> From: shashaankar reddy <[email protected]> > Subject: L3_learning blocking flows > Date: November 23, 2012 11:14:26 AM PST > To: [email protected]
> 2) Implementing Broadcast domain dissection (VLAN) of switch ingress/outgress > ports i.e. grouping switch ports so that broadcast traffic will be sent on > these ports itself. See below, but l3_learning doesn't broadcast at all except sometimes for ARP, so I'm not sure I know what this means in the context of l3_learning. > For the above requirements I'm using l3_learning.py for making changes to > implement the above two requirements. I don't think I would. I think I'd base it on l2_learning if I were you. l3_learning is a bit of a strange animal; unless you've taken the time to understand what it does, you probably don't want it. > I have couple of question regarding the l3_learning > > 1) Does it work for multiple switches in the network. > Since I have to use a network as follows: > c0-controller, (s1 - s2) (s1 - s3) (h1 - s2) (s2 - h2) (s3 - h3) (s3 - h4) > where controller will be running on c0 and there are 3 switches in the > network. > For the above requirements I need to maintain separate configuration for each > and every switch in the network in this case it is 3 switches. Yes, l3_learning does handle multiple switches, but you'll have to separate out your configuration yourself (by having a dictionary keyed the the individual switch DPIDs or something). l2_learning, on the other hand, creates an individual class for each connection from a switch, which I think will make it easier for you to keep separate configuration. > 2) How can I implement the drop functionality for blocking flows based on ip > addresses and application port numbers. > Can I use a similar function that is used in l2_learning.py In the PacketIn handler, check properties of the incoming packet (the event's "parsed" attribute). If you don't want it, you should send back a packet_out referencing the buffer but with no actions (this will cause the switch to throw the buffer away). Alternately, you might install a short-lived flow to match the packet so that if there are a bunch of similar packets, you don't have to handle them separately. There's a function in l2_learning that does either of these, which is probably what you were referring to. So yes, you can do that. > 3) Is there a way where I can capture all the switches configuration in the > network. This I need it because I need to input flow policies based on number > of switches available and the number of ingress/outgress ports available at > each switch. I'm not sure what you mean. Maybe you can explain further what you need? You can examine which switches are currently connected by iterating over core.openflow.connections. That will give you each of the Connection objects. You can then inspect their "ports" attributes to see their ports, but I don't know what you mean by ingress/outgress in this context. -- Murphy
