Exercise: Pyretic Debugging

HINT: You might have to use the "$ dpctl dump-flows tcp:127.0.0.1:6634" or "mininet> dpctl dump-flows" command frequently.

• • In this debugging exercise, we take solutions available in the Internet for the gardenwall problem and try to fix bugs in it.
  • The basic solution is taken from the Internet [1], test if it is able to block h1 when "infected". Note that we will only use the "infected == True" for this exercise.
    • Copy the above code into /home/mininet/pyretic/pyretic/examples as pyretic_gardenwall_internetsolution.py
    • start controller (in /home/mininet/pyretic folder):

    $pyretic.py pyretic.examples.pyretic_gardenwall_internetsolution

• • • start mininet:

    $ sudo mn --controller=remote --topo=single,3 --mac --arp

• • • check h1 ping h2
    • Now infect h1 (in /home/mininet/pyretic/pyretic/kinetic folder):

    $ python json_sender.py -n infected -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001

• • • • NOTE: it is a "small L(-l) and not numeric 1"
      • Note what happens on the pyretic window

• • • check h1 ping h2. We should be able to observe that this traffic is blocked.

Now, we move on to the debugging part

• check h2 ping h3, what happens?
• Now, modify the given code to allow h2 traffic to pass through to h3, when h1 is "infected".
• Now, check if the "exempt" case is working fine too (i.e if h1 is "infected" and "exempt", send it to h3 instead of blocking it)

  $ python json_sender.py -n exempt -l True --flow="{srcmac=00:00:00:00:00:01}" -a 127.0.0.1 -p 50001

• • (Extra: Not Needed): Try fixing this code for the "infected" case.