-
Notifications
You must be signed in to change notification settings - Fork 10
Tutorial 101 Using StaticFlowEntryManager (English)
To use StaticFlowEntryManger, you must use BasicOFController. To use StaticFlowEntryManger REST API, we have used curl.
The use of StaticFlowEntryManger is being a bit picky because it requires restrictions of fixed field names, JSON format and so on. But it is possible to do various network tests including muticast. We hope that this tutorial is helpful to your experiment.
StaticFlowEntryManger supports the persistent database but you can use this without DB. StaticFlowEntryManger starts with DB if you have set DB properly, and starts without DB otherwise. In other words, you don't need to consider the selection of DB support because it checks DB connection when object created and determines DB support automatically.
If you use the DB, all entries are stored in the memory and DB. So all entries of the DB will be automatically reloaded to the memory after rebooting of the controller. And all entries can be loaded to the switches with the reload REST API below REST API list for your convenience.
To minimize tangled entries, StaticFlowEntryManger accepts pre-defined entry field names below.
It provides the most of OF1.3 match, action and instruction fields. And some duplicated field name such as 'nw_proto' of OF1.0 is unified into 'ip_proto' of OF1.3. Therefore you have to use ip_proto although you want to use OF1.0 environment only.
public class StaticFlowEntry {
...
private static List<String> staticFlowEntryFields = new ArrayList<String>() {
{
add("name");
add("switch");
...
StaticFlowEntryManger observes 'Flow Match Field Prerequisite' of the chapter 7.2.3.6 in OF1.3.2 spec. Therefore it rejects a user input that violates restrictions.
This version of StaticFlowEntryManger applies the JSON format in the input(the data of curl with '-d' option). Therefore a malformed format of user input is rejected with error message.
In the previous version and floodlight v0.9 use JSON format partially, so that some field such as the actions field need to be parsed in different way. And the parsing code will be very complecated to support OF1.3.
StaticFlowEntryManger unifies the input format when it contains an instruction and an action. Even if you don't use OF1.3 (instruction field), action fields must be encapsulated into the instruction fields. If the switch is OF1.0 switch, OFMStaticFlowEntryManager will set not OFInstruction but OFAction directly when it builds OFFlowMod. We think this can reduce the user's confusion of multi OF version.
Followings are the supported REST API list examples.
Retrieves all entries of static flow entries of every switch or particulat switch.
curl http://{controller_ip}:8080/wm/staticflowentry/list/all/json
curl http://{controller_ip}:8080/wm/staticflowentry/list/00:00:00:00:00:00:00:01/json
Inserts a static flow entry. The key field of entry is the 'name' field.
You can clarify a subnetmask for the IP-type match fields (ipv4_src, ipv4_dst, arp_spa, and arp_tpa) with '/' like the last example. In this example the match field of ipv4_dst will be reflected as 'ipv4_dst=10.10.10.0, ipv4_dst_mask=255.255.255.0'.
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s1","priority":"101","eth_type":"0x0800","ipv4_src":"10.0.0.1","ipv4_dst":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:02","name":"s20","priority":"1001","eth_type":"0x0806","arp_tpa":"10.0.0.4","active":"true","instructions":[{"apply_actions":[{"output":"3"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s1","priority":"1001","eth_type":"0x0800","ipv4_dst":"10.10.10.3","active":"true","instructions":[{"apply_actions":[{"set_field":{"ipv4_dst":"10.0.0.2"}},{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s1","priority":"1001","eth_type":"0x0800","ipv4_dst":"10.0.0.3/24","active":"true","instructions":[{"apply_actions":[{"set_field":{"ipv4_dst":"10.0.0.2"}},{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
Deletes the static flow entry of the 'name'.
curl -X DELETE -d '{"name":"s1"}' http://{controller_ip}:8080/wm/staticflowentry/json
Deletes all entries of static flow entries of every switch or particulat switch.
curl http://{controller_ip}:8080/wm/staticflowentry/clear/all/json
curl http://{controller_ip}:8080/wm/staticflowentry/clear/00:00:00:00:00:00:00:01/json
Loads all entries of memory to switches. This function will be effective when the controller is rebooted and the DB is supported.
From the OpenIRIS v2.0.11, this API is changed to support the selectional reload.
curl http://{controller_ip}:8080/wm/staticflowentry/reload/all/json
curl http://{controller_ip}:8080/wm/staticflowentry/reload/00:00:00:00:00:00:00:01/json
Below is the obsoleted API.
curl http://{controller_ip}:8080/wm/staticflowentry/reload/json
This test allows predefined flows only. In other words, StaticFlowEntryManger drops every packets except for two directional ICMP and ARP packets.
OFMStaticFlowEntryManager does NOT check every exception for user input except for name field (key of StaticFlowEntry), JSON format and so on. Therefore, the others are user's portion. Let us consider the most simple ping experiment. If ARP entries remain in the host ARP table, the ping may be succed with ICMP rule only until the ARP entries timed out.
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"drop","priority":"11","active":"true"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s1","priority":"101","eth_type":"0x0800","ipv4_src":"10.0.0.1","ipv4_dst":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s2","priority":"101","eth_type":"0x0800","ipv4_src":"10.0.0.2","ipv4_dst":"10.0.0.1","active":"true","instructions":[{"apply_actions":[{"output":"1"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s3","priority":"101","eth_type":"0x0806","arp_spa":"10.0.0.1","arp_tpa":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s4","priority":"101","eth_type":"0x0806","arp_spa":"10.0.0.2","arp_tpa":"10.0.0.1","active":"true","instructions":[{"apply_actions":[{"output":"1"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
For rules of 's3' and 's4', we recommand to use the following rules if you use OF1.0 switches.
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s3","priority":"101","eth_type":"0x0806","ipv4_src":"10.0.0.1","ipv4_dst":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s4","priority":"101","eth_type":"0x0806","ipv4_src":"10.0.0.2","ipv4_dst":"10.0.0.1","active":"true","instructions":[{"apply_actions":[{"output":"1"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -X DELETE -d '{"name":"drop"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -X DELETE -d '{"name":"s1"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -X DELETE -d '{"name":"s2"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -X DELETE -d '{"name":"s3"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -X DELETE -d '{"name":"s4"}' http://{controller_ip}:8080/wm/staticflowentry/json
curl http://{controller_ip}:8080/wm/staticflowentry/clear/all/json
curl http://{controller_ip}:8080/wm/staticflowentry/clear/00:00:00:00:00:00:00:01/json
Let's create the topology that configured with a switch and two hosts. h1 and h2 has IPs of 10.0.0.1 and 10.0.0.2 respectively. h1 send ping to 10.0.0.3 and the switch will change destination IP field into 10.0.0.2. To do so, You need to insert bidirectional rules for ICMP and ARP.
This test is only available when the switch supports OF1.3.
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s1","priority":"1001","eth_type":"0x0800","ipv4_dst":"10.0.0.3","active":"true","instructions":[{"apply_actions":[{"set_field":{"ipv4_dst":"10.0.0.2"}},{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s2","priority":"1001","eth_type":"0x0800","ipv4_src":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"set_field":{"ipv4_src":"10.0.0.3"}},{"output":"1"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s3","priority":"1001","eth_type":"0x0806","arp_tpa":"10.0.0.3","active":"true","instructions":[{"apply_actions":[{"set_field":{"arp_tpa":"10.0.0.2"}},{"output":"2"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
curl -d '{"switch":"00:00:00:00:00:00:00:01","name":"s4","priority":"1001","eth_type":"0x0806","arp_spa":"10.0.0.2","active":"true","instructions":[{"apply_actions":[{"set_field":{"arp_spa":"10.0.0.3"}},{"output":"1"}]}]}' http://{controller_ip}:8080/wm/staticflowentry/json
OpenIRIS Development Team: contact bjlee@etri.re.kr