hi McCauley,
By original connection I mean that the connection is to a machine on port
2 (so no header rewriting to the machine on port 2), but i am trying to
interpret it and send it to a machine on port 3. I am trying to do this
in the mininet, so is it possible to achieve the approach you have
mentioned in mininet?
regards,
kalapriya.
From: Murphy McCauley <jam...@nau.edu>
To: Kalapriya Kannan1/India/IBM@IBMIN
Cc: nox-dev@noxrepo.org
Date: 08/24/2011 07:30 AM
Subject: Re: [nox-dev] IP header rewriting in PySwitch
It's difficult to guess from here.
One thing that strikes me is that you say that it works if you send it to
a machine on port 2, but not to a machine on port 3. I assume you mean if
you change the destination IP address and destination ethernet address AND
send it out port 2.
I'm not sure what you're trying to accomplish, but one thing to consider
might be to actually create a proxy process. Have it listen on some port.
When you see a connection you want to proxy, install a flow to rewrite
the header and output port so it ends up at the proxy. Then have the
proxy connect to the remote host. This is going to be way more efficient
than having every packet from the flow go through OpenFlow and NOX.
-- Murphy
On Aug 23, 2011, at 6:32 PM, Kalapriya Kannan1 wrote:
hi Murphy,
I take your suggestion that we should install flows to rewrite headers,
but the scenario I wanted to handle is somewhat like a proxy scenario that
interprets a tcp connection and tries to open a new tcp connection to a
new destination. I try to do this ..
# Receive the packet from the inport
if (inport =1 )
ippacket =packet.find('ipv4')
#change the sequence and ack to X and Y, sequence number seems to be
correct as i can see the packet in the wireshark.
tcppacket.seq =X
tcppacket.ack = Y
ippacket.set_payload(tcppacket)
#change the destination ip
ippacket.dstip = convert_to_ipaddr("X.X.X.X")
#create a ethernet packet and set this ip as payload
replypkt =ethernet()
replypkt.set_payload(ippacket)
#find the tcp packet in this ethernetpacket and calculate the sum
outgoing_tcp = replypkt.find('tcp')
outgoing_tcp.csum = outgoing_tcp.checksum()
#set the tcp back as payload for ip and then for ethernet
ippacket.set_payload(outgoing_tcp)
replypkt.set_payload(ippacket)
replypkt.type = ethernet.IP_TYPE
replypkt.src = octstr_to_array("00:00:00:00:00:0b")
replypkt.dst = octstr_to_array("00:00:00:00:00:0d")
#Send it to a host on port 3, the orginal packets are actually destined to
a machines on port 2, but i am redirecting with header rewritten to port 3
outport=3
inst.send_openflow_packet(dpid,replypkt.tostring(),3)
I am again able to see this packet in the wireshark (sequence numbers
seems to be correct) and also in the tcp dump of the host machine (on port
3). If i directly send the packets to port 2 (original connection), the
connection is established and the application responds with a message that
connection is established. But with port 3 it is not happening on the host
machine.
From: Murphy McCauley <jam...@nau.edu>
To: Kalapriya Kannan1/India/IBM@IBMIN
Cc: nox-dev@noxrepo.org
Date: 08/21/2011 01:04 AM
Subject: Re: [nox-dev] IP header rewriting in PySwitch
Well for one thing, the checksum in the TCP portion is going to be wrong
since you changed the IP address.
So you'll need to have something similar to the following in there before
you actually send it:
tcppkt = replypkt.find('tcp')
if tcppkt is not None: tcppkt.csum = tcppkt.checksum()
(That's from memory, it might be a bit off.)
I'm not sure what other problems you might have with the packet. That one
should have actually showed up in Wireshark, though. Please take a close
look at the packet that actually gets to the destination and make sure
it's all correct.
Another problem you may be having is that if you let pyswitch install a
flow, you'll stop seeing these packets at the controller and thus stop
being able to rewrite them.
If all you want to do is rewrite some fields in the IP header, you should
consider using OpenFlow to do it (by installing a flow with some rewrite
actions) rather than actually doing it within NOX.
Hope that helps.
-- Murphy
On Aug 20, 2011, at 10:51 AM, Kalapriya Kannan1 wrote:
hi,
I am trying to re-write IP header in pyswitch using the following code
below
/* obtain ip header and packet for the incoming packet*.
if packet.type == ethernet.IP_TYPE:
iph = packet.find('ipv4')
/* if there is a incoming packet in port 1, rewrite the header to have
destination ip address to "X.X.X.X" */
if(inport ==1 ):
iph.dstip = convert_to_ipaddr("X.X.X.X")
replypkt =ethernet()
replypkt.set_payload(iph)
replypkt.type = ethernet.IP_TYPE
replypkt.src = octstr_to_array("00:00:00:00:00:0b")
replypkt.dst = octstr_to_array("00:00:00:00:00:0d")
outport=3
inst.send_openflow_packet(dpid,replypkt.tostring(),outport)
print "Information in the outgoing packet"
ip_packet = replypkt.find('ipv4')
print ip_packet
print ip_packet.srcip
print ip_packet.dstip
I extract the ip, change the dstip in ip header to X.X.X.X. A ethernet
packet is created which will carry this IP in its payload.
I try to perform a simple TCP connection.
Using wireshark I am able to see a TCP syn packet arriving at port 3. A
host whose IP is X.X.X.X attached to port 3 with ethernet address
"00:00:00:00:00:0d" is also able to receive it. I am able to observe this
using tcpdump. But the host on port 3 is not generating a syn +ack packet
in response to this syn. Am I missing something?
_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev
_______________________________________________
nox-dev mailing list
nox-dev@noxrepo.org
http://noxrepo.org/mailman/listinfo/nox-dev
