frederik.maassen
/
ComparisonOfFastRecoveryMethodsInNetworks
Archived
3
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity
This is my bachelor thesis.
You can not select more than 25 topics Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
This repo is archived. You can view files and clone it, but cannot push or open issues/pull-requests.
248 Commits
1 Branch
0 Tags
13 MiB
Tag: Branch: Tree: master
Branches Tags
${ item.name }
Create tag ${ searchTerm }
Create branch ${ searchTerm }
from 'master'
${ noResults }
ComparisonOfFastRecoveryMet.../Notes.md

173 lines
7.1 KiB
Raw Permalink Normal View History Unescape

added some logging and readme
2 years ago
# Mini Net Setup Notes
## process
- download mininet vm image
- install virtual box
- import image
- change keyboard layout to german
- create host-only network adapter for ssh into vm
- setup according to https://github.com/mininet/openflow-tutorial/wiki/VirtualBox-specific-Instructions
- grabbed ip for adapter and added it to /etc/network/interfaces file
- install Xming Server (windows)/Xquartz Mac
- default xauth cookies wouldn't work, so created own xauth files (https://unix.stackexchange.com/questions/412065/ssh-connection-x11-connection-rejected-because-of-wrong-authentication)
- refreshing the ssh session causes root user to loose xauth cookie, created script to automatically add current display and xauth cookie to root user cookies (mininet requires user to be root)
## example mininet topology
- use LinuxRouter class with IP forwarding to simulate routers
- created minimalistic network (simplenetwork.py) with only 2 routers, 2 switches and 2 hosts
- switches are unnecessary as we only connect 1 host per router, but might become relevant in the future when adding multiple hosts
- added simple_extendednetwork.py containing 3 hosts and 3 routers
## errors
- x11 wrong authentication when opening xterm in mininet console (https://stackoverflow.com/questions/67319171/x11-connection-rejected-because-of-wrong-authentication-in-mininet)
# IP Routing and FRR
## General setup
- created example from Short-Cut Paper
- added static ip routing for hosts and routers
- fast rerouting requires routing by inport, using ip policies and ip rules in linux kernel
- ip policies allow requests from specific ethernet interfaces to use a specific routing table
- routing tables would then include specific frr routes, e.g. if a packet going to R4 would be received on the port connected to R2 on R1
## IP Route configuration
- created python dictionaries that have entries for each router and for each routing table
- routing tables consist of the default table for all requests from connected host and router itself and a table for each additional network interface, reacting on incoming packets for fast rerouting
- "from" keyword in ip rules could be used to differentiate between returning packets and "normally" routed packets
# Testing suite
- implemented simple testing suite that is able to create tests by definition
## test constrains
- each subnet has a maximum of 1 host (connections between hosts in the same subnet are irrelevant)
- failing paths need to have alternative routes
- subnets between each router
## failure scenarios
- 2 types of failure scheduling: intermediate and concurrent
- intermediate: a certain test operation is performed (like pings), a failure is induced, and the same test is performed again
- concurrent: a timer is started and the test is run, timer should act while the test is running and performs the failure on runtime
## failure types
- interface shutdown: an interface is deactivated by calling "ifconfig {interface} down" to simulate a broken link
## test topologies
-
# Implementations
## ShortCut
- try using ryu controller to configure packet flow according to ShortCut
- frr as routing, ryu controller defining additional flow entries
- controllers and p4 have shown to be to complex for this work
- trying out "iptables"
- example command for router 1 and packages to subnet 4 "iptables -I FORWARD -p all --in-interface r1-eth2 --destination 10.4.0.0/24 -j LOG --log-prefix="SHORTCUT_TRIGGER""
- example command with NFQUEUE "iptables -I FORWARD -p all --in-interface r1-eth2 --destination 10.4.0.0/24 -j NFQUEUE --queue-num 1"
- Target LOG seemingly cant be used, because syslog entries dont work in network namespaces (which mininet uses)
- trying out NFQUEUE as target instead (https://github.com/oremanj/python-netfilterqueue)
- using scapy to parse packets in python
- after deleting route from table, router 4 is unable to find route to 10.1.0.0 (even though router 1 was affected)
- it was also necessary to shut down the interface to router 2 on router 4 to enable routing again
- first iperf test results fluctuate heavily, most likely because link throughput is unlimited (test this)
### process
packet goes through loop > returns on router > iptables rule is hit and packet is added to queue >
python listener evaluates packet and determines network > ip route is deleted
### iptables to nftables
- tables and chains need to be created
- commands "add table ip filter" and "add chain ip filter FORWARD { type filter hook forward priority 0; }" should suffice
- existing iptables commands can be translated with iptables-translate to nftables commands
## commands
- "iptables -L -v" Show all iptables rules
- "iptables -D FORWARD 4" delete rule 4 in FORWARD CHAIN (counting from 1)
- "ip route list table incoming_eth2" list all route entries for routing table "incoming_eth2"
- "ip rule show" show all ip rule policies
### controller functionality (deprecated)
- add flow entries for already existing routing, pingall at start of testing
- react to new entries by checking already existing flow entries
- if there is already an existing flow entry (identified by dest host)
and
- if this flow entry references the input port of new packet as out port
### steps to take
- find out how to identify switches in ryu
- "translate" routing entries in routing table to table flow entries
# Technologies
## Mininet
A tool for creating virtual networks. Is able to emulate hosts, switches, routers, hubs etc.
It uses Openflow to realise many of these emulations.
## Openflow
A tool used to create virtual switches etc. Can be connected to a controller (e.g. created with POX) to write custom flow handling.
## POX
A python library to create a controller for handling flow of switches etc.
## Ryu
Controller that configures switches/routers based on python script file
# Questions
- reference of a protocol definition (RFCs)
# Current state
- implementing local FRR in test routers -> policy routing (performance?)
- implementing short cut
- using "ifconfig {if} down" for failing link simulation
# Issues
- shutting down link/interface and reinstating deletes rules ?
# Resources
- Performance measuring and failure scenarios (https://www.researchgate.net/publication/271472089_Simulation_in_an_SDN_network_scenario_using_the_POX_Controller)
- General information on IP Routing and IP FRR https://support.huawei.com/enterprise/en/doc/EDOC1100086956#EN-US_TOPIC_0291822208
- Inport aware routing https://ieeexplore.ieee.org/abstract/document/6848098?casa_token=YvHY-ya08KYAAAAA:GUDm0MRR4AUzu3XSktfJOSIJFxzFgBjafakNHM62BeQJp9aM_O9kXrkaPfvSbyTbo-Mzyvyf
- policy routing rules https://blog.scottlowe.org/2013/05/29/a-quick-introduction-to-linux-policy-routing/
# Tools
- Mininet visualizer: http://demo.spear.narmox.com/app/?apiurl=demo#!/mininet
- Grafiken: Microsoft Visio, Inkscape, Plotting mit Geogebra
# literature
- will shortcut have an influence on tcp connections?
# Coding
- implement python logging of listeners with the python logging queuehandler
# Writing Notes
added label for udp tests, removed udp from iperf server call strings
2 years ago
use subfigure und subcaptions, clever ref, write Figure/Section, einheitliches kursiv etc., number with \SI{30}{second}
added some logging and readme
2 years ago
## Questions
added udp tests and graphics
2 years ago
- how do i reference the git repository in my work?
added some logging and readme
2 years ago