Overview
Pantou turns a commercial wireless router/Access Point to an
OpenFlow-enabled switch. OpenFlow is implemented as an application on
top of
OpenWrt.
Pantou is based on the BackFire OpenWrt release (Linux 2.6.32). The
OpenFlow module is based on the Stanford reference implementation
(userspace).
Supported Devices
This list is supposed to grow with time. Contact us if you were able to use Pantou to a device not listed here.
Update your Device
To make your router an OpenFlow-enabled switch you need to:
- Get an appropriate image for it.
- Load this image to your device.
- Verify that everything works.
Getting the image
Get pre-compiled binary image
Look at the Download column of the
Supported Devices table.
Building from Sources
If you prefer to build your own image rather than using one of those given, follow the instructions below.
It is strongly recommended that you build and load a vanilla OpenWrt tree before adding any OpenFlow-related functionality.
This release is based on the BackFire OpenWrt release.
Building OpenWrt
Install packages required by the OpenWrt buildsystem
apt-get install build-essential binutils flex bison autoconf gettext texinfo sharutils \
subversion libncurses5-dev ncurses-term zlib1g-dev gawk
Checkout and prepare BackFire and the packages. For the rest of this section we assume that "~/ofwrt" is your working directory.
cd ~/ofwrt
svn co svn://svn.openwrt.org/openwrt/branches/backfire
cd backfire
./scripts/feeds update -a
./scripts/feeds install -a
Configure BackFire (select target system) and the packages (a full
build with all packages selected requires about 9GB of free disk space).
Look the "notes" file for your device for further details.
make menuconfig
If you select extra packages it's a good idea to check if you have all prerequisites installed. Check with:
make prereq
Finally build BackFire
make
Load the image to your device. All images can be found under ${WORKING_DIR}/backfire/bin/
After the device has rebooted make sure that you can login. Typically, this can be done as following:
- Connect to one of the "LAN" ports, not the Internet port (if there is any).
- Give your PC IP address 192.168.1.10, netmask 255.255.255.0
- Try to ping the device at 192.168.1.1
- Login to the device using "telnet 192.168.1.1"
You should see an OpenWrt welcome message that mentions BackFire and a nice coctail.
Add OpenFlow extensions
Go to your working directory and download the OpenFlow extension.
cd ~/ofwrt/
git clone git://gitosis.stanford.edu/openflow-openwrt
Move to the branch for your device (look notes for your device). For example for broadcom-based devices use:
git checkout -b openflow-1.0/brcm origin/openflow-1.0/brcm
Add the OpenFlow extensions to the backfire directory.
cd ~/ofwrt/backfire/packages/
ln -s ~/ofwrt/openflow-openwrt/openflow-1.0/
Add basic configuration files for OpenWRT
cd ~/ofwrt/backfire/
ln -s ~/ofwrt/openflow-openwrt/openflow-1.0/files
Add the related package to your configuration
cd ~/ofwrt/
make menuconfig
Choose the following:
- Select your platform for Target System (Broadcom BRCM47xx/953XX,Atheros AR71xx, etc)
- Select your platform at Target Profile (i.e. TP-Link-WR1043ND, Broadcom BRCM43xx Wifi, etc)
- Select OpenFlow package under network
- Select tc package under network
- Select kmod-tun under Kernel Modules->Network Support
- Save and Exit
Add support for queueing :
make kernel_menuconfig
- Under Networking Support->Networking options->QoS and/or fair queueing select Hierarchical Token Bucket (HTB)
- Save and Exit
Build the image
make
Load the new image to your device.
Loading the Image
There are different ways of loading the binary image to your device. Please consult the
related OpenWrt page and/or the OpenWrt info page for your specific device for appropriate instructions ( look at the
Supported Devices table).
Verifying update
By default, pre-compiled images and images build from the source code
will have the port labeled "internet" as management port (out-of-band),
with the static IP 192.168.1.1. You should be able to login through
that port as long as you configure your PC to the 192.168.1.0/24 subnet.
After you have configured your PC, try to login:
telnet 192.168.1.1
By that time, you should be connected to the OpenWrt box which runs OpenFlow. Verify that the relevant processes are running:
ps aux | grep ofprotocol
ps aux | grep ofdatapath
Configuration
There are three configuration files related to OpenFlow. For network
(/etc/config/network) and wireless (/etc/config/wireless) look the
specific notes for your device. Wireless is disabled by default.
OpenFlow configuration is at /etc/config/openflow.
Here is a sample configuration file for outband control
config 'ofswitch'
option 'dp' 'dp0'
option 'ofports' 'eth0.0 eth0.1 eth0.2 eth0.3 '
option 'ofctl' 'tcp:192.168.1.10:6633'
option 'mode' 'outofband'
- dp is the name of the datapath
- ofports are the ports of the OpenFlow switch
- ofctl is the remote controller
- mode: 'inband' or 'outofband' according to your OpenFlow network.
And another one for inband control:
config 'ofswitch'
option 'dp' 'dp0'
option 'ofports' 'eth0.0 eth0.1 eth0.2 eth0.3 '
option 'ofctl' 'tcp:192.168.2.10:6633'
option 'mode' 'inband'
option 'ipaddr' '192.168.2.1'
option 'netmask' '255.255.255.0'
option 'gateway' '192.168.2.1
In case of in-band control you also need to define the following:
- ipaddr : IP address configuration for your OpenFlow switch.
- netmask : netmask configuration for your OpenFlow switch.
- gateway : gateway configuration for your OpenFlow switch.
Note for inband control: Extra options will create a virtual
interface (named tap0) with the specified IP address and will also
install the gateway route. You should be able to reach this through any
OpenFlow port, as long as you configure your PC to the respective
subnet.
- Connect your PC to any of the OpenFlow-enabled ports.
- Configure your ethernet interface accordingly.
- Try to ping and/or telnet the specified interface.
Due to the way inband control is implemented you won't be able to
route dns and dhcp requests/replies from/to the local-port (tap0). This
means that you need to statically set the ipaddr of the switch and use
an IP address (instead of URL) for the controller.
To apply any changes in the OpenFlow configuration you need to restart the daemon:
/etc/init.d/openflow restart
Besides that, there are two hooks for running a script before and after openflow starts.
- /etc/preopenflow.user : if this exists it will run before OF daemon starts.
- /etc/postopenflow.user : if this exists it will run after OF daemon starts.
These can be helpful especially if you want to create a special configuration with virtual ports, natting etc.
Device Specific Notes
This section provides specific instructions for each device. Follow
the generic sections and look here when specific instructions are
necessary.
LinkSys WRT54GL
Flashing the device
The
tftp method seems to work ok with this box.
(note : this is just a tip; look for at the OpenWrt info page for your device for more complete instructions)
Related Branch
openflow-1.0/brcm
Network Configuration
This router can be used as an OpenFlow switch with 5 wired ports. To
enable port separation you need the following in your
/etc/config/network
config switch eth0
option enable 1
config switch_vlan eth0_0
option device "eth0"
option vlan 0
option ports "0 5"
config switch_vlan eth0_1
option device "eth0"
option vlan 1
option ports "1 5"
config switch_vlan eth0_2
option device "eth0"
option vlan 2
option ports "2 5"
config switch_vlan eth0_3
option device "eth0"
option vlan 3
option ports "3 5"
config switch_vlan eth0_4
option device "eth0"
option vlan 4
option ports "4 5"
For each port you need to add in your OpenFlow switch, you need an entry at the same file that looks like this (for eth0.1):
config interface
option ifname "eth0.1"
option proto static
(You also have to include eth0.1 at the ofports option in /etc/config/openflow.)
Restart networking to enable your changes:
/etc/init.d/network restart
Wireless Configuration
To enable your wireless interface you need to edit /etc/config/wireless.
- Set option disabled to 0
- Name your SSID accordingly.
- In case there is an "option network" under wifi-iface, comment this out.
Restart wifi to enable your changes:
wifi
Check that the wireless interface is up:
iwconfig
To add this interface (typically named wlan0) to OpenFlow you need to add it to the ofports list in /etc/config/openflow
Restart openflow to apply changes
/etc/init.d/openflow restart
Here is a sample configuration(make sure that you have your own macaddress):
config wifi-device wlan0
option type mac80211
option channel 5
option macaddr 00:25:9c:30:2c:f4
option hwmode 11g
# REMOVE THIS LINE TO ENABLE WIFI:
option disabled 0
config wifi-iface
option device wlan0
# option network lan
option mode ap
option ssid OpenFlow-OpenWrt
option encryption none
Performance
We were able to get up to
10Mbps performance using a single UDP flow. Switch CPU was 90%. For 7Mbps the related CPU usage was 65%.
TP-LINK WR1043ND
Notes for 1.8 version hardware
The WR1043ND v1.8 requires a newer version of backfire (>=rc6). Andrew Ferguson built binaries which you can find here :
factory and
sysupgrade
Make sure you use the correct images for your version.
He was also able to use the
Sysupgrade terminal instructions on a version 1.8 switch. Be sure to create a
/etc/sysupgrade.conf file.
Flashing the device
If you start from the original TP-Link firmware, use
this following binary and upgrade through the GUI (firmware upgrade).
If you are upgrading from an existin OpenWrt installation, you can use
this.
I wasn't able to use the tftp method for flashing. Instead I copy the
image at the device and then updating the firmware using the command
mtd -r write /tmp/new-image.bin firmware
(note : this is just a tip; look for at the OpenWrt info page for your device for more complete instructions)
Related Branch
openflow-1.0/tplink
Network Configuration
This router can be used as an OpenFlow switch with 5 wired ports and multiple wireless ports.
The default network configuration is the following :
config 'switch'
option 'name' 'rtl8366rb'
option 'reset' '1'
option 'enable_vlan' '1'
option 'enable_learning' '0'
config 'switch_vlan'
option 'device' 'rtl8366rb'
option 'vlan' '1'
option 'ports' '1 5t'
config 'switch_vlan'
option 'device' 'rtl8366rb'
option 'vlan' '2'
option 'ports' '2 5t'
config 'switch_vlan'
option 'device' 'rtl8366rb'
option 'vlan' '3'
option 'ports' '3 5t'
config 'switch_vlan'
option 'device' 'rtl8366rb'
option 'vlan' '4'
option 'ports' '4 5t'
config 'switch_vlan'
option 'device' 'rtl8366rb'
option 'vlan' '5'
option 'ports' '0 5t'
config 'interface' 'loopback'
option 'ifname' 'lo'
option 'proto' 'static'
option 'ipaddr' '127.0.0.1'
option 'netmask' '255.0.0.0'
config 'interface'
option 'ifname' 'eth0.1'
option 'proto' 'static'
config 'interface'
option 'ifname' 'eth0.2'
option 'proto' 'static'
config 'interface'
option 'ifname' 'eth0.3'
option 'proto' 'static'
config 'interface'
option 'ifname' 'eth0.4'
option 'proto' 'static'
config 'interface'
option 'ifname' 'eth0.5'
option 'proto' 'static'
option 'ipaddr' '192.168.1.1'
option 'netmask' '255.255.255.0'
eth0.1 to eth0.4 are the OpenFlow-enabled ports and you need to add this to /etc/config/openflow.
Restart networking to enable your changes:
/etc/init.d/network restart
Wireless Configuration
To enable your wireless interface you need to edit /etc/config/wireless.
- Set option disabled to 0
- Name your SSID accordingly.
- In case there is an "option network" under wifi-iface, comment this out.
Based on the atheros-chipset, this box gives you the capability to
enable multiple SSIDs over a single radio device. These will appear as
different interfaces in your configuration.
Here is a sample wireless configuration which creates two SSIDs (make sure that you have your own macaddress).
config wifi-device radio0
option type mac80211
option channel 5
option macaddr 94:0c:6d:aa:fb:be
option hwmode 11ng
option htmode HT20
list ht_capab SHORT-GI-40
list ht_capab DSSS_CCK-40
# REMOVE THIS LINE TO ENABLE WIFI:
option disabled 0
config wifi-iface wlan0
option device radio0
# option network lan
option mode ap
option ssid OpenFlow-OpenWrt-1
option encryption none
config wifi-iface wlan1
option device radio0
# option network lan
option mode ap
option ssid OpenFlow-OpenWrt-2
option encryption none
To apply your changes execute the "wifi" command.
Check that the wireless interfaces are up:
iwconfig
You still need to add the interfaces to /etc/config/openflow for them to be captured by OpenFlow.
Restart openflow to apply changes
/etc/init.d/openflow restart
Note: as of at least Backfire r30365 on the version 1.8 model, wlan1 has been renamed to wlan0-1.
Performance
We were able to get up to
43Mbps performance using a single UDP flow. Switch CPU was 97%. For 30Mbps the related CPU usage was 55%.
Bugs
Please submit any bugs to the
openflow trac system (select Pantou as component).
Contact
People
Heavily based on previous ports from:
- Julius Schulz-Zander
- Jiang Zhu.
