SDN IN ACTION: Build a mini-lab environment and practice SDN-IP/ONOS with GNS3, Mininet and VMware
薛国锋 [email protected]
本文主要通过简单的实验,对SDN相关概念以及ONOS开源软件等建立一个感性的印象,加深对核心概念的理解。
SDN-IP is to adopt SDN/OpenFlow switches to replace the traditional IP/MPLS Core, and provide the transit Internet service. The original Tutorial VM provided by ONOS integrates all the components by containers in one virtual machine, which might be hard to understand how thesystem is actually built and works.
This mini-lab provides an emulated environment with 3 VMs, and it could better match the real network world and help explain the key concepts of SDN-IP/ONOS. Before moving forwarding, you can read and complete the below tutorial.In addition, you need to be familiar with Ubuntu, Java/OSGi/Karaf, Python, Mininet/OpenvSwitch, GNS3 with Cisco IOS and VMware Workstation.
https://wiki.onosproject.org/display/ONOS/SDN-IP+Tutorial
1 Introduction of mini-lab design
We will create 3 VMs with multiple network adapters and connect them with VMnet8/NAT and LAN Segment by VMware Workstation in Windows 10:
Physical topology and connections:
Logical network topology and connections:
Actually you can create a complex network topology with more OpenFlow switches in Mininet by Python programming.
2 Set up the VM-Mininet
Download the pre-packaged Mininet/Ubuntu VM, and import it to VMware Workstation. You can select Option 1 in the article: http://mininet.org/download/. Please add 4 network adapters for this VM: Adapter-VMnet8/NAT, Adapter 2-102,Adapter 3-103 and Adapter 4-104.
For the multiple adapters, in order to make the network interface names regular and easier to remember, you can make the following configuration:
ifconfig –a
sudo vi /etc/default/grub
sudo update-grub
sudo grub-mkconfig -o /boot/grub/grub.cfg
sudo gedit/etc/network/interfaces // don’t need to config the IP addresses foreth1,eth2 and eth3
Create a Mininet with 3 switches:
sudo mn --controller=remote,ip=192.168.100.129--topo=linear,3
// 192.168.100.129 is the IP address of controller, VM-ONOS
mininet>sh ovs-vsctl add-port s1 eth2 // add eth2 to s1
mininet>sh ovs-vsctl add-port s2 eth1 // add eth1 to s2
mininet>sh ovs-vsctl add-port s3 eth3 // add eth3 to s3
If the system works properly and after the VM-ONOS is configured and running,you would see the below configuration and status:
In VM-Mininet, you can get the Device ID and Interface ID with the following commands:
sudo ovs-ofctl show s2 // in Ubuntu
mininet>sh ovs-ofctl show s1 // or in Mininet
3 Set up the VM-GNS3
Create an Ubuntu-based VM with 5 network adapters:Adapter-VMnet8/NAT, Adapter 2-102, Adapter 3-103, Adapter 4-104 and Adapter5-105, and make the network interface names regular with the grub configuration.
Install and run GNS3 with the following commands:
sudo add-apt-repository ppa:gns3/ppa
sudo apt-get update
sudo apt-get install gns3-gui
gns3
https://docs.gns3.com/1QXVIihk7dsOL7Xr7Bmz4zRzTsJ02wklfImGuHwTlaA4/index.html
Dynamips is a hypervisor program ( like VMware for X86 platform ) that can emulate C17/26/36/62 seriesrouter hardware, you can quickly and easily configure these router models with a variety of emulated SLOT and NICs in GNS3. Before you can boot up a router,you need to get one IOS image file and install it.
Edit/Preferences/Dynamips/IOS routers:
Create 3 virtual routers and 2 Clouds; with the Cloud in GNS3, you can tie the interface of a virtual router to a physical network interface of VM or Host; in this way,the virtual router can communicate with the real network world.
R1 is the internal BGP Speaker defined in SDN-IP/ONOS, it sits inside SDN network and peers with all the external BGP routers, learning BGP routes from them and relaying those routes to the SDN-IP application running in ONOS.
R1#show run
interface FastEthernet0/0
ip address 10.1.2.254 255.255.255.0 secondary
ip address 10.1.1.254 255.255.255.0
interface FastEthernet0/1
ip address 10.213.166.94 255.255.255.0
router bgp 65501
no synchronization
bgp router-id 10.213.166.94
bgp log-neighbor-changes
neighbor 10.1.1.253 remote-as 65502 // EBGP Peer – R2
neighbor 10.1.2.253 remote-as 65503 // EBGP Peer – R3
neighbor 10.1.2.253 ebgp-multihop 255
neighbor 10.1.2.253 next-hop-self
neighbor 10.213.166.68 remote-as 65501 //IBGP Peer – SDN-IP/ONOS in the same AS
no auto-summary
R2 and R3 are the externalBGP routers, and they are the ASBRs of other ASs.
R2#show run
interface Loopback0
ip address 172.18.1.1 255.255.255.0
interface Loopback1
ip address 172.18.2.1 255.255.255.0
interface FastEthernet0/0
ip address 10.1.1.253 255.255.255.0
router bgp 65502
no synchronization
bgp router-id 10.1.1.253
bgp log-neighbor-changes
network 172.18.1.0 mask 255.255.255.0
network 172.18.2.0 mask 255.255.255.0
neighbor 10.1.1.254 remote-as 65501
no auto-summary
R3#show run
interface Loopback0
ip address 172.19.1.1 255.255.255.0
interface Loopback1
ip address 172.19.2.1 255.255.255.0
interface FastEthernet0/0
ip address 10.1.2.253 255.255.255.0
router bgp 65503
no synchronization
bgp router-id 10.1.2.253
bgp log-neighbor-changes
network 172.19.1.0 mask 255.255.255.0
network 172.19.2.0 mask 255.255.255.0
neighbor 10.1.2.254 remote-as 65501
neighbor 10.1.2.254 ebgp-multihop 255
no auto-summary
4 Set up the VM-ONOS,Install and Run SDN-IP
Create an Ubuntu-based VM with 2 network adapters: Adapter-VMnet8/NAT and Adapter 2-105, and make the network interface names regular with the grub configuration. Install Java and Maven.
Config the static IP addresses for eth1, which speaks to R1:f0/1 in GSN3:
sudo gedit/etc/network/interfaces
Downloadthe official ONOS release (tar.gz) for production: https://wiki.onosproject.org/display/ONOS/Downloads
What I downloaded is the version 1.9.2. Put ONOS inthe home directory and run it for the first time.
SDN-IP requires some configuration to know where the internal BGP speakers and external BGP peers are located, and it can respond to ARPs correctly and program the connectivity for the BGP traffic. With the network config subsystem in ONOS, SDN-IP can read and load the configuration file (network-cfg.json) at startup, which has be placed in/home/onos-1.9.2/config:
gedit network-cfg.json
{
"ports" : {
"of:0000000000000001/3" : {
// Device ID/Interface ID, Physical location ofR2, connecting to s1:eth2
"interfaces" : [
{
"name" :"s1-eth2-r2", //Optional name
"ips" : [ "10.1.1.254/24" ], // IP address of R1: f0/0
"mac" : "cc:01:17:08:00:00" //MAC address of R1: f0/0
}
]
},
"of:0000000000000003/3" : {
// Device ID/Interface ID, Physicallocation of R3, connecting to s3:eth3
"interfaces" : [
{
"name" :"s3-eth3-r3", //Optional name
"ips" : [ "10.1.2.254/24" ], // the secondary IP address of R1: f0/0
"mac" : "cc:01:17:08:00:00" // MAC address of R1: f0/0
}
]
}
},
"apps" : {
"org.onosproject.router" : {
"bgp" : {
"bgpSpeakers" : [
{
"name" :"s2-eth1-r1", // Optionalname
"connectPoint" : "of:0000000000000002/4",
// Device ID/Interface ID, Physical locationof R1, connecting to s2:eth1
"peers" : [
"10.1.1.253", //the IP address of peers
"10.1.2.253" //the IP address of peers
]
}
]
}
}
}
}
The SDN-IP listens by default for incoming BGPconnections on the non-standard TCP port 2000, and 179 is the standard. We can enable the local TCP port mapping between 2000 and 170 with the command of iptables:
sudo iptables -t nat -A PREROUTING -ptcp --dport 179 -j REDIRECT --to-ports 2000
sudo netstat –tln | grep 2000
Install the SDN-IP application and its dependencies with the following commands:
onos>app activateorg.onosproject.config // letONOS read the configuration file
onos>app activateorg.onosproject.proxyarp
// let ONOSrespond to ARP requests between the external BGP peers and internal BGPspeakers
onos>app activate org.onosproject.sdnip // Install SDNIP
You can also visit the Web UI of ONOS(User/Password:onos/rocks), install and activate the features: http://192.168.100.129:8181/onos/ui/login.html
Please make sure that all the below features have been installed and activated:
A lot happens after running SDN-IP; firstly it installs the p2p intents ( 16 intentsin our case ) to enable the communication between external BGP peers andinternal BGP speakers, allowing the external BGP peers to relay the Internet routes to SDN-IP. When SDN-IP/ONOS learns the routes, it would program those routes into the switches using the mp2p intents ( 4 intents in our case ).
You can try some CLIs in ONOS:
Now you can check the e2e connectivity with GNS3 and virtual routers:
My takeaways
SDN-IP can provide the basic service for Internet transit, but it is still far away from what a production network actually needs in terms of rich features, reliability and easy OAM,comparing to other solutions, such as BGP-free Core or Hollow Core. Service SDN might be good, but by moving the control plane to the controller, we would have to face the technical challenges with Control SDN.
With the Open Source & White Box strategy, the service providers might be able to save some CAPEX, but they have to transform theirorganizations, and make them really capable of DevOps, to maintain theirnetworks and upgrade the software timely. You cannot rely on other PSIs to achieve this core competence.
In the future, what the service providers really need might be the full stack engineers, who should masterLinux/JAVA/OSGi/Felix/Karaf/Maven/JAX-RS/YANG/RestConf&NetConf,OVS/OpenFlow/OVSDB, ONOS, ODL&MD-SAL and Openstack etc, as well as have theCCIE-alike networking experiences. How can the global operators acquire encourage software talents with networking background ?