View
249
Download
6
Category
Preview:
DESCRIPTION
How to develop OpenFlow applications in Ryu. For SDNDS-TW Sharing
Citation preview
whoami
❖ 林哲緯 ( John-Lin )
❖ 清華⼤大學 通訊⼯工程所 HSNL LAB
❖ 背景是通訊⼯工程
• 原是寫 Python 當興趣,玩網路程式時接觸 SDN/OpenFlow
❖ ⽬目前研究使⽤用 Ryu 未來應該也會繼續⽤用 Ryu Controller
❖ Network Security in SDN
• Contribute Snort-Integrate patch in Ryu
• See more: http://linton.tw/2014/09/03/Ryu-with-Snort-Integration/
Outline
❖ OpenFlow Overview
❖ Introduction to Ryu application development
❖ The OpenFlow API in Ryu
❖ Demo
Outline
❖ OpenFlow Overview
❖ Introduction to Ryu application development
❖ The OpenFlow API in Ryu
❖ Demo
What is OpenFlow?
OpenFlow Controller
OpenFlow Switch
Flow Table
Data Plane
Controller Plane
Packet PacketForwarding
OpenFlow Protocol (SSL/TCP)
Drop
Forward to Controller
About Flow Entry
Rule Action Statistics
in_port VLAN ID
VLAN pcp
MAC src
MAC dst
Eth type IP src IP dst IP ToS sport dport
More match field: http://ryu.readthedocs.org/en/latest/ofproto_v1_3_ref.html?highlight=match#ryu.ofproto.ofproto_v1_3_parser.OFPMatch
1. Forward packet to ports2. Forward to controller3. Drop packet4. Modify Field (set-field)
1. Packet counter2. Byte counter
Flow Table
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Table id 0
Multiple Flow TablesTable id 0
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Table id 1
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Table id 2
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
Rule Action Statistics
SDN Controller
OpenFlow-enabled Network DeviceOpenFlow Protocol
OpenFlow Controller and switch workflow
HANDSHAKE_DISPATCHER
CONFIG_DISPATCHER
MAIN_DISPATCHER
DEAD_DISPATCHER如果發⽣生連線中斷
Ryu Controller 的4種狀態
The messages between Controller and switch❖ Controller-to-Switch Messages (Controller->Switch)
❖ Features
❖ Modify-State
❖ Packet-out
❖ Configuration, Read-State, Barrier, Role-Request, Asynchronous-Configuration
❖ Asynchronous Messages (Switch->Controller)❖ Packet-In
❖ Flow Removed
❖ Port Status
❖ Error
❖ Symmetric Messages (Switch<->Controller)❖ Hello
❖ Echo Request / Reply
❖ Experimenter
OpenFlow Controller
OpenFlow Switch
Flow Table
OpenFlow Protocol
Outline
❖ OpenFlow Overview
❖ Introduction to Ryu application development
❖ The OpenFlow API in Ryu
❖ Demo
What is Ryu
❖ Ryu is a component-based software defined networking framework.
❖ Fully written in Python
❖ Ryu supports various protocols for managing network devices• OpenFlow 1.0, 1.2, 1.3, 1.4, Netconf, OF-config
❖ License: Apache 2.0
Ryu Resources❖ Official site:
• http://osrg.github.io/ryu/
❖ Mailing list: • https://lists.sourceforge.net/lists/listinfo/ryu-devel
❖ API Documentation: • http://ryu.readthedocs.org/en/latest/
❖ RyuBook Tutorial (Chinese): • http://osrg.github.io/ryu-book/zh_tw/html/
Installation
Installation
❖ Notice: Before you Install, check the dependencies first.
❖ On Official site…
Automatic Installation Script
❖ On Ubuntu 12.04+, two-line command can install Ryu 3.14
❖ This helper script which should get all dependencies and download, build, and install Ryu.
Fork me on: https://github.com/John-Lin/ryuInstallHelper
To install dependencies in Ubuntu
How to use
❖ Run your application
❖ Run your application with debug output
Application programming model
1. ⼀一個 OpenFlow message 可以視為⼀一個 event
2. 利⽤用 decorators 來接 event
3. 定義事件處理器(Event Handler)
Come from OpenFlow switches:• Asynchronous messages• Switch reply messages
Custom library
事件
Outline
❖ OpenFlow Overview
❖ Introduction to Ryu application development
❖ The OpenFlow API in Ryu
❖ Demo
OpenFlow protocol APIType Message Name Ryu OpenFlow API
Controller to Switch
Messages
Features OFPFeaturesRequest / OFPSwitchFeaturesConfiguration OFPSetConfigModify-State OFPFlowMod
Read-State OFPFlowStatsRequest / OFPFlowStatsReply OFPPortStatsRequest / OFPPortStatsReply
Packet-out OFPPacketOutBarrier OFPBarrierRequest / OFPBarrierReply
Role-Request OFPRoleRequest / OFPRoleReplyAsynchronous-Configuration OFPSetAsync / OFPGetAsyncReply
Asynchronous Messages
Packet-In OFPPacketInFlow Removed OFPFlowRemoved
Port Status OFPPortStatusError OFPErrorMsg
Symmetric Messages
Hello OFPHelloEcho Request / Reply OFPEchoRequest / OFPEchoReply
Experimenter OFPExperimenter
OpenFlow Controller and switch workflow
Code Template in Ryu❖ Usually in the
Class
❖ Inheritance
❖ Decorators: @
❖ 接取 OpenFlow message event
❖ Event Handler
❖ 接到event 後要做的事定義在method裡
Asynchronous Messages
Controller toSwitch Messages
SnortLibrary Plugin
UtilityMethods
Initial method
Outline
❖ OpenFlow Overview
❖ Introduction to Ryu application development
❖ The OpenFlow API in Ryu
❖ Demo
DEMO
❖ Hub application
❖ 利⽤用 Flow Table match ICMP 封包將其 Flood,其他協定封包導到Controller 做處理
❖ https://github.com/John-Lin/SDNDS-TW
1 2 3 4 priority=10, match=icmp, action=ALLpriority=0, actions=CONTROLLER:65535
Flow table
Host A Host B
SDN Controller
Recommended