783
edits
Exercises pyretic firewall: Difference between revisions
→Exercise: Pyretic Firewall
| Line 5: | Line 5: | ||
$ sudo mn --controller remote --topo=single,3 --mac --arp | $ sudo mn --controller remote --topo=single,3 --mac --arp | ||
== (20P) Run the pyretic hub example == | |||
$ cd pyretic | $ cd pyretic | ||
$ pyretic.py –v high pyretic.examples.pyretic_hub | $ pyretic.py –v high pyretic.examples.pyretic_hub | ||
| Line 20: | Line 20: | ||
** Look into the hub code: pyretic/pyretic/examples/pyretic_hub | ** Look into the hub code: pyretic/pyretic/examples/pyretic_hub | ||
== (20P) Run the pyretic switch example == | |||
$ pyretic.py –v high pyretic.examples.pyretic_switch1 | |||
** restart mininet | |||
$ sudo mn --controller remote --topo=single,3 --mac --arp | |||
** Verify that the hosts can ping each other | ** Verify that the hosts can ping each other | ||
mininet> xterm h1 h2 h3 | |||
h2$ tcpdump -xx -n -i h2-eth0 | |||
h3$ tcpdump -xx -n -i h3-eth0 | |||
h1$ ping -c1 10.0.0.2 | |||
** Observe what happens when you do | ** Observe what happens when you do | ||
h1$ ping -c1 10.0.0.5 | |||
** Look into the switch code: pyretic/pyretic/examples/pyretic_switch1.py | ** Look into the switch code: pyretic/pyretic/examples/pyretic_switch1.py | ||
== (60P) Implement a layer 2 firewall that runs alongside the MAC learning module on the pyretic OpenFlow Controller == | |||
** Your firewall should be agnostic to the underlying topology | ** Your firewall should be agnostic to the underlying topology | ||
** Write code to block h1 to h2 and h2 to h1 (Mac IDs: 00:00:00:00:00:01, 00:00:00:00:00:02) | ** Write code to block h1 to h2 and h2 to h1 (Mac IDs: 00:00:00:00:00:01, 00:00:00:00:00:02) | ||