Sometimes people use distributed code as templates for what they write.
I thought I'd point out that dnsspy might not be something one wants to
use for this.
In src/nox/coreapps/examples/dnsspy.py is
def dp_join(self, dpid, stats):
# Make sure we get the full DNS packet at the Controller
self.install_datapath_flow(dpid,
{ core.DL_TYPE :
ethernet.ethernet.IP_TYPE,
core.NW_PROTO :
ipv4.ipv4.UDP_PROTOCOL,
core.TP_SRC : 53 },
openflow.OFP_FLOW_PERMANENT,
openflow.OFP_FLOW_PERMANENT,
[[openflow.OFPAT_OUTPUT, [0,
openflow.OFPP_CONTROLLER]]])
return CONTINUE
If you execute this, you'll find you will get error messages about
0-length packets.
The "[0, openflow.OFPP_CONTROLLER]" indicates that the matching packets
are to be
sent to the controller, but only to a maximum length of 0.
0 should be replaced with the something like 128 to get enough of the
packet to do most things. (or set it to 1600 (depending on MTU) to grab
the whole packet). [FYI, if you get the whole packet, I believe you
will get buffer_id = -1]
Ah... I just realized another bug in this code. The above Flow Mod
rule will cause every DNS answer packet to be kicked out to the
controller. However, in dnsspy, the packet is never sent back to the OF
switch to be delivered to its destination. No one will ever hear a UDP
DNS response through a switch running this.
