Can someone help advise on a flow problem?

  • 12 Replies
  • 3110 Views
*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Can someone help advise on a flow problem?
« on: May 09, 2016, 01:15:01 AM »
Hi all,

After successfully getting pox working with my ZodiacFX for simply sending every packet to the pox controller, and then having the controller tell the switch to send the packet out of every port (OFPP_FLOOD), I now want to install that as a flow into the ZodiacFX so that it's not always having to talk to the pox.

However, I'm guessing that I'm doing something wrong with the flow, as it's still always sending the packets up to pox.  The flow I've got installed is this:
Code: [Select]
Zodiac_FX(openflow)# show flows

-------------------------------------------------------------------------

Flow 1
 Match:
  Incoming Port: 0                      Ethernet Type: 0x0000
  Source MAC: 00:00:00:00:00:00         Destination MAC: 00:00:00:00:00:00
  VLAN ID: 0                            VLAN Priority: 0x0
  IP Protocol: 0                        IP ToS Bits: 0x00
  TCP Source Address: 0.0.0.0
  TCP Destination Address: 0.0.0.0
  TCP/UDP Source Port: 0                TCP/UDP Destination Port: 0
  Wildcards: 0x0010001f                 Cookie: 0x0
 Attributes:
  Priority: 2                   Duration: 7 secs
  Hard Timeout: 0 secs                  Idle Timeout: 0 secs
  Byte Count: 0                 Packet Count: 0

 Actions:
  Action 1:
   Output: FLOOD

-------------------------------------------------------------------------

by running this pox code when the ZodiacFX connects:

Code: [Select]
msg = of.ofp_flow_mod()
msg.actions.append(of.ofp_action_output(port = of.OFPP_FLOOD))
msg.priority = 2
connection.send(msg)

however the "Packet count" remains at zero, and the PacketIn handler in pox is always getting called (suggesting to me that the flow isn't being observed by the ZodiacFX).

Can anyone advise where I've gone wrong?  I'm fairly sure I've just missed something simple...

Thanks,
Kevin

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #1 on: May 09, 2016, 01:17:31 AM »
I've even tried setting some very specific flows (one for each device which I'm pinging between, one for an ARP broadcast, and then one as a generic catch-all), but that also hasn't helped:

Code: [Select]
Zodiac_FX(openflow)# show flows

-------------------------------------------------------------------------

Flow 1
 Match:
  Incoming Port: 0                      Ethernet Type: 0x0000
  Source MAC: 00:00:00:00:00:00         Destination MAC: B8:27:EB:E5:1C:32
  VLAN ID: 0                            VLAN Priority: 0x0
  IP Protocol: 0                        IP ToS Bits: 0x00
  TCP Source Address: 0.0.0.0
  TCP Destination Address: 0.0.0.0
  TCP/UDP Source Port: 0                TCP/UDP Destination Port: 0
  Wildcards: 0x00100017                 Cookie: 0x0
 Attributes:
  Priority: 10                  Duration: 4 secs
  Hard Timeout: 0 secs                  Idle Timeout: 0 secs
  Byte Count: 0                 Packet Count: 0

 Actions:
  Action 1:
   Output: 1

Flow 2
 Match:
  Incoming Port: 0                      Ethernet Type: 0x0000
  Source MAC: 00:00:00:00:00:00         Destination MAC: B8:27:EB:01:FC:53
  VLAN ID: 0                            VLAN Priority: 0x0
  IP Protocol: 0                        IP ToS Bits: 0x00
  TCP Source Address: 0.0.0.0
  TCP Destination Address: 0.0.0.0
  TCP/UDP Source Port: 0                TCP/UDP Destination Port: 0
  Wildcards: 0x00100017                 Cookie: 0x0
 Attributes:
  Priority: 10                  Duration: 3 secs
  Hard Timeout: 0 secs                  Idle Timeout: 0 secs
  Byte Count: 0                 Packet Count: 0

 Actions:
  Action 1:
   Output: 3

Flow 3
 Match:
  Incoming Port: 0                      Ethernet Type: 0x0000
  Source MAC: 00:00:00:00:00:00         Destination MAC: FF:FF:FF:FF:FF:FF
  VLAN ID: 0                            VLAN Priority: 0x0
  IP Protocol: 0                        IP ToS Bits: 0x00
  TCP Source Address: 0.0.0.0
  TCP Destination Address: 0.0.0.0
  TCP/UDP Source Port: 0                TCP/UDP Destination Port: 0
  Wildcards: 0x00100017                 Cookie: 0x0
 Attributes:
  Priority: 5                   Duration: 3 secs
  Hard Timeout: 0 secs                  Idle Timeout: 0 secs
  Byte Count: 0                 Packet Count: 0

 Actions:
  Action 1:
   Output: FLOOD

Flow 4
 Match:
  Incoming Port: 0                      Ethernet Type: 0x0000
  Source MAC: 00:00:00:00:00:00         Destination MAC: 00:00:00:00:00:00
  VLAN ID: 0                            VLAN Priority: 0x0
  IP Protocol: 0                        IP ToS Bits: 0x00
  TCP Source Address: 0.0.0.0
  TCP Destination Address: 0.0.0.0
  TCP/UDP Source Port: 0                TCP/UDP Destination Port: 0
  Wildcards: 0x0010001f                 Cookie: 0x0
 Attributes:
  Priority: 2                   Duration: 3 secs
  Hard Timeout: 0 secs                  Idle Timeout: 0 secs
  Byte Count: 0                 Packet Count: 0

 Actions:
  Action 1:
   Output: FLOOD

-------------------------------------------------------------------------

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #2 on: May 09, 2016, 03:23:09 AM »
Interestingly, when I setup something very similar using openvswitch then it seems to work OK (using 2 docker containers on a single host going via openvswitch, as opposed to two hosts on a ZodiacFX, but both using basically the same pox code to setup the flows).

I'd guess from that that I'm doing something wrong with the ZodiacFX; any advice on how to debug this?

Thanks in advance.

Re: Can someone help advise on a flow problem?
« Reply #3 on: May 09, 2016, 12:31:28 PM »
I believe the problem is the wildcard you're using. The wildcards, 0x0010001f and 0x00100017  require the IP address matching too --- but you haven't defined an IP address to match against, so it doesn't match 0.0.0.0.

Instead, set the wildcard to 0x001ffff7 or 0x003ffff6 (as Ryu does) to match against the the mac_dst address. Pox should have some method for doing this (though I haven't used it to know)

I'm curious what the wildcard value was set to in openvswitch if you weren't having the same trouble?

Hope that helps!
~Jordan Ansell

*

Paul Zanna

  • Moderator
  • Sr. Member
  • *****
  • 370
    • View Profile
    • Northbound Networks
Re: Can someone help advise on a flow problem?
« Reply #4 on: May 09, 2016, 03:50:32 PM »
Hi Kevin,

Someone else mentioned an issue with POX, but I didn't get any details so I haven't been able to test it. Actually I haven't really done much testing with POX (or NOX) as it is getting a bit dated and most people seem to be using RYU / Floodlight / ODL.
Can you please send me the code you are using and I'll try and see what the issue is, you are also using OF 1.0?

We have a firmware release due in a couple of days so if it does require some changes I can include it in that.

Regards,
Paul

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #5 on: May 09, 2016, 05:34:43 PM »
Ah, wildcards, that would explain it. When I'm back at my computer later today I'll post the code - I was working from what I thought was a tutorial from the Pox docs (actually it was from the mininet docs) which states that the "match" field defaults to matching everything so I didn't think much of it.

If Ryu is wider used, then I'll switch to that or Floodlight at some point, but it would be good to get to the bottom of this first. Yes, Pox only appears to support OpenFlow 1.0.

Thanks!

*

Paul Zanna

  • Moderator
  • Sr. Member
  • *****
  • 370
    • View Profile
    • Northbound Networks
Re: Can someone help advise on a flow problem?
« Reply #6 on: May 09, 2016, 09:11:03 PM »
I've had a look at POX and it does seem to be an issue with wildcards. Even the forwarding.hub app (which only creates a single flood flow) doesn't work because the wildcards (0x0010001F) are only on in_port, VLAN, eth_src, eth_dst and eth_type.
That means it needs a exact match on IP addresses and TCP ports, which seems strange if it is supposed to match all packets. I'm not sure why its like that and why OVS works that way.

Regards,
Paul

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #7 on: May 10, 2016, 07:21:02 AM »
Thanks for looking into this; attached is the simple Pox script I used to setup the flows, and I've just run it again and confirmed that the wildcard field is 0x00100017 if I specify a MAC address and 0x0010001f if I don't specify anything to match against.

I run the script by putting it into the "pox/misc/" directory and then running:

Code: [Select]
./pox.py log.level --DEBUG misc.kevtest

I'll check what happens when I run this against openvswitch now...

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #8 on: May 10, 2016, 08:23:24 AM »
Using openvswitch, the installed flows definitely work fine.  I've wireshark'd the openflow traffic to the openvswitch, and the wildcard values being sent (0x100017 for the MAC address ones, 0x10001f for the catch-all) are definitely the same as the ones which the ZodiacFX showed.  I can't see how to get openvswitch to dump the current effective wildcards, they're not in "dump-flows":

Code: [Select]
pi@node1:~ $ sudo ovs-ofctl dump-flows dbr0
NXST_FLOW reply (xid=0x4):
 cookie=0x0, duration=2.049s, table=0, n_packets=2, n_bytes=196, hard_timeout=5, idle_age=0, priority=10,dl_dst=42:97:e5:67:1d:ff actions=output:9
 cookie=0x0, duration=2.049s, table=0, n_packets=2, n_bytes=196, hard_timeout=5, idle_age=0, priority=10,dl_dst=6e:76:17:29:19:b5 actions=output:8
 cookie=0x0, duration=2.049s, table=0, n_packets=0, n_bytes=0, hard_timeout=5, idle_age=2, priority=2 actions=FLOOD

Alas, I'll proceed with ryu or floodlight; I'm happy to experiment with other things in Pox if anyone thinks it would be useful diagnostically?

I should've mentioned earlier, my ZodiacFX is on firmware v0.58.  Also, many thanks for making OpenFlow accessible for lab environments like this at an affordable price!

*

Paul Zanna

  • Moderator
  • Sr. Member
  • *****
  • 370
    • View Profile
    • Northbound Networks
Re: Can someone help advise on a flow problem?
« Reply #9 on: May 10, 2016, 09:22:27 AM »
I think I have located the issue.

With all the controllers we tested against if a match field was empty then the controller would set the wildcard bit for that field however POX doesn't seem to do that, it only sets the wildcard bits for a few of the fields (not sure why it only picks those fields). The matching algorithm in the OF1.0 library looks for 2 things, either the values are the same or the wildcard bit is set for that field, which is probably why POX doesn't alway match correctly. I'll update the code to test for zero values also (which technically should be done anyway) and see how it goes. Version 0.59 is due tomorrow so I'll include it in that update.

Regards,
Paul

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #10 on: May 10, 2016, 09:43:43 AM »
Great, thanks - I'll test it again on 0.59.  I'll move onto ryu eventually anyway, if only to get openflow 1.3 support, but I'll still test it on pox.

*

Paul Zanna

  • Moderator
  • Sr. Member
  • *****
  • 370
    • View Profile
    • Northbound Networks
Re: Can someone help advise on a flow problem?
« Reply #11 on: May 11, 2016, 04:11:00 PM »
Hi Kevin,

Firmware version 0.59 is now available, hopefully it will fix the issues you are having with POX. Please let me know how you go.

Regards,
Paul

*

kevin

  • Newbie
  • *
  • 9
    • View Profile
Re: Can someone help advise on a flow problem?
« Reply #12 on: May 12, 2016, 07:36:11 AM »
It works!  Many thanks for your help with this.