Playing with Openflow Roles and tshark
Testing out ODL clustering today with the new openflowplugin.
I’ve been deploying on ubuntu 14.0.4.2 server with most of the controllers. One annoying thing about it is that it’s difficult to install wireshark and, well, wireshark Openflow dissector is awesome!
Here’s the steps to get tshark up and running on Ubuntu 14.0.4:
sudo add-apt-repository ppa:wireshark-dev/stable
sudo apt-get install wireshark
sudo apt-get install tshark
sudo apt-get update
After installation verify the dissector is available as follows:
$ tshark -G protocols | grep -i openflow
OpenFlow openflow openflow
OpenFlow 1.0 openflow_v1 openflow_v1
OpenFlow 1.3 openflow_v4 openflow_v4
OpenFlow 1.4 openflow_v5 openflow_v5
Finally, allow the current user to capture network traffic:
sudo dpkg-reconfigure wireshark-common
sudo adduser $USER wireshark
Now that our tool is in place we can do some good analysis of the controller role negotiation with the openflow specification and tshark!
$ sudo tshark -O openflow_v4 -n -i eth0 -Y 'openflow_v4.type == 24 || openflow_v4.type == 25'
Alright, where did this tshark command come from? Well… first let’s break this down. In the protocols output above I can see that Openflow 1.3 maps to openflow_v4 for the protocol dissector.
From the openflow specifications (and wireshark filters) I discovered that the OFPT_ROLE_REQUEST and OFPT_ROLE_REPLY types were:
/* Controller role change request messages. */
OFPT_ROLE_REQUEST = 24, /* Controller/switch message */
OFPT_ROLE_REPLY = 25, /* Controller/switch message */
So above we are just capturing packets of type OFPT_ROLE_REQUEST and OFPT_ROLE_REPLY and putting them through the Openflow 1.3 dissector for interpretation.
Below is a tshark capture where the ODL controller is 10.10.10.10 and the switch is 20.20.20.20.
Capturing on 'eth0'
Frame 2062: 106 bytes on wire (848 bits), 106 bytes captured (848 bits) on interface 0
Ethernet II, Src: 11:11:11:11:11:11, Dst: 22:22:22:22:22:22
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 20.20.20.20
Transmission Control Protocol, Src Port: 6633, Dst Port: 7801, Seq: 145, Ack: 1785, Len: 52
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_ROLE_REQUEST (24)
Length: 24
Transaction ID: 9
Role: OFPCR_ROLE_NOCHANGE (0x00000000)
Pad: 00000000
Generation ID: 0x0000000000000000
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_SET_CONFIG (9)
Length: 12
Transaction ID: 10
Flags: 0x0000
.... ..00 = IP Fragments: OFPC_FRAG_NORMAL (0)
Miss send length: OFPCML_NO_BUFFER (0xffff)
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_MULTIPART_REQUEST (18)
Length: 16
Transaction ID: 11
Type: OFPMP_GROUP_DESC (7)
Flags: 0x0000
.... .... .... ...0 = OFPMPF_REQ_MORE: 0x0
Pad: 00000000
Frame 2065: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface 0
Ethernet II, Src: 22:22:22:22:22:22, Dst: 11:11:11:11:11:11
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 10.10.10.10
Transmission Control Protocol, Src Port: 7801, Dst Port: 6633, Seq: 1785, Ack: 197, Len: 24
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_ROLE_REPLY (25)
Length: 24
Transaction ID: 9
Role: OFPCR_ROLE_SLAVE (0x00000003)
Pad: 00000000
Generation ID: 0x000000000000019b
Frame 2070: 190 bytes on wire (1520 bits), 190 bytes captured (1520 bits) on interface 0
Ethernet II, Src: 11:11:11:11:11:11, Dst: 22:22:22:22:22:22
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 20.20.20.20
Transmission Control Protocol, Src Port: 6633, Dst Port: 7801, Seq: 205, Ack: 1833, Len: 136
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_ROLE_REQUEST (24)
Length: 24
Transaction ID: 13
Role: OFPCR_ROLE_MASTER (0x00000002)
Pad: 00000000
Generation ID: 0x000000000000019c
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_MULTIPART_REQUEST (18)
Length: 24
Transaction ID: 14
Type: OFPMP_GROUP (6)
Flags: 0x0000
.... .... .... ...0 = OFPMPF_REQ_MORE: 0x0
Pad: 00000000
Group ID: OFPG_ALL (0xfffffffc)
Pad: 00000000
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_FLOW_MOD (14)
Length: 88
Transaction ID: 15
Cookie: 0x2b00000000000000
Cookie mask: 0x0000000000000000
Table ID: 0
Command: OFPFC_ADD (0)
Idle timeout: 0
Hard timeout: 0
Priority: 100
Buffer ID: OFP_NO_BUFFER (0xffffffff)
Out port: OFPP_ANY (0xffffffff)
Out group: OFPG_ANY (0xffffffff)
Flags: 0x0000
.... .... .... ...0 = Send flow removed: False
.... .... .... ..0. = Check overlap: False
.... .... .... .0.. = Reset counts: False
.... .... .... 0... = Don't count packets: False
.... .... ...0 .... = Don't count bytes: False
Pad: 0000
Match
Type: OFPMT_OXM (1)
Length: 10
OXM field
Class: OFPXMC_OPENFLOW_BASIC (0x8000)
0000 101. = Field: OFPXMT_OFB_ETH_TYPE (5)
.... ...0 = Has mask: False
Length: 2
Value: 802.1 Link Layer Discovery Protocol (LLDP) (0x88cc)
Pad: 000000000000
Instruction
Type: OFPIT_APPLY_ACTIONS (4)
Length: 24
Pad: 00000000
Action
Type: OFPAT_OUTPUT (0)
Length: 16
Port: OFPP_CONTROLLER (0xfffffffd)
Max length: OFPCML_NO_BUFFER (0xffff)
Pad: 000000000000
Frame 2072: 78 bytes on wire (624 bits), 78 bytes captured (624 bits) on interface 0
Ethernet II, Src: 22:22:22:22:22:22, Dst: 11:11:11:11:11:11
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 10.10.10.10
Transmission Control Protocol, Src Port: 7801, Dst Port: 6633, Seq: 1833, Ack: 341, Len: 24
OpenFlow 1.3
Version: 1.3 (0x04)
Type: OFPT_ROLE_REPLY (25)
Length: 24
Transaction ID: 13
Role: OFPCR_ROLE_MASTER (0x00000002)
Pad: 00000000
Generation ID: 0x000000000000019c
I can see the role negotiation taking place in the following truncated sequence:
Frame 2062
Internet Protocol Version 4, Src: 10.10.10.10, Dst: 20.20.20.20
Type: OFPT_ROLE_REQUEST (24)
Role: OFPCR_ROLE_NOCHANGE (0x00000000)
Frame 2065
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 10.10.10.10
Type: OFPT_ROLE_REPLY (25)
Role: OFPCR_ROLE_SLAVE (0x00000003)
Frame 2070
Ethernet II, Src: 11:11:11:11:11:11, Dst: 22:22:22:22:22:22
Type: OFPT_ROLE_REQUEST (24)
Role: OFPCR_ROLE_MASTER (0x00000002)
Frame 2072
Internet Protocol Version 4, Src: 20.20.20.20, Dst: 10.10.10.10
Type: OFPT_ROLE_REPLY (25)
Role: OFPCR_ROLE_MASTER (0x00000002)
Controller solicits the current role value from the switch. Switch tells the controller it has it as a slave. The controller asks to be made master. The switch makes it master.
Using this tool and knowledge we can debug the behavior of a cluster!