NET Wiki

Specialization Software-defined Networking (Winter 2015/2016): Difference between revisions

← Older edit
Marumai1 (talk | contribs)
783 edits
 
(67 intermediate revisions by one other user not shown)
Line 1: Line 1:
{{Announcement|Note: Since 25th March is Easter Friday, the course and final presentations that are scheduled for 25th March will be shifted to a date in the last two weeks of April. We can decide on the exact day on the 21st March, on the first day of the course. }}
{{Announcement|Note: We will have the final presentations on April 21: 8-12pm (in Room 2.101) and 16-18 (in Room 1.101) slot is additionally reserved }}


{{Announcement|Note:  
{{Announcement|Note:  
Line 28: Line 28:


==Schedule==
==Schedule==
{{Announcement|Note: We will have the final presentations on April 21: 8-12pm and 16-18 slot is additionally reserved }}


{| {{Prettytable|width=}}
{| {{Prettytable|width=}}
Line 58: Line 59:
| align="right" | 23.03.2016
| align="right" | 23.03.2016
| Lecture III: Enhancing Data Plane - II
| Lecture III: Enhancing Data Plane - II
| Exercise V: Kinetic Firewall
| Exercise V: Kinetic Firewalls
| Group Discussion III
| Group Discussion III
| Exercise VI: Kinetic-pox loadbalancer
| Exercise VI: pyretic debugging
|-
|-
| align="right" | 24.03.2016
| align="right" | 24.03.2016
| Exercise VII: kinetic, pyretic debugging
| Lecture IV: ONOS
| Exercise VIII: Service Chaining I
| Exercise VIII: ONOS tutorials
| Group Discussion IV
| Group Discussion IV
| Exercise IX: Service Chaining II
| Exercise IX: ONOS Applications
|-
| align="right" | xx.xx.2016 (Since 25th March is Easter Friday, see note above)
| "Preparation for final presentation"
| "Preparation for final presentation"
| Final presentations I
| Final presentation II
|-
|-
|}
|}
== April 21: Schedule ==
{{Announcement|Note: Lets start at 8:30 instead of 8:00}}
* 8:30-9:00: group presentation
* 9:00-9:30: group presentation
* 9:30-10:00: group presentation
* 10:00-10:30: group presentation
* 10:30-11:00: group presentation/Exercises/Q&A
* 11:00-11:30: group presentation/Exercises/Q&A
* 11:30-12:00: group presentation/Exercises/Q&A
* 16:00-17:00: Exercises/Q&A
* 17:00-17:30: Group presentation (Pouya & Mehdi)
* 17:30-18:00: Exercises/Q&A


==Requirements==
==Requirements==
Line 84: Line 95:
** Short report on the group discussion papers
** Short report on the group discussion papers
** Report on the paper presented by team-X for the final presentation  
** Report on the paper presented by team-X for the final presentation  
== Lectures ==
* Lecture I: Enhancing Data Plane I [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/1.0-Middleboxes_basic.pdf slides-I][https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/1.1-Designing%20Middleboxes.pdf slides-II]
* Special Lecture: How to Read (research) Papers [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/0.1-Group_Discussions.pdf slides-I][https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/howtoread.pdf Link_to_original_paper]
* Lecture II: Northbound API [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/2.0-Northbound%20API%20Motivation.pdf slides-I] [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/2.1-Northbound%20API%20Pyretic.pdf slides-II]
* Lecture III: Enhancing Data Plane II [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/1.2-Managing%20Middleboxes%20FlowTags.pdf Managing Middleboxes: Flowtags][https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/1.3-Managing%20Middleboxes%20Simplefying%20Steering%20FCSC.pdf Steering,Simplefying]
* Lecture IV: ONOS: [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/ONOS.pdf ONOS]
== Group Discussion ==
=== GD I ===
* Special Lecture: How to Read (research) Papers [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/0.1-Group_Discussions.pdf slides-I][https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Lectures/howtoread.pdf Link_to_original_paper]
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/0.GD-I-Debugging/SDN-traceroute.pdf SDN traceroute]
=== GD II ===
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/GD-II/a10-jyothi.pdf Towards a flexible data center fabric with source routing]
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/GD-II/pathlet.pdf pathlet]
=== GD III ===
* [https://www.usenix.org/system/files/conference/nsdi16/nsdi16-paper-eisenbud.pdf Maglev (NSDI 2016)]
* [http://conferences.sigcomm.org/sigcomm/2015/pdf/papers/p465.pdf Presto]
=== GD IV ===
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/GD-IV/splitmerge.pdf SplitMerge]
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/GD-IV/p163-gember-jacobson.pdf OpenNF]
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/GD-IV/shadowmac-hotsdn-2014-final.pdf ShadowMac]
== Papers for Final Presentations ==
* Presentations will be from 8-12 on April 21.
* Each group gets 20 minutes of presentation time and 10 minutes for Q&A. Georgios gets 10 minutes of presentation time and 5 minutes of Q&A.
* [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/presentation/papers.zip All the papers can be downloaded here as a zip file]
* NFV & security (Vijay, Mohsen)
** [http://conferences.sigcomm.org/sigcomm/2015/pdf/papers/p199.pdf McTLS]
** [http://conferences.sigcomm.org/sigcomm/2015/pdf/papers/p227.pdf Rollback Recovery of Middlebox]
* Miscellaneous Papers - I (AHM, Luis)
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper69.pdf CacheFlow]
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper62.pdf Safe and Flexible Controller upgrades in SDN]
* Miscellaneous Papers - II (Mahmoud, Amine)
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper42.pdf Improving SDN with InSPired Swithes]
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper70.pdf RAVEL]
* Middlebox Optimization/Load balancers - I (Mehdi, Pouya)
** [https://www.usenix.org/system/files/conference/nsdi16/nsdi16-paper-heorhiadi.pdf Simplifying SDN optimization using SOL]
** [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/GD/Full_papers/CoMB-nsdi12.pdf CoMB: Design and Implementation of consolidated Middlebox architecture]
* Middlebox Optimization/Load balancers - II (Osamah, Fazely)
** [https://www.usenix.org/system/files/conference/nsdi16/nsdi16-paper-khalid.pdf Paving the way for NFV: Simplifying middlebox modifications Using StateAlyzr]
** [http://dl.acm.org/citation.cfm?id=2396566 XoMB: Extensible Open Middleboxes with comodity servers]
* SDN and Fault Tolerance: (Dieter, Ferdinand)
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper57.pdf LegoSDN: Isolating and tolerating SDN application failures with LegoSDN]
** [http://conferences.sigcomm.org/sosr/2016/papers/sosr_paper67.pdf Hula: scalable load balancing using programmable data planes. (NSDI 2016)]
* Open vSwitch (Georgios)
** [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/presentation/papers/nsdi15-Open-vSwitch.pdf The Design and Implementation of Open vSwitch]


== Exercises ==
== Exercises ==
Line 94: Line 166:
* Use the following option to get more debug info while using pox  
* Use the following option to get more debug info while using pox  
** $ ./pox/pox.py log.level --DEBUG misc.of_tutorial
** $ ./pox/pox.py log.level --DEBUG misc.of_tutorial
** NOTE: There are two "-" (i.e. --) used for options in mininet/pox. In the wiki, sometimes the two lines join up and show as one line.
** NOTE: There are two "-" (i.e. --) used for options in mininet/pox. In the wiki, sometimes the two lines  
join up and show as one line.
** Best not to use the command prompt within the VM, but to use terminals created by ssh (e.g. via Putty)
*** e.g. xterm h1 doesn't work
*** there were also issues while starting pyretic


=== 21 March ===
=== 21 March ===
Line 100: Line 176:


==== Exercise I: Data Centers ====
==== Exercise I: Data Centers ====
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_dc Exercise_DC]
==== Exercise II: Load balancers ====
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_lb Exercise_LB]
=== 22 March ===
==== Exercise III: Firewall ====
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_firewall Exercise_Firewall]


* (30P) Warmup (simple Tree) ($ => commands on VM, > => commands on mininet/pox, Q => Question)
==== Exercise IV: Pyretic Firewall ====
** $ sudo mn --topo tree,3 --mac --arp --switch ovsk --controller remote
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_pyretic_firewall Exercise_Pyretic_Firewall]
** $ h1 ping h8 (Q: What do you observe?)
** $ ./pox/pox.py
** $ h1 ping h8 (Q: What do you observe?)
** $ ./pox/pox.py samples.spanning_tree
** $ h1 ping h8 (Q: What do you observe?)


* (40P) Create your own simple tree
=== 23 March ===
** copy dcsimple.py ([https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/Ex1/dcsimple.py]) to mininet/custom/
==== Exercise V: Kinetic firewall ====
** modify dcsimple.py to create hosts, switches and connections for a three level tree
* Note that -l in the instructions (e.g. infected -1) is not a numeric "1", but the small version of "L"
** $ sudo mn –-custom dcsimple.py -–topo simple
* Kinetic Firewall [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/kinetic.pdf Instructions], [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/kinetic_gardenwall.py Starting_Code]
** Check with ping


* (30P) Create your own Fattree
==== Exercise VI (Part A): Pyretic Debugging ====
** copy dcfat.py ([https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/Ex1/dcfat.py]) to mininet/custom/
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_pyretic_debugging Exercise_Pyretic_Debugging]
** modify dcfat.py to create a fat tree (level 0: so & s1, level 1: s2 & s3, level 2: s3, s4, s5, s6, Level 3: Hosts)
** $ sudo mn –-custom dcfat.py -–topo fat
** check with ping
** $ sudo mn –-custom dcfat.py -–topo fat --controller remote
** $ ./pox/pox.py samples.spanning_tree
** check with ping


==== Exercise II: Load balancers ====
==== Exercise VI (Part B): Kinetic like firewall using pox ====
* Setup will be as shown in Figure [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex2/Load_balancer-fig.pdf]
[https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=exercises_kinetic_pox_firewall Exercise_Kinetic_Pox_Firewall]
* (40P) Pre-defined servers
 
** AIM: Http requests from different clients will be directed to different pre-defined servers
=== 24 March ===
** $ sudo mn --topo single,6 --mac --arp --controller remote
==== Exercise VII: Basic ONOS ====
** $ ./pox.py log.level –-DEBUG misc.ip_loadbalancer –-ip=10.0.1.1 –-servers=10.0.0.1,10.0.0.2
* [https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=basic_onos Basic ONOS]
** Start HTTP servers on h1, h2
* [https://wiki.net.informatik.uni-goettingen.de/w/index.php?title=sdn_ip_onos ONOS SDN IP]
*** > xterm h1,h2
 
*** h1$ python –m SimpleHTTPServer 80
==== Exercise VIII: ONOS Application ====
*** h2$ python –m SimpleHTTPServer 80
* Try to create your own simple ONOS application (e.g. firewall, SFC, load balancer) looking at the tutorials given
** Get webpage from clients (h3)
** Disclaimer: I am also working on this
*** > xterm h3
* You can also use this time to finish with the other exercises and do the above at home
*** h3$ curl 10.0.1.1
 
** Observe in Pox controller, which server is it connecting to. Continue to obtain webpage from the same client and one other client and observe the results
* I have posted some hints to help you creating your ONOS application. [http://olbarakat.info/o/?page_id=104 Go to here]
*** Are both servers getting an equal share


* (60P) Modified Load_balancer
== Requirement and Due Date for Final Report (E-Mail to Mayutan)==
** Now modify pox/pox/misc/ip_loadbalancer.py to select server in a round robin fashion
{{Announcement|Note: The final report is due on April 30th.}}


=== 22 March ===
* Submit your final report (in .pdf format) as well as code (in .py format) as one zipped file with your name.
==== Exercise III: Firewall ====
 
* Topology is the same as that used for loadbalancing
subject line of email: Submission of work for Specialization in SDN
Name of attachment: name.zip, e.g., if when I submit the final work, the file will be named: Mayutan.zip


* (40P) Simple firewall
'''NOTE:''' You also have the opportunity to show me the code on April 21, 16-18pm.
** We will be using the load-balancer experiment as basis
** put blocker.py (https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex3/blocker.py) in pox/ext/blocker.py
** $ sudo mn --topo single,6 --mac --arp --controller remote
** $ ./pox.py forwarding.l2_learning blocker py
*** Note that there is a space between blocker and py to enable interactive mode
*** or $ ./pox.py forwarding.l2_learning blocker.py --ports=80,8888,8000
** start Webserver in h1
*** h1$ python -m SimpleHTTPServer 80
** Try to perform curl or wget from h2 to h1
*** h2$ curl 10.0.0.1
** Then block port 80 in pox controller
*** pox> block(80)
** Now, again try the following and report what happens
*** h2$ curl 10.0.0.1


* (60P) Advanced Firewall ( I will give you hints)
'''NOTE:''' Your final report ([ftp://ftp.springer.de/pub/tex/latex/llncs/latex2e/llncs2e.zip LaTeX Template]) should include:
** Topology [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex3/1.firewall-fig.pdf]
* Title sheet showing your name and matriculation number
** Aim: Implement a layer 2 firewall that runs alongside the MAC learning module on the POX OpenFlow Controller. Your firewall should be agnostic to the underlying topology. Take MAC pair list as input and install it on the switches in the network
** Note that MAC learning can be done in conjunction with firewall. Therefore you might have to assign  priority to each application.
** Copy firewall.py from [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex3/firewall.py] into pox/pox/misc folder
** Start editing firewall.py
*** Write code to block h1 to h2 (Mac IDs: 00:00:00:00:00:01, 00:00:00:00:00:02)
** Do the following to quickly test code
*** $ ./pox.py --verbose forwarding.l2_learning misc.firewall
*** $ sudo mn --topo single,3 --controller remote --mac
*** $ dpctl dump-flows tcp:127.0.0.1:6634


==== Exercise IV: Pyretic Firewall ====
* 6 pages of paper review using the [http://user.informatik.uni-goettingen.de/~dkoll/files/sdn/review.docx review form].
* Aim: Pyretic based firewall
 
* Topology [https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex3/1.firewall-fig.pdf]
  For this, you can review the papers that your group presented (3 pages for each review)
* Put the following files([https://dl.dropboxusercontent.com/u/1652374/SDN_course_WS2015-2016/Exercises/ex4/pyretic_firewall_students.zip]) in folder: pyretic/pyretic/examples
* $ sudo mn --controller remote --topo=single,3 --mac --arp


* (20P) Run the pyretic hub example
* Additionally, you can have one of the two:
*** $ pyretic.py –v high pyretic.examples.pyretic_hub
** 1) Programming part: Program a simple new application (e.g. like the gardenwall example or load balancing or SFC) in ONOS. It can be done in groups.  
** Verify that the hosts can ping each other
** 2) 9 pages of reviews using the [http://user.informatik.uni-goettingen.de/~dkoll/files/sdn/review.docx review form]. These reviews should be of full papers that others have presented.  
*** > xterm h1 h2 h3
 
*** h2$ tcpdump -xx -n -i h2-eth0
* One review form (3 pages each) for each of the paper your group was assigned during the course for the final presentation (Use this [http://user.informatik.uni-goettingen.de/~dkoll/files/sdn/review.docx review form]).
*** h3$ tcpdump -xx -n -i h3-eth0
Those who need to write an additional review of a paper presented during the final presentations: ().
*** h1$ ping -c1 10.0.0.2
These extra pages will be for those who don't ask questions or participate in discussions during
** Observe what happens when you do
others' presentations. 
*** h1$ ping -c1 10.0.0.5
Therefore, highly recommended that all of you make a first and second pass of the papers belonging
** Look into the hub code: pyretic/pyretic/examples/pyretic_hub
to other groups.


* (20P) Run the pyretic switch example
*** $ pyretic.py –v high pyretic.examples.pyretic_switch1
** Verify that the hosts can ping each other
*** > xterm h1 h2 h3
*** h2$ tcpdump -xx -n -i h2-eth0
*** h3$ tcpdump -xx -n -i h3-eth0
*** h1$ ping -c1 10.0.0.2
** Observe what happens when you do
*** h1$ ping -c1 10.0.0.5
** Look into the switch code: pyretic/pyretic/examples/pyretic_switch1.py


* (60P) Implement a layer 2 firewall that runs alongside the MAC learning module on the pyretic OpenFlow Controller.
Make sure that you write your own review. Copy/Paste reviews from other participants of the course
** Your firewall should be agnostic to the underlying topology
will not be accepted. The reviews are individual work.
** Write code to block h1 to h2 and h2 to h1 (Mac IDs: 00:00:00:00:00:01, 00:00:00:00:00:02)
** Start with pyretic_firewall.py
** See in pyretic_firewall.py for instructions on how to test the code as well as how to write the code
** To Test run:
*** sudo mn --controller remote --topo=single,3 --mac --arp
*** pyretic.py –v high pyretic.examples.pyretic_firewall


=== 23 March ===
* screenshots to prove that the code is working for those who didn't show it to me during the lecture. Please refer to the Exercise Section above.
* The slides (if any) you used for presenting your papers in class.
No need to improve the slides after presenting.


=== 24 March ===


==== Exercise VIII: Kinetic like firewall using pox ====
==Grading==
* Instructions:  [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/pox_gardenwall.pdf instructions]
* Each participant is required to actively attend the course (80%+ attendance) and earn 50% of the points of the exercises.
* Starting Code: [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/pox_gardenwall.py Starting_Code]
* Students will be required to do a presentation after the end of the course (April 21 2016).
* Tips: [https://openflow.stanford.edu/display/ONL/POX+Wiki#POXWiki-ofp_flow_mod-Flowtablemodification Tutorial]
* Grading will be based on a written report to be submitted by each student, which includes:
** Slides used for presentation in the seminar (25%)
** Mandatory review of SDN research papers (50%)
** ONOS application/paper-review (25%)
* No exam


=== 25 March ===
* Exercise IX: Pyretic Debugging (Exempt: Omar, Martin, Thomas, Sameer, Eeran)
'''HINT:''' You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently. 
** In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it.
** We have done kinetic firewall in exercise VII and imitated the same firewall using pox in exercise VIII. Now, we will imitate the same firewall using pyretic.
** The basic solution is taken from the Internet [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/pyretic_gardenwall_internetsolution1.py], test if it is able to block h1 when "infected". Note that we will only use the "infected == True" for this exercise.
*** Copy the above code into /home/mininet/pyretic/pyretic/examples as gardenwall_internetsolution.py
*** start controller (in /home/mininet/pyretic folder): pyretic.py pyretic.examples.gardenwall_internetsolution
*** start mininet: sudo mn --controller=remote --topo=single,3 --mac --arp
*** check h1 ping h2
*** Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder): python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001
*** check h1 ping h2. We should be able to observe that this traffic is blocked.
*** Now, we move on to the debugging part
**** check h2 ping h3, what happens?
**** Now, modify the given code to allow h2 traffic to pass through to h3, when h1 is "infected".
** Now, check if the "exempt" case is working fine too
** if time permits, check and improve code to allow h1 to ping h2
** If time permits, try fixing [https://dl.dropboxusercontent.com/u/1652374/SDN_Course/Exercises/pyretic_gardenwall_internetsolution.py this] code for the "infected" case.






[[Category:Courses]]
[[Category:Courses]]
Retrieved from "https://wiki.net.informatik.uni-goettingen.de/wiki/Specialization_Software-defined_Networking_(Winter_2015/2016)"