Exercises pyretic debugging
Jump to navigation
Jump to search
Exercise: Pyretic Debugging
HINT: You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently.
- In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it.
- The basic solution is taken from the Internet [1], test if it is able to block h1 when "infected". Note that we will only use the "infected == True" for this exercise.
- Copy the above code into /home/mininet/pyretic/pyretic/examples as pyretic_gardenwall_internetsolution.py
- start controller (in /home/mininet/pyretic folder):
$pyretic.py pyretic.examples.pyretic_gardenwall_internetsolution
- start mininet:
$ sudo mn --controller=remote --topo=single,3 --mac --arp
- check h1 ping h2
- Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder):
$ python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001
- NOTE: it is a "small L(-l) and not numeric 1"
- Note what happens on the pyretic window
- check h1 ping h2. We should be able to observe that this traffic is blocked.
Now, we move on to the debugging part
- check h2 ping h3, what happens?
- Now, modify the given code to allow h2 traffic to pass through to h3, when h1 is "infected".
- Now, check if the "exempt" case is working fine too (i.e if h1 is "infected" and "exempt", send it to h3 instead of blocking it)
$ python json_sender.py -n exempt -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001
- (Extra: Not Needed): Try fixing this code for the "infected" case.