Professional Documents
Culture Documents
SDN Bandwidthlimiter
SDN Bandwidthlimiter
Using the Openflow 1.3 Meter feature, Limiting the bandwidth of the FLOW.
This helps to mitigate the DOS.
Installation :
Ubuntu 14.04 machine is used for installation
1. Install the KaanalNet (Ref: Wiki)
2. Install the ofofswitch13
Ref:
http://tocai.dia.uniroma3.it/compunet-wiki/index.php/Installing_and_setting_up_OpenFlow_tools
Section : Installing OpenFlow 1.3 software switch (CPqD)
3. Install the hping3 in the nodeimg as below,
1. lxc-start -n nodeimg -d
2. lxc-ls --fancy
3. ssh ubuntu@<ip of nodeimg>
4. sudo -i
5. apt-get install hping3
Setup:
Prerequisties:
KaanalNet experience is must, for topology creation and usage.
Topology Creation:
1. Start the KaanalNet:
command : sudo npm start
Ex:
suresh@snmp:~/node_modules/kaanalnet$ sudo npm start
2. Create a Test Topology in the kaanalNet using the below Post data (Refer KannalNet WIKI)
Topology POST Data:
{
"name":"topology1",
"switches":[
{ "name":"switch1","type":"lan"}
],
"nodes":[
{ "name":"server","type":"host"},
{ "name":"client","type":"host"},
{ "name":"hacker","type":"host"}
],
"links":[
{
"type":"lan",
"switches":[
{"name":"switch1","connected_nodes":[{"name":"server"},{"name":"client"},
{"name":"hacker"}]}
]
}
]
}
6. Add static ARP entry in the host machines. This will avoid the ARP Requests trigger.
client:
eth_src=00:00:00:00:00:16,eth_dst=00:00:00:00:00:14 apply:output=1
dpctl tcp:127.0.0.1:6680 flow-mod cmd=add,table=0
eth_src=00:00:00:00:00:16,eth_dst=00:00:00:00:00:14 meter:1 apply:output=1
Run the test again
TRAFFIC TEST
1. Ping flood/ Ping of Death
ping -s 65000 10.10.10.2 -f
hping .... command
hping3 --icmp -d 100 --flood 10.10.10.2
2. TCP Syn flood
hping3 -S -d 1400 -p 5000 --flood 10.10.10.2
3. UDP flood
hping3 -q -n -a 10.0.0.1 --udp -s 53 --keep -p 68 --flood 192.168.0.2