Using a SwitchNode LOCAL port to act as a host

[jpillora]

I'm attempting to implement an in-band controller using the LOCAL port of a Mininet switch, and I've manually given two switches LOCAL interfaces (s1 and s2) IP addresses (with ifconfig), manually added the ARP entries (with arp -s) and created the flows but it seems the packets arriving on the LOCAL port aren't arriving at networking stack.

So, I ping, s1 -> s2 (with ping -I s1 <s2-ip-addr>), the flow counters increase for the s1 -> s1(port1) and the s2(port1) -> s2 flows. But it doesn't look like its making it from the s2 interface to linux.

I know this works with Mininet hosts (so, not using the LOCAL port). Am I missing anything important about Mininet SwitchNodes or the LOCAL port here?

I'll make proof of concept script when I have some time tonight

[lantz]

If this is not a bug report, can you please close it?

[jpillora]

Okay, is there somewhere I can ask questions?

[lantz]

Is this some kind of trick question?

http://mininet.org/support

[jpillora]

Yes the mailing list I did see that. Two things, 1990's mailing lists aren't very user friendly (Google Groups helps) and this particular question seemed like a bug to me, though I could be wrong. I was hoping to get a "Mininet is supposed to handle OVS LOCAL ports, so that should work" or "You need to use such and such Mininet API instead of shell commands".

[lantz]

@jpillora Heheheh, I think you mean 1980s, and what could be more friendly than e-mail/mailman? It works on every platform, has a stable format, provides digests, is automatically archived, and is indexed by google. It also reduces friction since openflow, openvswitch, and pox all run on mailing lists. Some of us like mailing lists for these and other reasons (and we've experienced the horrible bloodbaths that can occur with on-line q&a systems like piazza, which is actually fairly well-designed by the way) but we will consider google groups and/or mailman's forum upgrade in the future since they may help to avoid repeated questions and very few people seem to read or add to the FAQ.

The local port should work fine if you bring it up.

It is perhaps an issue that it is not up by default, but it would be incorrect to put the remote side (e.g. interface s1) into intfs - because it's the remote side (which appears in the namespace that your user app would connect to and talk to) rather than the local side (which the switch connects to and talks to - in fact that interface is an internal virtual interface which is not part of the Linux networking stack; the remote side is more like a tap interface.)

[jpillora]

Before my time :P True, google groups would be great upgrade. Though an alternative is to conduct and track all project communications through tagged Github issues (Question, Bug, Feature Request, etc). You can subscribe and unsubscribe to individual threads, use issues to construct a roadmap, @lantz at-mention other users, issues for the code are found along-side the code, quote text, hash-mention #259 other issues, you can use awesome Markdown down emphasise your important points, you can use inlineCodeSnippets and

# code blocks 
def withFancy(colors):
  return "!"

Anyway! Each to their own 😄 (and don't forget Emojis).

Thanks for your reply to my post on the mailing list.

$ sudo mn --mac -v output
mininet> sh ifconfig s1 10.5 hw ether 00:00:00:00:00:05
mininet> h1 ping -c1 10.5

I'll just tried it and that indeed works.

I would recommend verifying that your openflow rules are correct,

The counters are increasing, that means they're working right?

that your configuration is correct

Do you mean the links?

and that both your control traffic and data traffic are correct.

I'm installing L2 flows correctly and the ping have the correct L2 headers

and that your routing table(s) are correct.

I've manually inserted ARP entries, so I don't need any broadcast flows.

It seems to me like these are all correct as tcpdump is seeing the ICMPs arrive at the destination LOCAL port. In summary, I'm quite sure this is an issue between chair and keyboard, so I'm just after an understanding of what Mininet is doing (and why your snippet above works). I'm attempting to replicate Mininet with this file: 3-pure-ovs.sh (hopefully it's comprehensible), am I doing it right? I've got quite a complex use-case though I've boiled the problem down to this file.

(I did think that the s1 interface needed to be "bound" to another interface and did try using a TAP interface though it still wasn't working, maybe I was doing it wrong.)

I'd also suggest decomplicating things further by using a single switch and making absolutely sure your rules and configuration work with a regular port (forget about LOCAL for now - I think it's just a distraction.) As I noted, looking at openflow messages is often very useful. You might find (for example) that you need to specify more than just dl_dst for things to work as desired.

Interesting, so dl_dst + action isn't enough? I guess I just don't understand why the packets aren't producing a ICMP reply when I can see that they're arriving on the interface. Thanks for the replies. Will grab lunch and then try to figure out how Mininet is making it work in the snippet above.

[jpillora]

It could be a MAC address issue, I'm just looking into it now...

[jpillora]

Just updated the script to use the interface MAC addresses as they are and I'm still getting the same issue >.<

[lantz]

What does ARP have to do with IP routing tables? :(

We've thought about your issue suggestion before, but it would require some refinement since github doesn't have a means of automatically classifying issues without admin intervention, inconveniently enough (but I do love single sign-on and other github advantages.) I do dig markdown though - sadly most e-mail clients only speak html or the github email integration would be groovy.

[jpillora]

Ah yes, so I've filled the ARP tables though not the IP tables, nevertheless, if the packet is arriving with the correct L2 L3 headers, what could be stopping it from hitting the networking stack? Does it need an ip route to itself (ip set on the interface not enough)?

Well +1 from for using Github :)

[lantz]

If it's an IP packet, it needs an IP route.

On Jan 9, 2014, at 6:55 PM, Jaime Pillora notifications@github.com wrote:

Ah yes, so I've filled the ARP tables though not the IP tables, nevertheless, if the packet is arriving with the correct L2 L3 headers, what could be stopping it from hitting the networking stack? Does it need an ip route to itself (ip set on the interface not enough)?

Well +1 from for using Github :)

—
Reply to this email directly or view it on GitHub.

[jpillora]

Okay will give it a try

On Friday, January 10, 2014, Bob wrote:

If it's an IP packet, it needs an IP route.

On Jan 9, 2014, at 6:55 PM, Jaime Pillora <notifications@github.com<javascript:_e({}, 'cvml', 'notifications@github.com');>>
wrote:

Ah yes, so I've filled the ARP tables though not the IP tables,
nevertheless, if the packet is arriving with the correct L2 L3 headers,
what could be stopping it from hitting the networking stack? Does it need
an ip route to itself (ip set on the interface not enough)?

Well +1 from for using Github :)

—
Reply to this email directly or view it on GitHub.

—
Reply to this email directly or view it on GitHubhttps://github.com//issues/259#issuecomment-31999010
.

[jpillora]

Worked around this issue by creating extra hosts and treating these new ports as LOCAL ports, then run the what we need to in each host.