########################################################################################## ### SDN-NAPT: a prototype SDN controller to set up communication among federated networks. ### ### This software has been developed by Gabriele Lospoto, Roberto di Lallo and Massimo ### Rimondini within the research line described at ### http://www.dia.uniroma3.it/~compunet/www/view/topic.php?id=sdn ### ### Last update: 25 Sep 2015 ########################################################################################## This file describes how to quickly set up an emulated network that runs NAPT services based on our SDN controller. The following pieces of software should be installed on your machine before being able to experiment with our controller: - Mininext (https://github.com/USC-NSL/miniNExT) - Open vSwitch (http://openvswitch.org/) - Ryu (http://osrg.github.io/ryu/) Being a prototype, the currently published controller implementation is subject to the following limitations: - it is only compatible with the provided topology and the associated IP configuration; - it does not support any exchange of messages among controllers: instead, a single controller is used to coordinate all the datapaths. === GETTING STARTED === 1. Start a network topology, and the associated IP configurations Enter directory "SDN-NAPT-controller/topologies/two-ases" and execute the following command: sudo ./topo.py If all the software is properly installed, MiniNExT should automatically be invoked and build the requested network topology. At the end of the process, which is expected to be pretty fast, the MiniNExT prompt should then be displayed. The constructed topology has the following layout and assignment of IP addresses: ______ ______ 10.0.0.254 ______ 10.10.1.1 10.10.1.2 ______ | |1 2| |1 3| |1 1| | | h1_a +----------+ ce1a +------------+ r1_a +---------------------+ r2_a | |______|10.0.0.1 |______| |______| |______| 10.10.1.13|2 10.10.1.5|2 | | | | 10.10.1.14|1__ 10.10.1.10 10.10.1.9 __|2_10.10.1.6 | |2 1| | | r4_a +---------------------+ r3_a | ISP A |______| |______| 10.10.1.22|3 |3 10.10.1.17 | | | | 10.10.1.21|1__ 10.10.1.18 | | |2 | | r5_a +------------------------+ |______| 192.168.1.1|3 | | ======================================= | ======================================= | | 192.168.1.2|3__ | | | r5_b +--------------------------+ |______|2 | 10.10.10.21|1 10.10.10.18 | | | | | ISP B 10.10.10.22|3__ __|3_10.10.10.17 | | | | | r4_b +-----------------------+ r3_b | |______|2 1|______| 10.10.10.14|1 10.10.10.10 10.10.10.9 |2 10.10.10.6 | | | | ______ ______ 10.10.10.13|2__ 10.10.10.5|2__ | |10.0.1.1 | | | | | | | h1_b +----------+ ce1b +------------+ r1_b +-----------------------+ r2_b | |______|1 2|______|1 3|______|1 1|______| 10.0.1.254 10.10.10.1 10.10.10.2 In this topology: - h1_a and h1_b are hosts with private IP addresses; - ce1a and ce1b are CPE devices which are implemented as SDN switches and perform address translation; - each ISP runs the OSPF routing protocol within its own network; - r5_a and r5_b establish a BGP peering to support communication between ISP A and ISP B. 2. Start the SDN-NAPT controller Enter directory "controller" and run the following command: $ ./start-controller.sh 3. Test the network You can now interact with MiniNExT to verify the operation of address translation mechanisms that support the communication between h1_a and h1_b (for further information about MiniNExT commands, please refer to https://github.com/USC-NSL/miniNExT). The simplest possible interaction that allows to observe port translaction in action is to establish a TCP connection between the two hosts h1_a and h1_b using netcat. To do this, open an xterm on each host: mininext> xterm h1_a mininext> xterm h1_b Then put host h1_b in listening mode using this command in its xterm: $ nc -l port-number where "port-number" is a TCP port number of your choice. After that, connect host h1_a host to h1_b host using the following command in h1_a's xterm: $ nc 10.0.1.1 port-number At this point, any terminal input in h1_a's xterm will be transmitted to h1_b over a TCP connection. You can use a network sniffer to observe address translation taking place between h1_a and h1_b. === NOTES === - Once you have launched the network in MiniNExT, you have to wait a few minutes before being able to using it, because of the convergence time of the involved routing protocols. - Experimenting with other network services and tools such as iperf and apache is of course possible.