Exercises pyretic debugging: Difference between revisions
Jump to navigation
Jump to search
(4 intermediate revisions by the same user not shown) | |||
Line 2: | Line 2: | ||
'''HINT:''' You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently. | '''HINT:''' You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently. | ||
** In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it. | ** In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it. | ||
** The basic solution is taken from the Internet [https:// | ** The basic solution is taken from the Internet [https://projects.gwdg.de/projects/mayutan-public/repository/raw/courses/SDN/2017_2018_WS/exercises/pyretic_gardenwall_internetsolution1.py], test if it is able to block h1 when "infected". Note that we will only use the "infected == True" for this exercise. | ||
*** Copy the above code into /home/mininet/pyretic/pyretic/examples as | *** Copy the above code into /home/mininet/pyretic/pyretic/examples as pyretic_gardenwall_internetsolution.py | ||
*** start controller (in /home/mininet/pyretic folder): pyretic.py pyretic.examples. | *** start controller (in /home/mininet/pyretic folder): | ||
*** start mininet: sudo mn --controller=remote --topo=single,3 --mac --arp | $pyretic.py pyretic.examples.pyretic_gardenwall_internetsolution | ||
*** start mininet: | |||
$ sudo mn --controller=remote --topo=single,3 --mac --arp | |||
*** check h1 ping h2 | *** check h1 ping h2 | ||
*** Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder): python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001 | *** Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder): | ||
$ python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001 | |||
**** NOTE: it is a "small L(-l) and not numeric 1" | |||
**** Note what happens on the pyretic window | |||
*** check h1 ping h2. We should be able to observe that this traffic is blocked. | *** check h1 ping h2. We should be able to observe that this traffic is blocked. | ||
== Now, we move on to the debugging part == | |||
* check h2 ping h3, what happens? | |||
* Now, modify the given code to allow h2 traffic to pass through to h3, when h1 is "infected". | |||
* Now, check if the "exempt" case is working fine too (i.e if h1 is "infected" and "exempt", send it to h3 instead of blocking it) | |||
** | $ python json_sender.py -n exempt -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001 | ||
** (Extra: Not Needed): Try fixing [https://projects.gwdg.de/projects/mayutan-public/repository/raw/courses/SDN/2017_2018_WS/exercises/pyretic_gardenwall_internetsolution.py this] code for the "infected" case. |
Latest revision as of 13:15, 12 October 2017
Exercise: Pyretic Debugging
HINT: You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently.
- In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it.
- The basic solution is taken from the Internet [1], test if it is able to block h1 when "infected". Note that we will only use the "infected == True" for this exercise.
- Copy the above code into /home/mininet/pyretic/pyretic/examples as pyretic_gardenwall_internetsolution.py
- start controller (in /home/mininet/pyretic folder):
$pyretic.py pyretic.examples.pyretic_gardenwall_internetsolution
- start mininet:
$ sudo mn --controller=remote --topo=single,3 --mac --arp
- check h1 ping h2
- Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder):
$ python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001
- NOTE: it is a "small L(-l) and not numeric 1"
- Note what happens on the pyretic window
- check h1 ping h2. We should be able to observe that this traffic is blocked.
Now, we move on to the debugging part
- check h2 ping h3, what happens?
- Now, modify the given code to allow h2 traffic to pass through to h3, when h1 is "infected".
- Now, check if the "exempt" case is working fine too (i.e if h1 is "infected" and "exempt", send it to h3 instead of blocking it)
$ python json_sender.py -n exempt -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001
- (Extra: Not Needed): Try fixing this code for the "infected" case.