Professional Documents
Culture Documents
SDN Bandwidthlimiter PDF
SDN Bandwidthlimiter PDF
SDN Bandwidthlimiter PDF
Using the Openflow 1.3 Meter feature, Limiting the bandwidth of the FLOW.
This helps to mitigate the DOS.
Installation :
Ubuntu 14.04 machine is used for installation
1. Install the KaanalNet (Ref: Wiki)
2. Install the ofofswitch13
Ref:
http://tocai.dia.uniroma3.it/compunet-wiki/index.php/Installing_and_setting_up_OpenFlow_tools
Section : Installing OpenFlow 1.3 software switch (CPqD)
3. Install the hping3 in the nodeimg as below,
1. lxc-start -n nodeimg -d
2. lxc-ls --fancy
3. ssh ubuntu@<ip of nodeimg>
4. sudo -i
5. apt-get install hping3
Setup:
Prerequisties:
KaanalNet experience is must, for topology creation and usage.
Topology Creation:
1. Start the KaanalNet:
command : sudo npm start
Ex:
suresh@snmp:~/node_modules/kaanalnet$ sudo npm start
2. Create a Test Topology in the kaanalNet using the below Post data (Refer KannalNet WIKI)
Topology POST Data:
{
"name":"topology1",
"switches":[
{ "name":"switch1","type":"lan"}
],
"nodes":[
{ "name":"server","type":"host"},
{ "name":"client","type":"host"},
{ "name":"hacker","type":"host"}
],
"links":[
{
"type":"lan",
"switches":[
{"name":"switch1","connected_nodes":[{"name":"server"},{"name":"client"},
{"name":"hacker"}]}
]
}
]
}
6. Add static ARP entry in the host machines. This will avoid the ARP Requests trigger.
client:
eth_src=00:00:00:00:00:16,eth_dst=00:00:00:00:00:14 apply:output=1
dpctl tcp:127.0.0.1:6680 flow-mod cmd=add,table=0
eth_src=00:00:00:00:00:16,eth_dst=00:00:00:00:00:14 meter:1 apply:output=1
Run the test again
TRAFFIC TEST
1. Ping flood/ Ping of Death
ping -s 65000 10.10.10.2 -f
hping .... command
hping3 --icmp -d 100 --flood 10.10.10.2
2. TCP Syn flood
hping3 -S -d 1400 -p 5000 --flood 10.10.10.2
3. UDP flood
hping3 -q -n -a 10.0.0.1 --udp -s 53 --keep -p 68 --flood 192.168.0.2