python - ryu在流程添加到交换机后使用交换机处理数据包-Java 学习之路

我正在使用用python编写的Ryu开放流量控制器开关监视我的虚拟mininet中的数据包 . 我有3个主机，我阻止从host2到host3以及从host3到host2的传输 . 其他数据包将添加到交换机流表中 . 我的问题是，在添加流后，如果它们是在交换机的流表中有规则的2个主机之间的数据包，则我的事件不会触发 . 例如，如果交换机看到从host1到host2的数据包，则它是合法的，因此将流添加到表中，但如果发送从host1到host2的另一个数据包，则不会再次通过该方法 . 我查看了Ryu指南，但是当流已经添加到交换机流表时没有找到任何关于这种情况的话 . 我该如何 grab 数据包？

提前致谢 .

这是我的代码：

import logging
import struct

from ryu.base import app_manager
from ryu.controller import mac_to_port
from ryu.controller import ofp_event
from ryu.controller.handler import MAIN_DISPATCHER
from ryu.controller.handler import set_ev_cls
from ryu.ofproto import ofproto_v1_0
from ryu.lib.mac import haddr_to_str




class SimpleSwitch(app_manager.RyuApp):
OFP_VERSIONS = [ofproto_v1_0.OFP_VERSION]
counterTraffic=0    
def __init__(self, *args, **kwargs):
    super(SimpleSwitch, self).__init__(*args, **kwargs)
    self.mac_to_port = {}

def add_flow(self, datapath, in_port, dst, actions):
    ofproto = datapath.ofproto

    wildcards = ofproto_v1_0.OFPFW_ALL
    wildcards &= ~ofproto_v1_0.OFPFW_IN_PORT
    wildcards &= ~ofproto_v1_0.OFPFW_DL_DST

    match = datapath.ofproto_parser.OFPMatch(
        wildcards, in_port, 0, dst,
        0, 0, 0, 0, 0, 0, 0, 0, 0)

    mod = datapath.ofproto_parser.OFPFlowMod(
        datapath=datapath, match=match, cookie=0,
        command=ofproto.OFPFC_ADD, idle_timeout=0, hard_timeout=0,
        priority=ofproto.OFP_DEFAULT_PRIORITY,
        flags=ofproto.OFPFF_SEND_FLOW_REM, actions=actions)
    datapath.send_msg(mod)

@set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)        
def _packet_in_handler(self, ev):

print("Im in main function")
    msg = ev.msg
    datapath = msg.datapath
    ofproto = datapath.ofproto

    dst, src, _eth_type = struct.unpack_from('!6s6sH', buffer(msg.data), 0)

    dpid = datapath.id
    self.mac_to_port.setdefault(dpid, {})

    self.logger.info("packet in %s %s %s %s",
                     dpid, haddr_to_str(src), haddr_to_str(dst),
                     msg.in_port)

if (haddr_to_str(dst) == "00:00:00:00:00:01"):
    print "dst"
    self.counterTraffic +=1

if not ((haddr_to_str(src) == "00:00:00:00:00:02" and  haddr_to_str(dst) =="00:00:00:00:00:03")or (haddr_to_str(src) == "00:00:00:00:00:03" and  haddr_to_str(dst) =="00:00:00:00:00:02")):
        # learn a mac address to avoid FLOOD next time.
    print("after condition")
        self.mac_to_port[dpid][src] = msg.in_port

        if dst in self.mac_to_port[dpid]:
            out_port = self.mac_to_port[dpid][dst]
        else:
                out_port = ofproto.OFPP_FLOOD

            actions = [datapath.ofproto_parser.OFPActionOutput(out_port)]

         # install a flow to avoid packet_in next time
        if out_port != ofproto.OFPP_FLOOD:
                self.add_flow(datapath, msg.in_port, dst, actions)

        out = datapath.ofproto_parser.OFPPacketOut(
        datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port,
                actions=actions)

        datapath.send_msg(out)
    if (haddr_to_str(src) == "00:00:00:00:00:01"):
        print "src"
                self.counterTraffic +=1
    print(self.counterTraffic)


@set_ev_cls(ofp_event.EventOFPPortStatus, MAIN_DISPATCHER)
def _port_status_handler(self, ev):
    msg = ev.msg
    reason = msg.reason
    port_no = msg.desc.port_no

    ofproto = msg.datapath.ofproto
    if reason == ofproto.OFPPR_ADD:
        self.logger.info("port added %s", port_no)
    elif reason == ofproto.OFPPR_DELETE:
        self.logger.info("port deleted %s", port_no)
    elif reason == ofproto.OFPPR_MODIFY:
        self.logger.info("port modified %s", port_no)
    else:
        self.logger.info("Illeagal port state %s %s", port_no, reason)

1 回答

我试图打印haddr_to_str（src），haddr_to_str（dst）并得到00：00：00：00：00：03和ff：ff：ff：ff：ff：ff这不是我的预期 . 我想得到2作为源，3作为dest .

简短的故事是你正确地解码了目标mac地址......但是，IP必须通过ARP来解析mac地址，这就是为什么你看到 ff:ff:ff:ff:ff:ff ......那些只是ryu controller中的ARP帧 .

我构建了一个完整的控制器，解码到下面的IPv4层......

更新了ryu switch包解码器

你一直在解码原始 structs ，但是使用ryu Packet library更容易，而不是解压缩数据包的原始 struct . 这是我非常快速地替换 _packet_in_handler() ，它只打印出源和目标mac地址，以及上层协议......

from ryu.lib.packet import packet, ethernet, arp, ipv4
import array

@set_ev_cls(ofp_event.EventOFPPacketIn, MAIN_DISPATCHER)
def _packet_in_handler(self, ev):

    ### Mike Pennington's logging modifications
    ## Set up to receive the ethernet src / dst addresses
    pkt = packet.Packet(array.array('B', ev.msg.data))
    eth_pkt = pkt.get_protocol(ethernet.ethernet)
    arp_pkt = pkt.get_protocol(arp.arp)
    ip4_pkt = pkt.get_protocol(ipv4.ipv4)
    if arp_pkt:
        pak = arp_pkt
    elif ip4_pkt:
        pak = ip4_pkt
    else:
        pak = eth_pkt
    self.logger.info('  _packet_in_handler: src_mac -> %s' % eth_pkt.src)
    self.logger.info('  _packet_in_handler: dst_mac -> %s' % eth_pkt.dst)
    self.logger.info('  _packet_in_handler: %s' % pak)
    self.logger.info('  ------')
    src = eth_pkt.src  # Set up the src and dst variables so you can use them
    dst = eth_pkt.dst
    ## Mike Pennington's modifications end here


    msg = ev.msg
    datapath = msg.datapath
    ofproto = datapath.ofproto

    dpid = datapath.id
    self.mac_to_port.setdefault(dpid, {})

    # learn a mac address to avoid FLOOD next time.
    self.mac_to_port[dpid][src] = msg.in_port

    if dst in self.mac_to_port[dpid]:
        out_port = self.mac_to_port[dpid][dst]
    else:
        out_port = ofproto.OFPP_FLOOD

    actions = [datapath.ofproto_parser.OFPActionOutput(out_port)]

    # install a flow to avoid packet_in next time
    if out_port != ofproto.OFPP_FLOOD:
        self.add_flow(datapath, msg.in_port, dst, actions)

    out = datapath.ofproto_parser.OFPPacketOut(
        datapath=datapath, buffer_id=msg.buffer_id, in_port=msg.in_port,
        actions=actions)
    datapath.send_msg(out)

现在，无论何时发送以太网数据包，您都会在mininet会话中看到这个...

_packet_in_handler: src_mac -> 00:00:00:00:00:03
  _packet_in_handler: dst_mac -> 33:33:00:00:00:02
  _packet_in_handler: ethernet(dst='33:33:00:00:00:02',ethertype=34525,src='00:00:00:00:00:03')
  ------

ARP数据包看起来像这样......

_packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> ff:ff:ff:ff:ff:ff
  _packet_in_handler: arp(dst_ip='10.0.0.2',dst_mac='00:00:00:00:00:00',hlen=6,hwtype=1,opcode=1,plen=4,proto=2048,src_ip='10.0.0.1',src_mac='00:00:00:00:00:01')
  ------

演示

假设我将上面修改过的代码（包括源代码的其他部分）保存为 ne_question.py .

首先我在mininet设置了ryu controller：

root@mininet-vm:/home/mininet# ryu-manager ne_question.py &
                 [1] 14073
loading app ne_question.py
loading app ryu.controller.ofp_handler
instantiating app ryu.controller.ofp_handler of OFPHandler
instantiating app ne_question.py of SimpleSwitch

root@mininet-vm:/home/mininet#

接下来，我正如您在评论中提到的那样构建交换机拓扑

root@mininet-vm:/home/mininet# mn --topo single,3 --mac --switch ovsk --controller remote
*** Creating network
*** Adding controller
*** Adding hosts:
h1 h2 h3
*** Adding switches:
s1
*** Adding links:
(h1, s1) (h2, s1) (h3, s1)
*** Configuring hosts
h1 h2 h3
*** Starting controller
*** Starting 1 switches
s1
*** Starting CLI:
mininet>   _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 33:33:00:00:00:02
  _packet_in_handler: ethernet(dst='33:33:00:00:00:02',ethertype=34525,src='00:00:00:00:00:02')
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 33:33:00:00:00:02
  _packet_in_handler: ethernet(dst='33:33:00:00:00:02',ethertype=34525,src='00:00:00:00:00:01')
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:03
  _packet_in_handler: dst_mac -> 33:33:00:00:00:02
  _packet_in_handler: ethernet(dst='33:33:00:00:00:02',ethertype=34525,src='00:00:00:00:00:03')
  ------

最后，我运行Web服务器，并尝试拉页面...注意发送ARP以解析http GET的目标地址 . ARP的目的地址是 ff:ff:ff:ff:ff:ff . 顺便说一句，如果你将 wget 更改为 h2 wget h1 ，一切正常......

mininet> h1 python -m SimpleHTTPServer 80 &
mininet> h2 wget -O - h1
--2014-03-28 04:22:25--  http://10.0.0.1/
Connecting to 10.0.0.1:80...   _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> ff:ff:ff:ff:ff:ff
  _packet_in_handler: arp(dst_ip='10.0.0.1',dst_mac='00:00:00:00:00:00',hlen=6,hwtype=1,opcode=1,plen=4,proto=2048,src_ip='10.0.0.2',src_mac='00:00:00:00:00:02')
  ------
--2014-03-28 04:00:58--  http://10.0.0.1/
Connecting to 10.0.0.1:80...   _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33886,dst='10.0.0.1',flags=2,header_length=5,identification=41563,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=60,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 00:00:00:00:00:02
  _packet_in_handler: ipv4(csum=9914,dst='10.0.0.2',flags=2,header_length=5,identification=0,offset=0,option=None,proto=6,src='10.0.0.1',tos=0,total_length=60,ttl=64,version=4)
  ------
connected.
HTTP request sent, awaiting response...   _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33893,dst='10.0.0.1',flags=2,header_length=5,identification=41564,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=52,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33784,dst='10.0.0.1',flags=2,header_length=5,identification=41565,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=160,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 00:00:00:00:00:02
  _packet_in_handler: ipv4(csum=61034,dst='10.0.0.2',flags=2,header_length=5,identification=14423,offset=0,option=None,proto=6,src='10.0.0.1',tos=0,total_length=52,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 00:00:00:00:00:02
  _packet_in_handler: ipv4(csum=61016,dst='10.0.0.2',flags=2,header_length=5,identification=14424,offset=0,option=None,proto=6,src='10.0.0.1',tos=0,total_length=69,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 00:00:00:00:00:02
  _packet_in_handler: ipv4(csum=60037,dst='10.0.0.2',flags=2,header_length=5,identification=14425,offset=0,option=None,proto=6,src='10.0.0.1',tos=0,total_length=1047,ttl=64,version=4)
  ------
200 OK
Length: 858 [text/html]
Saving to: `STDOUT'
<!DOCTYPE html PUBLIC "-//W3C//DTD HTML 3.2 Final//EN"><html>
<title>Directory listing for /</title>
<body>
<h2>Directory listing for /</h2>
<hr>
<ul>
<li><a href=".bash_history">.bash_history</a>
<li><a href=".bash_logout">.bash_logout</a>
<li><a href=".bashrc">.bashrc</a>
<li><a href=".cache/">.cache/</a>
<li><a href=".gitconfig">.gitconfig</a>
<li><a href=".profile">.profile</a>
<li><a href=".rnd">.rnd</a>
<li><a href=".wireshark/">.wireshark/</a>
<li><a href="install-mininet-vm.sh">install-mininet-vm.sh</a>
<li><a href="mininet/">mininet/</a>
<li><a href="ne_question.py">ne_question.py</a>
<li><a href="ne_question.pyc">ne_question.pyc</a>
<li><a href="of-dissector/">of-dissector/</a>
<li><a href="oflops/">oflops/</a>
<li><a href="oftest/">oftest/</a>
<li><a href="openflow/">openflow/</a>
<li><a href="pox/">pox/</a>
</ul>
<hr>
</body>
</html>

     0K                                                       100%  161M=0s

2014-03-28 04:00:58 (161 MB/s) - written to stdout [858/858]

  _packet_in_handler: src_mac -> 00:00:00:00:00:02
mininet>   _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33891,dst='10.0.0.1',flags=2,header_length=5,identification=41566,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=52,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33890,dst='10.0.0.1',flags=2,header_length=5,identification=41567,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=52,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:02
  _packet_in_handler: dst_mac -> 00:00:00:00:00:01
  _packet_in_handler: ipv4(csum=33889,dst='10.0.0.1',flags=2,header_length=5,identification=41568,offset=0,option=None,proto=6,src='10.0.0.2',tos=0,total_length=52,ttl=64,version=4)
  ------
  _packet_in_handler: src_mac -> 00:00:00:00:00:01
  _packet_in_handler: dst_mac -> 00:00:00:00:00:02
  _packet_in_handler: ipv4(csum=9922,dst='10.0.0.2',flags=2,header_length=5,identification=0,offset=0,option=None,proto=6,src='10.0.0.1',tos=0,total_length=52,ttl=64,version=4)
  ------

mininet>
mininet>

回复于 2024-04-27T18:37:06+08:00

python - ryu在流程添加到交换机后使用交换机处理数据包

1 回答

更新了ryu switch包解码器

演示

相关问题