实验3：OpenFlow协议分析实践

实验3：openflow协议分析实践

一、实验目的

1.能够运用 wireshark 对 openflow 协议数据交互过程进行抓包；

2.能够借助包解析工具，分析与解释 openflow协议的数据包交互过程与机制。

二、实验环境

1.下载虚拟机软件oracle visualbox；

2.在虚拟机中安装ubuntu 20.04 desktop amd64，并完整安装mininet；

三、实验要求

搭建下图所示拓扑，完成相关 ip 配置，并实现主机与主机之间的 ip 通信。用抓包软件获取控制器与交换机之间的通信数据包。

主机

ip地址

h1

192.168.0.101/24

h2

192.168.0.102/24

h3

192.168.0.103/24

h4

192.168.0.104/24

回答问题：交换机与控制器建立通信时是使用tcp协议还是udp协议？

tcp协议

将抓包结果对照openflow源码，了解openflow主要消息类型对应的数据结构定义。相关数据结构可在openflow安装目录openflow/include/openflow当中的openflow.h头文件中查询到

struct ofp_header {

uint8_t version; /* ofp_version. /

uint8_t type; / one of the ofpt_ constants. /

uint16_t length; / length including this ofp_header. /

uint32_t xid; / transaction id associated with this packet.

replies use the same id as was in the request

to facilitate pairing. */

};

struct ofp_hello {

struct ofp_header header;

/* switch configuration. /

struct ofp_switch_config {

uint16_t flags; / ofpc_* flags. /

uint16_t miss_send_len; / max bytes of new flow that datapath should

send to the controller. */

/* a physical port has changed in the datapath /

struct ofp_port_status {

uint8_t reason; / one of ofppr_*. /

uint8_t pad[7]; / align to 64-bits. */

struct ofp_phy_port desc;

struct ofp_switch_features {

uint64_t datapath_id; /* datapath unique id. the lower 48-bits are for

a mac address, while the upper 16-bits are

implementer-defined. */

uint32_t n_buffers; /* max packets buffered at once. */

uint8_t n_tables; /* number of tables supported by datapath. /

uint8_t pad[3]; / align to 64-bits. */

/* features. /

uint32_t capabilities; / bitmap of support "ofp_capabilities". /

uint32_t actions; / bitmap of supported "ofp_action_type"s. */

/* port info./

struct ofp_phy_port ports[0]; / port definitions. the number of ports

is inferred from the length field in

the header. /

/ description of a physical port /

struct ofp_phy_port {

uint16_t port_no;

uint8_t hw_addr[ofp_eth_alen];

char name[ofp_max_port_name_len]; / null-terminated */

uint32_t config; /* bitmap of ofppc_* flags. /

uint32_t state; / bitmap of ofpps_* flags. */

/* bitmaps of ofppf_* that describe features. all bits zeroed if

unsupported or unavailable. /

uint32_t curr; / current features. /

uint32_t advertised; / features being advertised by the port. /

uint32_t supported; / features supported by the port. /

uint32_t peer; / features advertised by peer. */

(1).交换机查找流表，发现没有匹配条目

enum ofp_packet_in_reason {

ofpr_no_match, /* no matching flow. /

ofpr_action / action explicitly output to controller. */

(2).有匹配条目,对应的action是output=controller,固定收到向控制器发送包

struct ofp_packet_in {

uint32_t buffer_id; /* id assigned by datapath. /

uint16_t total_len; / full length of frame. /

uint16_t in_port; / port on which frame was received. /

uint8_t reason; / reason packet is being sent (one of ofpr_*) /

uint8_t pad;

uint8_t data[0]; / ethernet frame, halfway through 32-bit word,

so the ip header is 32-bit aligned. the

amount of data is inferred from the length

field in the header. because of padding,

offsetof(struct ofp_packet_in, data) ==

sizeof(struct ofp_packet_in) - 2. */

struct ofp_packet_out {

uint32_t buffer_id; /* id assigned by datapath (-1 if none). /

uint16_t in_port; / packet's input port (ofpp_none if none). /

uint16_t actions_len; / size of action array in bytes. /

struct ofp_action_header actions[0]; / actions. /

/ uint8_t data[0]; / / packet data. the length is inferred

from the length field in the header.

(only meaningful if buffer_id == -1.) */

8.flow_mod

struct ofp_flow_mod {

struct ofp_match match; /* fields to match /

uint64_t cookie; / opaque controller-issued identifier. */

/* flow actions. /

uint16_t command; / one of ofpfc_. /

uint16_t idle_timeout; / idle time before discarding (seconds). /

uint16_t hard_timeout; / max time before discarding (seconds). /

uint16_t priority; / priority level of flow entry. /

uint32_t buffer_id; / buffered packet to apply to (or -1).

not meaningful for ofpfc_delete. /

uint16_t out_port; / for ofpfc_delete* commands, require

matching entries to include this as an

output port. a value of ofpp_none

indicates no restriction. /

uint16_t flags; / one of ofpff_. /

struct ofp_action_header actions[0]; / the action length is inferred

from the length field in the

header. /

struct ofp_action_header {

uint16_t type; / one of ofpat_. /

uint16_t len; / length of action, including this

header. this is the length of action,

including any padding to make it

64-bit aligned. */

uint8_t pad[4];

四.实验总结