Peter
Author Archives: Peter
Author Archives: Peter
Performance Aware SDN describes the theory behind analytics driven orchestration. The talk describes how fast controller response, programmatic configuration interfaces and consistent instrumentation of all the elements being orchestrated are pre-requisites for feedback control.This article uses an Alcatel-Lucent OmniSwitch 6900 as an example. The switch has hardware sFlow support for line rate visibility on all ports, and support for OpenFlow and a RESTful configuration API to deploy control actions. In this example a basic DDoS mitigation filtering function will be triggered when large flood attacks are detected. The script is based on the version described in the article Integrated hybrid OpenFlow, but modified to use the OmniSwitch RESTful API.
sflow agent ip 10.0.0.235The switches also support the sFlow MIB for configuration.
sflow receiver 1 name InMon address 10.0.0.1 udp-port 6343
sflow sampler 1 port 1/1-20 receiver 1 rate 512
sflow poller 1 port 1/1-20 receiver 1 interval 30
$ wget https://jenkins.opendaylight.org/controller/job/controller-merge/lastSuccessfulBuild/artifact/opendaylight/distribution/opendaylight/target/distribution.opendaylight-osgipackage.zipNext start Mininet.
unzip distribution.opendaylight-osgipackage.zip
sudo mn --topo single,3 --controller=remote,ip=127.0.0.1Enable sFlow on the switch:
sudo ovs-vsctl -- --id=@sflow create sflow agent=eth0 target="127.0.0.1:6343" sampling=10 polling=20 -- -- set bridge s1 sflow=@sflowStart OpenDaylight.
cd opendaylightConfirm that the controller is running and has discovered the switch by connecting a browser to port 8080 on the testbed - the screen shot at the start of the article shows the OpenDaylight Devices tab with the switch 00:00:00:00:00:00:00:01 shown in the Nodes Learned list and in the map (the default credentials to log into the OpenDaylight interface are User:admin, Password:admin).
./run.sh
include('extras/json2.js');
var flowkeys = 'ipsource';
var value = 'frames';
var filter = 'outputifindex!=discard&direction=ingress&sourcegroup=external';
var threshold = 1000;
var groups = {'external':['0.0.0.0/0'],'internal':['10.0.0.2/32']};
var metricName = 'ddos';
var controls = {};
var enabled = true;
var Continue reading