I'm building an SDN testbed consists of an OpenvSwitch switch installed on Linux Ubuntu 18.04 and 5 VMs (Linux Ubuntu 16.04 server) running on VirtualBox. The OVS is managed by OpenDaylight Boron.
When I use ip tuntap add mode tap tapN to create taps to link the VMs to OVS, everything works just fine and I can ping between VMs "within the same subnet". however when I try: ovs-ofctl -O OpenFlow13 dump-ports br0, statistics such as (rx pkts and tx pkts) show only Zeros on all ports except the LOCAL port.
But when I use ovs-vsctl add-port br0 vnet0 -- set Interface tapN type=internal to create the taps, I can see statistics on all ports even if only one device pings another one.
My questions:
Why (dump-ports) doesn't show statistics in the first case?
Is it Ok to continue use (ovs internal taps) in my testbed as described in the second case?
Here is the complete OVS configuration case 1:
ovs-vsctl add-br br0
ip tuntap add mode tap vnet0
ip tuntap add mode tap vnet1
ip tuntap add mode tap vnet2
ip tuntap add mode tap vnet3
ip tuntap add mode tap vnet4
ip tuntap add mode tap vnet5
ip link set vnet0 up
ip link set vnet1 up
ip link set vnet2 up
ip link set vnet3 up
ip link set vnet4 up
ip link set vnet5 up
ovs-vsctl add-port br0 vnet0
ovs-vsctl add-port br0 vnet1
ovs-vsctl add-port br0 vnet2
ovs-vsctl add-port br0 vnet3
ovs-vsctl add-port br0 vnet4
ovs-vsctl add-port br0 vnet5
ifconfig br0 up
ovs-vsctl set bridge br0 protocols=OpenFlow13
ovs-vsctl set-controller br0 tcp:10.10.80.50:6633
Related
I have a board with one ethernet interface (eth0) running Linux.
I'm trying to forward all incoming traffic from eth0 to my PMD driver, using dpdk-l2fwd example application.
Here is what I've tried:
./dpdk-l2fwd -c 0x3 --vdev={my_pmd}0 -- -p 0x3 -T 0
I can see that my rx_pkt_burst callback is polled by the application, but that's it.
How can I forward all incoming eth0 packets to my PMD?
I tried to use net_tap, using the following command:
./dpdk-l2fwd -c 0xff --vdev=net_tap0 --vdev={my_pmd}0 -- -p 0x7 -T 0 --portmap="(1,2)"
And my tx_pkt_burst callback is called occasionally, but not when I think it should be called.
For example, if I ping this board from another one, the ping is successful, but the tx_pkt_burst callback is not been called.
I tried to use devbind tool, but no devices are detected:
./usertools/dpdk-devbind.py --status
No 'Network' devices detected
=============================
No 'Baseband' devices detected
==============================
No 'Crypto' devices detected
============================
No 'Eventdev' devices detected
==============================
No 'Mempool' devices detected
=============================
No 'Compress' devices detected
==============================
No 'Misc (rawdev)' devices detected
===================================
No 'Regex' devices detected
===========================
Update
DPDK version - 20.11.
My HW is a embedded device based on NXP's Layerscape.
$ lshw -class network
*-network
description: Ethernet interface
physical id: 3
logical name: eth0
serial: 00:11:22:44:11:44
size: 1Gbit/s
capacity: 1Gbit/s
capabilities: ethernet physical tp mii 10bt-fd 100bt-fd 1000bt-fd autonegotiation
configuration: autonegotiation=on broadcast=yes driver=fsl_dpaa2_eth driverversion=5.10.35-00002-g3434eea0e1e7-dir duplex=full firmware=7.17 ip=192.168.15.157 link=yes multicast=yes port=twisted pair speed=1Gbit/s
I'm trying to bypass all traffic to the PMD I'm currently developing.
Thanks.
[EDIT-1] clarification of using same interface for DPDK and Kernel routing
Answer> as discussed over comments please refer to DPDKD + kernel on same interface
Based on the information shared there are multiple questions to the single query I'm trying to bypass all traffic to the PMD I'm currently developing. Addressing each one separately below
question 1: using dpdk-l2fwd example application
Answer> DPDK application l2fwd application makes use of basic APi with almost no HW offloads. Based on your environment (I have a board with one ethernet interface (eth0)), the right set of parameters should be -p 0x1 --no-mac-updating -T 1. This will configure the application to receive and transmit packet using single DPDK interface (that is eth0 on your board).
Note: DPDK Application can work with DPDK PMD both physical and virtual
question 2: I tried to use net_tap, using the following command:
Answer> If the intend is to intercept the traffic from physical and then forward to tap interface, then one needs modify the eal arguments as ./build/l2fwd --vdev=net_tap0,iface="my_eth0" -- -p 0x3 -T 1 --no-mac-updating. This will allow the application to probe physical NXP interface (eth0) and make use of Linux TAP interface as secondary interface. Thus any traffic from NXP and TAP will be cross connected such as NXP (eth0) <==> TAP (my_eth0)
question 3: ./usertools/dpdk-devbind.py --status returns empty
Answer> Form the dpdk site supported NIC list NXP dpaa, dpaa2, enetc, enetfec, pfe. Cross checking the kernel driver fsl_dpaa2_eth I think it is safe to assume dpaa2 PMD is supported. As you have mentioned the NIC is not enumerated, it looks like there are certain caveats to such model revision, supported board, BSP package, vendor-sub vendor ID check etc. More details can be found Board Support Package, and DPAA2 NIC guide
Debug & Alternative solutions:
To start with use the Kernel Driver to bring in packets
Use extra logging and debug to identify why the NIC is shown in the application
Approach 1:
Make sure the NIC is bind with kernel driver fsl_dpaa2_eth.
ensure NIC is connected and link is up with ethtool eth0
set to promiscous mode with ifconfig eth0 promisc up
start DPDK application with PCAP PMD, ./build/l2fwd --vdev=net_pcap0,iface=eth0 -- -p 1 --no-mac-updating -T 1
Check packet are received and redirected to PCAP eth0 PMD by checking the statistics.
Approach 2:
Ideally the NIC should be categorized under network device to be probed by debind.py.
Check the device details using lshw -c net -businfo for network.
try checking with lspci -Dvmmnnk [PCIe BUS:Slot:Function id] for network details.
If above details does not show up as network device this might be reason for not getting listed.
Suggestions or workaround: You can try to forcefully bind with igb_uio or vfio-pci (I am not much famialr with NXP SoC) by dpdk-devbind -b vfio-pci [PCIe S:B:F]. Then cross check with lspci -ks [PCIe S:B:F]. Once successfully done, one can start dpdk l2fwd in PMD debug mode with ./build/l2fwd -a [PCIe S:B:F] --log-level=pmd,8 -- -p 1 --no-mac-updating | more. Thus by intercepting and interpreting the logs one can identify what is going
Note:
It is assumed the application is build with static libraries and not dynamic. To build with static libraries use make static for l2fwd.
For the described use case recommended application is basicfwd/skeleton rather than l2fwd.
Found the problem.
I had to unbind eth0 from Linux kernel.
Now I can simply run:
./dpdk-l2fwd -c 0x3 --vdev={MY_PMD}0 -- -p 0x3 -T 1
And all traffic in the physical port is forwarded to my PMD.
I have a google VM instance that has no external IP address assigned. I intend to establish SSH connection through PyCharm installed on my local machine (running macOS).
This can be done in terminal through gcloud IAP tunnel:
gcloud compute ssh <instance_name> --tunnel-through-iap
The entry added to ~./ssh/config for the instance is as following:
Host compute.<instance_id>
HostName compute.<instance_id>
IdentityFile /Users/<user_name>/.ssh/google_compute_engine
CheckHostIP no
HostKeyAlias compute.<instance_id>
IdentitiesOnly yes
StrictHostKeyChecking yes
UserKnownHostsFile /Users/<user_name>/.ssh/google_compute_known_hosts
ProxyCommand /Users/<user_name>/miniconda3/bin/python3 -S /Users/<user_name>/google-cloud-sdk/lib/gcloud.py beta compute start-iap-tunnel <instance_name> %p --listen-on-stdin --project=<project_name> --zone=us-central1-a --verbosity=warning
ProxyUseFdpass no
User <user_name>
With VS Code's Remote-SSH plugin, this setting can be used directly to establish SSH connection with no problem (example).
However, I have difficulty setting up the connection via PyCharm. The SSH Configurations tab takes:
- Host: compute.<instance_id>
- User name: compute.<instance_id>
- Port: 22
- Authentication type: key pair
- Private key file: path to ~/.ssh/google_compute_engine
and throws an exception for Host not being in the correct format.
If I try the internal IP address of the VM instance as host, the connection times out.
Is there a plugin similar to Remote-SSH in VS Code for PyCharm that can work properly with an IAP-tunnel? Or any other way this can be set up without exposing or assigning an External IP to the VM instance?
I know it's been a while, but I was just working on the same thing. I used the same config entry in ~./ssh/config, but PyCharm is doing some checks to make sure that top level Host value is valid (even though it isn't being used). I replaced that with something that would pass their validation checks, but I know I'd never actually use (to avoid potential conflicts).
For example, you can update to this:
Host mahmoud.local
HostName compute.<instance_id>
IdentityFile /Users/<user_name>/.ssh/google_compute_engine
CheckHostIP no
HostKeyAlias compute.<instance_id>
IdentitiesOnly yes
StrictHostKeyChecking yes
UserKnownHostsFile /Users/<user_name>/.ssh/google_compute_known_hosts
ProxyCommand /Users/<user_name>/miniconda3/bin/python3 -S /Users/<user_name>/google-cloud-sdk/lib/gcloud.py beta compute start-iap-tunnel <instance_name> %p --listen-on-stdin --project=<project_name> --zone=us-central1-a --verbosity=warning
ProxyUseFdpass no
User <user_name>
Then when you configure the SSH connection in PyCharm, you will want to use Host = mahmoud.local
Yes, also got it to work with the ~/.ssh/config host. At first I got a fingerprint error, but I turned off StrictHostkeyChecking and that solved it:
Host lukas-notebook-gpu
HostName compute.1234
IdentityFile /Users/lbatteau/.ssh/google_compute_engine
CheckHostIP no
HostKeyAlias compute.1234
IdentitiesOnly yes
StrictHostKeyChecking no
HashKnownHosts no
UserKnownHostsFile /Users/lbatteau/.ssh/google_compute_known_hosts
ProxyCommand /Users/lbatteau/.config/gcloud/virtenv/bin/python3 /Users/lbatteau/google-cloud-sdk/lib/gcloud.py compute start-iap-tunnel lukas-notebook-gpu %p --listen-on-stdin --project=myproject --zone=europe-west4-a --verbosity=warning
ProxyUseFdpass no
TLDR:
I have 2 google compute engine instances, I've installed mpich on both.
When I try to run a sample I get Host key verification failed.
Detailed version:
I've followed this tutorial in order to get this task done: http://mpitutorial.com/tutorials/running-an-mpi-cluster-within-a-lan/.
I have 2 google compute engine vms with ubuntu 14.04 (the google cloud account is a trial one, btw). I've downloaded this version of mpich on both instances: http://www.mpich.org/static/downloads/3.3rc1
/mpich-3.3rc1.tar.gz and I installed it using these steps:
./configure --disable-fortran
sudo make
sudo make install
This is the way the /etc/hosts file looks on the master-node:
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
169.254.169.254 metadata.google.internal metadata
10.128.0.3 client
10.128.0.2 master
10.128.0.2 linux1.us-central1-c.c.ultimate-triode-161918.internal linux
1 # Added by Google
169.254.169.254 metadata.google.internal # Added by Google
And this is the way the /etc/hosts file looks on the client-node:
127.0.0.1 localhost
# The following lines are desirable for IPv6 capable hosts
::1 ip6-localhost ip6-loopback
fe00::0 ip6-localnet
ff00::0 ip6-mcastprefix
ff02::1 ip6-allnodes
ff02::2 ip6-allrouters
ff02::3 ip6-allhosts
169.254.169.254 metadata.google.internal metadata
10.128.0.2 master
10.128.0.3 client
10.128.0.3 linux2.us-central1-c.c.ultimate-triode-161918.internal linux
2 # Added by Google
169.254.169.254 metadata.google.internal # Added by Google
The rest of the steps involved adding an user named mpiuser on both nodes and configuring passwordless ssh authentication between the nodes. And configuring a cloud shared directory between nodes.
The configuration worked till this point. I've downloaded this file https://raw.githubusercontent.com/pmodels/mpich/master/examples/cpi.c to /home/mpiuser/cloud/mpi_sample.c, compiled it this way:
mpicc -o mpi_sample mpi_sample.c
and issued this command on the master node while logged in as the mpiuser:
mpirun -np 2 -hosts client,master ./mpi_sample
and I got this error:
Host key verification failed.
What's wrong? I've tried to troubleshoot this problem over more than 2 days but I can't get a valid solution.
Add
package-lock.json
in ".gcloudignore file".
And deploy it again.
It turned out that my password less ssh wasn't configured properly. I've created 2 new instances and did the following things to get a working password less and thus get a working version of that sample. The following steps were execute on an ubuntu server 18.04.
First, by default, instances on google cloud have PasswordAuthentication setting turned off. In the client server do:
sudo vim /etc/ssh/sshd_config
and change PasswordAuthentication no to PasswordAuthentication yes. Then
sudo systemctl restart ssh
Generate a ssh key from the master server with:
ssh-keygen -t rsa -b 4096 -C "user.mail#server.com"
Copy the generated ssh key from the master server to the client
ssh-copy-id client
Now you get a fully functional password less ssh from master to client. However mpich still failed.
The additional steps that I did was to copy the public key to the ~/.ssh/authorized_keys file, both on master and client. So execute this command from both servers:
sudo cat .ssh/id_rsa.pub >> .ssh/authorized_keys
Then make sure the /etc/ssh/sshd_config files from both the client and server have the following configurations:
PasswordAuthentication no
ChallengeResponseAuthentication no
UsePAM no
Restart the ssh service from both client and master
sudo systemctl restart ssh
And that's it, mpich works smoothly now.
I am new to mininet and I was trying to build a mininet topology which uses a remote SDN controller.
I tried using floodlight as the remote controller. I installed it and ran it and it is running on "localhost:6653". But it is also running on 192.168.122.1:6653 (And I have no idea why).
192.168.122.1 is my virbr0 interface's address. In my mininet VM which is in virtualbox i have two network adapters.
NAT
Host only adapter
And for host only adapter i have the following configuration.
Adapter settings:
Ipv4 address: 192.168.56.1 and net mask: 255.255.255.0
DHCP server settings: Sever ip= 192.168.56.100; net mask= 255.255.255.0; Lower bound Ip: 192.168.56.101; Upper bound Ip: 192.168.56.254
To avoid confusion i have added the screenshots as well.
I tried the following command to build my topology:
sudo mn --controller=remote,ip=192.168.122.1,port=6653
I get the following response from mininet
Unable to contact remote controller 192.168.122.1:6653
I have tried changing ip to 192.168.56.1 but that also didn't work.
Any kind of help will be appreciated.
Thanks.
As per your setup, I guess FLC is running on Host OS and mininet is running in Oracle VM.
Your Host-Only network is useful if you are trying to reach something deployed in VM from your Host Os.
It will not work other way around. Here you want to access FLC running on Host inside your VM.
I would suggest using Floodlight VM for Virtual Box. It has mininet and FLC inbuild.
Once imported. Start VM.
Credentials: floodlight/floodlight
Inside VM start FLC
Do ifconfig ithe n terminal and get IP
change to that IP in this
sudo mn --controller=remote,ip=192.168.122.1,port=6653
and execute, all will work fine.
You can access FLC in Host using above IP
Closed. This question is off-topic. It is not currently accepting answers.
Want to improve this question? Update the question so it's on-topic for Stack Overflow.
Closed 10 years ago.
Improve this question
Here is my setup:
- Host: Windows XP
- Guest: Ubuntu 10.04
- Networking: NAT
I am setting an Apache web server on the Guest, but I want to be able to do this on the Windows machine:
- go to the browser, type http://localhost:8000
Also, I tried to change my networking to bridge and I got a new IP. But when I tried to do http://:8000, it says that it could not connect.
Network communication Host -> Guest
Connect to the Guest and find out the ip address:
ifconfig
example of result (ip address is 10.0.2.15):
eth0 Link encap:Ethernet HWaddr 08:00:27:AE:36:99
inet addr:10.0.2.15 Bcast:10.0.2.255 Mask:255.255.255.0
Go to Vbox instance window -> Menu -> Network adapters:
adapter should be NAT
click on "port forwarding"
insert new record (+ icon)
for host ip enter 127.0.0.1, and for guest ip address you got from prev. step (in my case it is 10.0.2.15)
in your case port is 8000 - put it on both, but you can change host port if you prefer
Go to host system and try it in browser:
http://127.0.0.1:8000
or your network ip address (find out on the host machine by running: ipconfig).
Network communication Guest -> Host
In this case port forwarding is not needed, the communication goes over the LAN back to the host.
On the host machine - find out your netw ip address:
ipconfig
example of result:
IP Address. . . . . . . . . . . . : 192.168.5.1
On the guest machine you can communicate directly with the host, e.g. check it with ping:
# ping 192.168.5.1
PING 192.168.5.1 (192.168.5.1) 56(84) bytes of data.
64 bytes from 192.168.5.1: icmp_seq=1 ttl=128 time=2.30 ms
...
Firewall issues?
#Stranger suggested that in some cases it would be necessary to open used port (8000 or whichever is used) in firewall like this (example for ufw firewall, I haven't tested):
sudo ufw allow 8000
That's not possible. localhost always defaults to the loopback device on the local operating system.
As your virtual machine runs its own operating system it has its own loopback device which you cannot access from the outside.
If you want to access it e.g. in a browser, connect to it using the local IP instead:
http://192.168.180.1:8000
This is just an example of course, you can find out the actual IP by issuing an ifconfig command on a shell in the guest operating system.