Here we are again.
In last post (Part I), a global overview of the Lab was introduced.
In this part we’ll focus on the VM environment, creating VMs, installing and configuring the guest OS (Xubuntu) and finally installing sFlow-RT, Floodlight and mininet. The VMs acting as PC clients will be configured as well.
First, the IP addressing schema used (This network is isolated, so don’t waste your time trying to reach it):
Let’s start with sFlow-RT.
In the SDN model, sFlow can be powerful module, as brings the “eye” to see what is happening:
First, go to http://xubuntu.org/, and download the current xubuntu-desktop release, that should be 13.10 (Saucy Salamander) or the new 14.04LTS (Long Term Support). The downloaded file is an ISO, that can be used for LIVE testing or for installation.
It’s important to provide Internet access to the VMs, so depending on your setup, it may require do routing/NAT, or use different interfaces and vswitches inside the hypervisor.
In our case, we’ve two networks, one for management and one for Internet access, so I’m providing both interfaces to all VMs. Adapt the configuration to your environment.
Now, in your Virtualization tool, select “new VM”.
As it’s XenServer 6.0.2, and latest Ubuntu releases are not present, chose other install media
Select the Xubuntu ISO file from your Database (NFS in our case)
Adjust vCPU and RAM
Select the appropriate Networks
Or follow next set of pictures for VirtualBox:
Adjust the vRAM (I’m using 4GB, but 2GB will work as well)
Create a new Virtual Disk
Select a Virtual Disk format
10GB would be enough if limited in disk space.
Once created, select the VM and right-click for “Configuration”
If you plan to install VirtualBox Guest tools and want to use the clipboard, select bidirectional.
I usually remove the floppy support
Select the number of vCPUs
Increase the Video RAM
Select the Xubuntu ISO, previously downloaded, as the DVD
Change from NAT to your network configuration, in our case to “Bridge Adapter”
And that’s all, save the Configuration.
For sFlow-RT, the configured resources are: 2 vCPU(s) and 4GB RAM, with two interfaces, one to the management network and other to Internet. Storage 20GB.
If you have troubles with this configuration, try 1 vCPU, 2GB RAM and 10GB Disk. Or go to Ubuntu-Server edition and add a minimal desktop. It’s, just download the server edition, and once installation is finished, add the desktop of your choice (Google for “add GUI to Ubuntu server” and you will get many options).
Once VM is configured, start it and move to the GUI console…
The VM will boot up from the ISO and Ubuntu (Xubuntu) booting sequence can be seen… After some seconds, the first screen:
Select you language and click “Install Xubuntu”
Be sure to have Internet access. I always check “Download updates while installing”.
I always use LVM (Logical Volume Management), that way it’s quite easy to expand the filesystem, if running out of space.
Select you location (will be used for time sync over Internet)
Select you keyboard layout
The user name, user, password and hostname.
And the installation begins…
Depending on your Hardware and Internet access, it’s time for a beer or a barrel…
Once installation finishes:
Just, click on restart
Hit “Enter” and the VM will reboot
Next boot, Xubuntu will start, and show you the log-in splash:
Login to sflow VM (type your passwd)
Let’s configure the Networking properties
After clicking on “Edit”
Click on each interface and configure them:
- For the management, set a manual IP address, according to your IP addressing schema.
- For Internet, DHCP
If you’re missing the “ethX” identifier, then open a terminal and… uppss, where is the launcher… I hate fearful launchers… let’s change it: Move the mouse down… and the launcher will show up…
Select “Panel” -> “Panel Preferences” and change the behavior.
Now the “Terminal” and “Firefox” are at our hand !!
On the top of the screen, “Software Updater” may be claiming for your attention… Select “Install Now”, probably you’ll be asked for the password.
When Updater finishes, it may require a restart… do it (or open a terminal and write “sudo init 6″).
After reboot the system is up, fresh and ready to install sFlow.
As a general rule, after installing new software or packages, it’s recommended to update and upgrade:
sudo apt-get update
sudo apt-get upgrade
Open Firefox and search for “sflow-rt”, go to InMon webpage and follow the installation instructions:
- Open a Terminal
- Install Java, type in the Terminal
- sudo apt-get install openjdk-7-jre
- Follow the sFlow-RT instructions, type in the Terminal:
- wget http://www.inmon.com/products/sFlow-RT/sflow-rt.tar.gz
- tar -xvzf sflow-rt.tar.gz
- cd sflow-rt
- Start sFlow-RT:
sFlow-RT is installed in your HOME directory (/home/<your_user_name>/sflow-rt)
Once started, sFlow-RT can be acceded by JSON. In Firefox, open “http://localhost:8008″
Click on “RESTflow API” for a detail on the REST API:
I’d like to thank people in http://blog.sflow.com, as I gathered a lot of information from them. Thanks guys !!!
Once the OS6900 were configured, the sFlow agents will be visible in the “Agents” tab, and the “ddos” flow will be shown in Metrics or Flows.
The “ddos” flow will be defined from our SDN-APP, tracking all the activities between our Front-End and Back-End domains (in our example, the two VMs)
It’s time now for Floodlight, the chosen SDN Controller for this lab.
Floodlight VM has 2 vCPUs and 4GB RAM with 20GB disk. Follow the same steps to create a new VM with these specifications, and assign the right Network configuration.
Install Xubuntu, as done with sFlow-RT.
Let’s follow the Floodlight installation guide:
sudo apt-get install build-essential default-jdk ant python-dev eclipse
sudo apt-get install git
git clone git://github.com/floodlight/floodlight.git
Once built, run Floodlight:
java -jar target/floodlight.jar
And open Firefox and go to “http://localhost:8080/ui/index.html”
We’ll be using the REST interface to interact with Floodlight from our SDN-APP… The best place to dig into the Floodlight REST interface (JSON) is The Floodlight Documentation.
There is no vswitch yet in the Floodlight Controller, as neither the Mininet not the OS6900 have been configured.
As it’s possible troubles may arise, it’s interesting to count with Wireshark. Let’s install Wireshark and the OF1.0 dissector in order to be able to decode the OF protocol.
In the Terminal, type:
sudo apt-get install wireshark
Once finished, remember that wireshark MUST be run with root privileges. Otherwise the network interfaces won’t be available as wireshark will be running in user space instead of root space.
So every time wireshark is needed:
sudo wireshark &
It’ll complaint about running as superuser… just click “ok”.
Will complaint again… select “Don’t show this message again” and “ok”.
The wireshark interface should be in front of you, just select the appropriate interface (ethX) and capture.
Wireshark is actively developing support for OF (1.0, 13.1, 1.4) but I had troubles with beta releases, so decided to go for the OF dissector.
Go to “Help->About Wireshark->Plugins”. Check for the directory where dissectors are stored (/usr/lib/x86_64-linux-gnu/wireshark/libwireshark3/plugins/)
Now download this file (the OF dissector):
Assuming you downloaded in “Downloads” (“Descargas” in Spanish):
tar -zxvf openflow.so_.tar.gz
sudo cp openflow.so /usr/lib/x86_64-linux-gnu/wireshark/libwireshark3/plugins/.
sudo chmod -x /usr/lib/x86_64-linux-gnu/wireshark/libwireshark3/plugins/openflow.so
Now, let’s create a Wireshark launcher:
From the top-left menu, go to “Internet->Wireshark” and DRAG the icon to the launcher…
Move the wireshark launcher to your desired position… (Right-click and select move)
Now, if you click on the Wireshark launcher… It’ll start in your user space, without network interfaces. We need to start a Graphical application as root… Fortunately we count on gksudo/gksu.
Let’s install them first:
sudo apt-get install gksu
Now let’s modify the wireshark launcher (right-click on the icon, and click on properties):
Click on the “pencil” for EDIT
In the “Command” add “gksudo” at the beginning:
“Save”, then “Exit” and done… Click on the wireshark icon, and should ask you for the root password:
And now all interfaces are available:
And the most important: The OF Dissector as well:
Ok, Floodlight VM is ready for service…
Although Mininet is not used in this LAB, it could be useful for testing.
Check Mininet download and configuration guide (Mininet-Get Started). There are three ways of installing Mininet: download the pre-built Mininet VM (recommended for starters), install from Ubuntu repositories (sudo apt-get install mininet), or download code from GIT and compile. In our case we’ll go to download and install Mininet from GIT.
Create the VM with 2 vCPUs, 4GB RAM and 20GB storage. Install Xubuntu, as in previous steps.
After installing upgrades, and setting the different properties (Networking, etc.):
sudo apt-get install git
git clone git://github.com/mininet/mininet
And go for a barrel, this time a beer is not enough…
Once finished, let’s follow Mininet Get Started guide and run it. Type in the Terminal:
sudo mn –test pingall
This command will run mininet, create a single vswitch, with its SDN controller, and two host. Then each host will ping the other, show results and stop all virtual devices (vswitch, controller, and 2 hosts).
It’s important to start with a clean environment each time, so remember to use:
sudo mn -c
For mastering mininet, just go to the Mininet Walkthrough.
Our SDN-APP is a Python application, that will configure sFlow-RT using JSON, gather information from Floodlight using JSON and will program the OS6900 through Floodlight, pushing the flows using JSON.
Again, install Xubuntu and configure the Network interfaces.
As we’ll be needing some Python modules, install pip (installing and managing Python packages):
sudo apt-get install python-pip python-dev build-essential
sudo pip install −−upgrade pip
In the next Chapter (Part III), needed modules will be loaded, and will explain the Python script.
PC1 and PC2
PC1 and PC2 are already existing VMs.
I’ve some Ubuntu 12.10 VMs, running Unity2D, with a set of tools that help in the test and troubleshooting tasks (wireshark, ostinato – great tool -, etc.)
If starting from scratch, then create a pair of Xubuntu VMs, as done previously, linked with a physical interface in the hosts, and connect both interfaces to the OS6900. If you have a pair of old laptops, install your favourite Linux distro and configure the Network interfaces.
In any case, a pair of hosts, one with 22.214.171.124/24 IP address and the other with 126.96.36.199/24. The default gateway is 188.8.131.52 in first case and 184.108.40.206 in second case. These IP addresses will be configured in the OS6900, as we’ll see in Part III.
Last thing to do in this section is connectivity Testing.
Be sure you can ping between sFlow, Floodlight and SDN-APP.
In the next section, we’ll cover:
- OS6900 configuration
- Connectivity between PC1 and PC2 will be tested
- A deep explanation of the main python script (SDN-APP), and some short helpful python scripts.
See you in next section !!!
How orchestrated communications during the prevention and intervention stages can help
This blog raises awareness about the use of consumer-grade comms applications within a business. It illustrates how unregulated use of ‘shadow IT’ can be detrimental.
Giacomo Nizzolo from NTT Pro Cycling wins stage 6 of Tour Down Under to start the season
Did your cybersecurity leave by a backdoor?
Augmented intelligence and IoT fingerprinting provide the tools network administrators need to optimize bandwidth and make better decisions.
Cloud solutions are transforming business models and opening doors to new economic models to pay for digital transformation.