Archive | SDN RSS for this section

Fast start with Open vSwitch and POX controller in Debian Wheezy

Instructions mostly from the Open vSwitch Readme


// Delete all linux bridges that exist.
// then remove the bridge module
root@debian:/# modprobe -r bridge
// Install common and switch packages
root@debian:/# aptitude install openvswitch-switch openvswitch-common
// Install and build the ovs module using the DKMS package
root@debian:/# aptitude install openvswitch-datapath-dkms


// Load the ovs module
root@debian:/# modprobe openvswitch_mod
// Create the configuration database
root@debian:/# ovsdb-tool create /var/lib/openvswitch/conf.db /usr/share/openvswitch/vswitch.ovsschema
// Start ovsdb-server without SSL support
root@debian:/# ovsdb-server --remote=punix:/var/run/openvswitch/db.sock --remote=db:Open_vSwitch,manager_options --pidfile --detach
// The next command should be run the firt time a database is created
// with the ovsdb-tool as we did above. It initializes the db
root@debian:/# ovs-vsctl --no-wait init
// Start ovs daemon
root@debian:/# ovs-vswitchd --pidfile --detach
// Create a bridge
root@debian:/# ovs-vsctl add-br br0

And we are ready to go!

Integrate POX with OVS

// Get Pox and move to the betta -current stable branch -
user@debian:~/$ git clone
user@debian:~/$ cd pox/
user@debian:~/pox/$ git checkout betta
// Start an empty controller, without templates where rules have to 
// be added manually
user@debian:~/pox/$ ./ samples.pretty_log
// Go in another terminal
// Define the switch's policy if connection with the server is lost
// standalone or secure, see ovs-vsctl manual
root@debian:/# ovs-vsctl set-fail-mode ovs-switch standalone
// Define the controller  address to the switch
root@debian:/# ovs-vsctl set-controller br0 tcp:

Now everything is set up. Have fun 😛


A hands-on intro to OpenFlow and Open vSwitch with Mininet (Part I)

In this post I will provide some notes on the OpenFlow tutorial using Mininet.

The topology used in the tutorial is the following (the controller is external to mininet):
Tutorial Arhcitecture

Controller Startup

We start the Openflow reference controller with the command:

$ controller ptcp:

This will create the following series of messages to be exchanged.

You can get a copy of a similar capture from here. The capture can be viewed in wireshark using the Openflow Wireshark dissector (Helpful guide).

Continuous communication problem.

Then, the controller and the switch continue exchanging frequently Echo Request and Echo Reply messages.
According the Openflow specification[1] :

In the case that a switch loses contact with the 
controller, as a result of a echo request timeout, 
TLS session timeout, or other disconnection, it 
should attempt to contact one or more backup 

This can prove to be a problem for our case. How this is implemented by the different controllers, as well as the frequence and its possible modification in a proactive environent should be explored. The tutorial mentions about
POX that:

When an OpenFlow switch loses its connection to a 
controller, it will generally increase the period 
between which it attempts to contact the controller, 
up to a maximum of 15 seconds. Since the OpenFlow 
switch has not connected yet, this delay may be 
anything between 0 and 15 seconds. If this is too 
long to wait, the switch can be configured to wait 
no more than N seconds using the --max-backoff 

Also useful is this post in the ovs-discuss list.

Flow Modification

Since the switch flow tables are initially empty a ping command will cause the following message exchange.
Pulpit rock
You can get a copy of a similar capture from here.

We can see the Packet In,Packet Out and Flow Mod messages.
Flow removal messages do not appear as mentioned in the tutorial. This may be a problem with the OVS version (1.2.2). Additionally, this version does not support the send_flow_rem flow option in through the ovs-ofctl tool and neither is this option supported by the dpctl provided by the OF implementation. Thus, there is no way to check which is the actual problem.

User-space OVS vs kenel-space OVS

Following the tutorial we can see that using kernel-space OVS bandwith (measured with iperf) is arround 190 Mbps while with user-space OVS is arround 23Mbps.

Note: Mininet Internet Connection

By default, the mininet vm comes without connection to the host network. This happens because the guest network is implemented with the virtio paravirtualization driver.

Up Next…

There is going to be a post following, which will contain notes from the rest of the tutorial using POX controller in order to implement L2 and L3 learning.