实验3:OpenFlow协议分析实践
(一)基本要求
1.搭建下图所示拓扑,完成相关 IP 配置,并实现主机与主机之间的 IP 通信。用抓包软件获取控制器与交换机之间的通信数据。
2.查看抓包结果,分析OpenFlow协议中交换机与控制器的消息交互过程,画出相关交互图或流程图。
-
hello
- Features_Request
- Set_Config
- Port_Status
- Features_Reply
- Packet_in
- Packet_out
- Flow_Mod
相关交互图:
3.回答问题:交换机与控制器建立通信时是使用TCP协议还是UDP协议?
使用的是TCP协议
(二)进阶要求
将抓包基础要求第2步的抓包结果对照OpenFlow源码,了解OpenFlow主要消息类型对应的数据结构定义。
openflow数据包头通用格式:
/* Header on all OpenFlow packets. */
struct ofp_header {
uint8_t version; /* OFP_VERSION. */
uint8_t type; /* One of the OFPT_ constants. */
uint16_t length; /* Length including this ofp_header. */
uint32_t xid; /* Transaction id associated with this packet.
Replies use the same id as was in the request
to facilitate pairing. */
};
OFPT_HELLO:用于协议协商,内容是本方支持的最高版本的协议,最终使用双方都支持的最低版本协议建立连接。
/* OFPT_HELLO. This message has an empty body, but implementations must
* ignore any data included in the body, to allow for future extensions. */
struct ofp_hello {
struct ofp_header header;
};
OFPT FEATURES REQUEST:控制器向交换机发送Features Request消息查询交换机特性,Features Request消息只包含Openflow Header,交换机的特性信息包括交换机的ID(DPID),交换机缓冲区数量,交换机端口及端口属性等等
struct ofp_stats_request {
struct ofp_header header;
uint16_t type; /* One of the OFPST_* constants. */
uint16_t flags; /* OFPSF_REQ_* flags (none yet defined). */
uint8_t body[0]; /* Body of the request. */
};
struct ofp_header {
uint8_t version; /* OFP_VERSION. */
uint8_t type; /* One of the OFPT_ constants. */
uint16_t length; /* Length including this ofp_header. */
uint32_t xid; /* Transaction id associated with this packet.
Replies use the same id as was in the request
to facilitate pairing. */
};
OFPT_FEATURES REPLY:消息包括Openflow Header 和Features Reply Message;
struct ofp_stats_reply {
struct ofp_header header;
uint16_t type; /* One of the OFPST_* constants. */
uint16_t flags; /* OFPSF_REPLY_* flags. */
uint8_t body[0]; /* Body of the reply. */
};
/* Body of reply to OFPST_AGGREGATE request. */
struct ofp_aggregate_stats_reply {
uint64_t packet_count; /* Number of packets in flows. */
uint64_t byte_count; /* Number of bytes in flows. */
uint32_t flow_count; /* Number of flows. */
uint8_t pad[4]; /* Align to 64 bits. */
};
OFP_ASSERT(sizeof(struct ofp_aggregate_stats_reply) == 24);
/* Body of reply to OFPST_TABLE request. */
/* Queue configuration for a given port. */
struct ofp_queue_get_config_reply {
struct ofp_header header;
uint16_t port;
uint8_t pad[6];
struct ofp_packet_queue queues[0]; /* List of configured queues. */
};
OFP_ASSERT(sizeof(struct ofp_queue_get_config_reply) == 16);
/* OFPAT_ENQUEUE action struct: send packets to given queue on port. */
OFPT_SET_CONFIG:根据收到的flag和max bytes of packet配置
/* Switch configuration. */
struct ofp_switch_config {
struct ofp_header header;
uint16_t flags; /* OFPC_* flags. */
uint16_t miss_send_len; /* Max bytes of new flow that datapath should
send to the controller. */
};
OFPT_PORT_STATUS:当交换机端口发生变化时,告知控制器相应的端口状态
struct ofp_port_status {
struct ofp_header header;
uint8_t reason; /* One of OFPPR_*. */
uint8_t pad[7]; /* Align to 64-bits. */
struct ofp_phy_port desc;
};
OFPT_FLOW_MOD:用来管理端口状态
/* Flow setup and teardown (controller -> datapath). */
struct ofp_flow_mod {
struct ofp_header header;
struct ofp_match match; /* Fields to match */
uint64_t cookie; /* Opaque controller-issued identifier. */
/* Flow actions. */
uint16_t command; /* One of OFPFC_*. */
uint16_t idle_timeout; /* Idle time before discarding (seconds). */
uint16_t hard_timeout; /* Max time before discarding (seconds). */
uint16_t priority; /* Priority level of flow entry. */
uint32_t buffer_id; /* Buffered packet to apply to (or -1).
Not meaningful for OFPFC_DELETE*. */
uint16_t out_port; /* For OFPFC_DELETE* commands, require
matching entries to include this as an
output port. A value of OFPP_NONE
indicates no restriction. */
uint16_t flags; /* One of OFPFF_*. */
struct ofp_action_header actions[0]; /* The action length is inferred
from the length field in the
header. */
};
/* Modify behavior of the physical port */
struct ofp_port_mod {
struct ofp_header header;
uint16_t port_no;
uint8_t hw_addr[OFP_ETH_ALEN]; /* The hardware address is not
configurable. This is used to
sanity-check the request, so it must
be the same as returned in an
ofp_phy_port struct. */
uint32_t config; /* Bitmap of OFPPC_* flags. */
uint32_t mask; /* Bitmap of OFPPC_* flags to be changed. */
uint32_t advertise; /* Bitmap of "ofp_port_features"s. Zero all
bits to prevent any action taking place. */
uint8_t pad[4]; /* Pad to 64-bits. */
};
OFP_ASSERT(sizeof(struct ofp_port_mod) == 32);
OFPT_PACKET_IN:在控制器获取完交换机的特性之后 , 交换机开始处理数据。
struct ofp_packet_in {
struct ofp_header header;
uint32_t buffer_id; /* ID assigned by datapath. */
uint16_t total_len; /* Full length of frame. */
uint16_t in_port; /* Port on which frame was received. */
uint8_t reason; /* Reason packet is being sent (one of OFPR_*) */
uint8_t pad;
uint8_t data[0]; /* Ethernet frame, halfway through 32-bit word,
so the IP header is 32-bit aligned. The
amount of data is inferred from the length
field in the header. Because of padding,
offsetof(struct ofp_packet_in, data) ==
sizeof(struct ofp_packet_in) - 2. */
};
OFP_ASSERT(sizeof(struct ofp_packet_in) == 20);
OFPT_PACKET_OUT:控制器可以使用PacketOut消息,告诉交换机某一个数据包如何处理。
/* Action structure for OFPAT_OUTPUT, which sends packets out 'port'.
* When the 'port' is the OFPP_CONTROLLER, 'max_len' indicates the max
* number of bytes to send. A 'max_len' of zero means no bytes of the
* packet should be sent.*/
struct ofp_action_output {
uint16_t type; /* OFPAT_OUTPUT. */
uint16_t len; /* Length is 8. */
uint16_t port; /* Output port. */
uint16_t max_len; /* Max length to send to controller. */
};
OFP_ASSERT(sizeof(struct ofp_action_output) == 8);
/* Send packet (controller -> datapath). */
struct ofp_packet_out {
struct ofp_header header;
uint32_t buffer_id; /* ID assigned by datapath (-1 if none). */
uint16_t in_port; /* Packet's input port (OFPP_NONE if none). */
uint16_t actions_len; /* Size of action array in bytes. */
struct ofp_action_header actions[0]; /* Actions. */
/* uint8_t data[0]; */ /* Packet data. The length is inferred
from the length field in the header.
(Only meaningful if buffer_id == -1.) */
};
OFP_ASSERT(sizeof(struct ofp_packet_out) == 16);
(三)个人总结
1.实验难度:
本次实验的难度不是特别大,是验证性的实验,只要实验步骤正确,一般是可以得到正确的结果的,就是图有点多,但是本次实验更多的是通过Wireshark对OpenFlow 协议数据交互过程进行抓包,对于OpenFlow协议的分析,来进一步理解与分析 OpenFlow协议的数据包交互过程与机制,还有对于openflow头文件各种数据包结构的学习与了解会较为困难
2.实验过程遇到的困难:
就是一开始找不到 FLOW_MOD ,后来通过在命令框里的 CLI 中执行 pingall 与links命令后,就可以再wireshark抓包工具中看见 FLOW_MOD的数据包了
3.个人感想:
通过本次实验的学习,学习了利用过滤器对抓取的数据包并用过滤方法来找到所需要的数据包。同时在抓包结果与openflow头文件源码对照学习中更了解openflow主要消息类型对应的数据结构定义,OpenFlow协议的数据包交互过程与机制。
标签:struct,OpenFlow,实践,uint8,header,ofp,uint16,实验,port From: https://www.cnblogs.com/zxxsss/p/16734172.html