Programming Assignment

Similar documents
Lab 3: Simple Firewall using OpenFlow

ADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow

A short walk-through of Mininet and POX

Assignment 5. 2 Assignment: Emulate a Data Center and Manage it via a Cloud Network Controller

ADVANCED COMPUTER NETWORKS Assignment 9: Introduction to OpenFlow

Denial-of-Service (DoS) Attacks in an SDN Environment

Mininet & OpenFlow 24/11/2016

Configuration and Management of Networks

Configuration and Management of Networks 2014 / 2015

Lab Exercise 3 (part A) Introduction to Mininet

Counteracting UDP Flooding Attacks in SDN

Open Network Laboratory

Assignment 5: Software Defined Networking CS640 Spring 2015

Project 4: SDNs Due: 11:59 PM, Dec 12, 2018

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

estadium Project Lab 2: Iperf Command

TOWARDS REMOTE ACCESS TO VIRTUALIZED TELECOM RESEARCH INFRASTRACTURS

CS 344/444 Spring 2008 Project 2 A simple P2P file sharing system April 3, 2008 V0.2

Lab Assignment 4 for ECE671 Posted: 11/15/16 Due: 11/29/16. Network Address Translation (NAT) on GENI

Aspera Connect User Guide

: Distributed Systems Principles and Paradigms Assignment 1 Multithreaded Dictionary Server

Participatory Networking: An API for Application Control of SDNS SIGCOMM 13

Increasing Revenue by Applying Machine Learning to Congestion Management in SDN

Available online at ScienceDirect. Procedia Computer Science 34 (2014 )

Reliable SDN Network Architecture

Experimenting with Scalability of Floodlight Controller in Software Defined Networks

COMP90015: Distributed Systems Assignment 1 Multi-threaded Dictionary Server (15 marks)

143a, Spring 2018 Discussion Week 4 Programming Assignment. Jia Chen 27 Apr 2018

Assignment 2: Getting to know yanc and Mininet

Cisco Extensible Network Controller

Before jumping into the exercises perhaps we should recall the FlowVisor API calls which can be reached by using the command fvctl as shown below:

Mininet Tutorial. Leonardo Richter Bays Gustavo Mio7o Marcelo Caggiani Luizelli Luciano Paschoal Gaspary

Homework 3 CSC/ECE , Fall, 2016

BSc. (Hons.) Computer Science with Network Security. Examinations for 2016 / Semester 2

Dropping Packets in Ubuntu Linux using tc and iptables

EXPERIMENTAL STUDY OF FLOOD TYPE DISTRIBUTED DENIAL-OF- SERVICE ATTACK IN SOFTWARE DEFINED NETWORKING (SDN) BASED ON FLOW BEHAVIORS

Vendor: Cisco. Exam Code: Exam Name: Developing with Cisco Network Programmability (NPDEV) Version: Demo

Communication System Design Projects. Communication System Design:

Mininet & OpenFlow 19/05/2017

Hyper-V - VM Live Migration

Performance and Bandwidth Testing for Data Circuits

Outline. SDN Overview Mininet and Ryu Overview Mininet VM Setup Ryu Setup OpenFlow Protocol and Open vswitch Reference

Informatica Universiteit van Amsterdam. Distributed Load-Balancing of Network Flows using Multi-Path Routing. Kevin Ouwehand. September 20, 2015

Communication System Design Projects

Network Test and Monitoring Tools

Experiment Task Design:

Lab 2: Threads and Processes

Lab 9 (Traffic Measurement)

OpenState demo. Hands-on activity. NetSoft 15 - April 13, 2015 A.Capone & C. Cascone: OpenState Live Demo 1

Cisco Nexus Data Broker for Network Traffic Monitoring and Visibility

NOX, POX, and lessons learned. James Murphy McCauley

Mininet/Openflow. Objectives. Network Topology. You will need a Number

IP Alarm Service High Availability

ECE 697J Advanced Topics in Computer Networks

Network softwarization Lab session 2: OS Virtualization Networking

SDN/DANCES Project Update Developing Applications with Networking Capabilities via End-to-end SDN (DANCES)

Goal: Set up and run traffic to test a firewall.

Project 3 - Routers, Protocols and Firewalls

Protocols for Data Networks (aka Advanced Computer Networks)

CS155: Computer Security Spring Project #1

Computer Communications and Networks (COMN), 2017/18, Semester 1

SDN-based Defending against ARP Poisoning Attack

Why Your Application only Uses 10Mbps Even the Link is 1Gbps?

Lab 3 Process Scheduling Due date: 29-Nov-2018

Observing Bufferbloat using mininet

ONOS-P4 Tutorial Hands-on Activity. P4 Brigade Work Days, Seoul (Korea) September 18-29, 2017

Deliverable D3.4 5G-PPP Security Enablers Documentation (v1.0) Enabler Micro-Segmentation

Developing Applications with Networking Capabilities via End-to-End Software Defined Networking (DANCES)

Implementation of Virtualization in Software Defined Networking (SDN) for Data Center Networks

Software Defined Networking

CS395/495 Computer Security Project #2

Lab Assignment 3 for ECE374

Design and development of the reactive BGP peering in softwaredefined routing exchanges

CSSE 340 Operating Systems Project 2: CPU Scheduling Simulator

Intro to OpenFlow Tutorial

HW/Lab 3: SSL/TLS. CS 336/536: Computer Network Security DUE 11am on Nov 10 (Monday)

SIMPLE ROUTER PROJECT 2. - Balachander Padmanabha - TA CSE 123 (FALL 2017) - OH (Wed 9-11am B240A)

MP 1: HTTP Client + Server Due: Friday, Feb 9th, 11:59pm

CPSC 4240/6240 Spring 2017 HW # 3 v1 Last update: 3/22/2017

Detecting Suspicious Behavior of SDN Switches by Statistics Gathering with Time

143a, Spring 2018 Discussion Week 4 Programming Assignment. Jia Chen 27 Apr 2018

A POX Controller Module to Collect Web Traffic Statistics in SDN Environment

Internetworking Basics

Programming Assignment 1

Com S 227 Assignment Submission HOWTO

ICSI 516 Fall 2018 Project 1 Due October 26th at 11:59PM via Blackboard

Lab - TCP Traffic Generator

Delay Controlled Elephant Flow Rerouting in Software Defined Network

Section 1 Short Answer Questions

The print queue was too long. The print queue is always too long shortly before assignments are due. Print your documentation

MARKING CANVAS ASSIGNMENTS OFFLINE (INCLUDING MARKING ANONYMOUSLY)

Network Deployment Guide

Valkyrie Detectors Tutorial

Extending Dijkstra s Shortest Path Algorithm for Software Defined Networking

Real Time Monitoring of Packet Loss in Software Defined Networks

NMS300 Network Management System Application

Programming Network Policies by Examples: Platform, Abstraction and User Studies

ONOS OVERVIEW. Architecture, Abstractions & Application

COMPUTER NETWORKS. CPSC 441, Winter 2016 Prof. Mea Wang Department of Computer Science University of Calgary

Programming Exercise 3: Multi-class Classification and Neural Networks

Transcription:

Overview Programming Assignment In this assignment, you will program the OpenFlow controller POX and use it to implement two applications. Task 1: Firewall In this part, your task is to implement a layer-2 firewall application using the POX controller. You will be provided with pairs of MAC addresses that are not allowed to communicate with each other. When a connection between a switch and a controller is up, the application installs flow entries to disable the traffic between each pair of the MAC addresses in the list. To make things simple, you can install the firewall rules on all switches in the network. Task 2: Flowspace Slicing In this part, your task is to slice the network based on the application that is sending the traffic. In principle, SDN networks can be sliced based on any attributes of the flowspace. The topology is shown below. You need to treat the video and non-video traffic differently. All the video traffic will go through the high bandwidth path (video slice), and all other traffic will go through the low bandwidth path (non-video slice). To simplify this task, we assume that all the video traffic use TCP port 80 (the attribute). Topology

Handling Conflicts POX supports multiple concurrently running applications. However, it is possible that one application will be in conflict with another application. In this assignment, the network slicing application should not allow communication which is disabled by the firewall application. You are to make sure that no conflicting rules are installed by two different applications. Hint: Such conflict can be handled by setting different priority value to different rules. OpenFlow message structure ofp_flow_mod has an attribute called priority. Understanding the Codes mininetslice.py: scripts which create network topology for this assignment. You do not need to modify this file. controller.py: provides a skeleton for the two implementations. launch() function has been implemented to register a new component. This is the only file you will need to modify.

firewall-policies.csv: a sample list of MAC address pairs whose end-to-end communication will be disabled by the firewall application. Notice that the topology itself has a loop. Computing a spanning tree is required to prevent any traffic flooded from looping, thus discovery and spanning tree modules are launched. More information is available at Spanning Tree, Discovery. Testing your Code Once you have your code, copy the controller.py, mininetslice.py and firewallpolicies.csv to the ~/pox/pox/misc directory on your VM. Run POX controller: $ cd ~/pox $ sudo pox.py pox.misc.controller In another terminal, run the network topology: $ cd ~/pox/pox/misc $ sudo python mininetslice.py First, you can check whether your firewall application is working. In mininet, try pingall, you should see all hosts can connect to each other except for h1 and h4. Second, you can verify whether you have successfully sliced the network for video and non-video flow. For example, you can test the two paths between h2 and h4 as below: mininet > h4 iperf s p 80 & mininet > h4 iperf s p 22 & mininet > h2 iperf c h4 p 80 t 2 i 1 The result should show the bandwidth is about 10.00Mbits/sec mininet > h2 iperf c h4 p 22 t 2 i 1 The result should show the bandwidth is about 1.00Mbit/sec

Hints: The controller runs a spanning tree protocol, simply flooding from certain switches in the network as default behaviour may not work. To check if an application is using tcp port 80, tcpp has two attributes which are srcport and dstport Submission Please submit your assignment BEFORE 23:50 19 th November 2014. Submissions after the deadline will not be graded. Add your name and matric number as a comment on all files you submit. Please zip all your documents and name the zip file as MatricNumber_DemoDay_timeSlot.zip (for instance if the matric number of a student is A0123456 and the student has chosen time slot 10:30 at 15 th Nov then the filename should be A0123456_Sat_1030.zip ). Submissions in any other name formats will be penalized. You are strongly encouraged to submit your first draft of your assignment as soon as possible. Later (but before the deadline) you can submit the final version of your assignment. Only the last submission will be graded. Demo on 15 th and 16 th November All students are required to give a demo of their assignment to the TA. Please choose and fix a proper time slot (the chart will be given to you during the lecture) for you in one of the two days 15 th or 16 th November 2014.

Appendix A: Iperf Iperf is a tool to measure the bandwidth and the quality of a network link. Usage: On server side (h2 for example): # iperf s Server listening on TCP port 5001 TCP window size: 8.00 Kbyte (default) On client side (h1 for example): # iperf c 10.0.0.2 Client connecting to 10.0.0.2, TCP port 5001 TCP window size: 16384 Byte (default) And the result is:

Some useful Iperf test options: -b bi-directional bandwidth -p port -i interval -t timming -u UDP tests More examples are available on: http://openmaniak.com/iperf.php

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback