Friday, October 10, 2014

[ZT]Pantou : OpenFlow 1.0 for OpenWRT

http://archive.openflow.org/wk/index.php/Pantou_:_OpenFlow_1.0_for_OpenWRT



Pantou : OpenFlow 1.0 for OpenWRT

Contents

Overview

Pantou turns a commercial wireless router/Access Point to an OpenFlow-enabled switch. OpenFlow is implemented as an application on top of OpenWrt. Pantou is based on the BackFire OpenWrt release (Linux 2.6.32). The OpenFlow module is based on the Stanford reference implementation (userspace).

Supported Devices

This list is supposed to grow with time. Contact us if you were able to use Pantou to a device not listed here.
Device Download Chipset CPU Notes OpenWrt info page
LinkSys WRT54GL img Broadcom 200MHz notes info
TP-LINK TL-WR1043ND (v1.7) img Atheros 400MHz notes info
TP-LINK TL-WR1043ND (v1.8) img Atheros 400MHz compiled by Andrew Ferguson @ Brown (not-tested) info
Generic Broadcom img (trx) Broadcom BCM47xx

Update your Device

To make your router an OpenFlow-enabled switch you need to:
  • Get an appropriate image for it.
  • Load this image to your device.
  • Verify that everything works.

Getting the image

Get pre-compiled binary image

Look at the Download column of the Supported Devices table.

Building from Sources

If you prefer to build your own image rather than using one of those given, follow the instructions below. It is strongly recommended that you build and load a vanilla OpenWrt tree before adding any OpenFlow-related functionality.
This release is based on the BackFire OpenWrt release.

Building OpenWrt

Install packages required by the OpenWrt buildsystem 
apt-get install build-essential binutils flex bison autoconf gettext texinfo sharutils \
                subversion libncurses5-dev ncurses-term zlib1g-dev gawk
Checkout and prepare BackFire and the packages. For the rest of this section we assume that "~/ofwrt" is your working directory. 
cd ~/ofwrt
svn co svn://svn.openwrt.org/openwrt/branches/backfire
cd backfire
./scripts/feeds update -a
./scripts/feeds install -a
Configure BackFire (select target system) and the packages (a full build with all packages selected requires about 9GB of free disk space). Look the "notes" file for your device for further details. 
make menuconfig
If you select extra packages it's a good idea to check if you have all prerequisites installed. Check with: 
make prereq
Finally build BackFire 
make
Load the image to your device. All images can be found under ${WORKING_DIR}/backfire/bin/ After the device has rebooted make sure that you can login. Typically, this can be done as following:
  • Connect to one of the "LAN" ports, not the Internet port (if there is any).
  • Give your PC IP address 192.168.1.10, netmask 255.255.255.0
  • Try to ping the device at 192.168.1.1
  • Login to the device using "telnet 192.168.1.1"
You should see an OpenWrt welcome message that mentions BackFire and a nice coctail.

Add OpenFlow extensions

Go to your working directory and download the OpenFlow extension. 
cd ~/ofwrt/
git clone git://gitosis.stanford.edu/openflow-openwrt
Move to the branch for your device (look notes for your device). For example for broadcom-based devices use: 
git checkout -b openflow-1.0/brcm origin/openflow-1.0/brcm
Add the OpenFlow extensions to the backfire directory. 
cd ~/ofwrt/backfire/packages/
ln -s ~/ofwrt/openflow-openwrt/openflow-1.0/
Add basic configuration files for OpenWRT 
cd ~/ofwrt/backfire/
ln -s ~/ofwrt/openflow-openwrt/openflow-1.0/files
Add the related package to your configuration 
cd ~/ofwrt/
make menuconfig
Choose the following:
  • Select your platform for Target System (Broadcom BRCM47xx/953XX,Atheros AR71xx, etc)
  • Select your platform at Target Profile (i.e. TP-Link-WR1043ND, Broadcom BRCM43xx Wifi, etc)
  • Select OpenFlow package under network
  • Select tc package under network
  • Select kmod-tun under Kernel Modules->Network Support
  • Save and Exit
Add support for queueing : 
make kernel_menuconfig
  • Under Networking Support->Networking options->QoS and/or fair queueing select Hierarchical Token Bucket (HTB)
  • Save and Exit
Build the image 
make
Load the new image to your device.

Loading the Image

There are different ways of loading the binary image to your device. Please consult the related OpenWrt page and/or the OpenWrt info page for your specific device for appropriate instructions ( look at the Supported Devices table).

Verifying update

By default, pre-compiled images and images build from the source code will have the port labeled "internet" as management port (out-of-band), with the static IP 192.168.1.1. You should be able to login through that port as long as you configure your PC to the 192.168.1.0/24 subnet. After you have configured your PC, try to login: 
telnet 192.168.1.1
By that time, you should be connected to the OpenWrt box which runs OpenFlow. Verify that the relevant processes are running: 
ps aux | grep ofprotocol
ps aux | grep ofdatapath

Configuration

There are three configuration files related to OpenFlow. For network (/etc/config/network) and wireless (/etc/config/wireless) look the specific notes for your device. Wireless is disabled by default. OpenFlow configuration is at /etc/config/openflow. Here is a sample configuration file for outband control 
config 'ofswitch'
 option 'dp' 'dp0'
 option 'ofports' 'eth0.0 eth0.1 eth0.2 eth0.3 '
 option 'ofctl' 'tcp:192.168.1.10:6633'
 option 'mode'  'outofband'
  • dp is the name of the datapath
  • ofports are the ports of the OpenFlow switch
  • ofctl is the remote controller
  • mode: 'inband' or 'outofband' according to your OpenFlow network.
And another one for inband control: 
config 'ofswitch'
 option 'dp' 'dp0'
 option 'ofports' 'eth0.0 eth0.1 eth0.2 eth0.3 '
 option 'ofctl' 'tcp:192.168.2.10:6633'
 option 'mode'  'inband'
 option 'ipaddr' '192.168.2.1'
 option 'netmask' '255.255.255.0'
        option 'gateway' '192.168.2.1
In case of in-band control you also need to define the following:
  • ipaddr : IP address configuration for your OpenFlow switch.
  • netmask : netmask configuration for your OpenFlow switch.
  • gateway : gateway configuration for your OpenFlow switch.
Note for inband control: Extra options will create a virtual interface (named tap0) with the specified IP address and will also install the gateway route. You should be able to reach this through any OpenFlow port, as long as you configure your PC to the respective subnet.
  • Connect your PC to any of the OpenFlow-enabled ports.
  • Configure your ethernet interface accordingly.
  • Try to ping and/or telnet the specified interface.
Due to the way inband control is implemented you won't be able to route dns and dhcp requests/replies from/to the local-port (tap0). This means that you need to statically set the ipaddr of the switch and use an IP address (instead of URL) for the controller.
To apply any changes in the OpenFlow configuration you need to restart the daemon: 
/etc/init.d/openflow restart
Besides that, there are two hooks for running a script before and after openflow starts.
  • /etc/preopenflow.user : if this exists it will run before OF daemon starts.
  • /etc/postopenflow.user : if this exists it will run after OF daemon starts.
These can be helpful especially if you want to create a special configuration with virtual ports, natting etc.

Device Specific Notes

This section provides specific instructions for each device. Follow the generic sections and look here when specific instructions are necessary.

LinkSys WRT54GL

Flashing the device

The tftp method seems to work ok with this box.
(note : this is just a tip; look for at the OpenWrt info page for your device for more complete instructions)

Related Branch

openflow-1.0/brcm

Network Configuration

This router can be used as an OpenFlow switch with 5 wired ports. To enable port separation you need the following in your /etc/config/network 
config switch eth0
 option enable   1

config switch_vlan eth0_0
 option device   "eth0"
 option vlan     0
 option ports    "0 5"

config switch_vlan eth0_1
 option device   "eth0"
 option vlan     1
 option ports    "1 5"

config switch_vlan eth0_2
 option device   "eth0"
 option vlan     2
 option ports    "2 5"

config switch_vlan eth0_3
 option device   "eth0"
 option vlan     3
 option ports    "3 5"

config switch_vlan eth0_4
 option device   "eth0"
 option vlan     4
 option ports    "4 5"
For each port you need to add in your OpenFlow switch, you need an entry at the same file that looks like this (for eth0.1): 
config interface
 option ifname "eth0.1"
 option proto static
(You also have to include eth0.1 at the ofports option in /etc/config/openflow.)
Restart networking to enable your changes: 
/etc/init.d/network restart

Wireless Configuration

To enable your wireless interface you need to edit /etc/config/wireless.
  • Set option disabled to 0
  • Name your SSID accordingly.
  • In case there is an "option network" under wifi-iface, comment this out.
Restart wifi to enable your changes: 
wifi
Check that the wireless interface is up: 
iwconfig
To add this interface (typically named wlan0) to OpenFlow you need to add it to the ofports list in /etc/config/openflow
Restart openflow to apply changes 
/etc/init.d/openflow restart
Here is a sample configuration(make sure that you have your own macaddress): 
config wifi-device  wlan0
 option type     mac80211
 option channel  5
 option macaddr 00:25:9c:30:2c:f4
 option hwmode 11g

 # REMOVE THIS LINE TO ENABLE WIFI:
 option disabled 0

config wifi-iface
 option device   wlan0
# option network  lan
 option mode     ap
 option ssid     OpenFlow-OpenWrt
 option encryption none

Performance

We were able to get up to 10Mbps performance using a single UDP flow. Switch CPU was 90%. For 7Mbps the related CPU usage was 65%.

TP-LINK WR1043ND

Notes for 1.8 version hardware

The WR1043ND v1.8 requires a newer version of backfire (>=rc6). Andrew Ferguson built binaries which you can find here : factory and sysupgrade
Make sure you use the correct images for your version.
He was also able to use the Sysupgrade terminal instructions on a version 1.8 switch. Be sure to create a /etc/sysupgrade.conf file.

Flashing the device

If you start from the original TP-Link firmware, use this following binary and upgrade through the GUI (firmware upgrade).
If you are upgrading from an existin OpenWrt installation, you can use this. I wasn't able to use the tftp method for flashing. Instead I copy the image at the device and then updating the firmware using the command 
mtd -r write /tmp/new-image.bin firmware

(note : this is just a tip; look for at the OpenWrt info page for your device for more complete instructions)

Related Branch

openflow-1.0/tplink

Network Configuration

This router can be used as an OpenFlow switch with 5 wired ports and multiple wireless ports. The default network configuration is the following : 
config 'switch'
        option 'name' 'rtl8366rb'
        option 'reset' '1'
        option 'enable_vlan' '1'
        option 'enable_learning' '0'
        
config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '1'
        option 'ports' '1 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '2'
        option 'ports' '2 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '3'
        option 'ports' '3 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '4'
        option 'ports' '4 5t'

config 'switch_vlan'
        option 'device' 'rtl8366rb'
        option 'vlan' '5'
        option 'ports' '0 5t'

config 'interface' 'loopback'
        option 'ifname' 'lo'
        option 'proto'  'static'
        option 'ipaddr' '127.0.0.1'
        option 'netmask' '255.0.0.0'
        
config 'interface'
        option 'ifname' 'eth0.1'
        option 'proto' 'static' 

config 'interface'
        option 'ifname' 'eth0.2'
        option 'proto' 'static' 

config 'interface'
        option 'ifname' 'eth0.3'
        option 'proto' 'static' 

config 'interface'
        option 'ifname' 'eth0.4'
        option 'proto' 'static' 

config 'interface'
        option 'ifname' 'eth0.5'
        option 'proto' 'static'
        option 'ipaddr' '192.168.1.1'
        option 'netmask' '255.255.255.0'
eth0.1 to eth0.4 are the OpenFlow-enabled ports and you need to add this to /etc/config/openflow.
Restart networking to enable your changes: 
/etc/init.d/network restart

Wireless Configuration

To enable your wireless interface you need to edit /etc/config/wireless.
  • Set option disabled to 0
  • Name your SSID accordingly.
  • In case there is an "option network" under wifi-iface, comment this out.
Based on the atheros-chipset, this box gives you the capability to enable multiple SSIDs over a single radio device. These will appear as different interfaces in your configuration.
Here is a sample wireless configuration which creates two SSIDs (make sure that you have your own macaddress). 
config wifi-device  radio0
        option type     mac80211
        option channel  5
        option macaddr  94:0c:6d:aa:fb:be
        option hwmode   11ng
        option htmode   HT20
        list ht_capab   SHORT-GI-40
        list ht_capab   DSSS_CCK-40
        # REMOVE THIS LINE TO ENABLE WIFI:
        option disabled 0

config wifi-iface wlan0
        option device   radio0
#       option network  lan
        option mode     ap
        option ssid     OpenFlow-OpenWrt-1
        option encryption none 

config wifi-iface wlan1
        option device   radio0
#       option network  lan
        option mode     ap
        option ssid     OpenFlow-OpenWrt-2
        option encryption none
To apply your changes execute the "wifi" command.
Check that the wireless interfaces are up: 
iwconfig
You still need to add the interfaces to /etc/config/openflow for them to be captured by OpenFlow.
Restart openflow to apply changes 
/etc/init.d/openflow restart

Note: as of at least Backfire r30365 on the version 1.8 model, wlan1 has been renamed to wlan0-1.

Performance

We were able to get up to 43Mbps performance using a single UDP flow. Switch CPU was 97%. For 30Mbps the related CPU usage was 55%.

Bugs

Please submit any bugs to the openflow trac system (select Pantou as component).

Contact

People

  • Yiannis Yiakoumis
Heavily based on previous ports from:
  • Julius Schulz-Zander
  • Jiang Zhu.
Posted by at

1 comment:

  1. Daisy JonesJuly 22, 2020 at 11:59 PM

    Thanks for give us valuable information If you are Looking for D-link Support , visit on
    dlink admin password
    dlink australia

    ReplyDelete

Subscribe to: Post Comments (Atom)