Multiple RFVS support has been implemented in the benchmark branch, but somehow it's not in master.

As part of my previous work with RouteFlow, it was deemed a security concern that any traffic could be routed to the controller IP by default, regardless of protocol. On the old RF branch, I put together a patch which allowed you to specify an interface to which traffic would be blocked. It works by creating a rule on the switch, specifying that packets destined for particular IPs should be dropped. Those IPs were retrieved from the specified interface's configuration.

I'd just like to open this issue up for discussion, by all means the previous solution could be ported across to the new version, but is there a more elegant approach that the RouteFlow community would prefer? Should this behaviour be default? Should we ask for an interface, or specific IPs, or should we attempt to gather all local IP addresses and create rules for all of them automatically (ie, without user intervention)?

Below is a link to the patch in question, with my original issue summary.

joestringer@fbb6f15

Add "-s INTERFACE" option to specify whether to have traffic dropped if it is destined for the IPs on the given interface

• When running rf-server, specify "-s *interface*" to create rules on connected datapaths, such that the default action is to drop packets that are destined for the specified controller interface.
• This action has low priority, so other rules will overwrite, eg forwarding BGP/RIP/etc
• This code assumes rf-server is running on the same box as rf-controller. rf-server has code to search through local interfaces to find the IP address that it should use for the DROP rule. If this is undesirable, then this code will need to be implemented in rf-controller. In such a case, rf-server could acquire the IP address via IPC, or rf-controller could create the rules for dropping traffic.

The IPC service should keep trying to connect to MongoDB whenever the connection is not succesfully established or is dropped.
This affects all RouteFlow modules indirectly.

The Drop rule has no matches or actions, so those fields are empty in the web interface when viewing the rules on switches. Perhaps this should be changed to show that it matches "*" or "ALL", and that the action is to "DROP".

i was downloaded Routeflow in my ubuntu 16, but it can't, i don't know the problem
what routeflow can running in ubuntu 16? thx

Hello everyone,

I've accepted pull request #17, but it added quite a lot of weight to the repository (it's now around 20 MB). I was able to revert the changes, but the old files remain in the history. I don't know how to erase the commits AND their files.

I asked a question on StackOverflow, and I'm still trying to solve this issue:
http://stackoverflow.com/questions/14264719/how-to-completely-remove-a-merged-pull-request

For now, I will not accept any pull requests to avoid increasing the mess. And please, try not to base new pull requests on this code. I'm trying to solve this ASAP. Sorry for the inconvenience...

For users, feel free to clone and use RouteFlow. It doesn't affect the functionality.

If anyone has any tips, they're more than welcome :)

hello... i have some problem when opening web view
i was started the controller and it's working, but when i will open the web view (ip:port) it not working (warning:openflow.of_01:bad openflow version (0x47) on connection [None 5]
INFO:openflow.of_01:[None 5] Closed )
thx

In the README under 'Known Bugs', it links to the OpenFlowHub RouteFlow page which is a dead link. Are RF bugs still tracked there?

From now on, we will keep the different implementations of RFProxy should live in separate repositories.

RouteFlow will only have POX by default. NOX, Floodlight and other supported controllers will be available forked from their original repositories and with RFProxy added to them.

The make command will automatically clone these repositories and build everything. This will simplify the deployment of new ports, the update of the controllers and as a bonus, make the main repository smaller.

This will be implemented over the next few weeks, and after we solve issue #18.

The README contains too much content that should be in the wiki.
We need to move stuff around, add more content to the wiki and make the README as simple as possible, pointing to the pages.

RFServer is bundled with support for ISL. Separate the code and move it to another file (e.g: RFServerISL.py) to keep RFServer as lean as possible.

Hi,
I ran rftest1 in the ubuntu version 11.04.
The test file rftest1 seems to be running successfully but i am unable to ping from b1 to b2 from "b1 console".

FYI b1 eth0 ip address is 172.31.1.2/16 and b2 ip address is 172.31.2.2/16

Also i'm giving the log output of "sudo ./rftest1 --pox"

-> Starting OVS daemons...
ovsdb-server: /usr/local/var/run/openvswitch/ovsdb-server.pid: already running as pid 27423, aborting
ovs-vswitchd: /usr/local/var/run/openvswitch/ovs-vswitchd.pid: already running as pid 27425, aborting
-> Stopping and resetting LXC VMs...
-> Deleting data from previous runs...
-> Starting MongoDB...
.all output going to: /dev/null
-> Starting the rfvm1 virtual machine...
-> Starting the management network (br0)...
-> Starting the controller (POX) and RFPRoxy...
.POX 0.0.0 / Copyright 2011 James McCauley
INFO:rfproxy:RFProxy running.
INFO:core:POX 0.0.0 is up.
-> Starting RFServer...
-> Starting the control plane network (dp0 VS)...
INFO:openflow.of_01:[Con 1/None] closing connection
INFO:openflow.of_01:[Con 2/8243406406160905843] Connected to 76-73-72-66-76-73|29286
INFO:openflow.topology:Switch 76-73-72-66-76-73|29286 connected
INFO:rfproxy:Registering datapath port (dp_id=0x7266767372667673, dp_port=1)
INFO:rfproxy:Registering datapath port (dp_id=0x7266767372667673, dp_port=2)
INFO:rfserver:Configuring RFVS (dp_id=0x7266767372667673)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x7266767372667673)

-> Starting the sample network...

This test is up and running.
Try pinging host b2 from host b1:
$ sudo lxc-console -n b1
Login and run:
$ ping 172.31.2.2

You can stop this test by pressing Ctrl+C.

WARNING:openflow.of_01:<class 'pox.openflow.PacketIn'> raised on dummy OpenFlow nexus
INFO:openflow.of_01:[Con 3/153] Connected to 00-00-00-00-00-99
INFO:openflow.topology:Switch 00-00-00-00-00-99 connected
INFO:rfproxy:Registering datapath port (dp_id=0x99, dp_port=1)
INFO:rfserver:Registering datapath port as idle (dp_id=0x99, dp_port=1)
INFO:rfproxy:Registering datapath port (dp_id=0x99, dp_port=2)
INFO:rfserver:Configuring datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)
INFO:rfserver:Registering datapath port as idle (dp_id=0x99, dp_port=2)

INFO:rfproxy:ofp_flow_mod(config) was sent to datapath (dp_id=0x99)

kindly help me to solve this issue.

Regards,
Subash Gandhi

RFClient.cc currently uses a mix of syslog, printf, fprintf and perror.
FlowTable.cc uses a mix of fprintf, perror, and std::cout.

All of this should be consolidated into a single, thread-safe logging facility so we can capture all logging output.

There's way too much stuff in there that's no longer necessary. Make it simple, just to compile RFClient.

In the future, commands like:

make floodlight

Will clone the RFProxy repository for the controller and prepare everything so that the tests can be run. For now, we just need a solution for RFClient.

Extract common functions from rftest1 and rftest2 in a separate file and source them when needed.

Make sure everything works under Ubuntu 12.04 and make it the recommended distro. NOX won't have to work right away, as it will be moved to a separate repository.

Update the POX version that is bundled with RouteFlow.

Hi,

Issue: While running the scripts, apt cannot find the libboost*1.46.1 packages.

Reason: The libboost*1.46.1 libraries is no longer in the ubuntu 12.04 repositories.

Solution: Remove the libboost_1.46.1 packages from installations and add the new version of them (In this moment: libboost_1.49.0). An alternative solution to avoind future problems is add the libboost_-dev libraries instead, since they always depend on the default version of libboost_ of ubuntu.

Scenario: I get this issues in a new default installation of ubuntu 12.04 and following exactly the same steps described in the tutorial of execution of the rftests.

Cheers,

New fields, such as ct_id are not in rfweb.
Support for the new RouteMod messages is also necessary.

RouteFlow currently installs a flow to drop everything that does not match any of its supported routing traffic. Or at least that's what it should be doing.

However, there's a bug in RFProxy (from a long, long time ago) that prevents this from happening.

In the NOX implementation, the buffer ID for the DC_CLEAR_FLOW_TABLE and DC_DROP_ALL configurations is specifying buffer 0, which might not exist. This prevents the flow from being installed.

In the POX implementation, an if/else condition caused the flow to redirect all traffic to the controller.

These two bugs, combined, made it so that this configuration never truly worked. Since it sounds a little too harsh, we will remove that in favor of the default OpenFlow behavior: redirect 128 bytes to the controller in case of a table miss.

Doing this, other applications can run at the same time. However, all traffic from the physical environment will be redirected to the virtual environment. A solution would be to redirect only packets with a packet-in reason different than OFPR_NO_MATCH.

On a side note, if this drop flow is correctly installed it seems to cause a bug in the OpenFlow NetFPGA implementation, making all traffic match, regardless of other flows and priority (thus dropping everything).

Hi,
I wish to do routeflow tutorial rftest1 in my ubuntu machine which is 12.04 version. I have done the following steps as per in the site- https://github.com/CPqD/RouteFlow/blob/master/README.md

1. Installed openvswitch
   2)installed dependcies MongoDB
   3)Then I installed routeflow dependencies
2. Then I did sudo ./create
   then the following error has occurred

mkdir: cannot create directory /var/lib/lxc': File exists mkdir: cannot create directory/cgroup': File exists
Reading package lists... Done
Building dependency tree
Reading state information... Done
debootstrap is already the newest version.
lxc is already the newest version.
0 upgraded, 0 newly installed, 0 to remove and 109 not upgraded.
mkdir: cannot create directory /var/lib/lxc/base': File exists debootstrap is /usr/sbin/debootstrap Checking cache download in /var/cache/lxc/natty/rootfs-i386 ... installing packages: vim,ssh Downloading ubuntu natty minimal ... I: Retrieving Release E: Invalid Release file, no valid components chroot: cannot change root directory to /var/lib/lxc/base/rootfs: No such file or directory 'b1' already exists chmod: cannot access/var/lib/lxc/b1/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/b1/rootfs/var/run/quagga': No such file or directory 'b2' already exists chmod: cannot access/var/lib/lxc/b2/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/b2/rootfs/var/run/quagga': No such file or directory 'rfvm1' already exists chmod: cannot access/var/lib/lxc/rfvm1/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/rfvm1/rootfs/var/run/quagga': No such file or directory 'rfvmA' already exists chmod: cannot access/var/lib/lxc/rfvmA/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/rfvmA/rootfs/var/run/quagga': No such file or directory 'rfvmB' already exists chmod: cannot access/var/lib/lxc/rfvmB/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/rfvmB/rootfs/var/run/quagga': No such file or directory 'rfvmC' already exists chmod: cannot access/var/lib/lxc/rfvmC/rootfs/var/log/quagga': No such file or directory
chmod: cannot access /var/lib/lxc/rfvmC/rootfs/var/run/quagga': No such file or directory 'rfvmD' already exists chmod: cannot access/var/lib/lxc/rfvmD/rootfs/var/log/quagga': No such file or directory
chmod: cannot access `/var/lib/lxc/rfvmD/rootfs/var/run/quagga': No such file or directory

Here My problem is , once i run the script rootfs dir is created but unfortunately to do "chroot".

Can anyone help me how to overcome this issue?

Regards,
Subash

I am already configured and already detected on the server but still not routing
the files I have configured are rftest2config.csv, rftes2, config-> rfvmX-> roofts-> etc-> quagga-> zebra and ospf, but still can not get routing
and i use mikrotik as nodes, and i have configured on my mikrotik (port datapath)
is there any other configuration I missed?
thanks

Hi,

I have followed the steps given in the ReadMe.md to install and run the RouteFlow.
When run either rftest1 or rftest2, i get this error on the console:

ERROR:core:Exception while handling OpenFlowNexus!AggregateFlowStatsReceived...
Traceback (most recent call last):
File "/home/controller/RouteFlow/pox/pox/lib/revent/revent.py", line 234, in raiseEventNoErrors
return self.raiseEvent(event, _args, *_kw)
File "/home/controller/RouteFlow/pox/pox/lib/revent/revent.py", line 281, in raiseEvent
rv = event._invoke(handler, _args, *_kw)
File "/home/controller/RouteFlow/pox/pox/lib/revent/revent.py", line 159, in _invoke
return handler(self, _args, *kw)
File "/home/controller/RouteFlow/pox/ext/rfstats.py", line 148, in handle_aggregate_flow_stats
db.update(dp_id, "switch", aggregate=StatsDB.create_aggregate_stats_dict(event.stats))
File "/home/controller/RouteFlow/pox/ext/rfstats.py", line 44, in update
self.collection.update({"id": id}, self.db[id], upsert=True)
File "/usr/lib/python2.7/dist-packages/pymongo/collection.py", line 409, in update
_check_keys, self.__uuid_subtype), safe)
OverflowError: MongoDB can only handle up to 8-byte ints

In spite of this error, it works as expected but few times it doesn't [Especially when i run RIP and OSPF].

It would be highly appreciated if you could you please tell me more about this error and steps to fix it?

Thanks in advance.

Sincerely,
Adarsh KR

There's too much duplicated code in the rftest1 and rftest2 scripts. Simplify and import from a common source.

Update 2:

I removed the LXC installed with apt-get and installed a new version from http://lxc.sourceforge.net/download/lxc . There is an ubuntu template in this version.

Solved.

Update:
I solved this issue changing the script ~/RouteFlow/rftest/create line 14 to:
...
lxc-create -t natty -n base
...

Other installation tips:
Install the package "debootstrap" before running the "create" script. I suggest include this package in the "apt-get install" list.
Include the openvswitch-datapath module: sudo apt-get install openvswitch-datapath-source
and install the module: sudo module-assistant auto-install openvswitch-datapath

I got an error running the ~/RouteFlow/rftest/create because there is no "lxc-ubuntu" template in /usr/lib/lxc/templates/ directory. I tried to user another template (debian) to continue the installation but I received a lot of error messages after that.

I've installed the LXC using the command sudo apt-get install lxc

core@ubuntu:/RouteFlow/rftest$ sudo lxc-create -t ubuntu -n test
/usr/bin/lxc-create: line 132: type: /usr/lib/lxc/templates/lxc-ubuntu: not found
unknown template 'ubuntu'
core@ubuntu:/RouteFlow/rftest$ ls /usr/lib/lxc/templates/
lxc-busybox lxc-debian lxc-fedora lxc-lenny lxc-lucid lxc-maverick lxc-natty lxc-sshd