used in this Tutorial
Packet address file
Flows Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by httpswwwopennetworkingorg After studying this guide you will have the
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
20
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Modify default flow
Next we will disable the flooding behavior and start to configure the flow table and manipulate
packet flows Use the command to delete the default flow Dump the flow ovs-ofctl del-flows br0table and no flow entry is shown
Figure 2 ndash Delete flows and dump flows
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
21
At this point the ping should stop working because the flooding has been disabled If interested
you can delete the bridge and re-create the bridge with four ports then the ping should work again
Figure 3 ndash Pings
Uni-directional Flow
Before running uni-directional flow we need a packet generator to work with for packetwireshark
generation and capturing In this starter kit a linux tool is used for packet generation The packeth
can be installed via the linux command To use the packeth sudo apt-get install packeth packeth
an address file needs to be created as the address database for packet creation The format is ltIP
addressgtltMAC addressgtltNamesgt a sample address file is provided in the appendix
Next let us create some packets to be used in the later test scenarios Start the click the packeth
button to enter the tab for creating a packet The next screen shows the test packet we builtbuilder
for this test Fill in each field using the button or entering the value Each packet includesselect
information in link layer IP layer and TCP payload Once the packet is built click the interface
button then select as the interfaceeth0
Next let us create an uni-directional flow from port 1 to port 2 using ovs-ofctl add-flow br0command then use the dump flow command to show the flow The in_port=1actions=output2
command added a flow into to forward all packets come in from to Nextbr0 in_port=1 out_port=2
start the wireshark to capture all packets on for both PC1 and PC2eth0
Next return to the screen and click the button At the bottom of the screen itpacketh send packeth
should show a time stamp and number of bytes sent to eth0 You can verify the packet content on
on both sending and receiving PCs This verifies the flow entry entered via the wireshark add-flow
command works as expected To test this flow further follow the next screen to createpacketh
another packet with different information and send it through the eth0
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
22
Figure 3 ndash Packeth
Next uses command to delete the flow then use ovs-ofctl del-flows br0 ovs-ofctl add-flow br0
to add a new flow that filter on allin_port=1dl_type=0x0800nw_src=1001002actions=output2
packets received from port 1 and only forward the packet with the matching IP address to port2
Figure 4 ndash Add flow with source IP matching field
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
23
On the menu click the button to mix packets into one output stream Select differentpacketh gen-s
packets built with different IP addresses to form one packet stream Specify the delay and number
of iteration then select the manual operation to send the stream Use to examine thewireshark
result
Figure 5 ndash Use packeth generate mixed packet stream
As shown in the screen shot the packet stream sent using with 3 different types of thepacketh
packet and 3 different source IP addresses is filtered by the flow and only the packet with source
IP address 1001002 is forwarded to output port 2 With the and many of thepacketh wireshark
fields can be tested in the uni-directional flow configuration
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
24
Figure 6 ndash Packet filtering for uni-directional traffic
1-to-Many Multicasting
After the unidirectional flow from one port to another we will modify the flow entry to configure a
1-to-3 ports multicasting scenario where packets match the flow entry are duplicated and
forwarded to 3 output ports This time we will use the command mod-flows ovs-ofctl mod-flows then use the dumpbr0 in_port=1dl_type=0x0800nw_src=1001002actions=output234
flow command to verify the flow is set up correctly
Figure 7 ndash 1 to 3 port packet duplication and multicasting
Configure the and on all PCs then send the packets into port 1 then examinepacketh wireshark
the packets received on port 2 3 and 4 to see if the action matches the flow specification
Figure 8 ndash 1 to 3 port packet filtering duplication and multicasting
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
25
Next use the to build packet with VLAN priority ARP TCP UDP and ICMP packets topacketh
exercise various flow packet matching fields and use the to verify the outputwireshark
In addition to using filter in multicasting port level duplication and multicasting is also supported
To configure this scenario first clean up the flows in using Then use br0 ovs-ofctl del-flows br0
to add a new multicasting flowovs-ofctl add-flow br0 in_port=1actions=output234
Figure 9 ndash 1 to 3 port level multicasting
The same traffic with source IP 1001002 is sent to port 1 the received traffic on port 4 is
captured using With the tools described in this document various traffic patternswireshark
combined with different filters can be configured to test application scenarios
Figure 10 ndash 1 to 3 port level multicasting
Many-to-One Aggregation
In this section flow aggregation from multiple ports is examined 2 scenarios will be configured
The first scenario is to aggregate traffic from port 1 2 and 3 without any filtering to port 4 The
second scenario is to apply packet matching filter on each port to select specific traffic based on
source IP address from each port for aggregation For the first scenario let us delete the existing
flows using the command Then use the following commands to add 3ovs-ofctl del-flows br0flows to the flow table
ovs-ofctl add-flow br0 in_port=1actions=output4
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
26
ovs-ofctl add-flow br0 in_port=2actions=output4
ovs-ofctl add-flow br0 in_port=3actions=output4
Figure 11 ndash Many to 1 port level aggregation
Configure on each PC to send packets from port 1 to 3 with source IP 1001001 frompacketh
port1 source IP 1001002 from port 2 and 1001003 from port 3 All the packets should be
forwarded to port 4
Figure 12 ndash Many to 1 port level aggregation
In this many-to-one aggregation configuration if the aggregated traffic is more than 1 Gbps the
over-subscribed packets will be dropped The over-subscription scenario could not be
demonstrated in this set up because the PC only has 100Mbps Ethernet port But if reader can
create the scenario the dropped packets can be shown via the ovs-ofctl dump-ports br0command as part of the port counters
To engineer the traffic aggregation the filters described in Open SDN Starter kit ndash Power on and
can be applied to identify and select traffic for aggregation In below scenario 3configure switch
flows are created with a filter on separate IP address on each port The previous flows need to be
deleted first then use the following commands to set up the new flows
ovs-ofctl add-flow br0 in_port=1dl_type=0x0800nw_src=1001001actions=output4
ovs-ofctl add-flow br0 in_port=2dl_type=0x0800nw_src=1001002actions=output4
ovs-ofctl add-flow br0 in_port=3dl_type=0x0800nw_src=1001003actions=output4
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
27
Figure 13 ndash Many to 1 port level aggregation
The is configured to generate traffic with mixed source IP addresses try with manualpacketh
option first to send small amount of traffic through each port then monitor the traffic on towireshark
see if the packets are filtered and forwarded correctly
The command is handy to verify the number of packets matched the filtering rule The dump-flows
command is also very useful to show all the port statistics Flows canovs-ofctl dump-ports br0be modified dynamically based on traffic conditions to throttle traffic during over-subscription
provide load balance and re-distribute traffic In deployment scenario flows are managed via Open
Flow controller with Open Flow protocols In next Starter kit the RYU Open Flow controller will be
discussed to show the controller-switch interaction
Figure 14 ndash Many to 1 port level aggregation with filter
OVS commands Used in this Tutorial
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
28
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
Packet address file
10010011a2a3a4a5a01stream110010021a2a3a4a5a02stream210010031a2a3a4a5a03stream310010041a2a3a4a5a04stream410010051a2a3a4a5a05stream510010061a2a3a4a5a06stream610010071a2a3a4a5a07stream710010081a2a3a4a5a08stream810010091a2a3a4a5a09stream9100100101a2a3a4a5a0astream101001001011a2a3a4a5ad1stream1011001001021a2a3a4a5ad2stream1021001001031a2a3a4a5ad3stream1031001001041a2a3a4a5ad4stream1041001001051a2a3a4a5ad5stream1051001001061a2a3a4a5ad6stream1061001001071a2a3a4a5ad7stream1071001001081a2a3a4a5ad8stream1081001001091a2a3a4a5ad9stream1091001001101a2a3a4a5adastream110
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
29
Connection to a Ryu Controller
Ryu Introduction
Introduce RYU Open Flow Controller
Configure OVS for RYU Open Flow Controller
Controller-OVS Interaction
RYU Simple Switch Application
Open flow message type
Ryu Guide OVS commands reference
Ryu Introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the RYU OpenFlow Controller
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
30
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce RYU Open Flow Controller
RYU is an open flow controller that has been integrated with the Pica8 open switch with OVS 110
implementation that supports Open Flow v13 Additional RYU information can be found at RYU
website The purpose of Pica8 RYU integration is to provide an openhttposrggithubcomryu
source SDN platform that the SDN community can prototype test and develop application in an
open source environment with an open flow switching platform for real traffic testing With the
configuration provided in this starter kit user should be able to have real traffic running in a week
to test out the application scenarios using OVS commands Both OVS and RYU are open source
with Apache license that developers can access easily
To clone the RYU directory open a shell window from $home directory then use git clone
to copy the RYU code base It will create a directory in $homegitgithubcomosrgryugit ryu
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
31
Figure 2 ndash Clone RYU
Then and to complete the installationcd ryu sudo python setuppy install
Figure 3 ndash Install RYU
The installation installs the and to the $home and ryu-manager ryu-client ryubin usrlocalbin
directories Now we are ready to run the test applications
Figure 4 ndash RYU-manager and RYU-client
Configure OVS for RYU Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
32
Figure 5 ndash Set RYU controller IP address
The RYU controller will be running on the controller PC with IP address10105041 using default
port 6633 The port number can be changed For this exercise the controller will be started with
the modendashverbose
Figure 6 ndash Start RYU-manager with verbose option
The helps us understand the interaction Use the command --verbose mode RYU controller-OVS
verbose to start the controller The TCP connection is established first and theryu-manager ndash
connection information is printed with peer (OVS) IP address 10105020 Once the controller is
started the connection status will change to The controller port information canis_connected true
also be shown using the command br0ovs-ofctl show
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
33
Figure 7 ndash Show controller connection status
Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
34
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
35
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and process theRYU-manager
OFPT_PACKET_IN message therefore on the controller screen a bunch of unhandled_events
are printed on the console At this point the RYU-OVS open flow session is established and ready
for Open Flow application to take over the event handling and flow configuration
RYU Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables RYU code distribution comes with a set of applications to show how
applications can be integrated Next we will run the simple switch application The application
processes the messages (eg ICMP_REQUEST) and instructs the bridge to flood allpacket_in
other ports with the packets Once the destination host received the request and replied with its
MAC address This simple switch application sets up the flow table to forward traffic from source
port to the correct destination port This is the default switch behavior that we have tested before
The application is in the $homeryuryuapplication directory Run the ryu-manager ndashverbose
command to start the applicationsimple_switchpy
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
36
Figure 11 ndash RYU-manager with simple switch application
Once the simple switch application starts the first part of the message output is the same as
before but instead of receiving unhandled events only as the previous RYU-manager only run It
sends an OFPT_PACKET_OUT message to the switch with FLOOD actions on first two packet_in
messages The first one is a probe message sent by the controller on local port
Figure 12 ndash Switch responses with simple switch application
The second message is an ICMP request comes in from port 3 and target destination is port 4
This message is the result of a ping test running on the PC connected to port 3 to PC on port 4
Since the controller does not know which port has the PC 4 MAC address It sends the
OFPT_PACKET_OUT instruction to the switch to flood the message received on port 3 Once the
PC on port 4 received the ICMP request and responded with its reply The controller matches the
reply destination MAC address with the PC3 on port3 and sends an OFPT_FLOW_MOD action to
create a flow from port 4 to port 3 to forward the packets The same processing repeats again for
setting up the flow from port 3 and port 4
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
37
Figure 13 ndash Flow tables set up by simple switch application
As a result the show 2 flows created by the simple switch application To test it againdump-flows
simply use command to delete the flowdel-flows
Figure 14 ndash Delete flow event from switch to controller
Once the flows are deleted two OPEN_FLOW_REMOVED events are generated by the switch to
notify the controller The MAC learning process repeats itself again the two flows will be created
when the next round of the ICMP requests come into the controller Reader can dump the flow
table to verify its behaviorAt this point the starter kit has demonstrated the basic RYU controller
integration with OVS and a simple application built on top of the RYU controller Reader should be
able to start testing and writing test applications using the SDN platform presented in this
document
Open flow message type
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
38
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
Ryu Guide OVS commands reference
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
39
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 - set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
40
Connection to Opendaylight controller
OpenDaylight introduction
Introduce OpenDaylight Open Flow Controller
Configure OVS for OpenDaylight Open Flow Controller
Opendaylight Controller-OVS Interaction
OpenDaylight Simple Switch Application
message type of open flow
OVS commands reference04
OpenDaylight introduction
This document provides instructions on how to configure Pica8s open switches to work in various
application scenarios This document assumes the reader with minimal to no knowledge of the
Open Virtual Switch (OVS) implementation defined by or the OpenFlowhttpopenvswitchorg
protocol defined by After studying this guide you will have thehttpswwwopennetworkingorg
tools you need to configure Pica8s open switches as an OpenFlow switch You will also gain
insights on how to optimize the configuration to work in your application environment while also
learning about OVS and the OpenFlow protocol
This starter kit provides screen shots and a list of off the shelf applications needed to complete the
configuration as well as highlighting the problems you may encounter during the setup More
documents or cookbooks on other subjects will be published periodically This document provides
a tutorial on how to
Configure Pica 8 as an OVS OpenFlow switch
Create bridges add ports show bridge and port statistics status as well as the OVS
database
Configure flow tables for uni-directional bi-directional traffic switching one-to-many
multi-casting mirroring filtering many-to-one aggregation etc
Configure Pica 8 OVS OpenFlow switches to interface with the OpenDaylight OpenFlow
Controller
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
41
Figure 1 ndash Test bed configuration
In this document the system configuration depicted in Figure 1 includes
A Pica8 P-3295 open switch with 48 x 1 GbE and 4 x 10 GbE uplinks
5 Linux PCs running Ubuntu 1241 LTS one is connected to the management LAN port
(RJ45) and console port (RJ45F) this PC is referred to the controller PC The OpenFlow
controller will be running on this PC Four PCs are connected to 1GbE port 1 to 4 and serve
as a data terminal for generating and monitoring traffic
Tools from installed on all the PCs are listed below They can be installed through Linux
installation utility apt-get
Terminal emulator minicom
Traffic monitoring tool Wireshark
Packet generator Packeth
ftp and ftpd
telnet and telnetd
Introduce OpenDaylight Open Flow Controller
OpenDaylight is an open flow controller that has been integrated with the Pica8 open switch with
OVS 110 implementation that supports Open Flow v13 Additional OpenDaylight information can
be found at OpenDaylight website The purpose of Pica8 httpwwwopendaylightorg
Opendaylight integration is to provide an open source SDN platform that the SDN community can
prototype test and develop application in an open source environment with an open flow switching
platform for real traffic testing With the configuration provided in this starter kit user should be
able to have real traffic running in a week to test out the application scenarios using OVS
commands Both OVS and Opendaylight are open source with Apache license that developers can
access easily
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
42
To install the opendaylight user need download the file from
Then user can follow the install guide to installhttpwwwopendaylightorgsoftwaredownloads
opendaylight
After installing the opendalight user can edit the configuration file in
Then user can start the opendaylight controller by opendaylightconfigurationconfigini runsh
rootdev-42homeychenopendaylight runsh osgigt 2014-05-27 104550871 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Im a GossipRouter will listen on port120012014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Started GossipRouterGossipRouter started at Tue May 27 104551 CST 2014Listening on port 12001 bound on address 00000000Backlog is 1000 linger timeout is 2000 and read timeout is 02014-05-27 104551016 CST [Start Level Event Dispatcher] INFOooccsinternalClusterManager - Starting the ClusterManager2014-05-27 104552075 CST [fileinstall-plugins] INFOoocniosgiNetconfImplActivator - Starting TCP netconf server at12700183832014-05-27 104552341 CST [fileinstall-plugins] INFOoocsbindingimplBrokerActivator - Binding Aware Broker initialized2014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - Session id received fromnetconf server 12014-05-27 104552556 CST [ConfigPersister-registrator] INFOoocnpiConfigPersisterNotificationHandler - No last config provided bybackend storage PersisterImpl[storage=orgopendaylightcontrollernetconfpersistimplNoOpStorageAdapterade6f7]2014-05-27104555705 CST [Start Level Event Dispatcher] INFOoocciConfigurationService - ConfigurationService Manager init2014-05-27 104556239 CST [ControllerIO Thread] INFOoocpocoreinternalControllerIO - Controller is now listening onany6655
Configure OVS for OpenDaylight Open Flow Controller
In OVS the controller property of the bridge created earlier needs to be added to include the
controller IP address and port number The command ovs-vsctl set-controller br0 is to set controller address for bridge The commandtcp2001612406633 br0 ovs-vsctl show
can now show the bridge information the connection status is not shown because the controller
has not been started yet
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
43
Figure 2 ndash Set Opendaylight controller IP address
The OpenDaylight controller will be running on the controller PC with IP address 200161240
using default port 6633 The port number can be changed For this exercise the controller will be
started with runsh
Figure 6 ndash Start Opendaylight-manager
Once the controller is started the connection status will change to Theis_connected true
controller port information can also be shown using the command br0ovs-ofctl show
Figure 7 ndash Show controller connection status
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
44
Opendaylight Controller-OVS Interaction
Once the controller and OVS are connected a set of messages will be exchanged For example
the OVS sends an OFPT_HELLO message to the controller The hello message is captured on the
screen The first byte of the message is the version number and the second byte is thewireshark
OFPT_TYPE OFTP_HELLO message is type 0
After the hello message from the switch the controller sends OFPT_FEATURES_REQUEST
(type=5) to retrieve the switch capabilities including supported open flow version switch
configuration and port hardware address etc The switch sends OFPT_FEATURES_REPLY
(type=6) to provide the feature information The message is shown on both the controller console
and switch console
Figure 8 ndash OFPT_HELLO message
The switch console information is provided by the snoop option of the command Theovs-ofctl
command is It shows the feature request from the controller and the featureovs-ofctl snoop br0reply with the bridge information Reader can compare the switch console information with the
controller console information to get a better understanding of the message exchange
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
45
Figure 9 ndash ovs-ofctl snoop br0
The also captured the information Notice the message type in the second byte is 6wireshark
representing the OFPT_FEATURES_REPLY After the feature reply the controller sends an
OFPT_SET_CONFIG message to set the message parameters like the max length etc Once the
controller is connected the OVS changes its default behavior from a layer 2 switch to an OVS
switch It means the flooding is disabled and open flow packet processing starts Each packet is
processed based on the flow table entry Unmatched packet is forwarded to the controller for
analysis unless a rule is defined to drop the packet
During initial start up with the controller the flow table is empty therefore packets received from
any port are forwarded to the controller The next message from the switch is type
OFPT_PACKET_IN (type=100x0a)
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
46
Figure 10 ndash OFPT_FEATURE_REPLY message
In this exercise the does not have any application to receive and processOpendaylight controller
the OFPT_PACKET_IN message therefore on the controller screen a bunch of
are printed on the console At this point the Opendaylight-OVS open flowunhandled_events
session is established and ready for Open Flow application to take over the event handling and
flow configuration
OpenDaylight Simple Switch Application
With just the controller connected without any application the ping between the PCs cannot work
because the ARP requests are forwarded to the controller without any packet processing
instructions in the flow tables Opendaylight code distribution comes with a set of applications to
show how applications can be integrated Next we will run the simple switch application The
application processes the messages (eg ICMP_REQUEST) and instructs the bridge topacket_in
flood all other ports with the packets Once the destination host received the request and replied
with its MAC address This simple switch application sets up the flow table to forward traffic from
source port to the correct destination port This is the default switch behavior that we have tested
before When you start the opendaylight controller with homeychenopendaylight runshusers
can configure the controller on the web http101050428080
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
47
Figure 11 ndash web configure
message type of open flow
enum ofp_typeOFPT_HELLO = 0 Symmetric messageOFPT_ERROR = 1 Symmetric messageOFPT_ECHO_REQUEST = 2 Symmetric messageOFPT_ECHO_REPLY = 3 Symmetric messageOFPT_VENDOR = 4 Symmetric messageOFPT_FEATURES_REQUEST = 5 Controllerswitch messageOFPT_FEATURES_REPLY = 6 Controllerswitch messageOFPT_GET_CONFIG_REQUEST = 7 Controllerswitch messageOFPT_GET_CONFIG_REPLY = 8 Controllerswitch messageOFPT_SET_CONFIG = 9 Controllerswitch messageOFPT_PACKET_IN = 10 Async messageOFPT_FLOW_REMOVED = 11 Async messageOFPT_PORT_STATUS = 12 Async messageOFPT_PACKET_OUT = 13 Controllerswitch messageOFPT_FLOW_MOD = 14 Controllerswitch messageOFPT_PORT_MOD = 15 Controllerswitch messageOFPT_STATS_REQUEST = 16 Controllerswitch messageOFPT_STATS_REPLY = 17 Controllerswitch messageOFPT_BARRIER_REQUEST = 18 Controllerswitch messageOFPT_BARRIER_REPLY = 19 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REQUEST = 20 Controllerswitch messageOFPT_QUEUE_GET_CONFIG_REPLY = 21 Controllerswitch message
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
48
OVS commands reference04
ovs-vsctl showovs-ofctl show br0ovs-ofctl dump-ports br0ovs-vsctl list-brovs-vsctl list-ports br0ovs-vsctl list-ifaces br0ovs-ofctl dump-flows br0ovs-ofctl snoop br0ovs-vsctl add-br br0 -- set bridge br0 datapath_type=pica8ovs-vsctl del-br br0ovs-vsctl set-controller br0 tcp1721612406633ovs-vsctl del-controller br0ovs-vsctl set Bridge br0 stp_enable=trueovs-vsctl add-port br0 ge-111 - set interface ge-111 type=pica8ovs-vsctl add-port br0 ge-112 - set interface ge-112 type=pica8ovs-vsctl add-port br0 ge-113 - set interface ge-113 type=pica8ovs-vsctl add-port br0 ge-114 - set interface ge-114 type=pica8ovs-vsctl add-port br0 ge-111 type=pronto optionslink_speed=1Govs-vsctl del-port br0 ge-111ovs-ofctl add-flow br0 in_port=1actions=output2ovs-ofctl mod-flows br0in_port=1dl_type=0x0800nw_src=1001001actions=output2ovs-ofctl add-flow br0 in_port=1actions=output234ovs-ofctl add-flow br0 in_port=1actions=output4ovs-ofctl del-flows br0 ovs-ofctl mod-port br0 1 no-floodovs-ofctl add-flow br0in_port=1dl_type=0x0800nw_src=1921681241actions=output3ovs-ofctl add-flow br0in_port=4dl_type=0x0800dl_src=60eb69d29cddnw_src=19816812nw_dst=1241212355actions=output1ovs-ofctlmod-flows br0 in_port=4dl_type=0x0800nw_src=1922102345actions=output3ovs-ofctl del-flows br0 in_port=1
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
49
Connection to a Floodlight Controller
Floodlight controller Introduction
Floodlight Open Flow Controller
Test Topology
Configure OVS
Launch Floodlight
Floodlight REST Interface
Floodlight controller Introduction
This is the fourth document of the This document providesOpen SDN Starter Kit series
instructions how to configure Pica8s open switches in order to work with ThisFloodlight Controller
document assumes the reader has read the first two documents of the Open SDN Starter Kit series
Floodlight Open Flow Controller
The Open SDN Controller is an enterprise-class Apache-licensed Java-basedFloodlight
OpenFlow Controller and it supports OpenFlow v10 In fact is not just an OpenFlowFloodlight
controller and it also includes a collection of applications built on top the ControllerFloodlight
Additional information can be found at website Floodlight Floodlight
httpwwwprojectfloodlightorgfloodlight
You can either download the source from orFloodlight httpwwwprojectfloodlightorgdownload
follow the Installation Guide
to install httpdocsprojectfloodlightorgdisplayfloodlightcontrollerInstallation+Guide Floodlight
In this document we follow the to clone the source to an Ubuntu 1110 systemInstallation Guide
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
50
Figure 1 ndash Clone Floodlight
Why Make Changes
By default performs forwarding the unknown packets from Pica8 switch to theFloodlight
destination In this case things may go well even if there are no flows set in Pica8 switch The
purpose of this document is to show you how to use Floodlight REST interface to add flows to
Pica8 switch and verify the transmission of the traffics In order to eliminate the confusion whether
the packets are forwarded by Pica8 switch or controller we disable s defaultFloodlight Floodlight
forwarding feature
Changes to Floodlight
The s default setting is in $floodlightsrcresourcesfloodlightdefaultproperties We needFloodlight
to the line netfloodlightcontrollerforwardingForwarding as shown belowremove
Figure 2 ndash Edit Floodlight Default Properties
Build Floodlight
Before building we need to install and Then issue to build Floodlight JDK Ant ant Floodlight
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
51
Figure 3 ndash Build Floodlight
Then the Java Archive file is generated under directory and readyFloodlight floodlightjar target
to be run
Figure 4 ndash floodlightjar
Test Topology
The following picture shows the test topology which is similar to the topology in the first two
documents of the even though the IP addresses are differentOpen SDN Starter Kit series
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
52
Figure 5 ndash Test Topology
In this document the systems depicted in the above diagram include
A Pica8 switch which is P-3295
5 Linux PCs running Ubuntu 1110
The one connected to the P-3295 management port (RJ45) and console port
(RJ45F) is referred as the controller PC The controller will be running onFloodlight
this PC
The other four PCs are connected to physical port 1 to 4 and serve as a data terminal
to verify the flow
Configure OVS
In this document we start OVS manually After powering on the Pica8 switch you will see the
following messages on the console display Select choice for OVS and enter to start2 yes
OVS by manual
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
53
Figure 6 ndash Start OVS Manually
Please refer to PicOS 16 OVS Configuration Guide
for the details how tohttpwwwpica8orgdocumentpicos-16-ovs-configuration-guidepdf
configure OVS At first we need to give a fixed IP address to the Pica8 switch create the OVS
database and launch the OVS database server and the switch daemon Here are the commands
ifconfig eth0 17216023424
ovsdb-tool create ovsovs-vswitchdconfdb ovsbinvswitchovsschema
ovsdb-server ovsovs-vswitchdconfdb --remote=ptcp 172160234 amp6632
ovs-vswitchd tcp1721602346632 --pidfile=pica8 --overwrite-pidfile gt varlogovslog 2gt
devnull amp
Figure 7 ndash Configure OVS - 1
In the following steps we create the bridge br0 and add 4 physical ports to it and set up its
connection to a specific OpenFlow Controller ( in this case)Floodlight
ovs-vsctl add-br br0 ndash set bridge br0 datapath_type=pica8
ovs-vsctl add-port br0 ge-111 ndash set interface ge-111 type=pica8
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
54
ovs-vsctl add-port br0 ge-112 ndash set interface ge-112 type=pica8
ovs-vsctl add-port br0 ge-113 ndash set interface ge-113 type=pica8
ovs-vsctl add-port br0 ge-114 ndash set interface ge-114 type=pica8
ovs-vsctl set-controller br0 tcp1721601796633
Figure 8 ndash Configure OVS - 2
We can verify the configuration by issuing
ovs-vsctl show
Figure 9 ndash Show OVS Configuration
In the above pictures it shows that the OpenFlow Controller has been defined After the
connection between Pica8 switch and OpenFlow Controller the same command will show the
connection status
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
55
Launch Floodlight
There are no differences to launch before or after bringing up Pica8 switch In thisFloodlight
document we start after bringing up Pica8 switch Floodlight
Figure 10 ndash Start Floodlight - 1
The following picture shows the connection between Pica8 switch and Floodlight
Figure 10 ndash Start Floodlight - 2
We can also use Wireshark to capture the traffic between Pica8 switch and Floodlight as shown
below
Figure 11 ndash Wireshark Captures
We can also use the following command to show the connection status
ovs-vsctl show
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
56
Figure 12 ndash Show OVS Connection Status
Now we can use the following command to verify that all of the physical ports are connected
ovs-ofctl show br0
Figure 13 ndash Show Physical Port Status
At this moment there are no flows defined
ovs-ofctl dump-flows br0
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
57
Figure 14 ndash No Flows defined in Pica8 Switch
If we try to ping from PC1 to PC2 it fails
Figure 15 ndash Ping Fails
Floodlight REST Interface
We can use browser to view s real time information The URL can be Floodlight
if you access it fromor http1721601798080uiindexhtml http1270018080uiindexhtml
Controller PC
Figure 15 ndash Access Floodlight Info
Please pay attention to the DPID in the above picture You need to replace it by your own DPID in
the following tests
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
58
curl
curl is a command line tool for transferring data with URL syntax and it is the tool to send Floodlight
REST APIs to configure Pica8 switch flows We can use apt-get to install it on Controller PC
sudo apt-get install curl
Add Flows
Here is the command to add a flow from port 1 to port 2
curl -d switch 678c089e01823826 namepc1-pc2 cookie0 priority0
ingress-port1 activetrue actionsoutput=2
http1270018080wmstaticflowentrypusherjson
We need another flow from port 2 to port 1 in order to make the ping between PC1 and PC2
working
curl -d switch 678c089e01823826 namepc2-pc1 cookie0 priority0
ingress-port2 activetrue actionsoutput=1
http1270018080wmstaticflowentrypusherjson
Now ping from PC1 to PC2 works
Figure 16 ndash Ping Successes
We can add the same flows between port 3 and port 4 to make ping working between them
Figure 17 ndash Flows Added
Delete Flows
We can remove all of the flows by issuing
curl http1270018080wmstaticflowentrypusherclear678c089e01823826json
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-
OpenFlow Tutorial
59
- Basic Bridge Configuration
- Basic Flows Configurations
- Connection to a Ryu Controller
- Connection to Opendaylight controller
- Connection to a Floodlight Controller
- Basic Bridge Configuration
-
- Basic Bridge Introduction
- Power on Configuration
- Configure Switch
- Configure Bridge
- Configure port
- Default Bridge Behavior
- OVS commands reference
-
- Basic Flows Configurations
-
- Flows Introduction
- Modify default flow
- Uni-directional Flow
- 1-to-Many Multicasting
- Many-to-One Aggregation
- OVS commands Used in this Tutorial
- Packet address file
-
- Connection to a Ryu Controller
-
- Ryu Introduction
- Introduce RYU Open Flow Controller
- Configure OVS for RYU Open Flow Controller
- Controller-OVS Interaction
- RYU Simple Switch Application
- Open flow message type
- Ryu Guide OVS commands reference
-
- Connection to Opendaylight controller
-
- OpenDaylight introduction
- Introduce OpenDaylight Open Flow Controller
- Configure OVS for OpenDaylight Open Flow Controller
- Opendaylight Controller-OVS Interaction
- OpenDaylight Simple Switch Application
- message type of open flow
- OVS commands reference04
-
- Connection to a Floodlight Controller
-
- Floodlight controller Introduction
- Floodlight Open Flow Controller
-
- Why Make Changes
- Changes to Floodlight
- Build Floodlight
-
- Test Topology
- Configure OVS
- Launch Floodlight
- Floodlight REST Interface
-
- curl
- Add Flows
- Delete Flows
-