search

GAR-Project / project

DDoS attacks detection by using SVM on SDN networks.
https://gar-project.github.io/project/
139 stars 28 forks source link

Unable to contact the remote controller at 10.0.123.3:6633 #9

Open omar-dulaimi opened 2 years ago

omar-dulaimi commented 2 years ago

Hello,

I'm facing connection issues between the controller and test machines.

When I run this command:

sudo python3 scenario_basic.py

It gets stuck for a while at the first step(adding controller), then this will be logged:

Unable to contact the remote controller at 10.0.123.3:6633

When I reach mininet in the end, and run this:

h1 ping h3

I keep getting:

PING 10.0.0.3 (10.0.0.3) 56(84) bytes of data.
From 10.0.0.1 icmp_seq=1 Destination Host Unreachable
From 10.0.0.1 icmp_seq=2 Destination Host Unreachable
From 10.0.0.1 icmp_seq=3 Destination Host Unreachable
From 10.0.0.1 icmp_seq=4 Destination Host Unreachable
From 10.0.0.1 icmp_seq=5 Destination Host Unreachable
From 10.0.0.1 icmp_seq=6 Destination Host Unreachable

More logs from test:

*** Add Controller (Ryu) ***
Unable to contact the remote controller at 10.0.123.3:6633
*** Add three switchs ***
*** Add Host ***
*** Add links ***
(10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (5.00Mbit) (5.00Mbit) (5.00Mbit) (5.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) 
*** Build it ***
*** Configuring hosts
h1 h2 h3 h4 h5 h6 
*** Start the controller ***
*** Set controllers ***
(5.00Mbit) (5.00Mbit) (10.00Mbit) (10.00Mbit) (5.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (10.00Mbit) (5.00Mbit) 
*** Start Telegraf ***
*** RUN Mininet's CLI ***
*** Starting CLI:

logs from controller: 

loading app ryu.app.simple_switch_13
loading app ryu.controller.ofp_handler
instantiating app ryu.app.simple_switch_13 of SimpleSwitch13
instantiating app ryu.controller.ofp_handler of OFPHandler

OS: Ubuntu 18.04 VirtualBox: 5.2.42_Ubuntur137960 Vagrant: 2.3.0

What am I doing wrong?

pcolladosoto commented 2 years ago

Hi @omar-dulaimi! Thanks for getting in touch.

I assume you brought your deployment up with Vagrant... right?

The most helpful thing here would be the output of both ip a and ip r on each of the VMs. It would also be helpful if you could include the output of those two commands on your own machine. Bear in mind you might have to redact potentially sensitive information such as public IP addresses and the like.

Looking forward to getting more info!

omar-dulaimi commented 2 years ago

Hey @pcolladosoto , Thanks for the quick response, and for the heads up about the sensitive info. I might have overdone it, please let me know if some info is missing.

Yes, that's right => vagrant up

Test

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether REDACTED
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
       valid_lft 55142sec preferred_lft 55142sec
    inet6 REDACTED scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether REDACTED
    inet 192.168.56.2/24 brd 192.168.56.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet6 REDACTED scope link 
       valid_lft forever preferred_lft forever
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 
10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 
192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.2

Controller

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: enp0s3: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether REDACTED
    inet 10.0.2.15/24 brd 10.0.2.255 scope global dynamic enp0s3
       valid_lft 55365sec preferred_lft 55365sec
    inet6 REDACTED scope link 
       valid_lft forever preferred_lft forever
3: enp0s8: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether REDACTED
    inet 192.168.56.3/24 brd 192.168.56.255 scope global enp0s8
       valid_lft forever preferred_lft forever
    inet6 REDACTED scope link 
       valid_lft forever preferred_lft forever
default via 10.0.2.2 dev enp0s3 proto dhcp src 10.0.2.15 metric 100 
10.0.2.0/24 dev enp0s3 proto kernel scope link src 10.0.2.15 
10.0.2.2 dev enp0s3 proto dhcp scope link src 10.0.2.15 metric 100 
192.168.56.0/24 dev enp0s8 proto kernel scope link src 192.168.56.3

User:

1: lo: <LOOPBACK,UP,LOWER_UP> mtu 65536 qdisc noqueue state UNKNOWN group default qlen 1000
    link/loopback 00:00:00:00:00:00 brd 00:00:00:00:00:00
    inet 127.0.0.1/8 scope host lo
       valid_lft forever preferred_lft forever
    inet6 ::1/128 scope host 
       valid_lft forever preferred_lft forever
2: eno1: <BROADCAST,MULTICAST> mtu 1500 qdisc noop state DOWN group default qlen 1000
    link/ether REDACTED
3: wlp3s0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc noqueue state UP group default qlen 1000
    link/ether REDACTED
    inet 192.168.1.14/24 brd 192.168.1.255 scope global dynamic noprefixroute wlp3s0
       valid_lft 53804sec preferred_lft 53804sec
    inet6 REDACTED scope global temporary dynamic 
       valid_lft 572207sec preferred_lft 53675sec
    inet6 REDACTED scope global dynamic mngtmpaddr noprefixroute 
       valid_lft 2147483614sec preferred_lft 2147483614sec
    inet6 REDACTED scope link noprefixroute 
       valid_lft forever preferred_lft forever
4: docker0: <NO-CARRIER,BROADCAST,MULTICAST,UP> mtu 1500 qdisc noqueue state DOWN group default 
    link/ether REDACTED
    inet 172.17.0.1/16 brd 172.17.255.255 scope global docker0
       valid_lft forever preferred_lft forever
5: vboxnet0: <BROADCAST,MULTICAST,UP,LOWER_UP> mtu 1500 qdisc fq_codel state UP group default qlen 1000
    link/ether REDACTED
    inet 192.168.56.1/24 brd 192.168.56.255 scope global vboxnet0
       valid_lft forever preferred_lft forever
    inet6 REDACTED scope link 
       valid_lft forever preferred_lft forever
default via 192.168.1.1 dev wlp3s0 proto dhcp metric 20600 
REDACTED dev wlp3s0 scope link metric 1000 
172.17.0.0/16 dev docker0 proto kernel scope link src 172.17.0.1 linkdown 
192.168.1.0/24 dev wlp3s0 proto kernel scope link src 192.168.1.14 metric 600 
192.168.56.0/24 dev vboxnet0 proto kernel scope link src 192.168.56.1
pcolladosoto commented 2 years ago

Hi! Well, it looks like nobody's been assigned IPv4 address 10.0.123.3... If you take a look at ip a's output on the controller you'll see how the address of each interface is:

Interface IPv4 address
enp0s3 10.0.2.15/24
enp0s8 192.168.56.3/24

As you can see, none of them have been assigned 10.0.123.3 😿. That's weird considering this line on the Vagrantfile:

https://github.com/GAR-Project/project/blob/28ecdcfebee88f0af58f40c8e3c32368ff22ac0b/Vagrantfile#L46

What's more, Mininet's 'internal' address block is 10.0.0.0/8:

https://github.com/GAR-Project/project/blob/28ecdcfebee88f0af58f40c8e3c32368ff22ac0b/src/scenario_basic.py#L15-L19

This is a 'superblock' that includes the IPv4 addresses assigned to other interfaces like enp0s3. This shouldn't be a problem, but without further information I consider it something to keep an 👀 out for.

So... how to fix this? You might want to alter the IPv4 addresses within the Vagrantfile on lines like:

https://github.com/GAR-Project/project/blob/28ecdcfebee88f0af58f40c8e3c32368ff22ac0b/Vagrantfile#L26

That reminds me: can I take a look at the actual Vagrantfile you're using?

The idea is choosing IPv4 addresses that won't collide with others already assigned and, more importantly, to make sure the IPv4 addresses you're trying to contact have been leased to a machine.

If all the above sounds a little convoluted feel free to follow up on the issue!

omar-dulaimi commented 2 years ago

@pcolladosoto You are right on the money man! After checking the Vagrantfile, the IPs lines you mentioned, their values were changed to something like 192.168.... Which is something I did not do, I removed the changes to the file and it has now managed to connect successfully.

This concludes this issue. Thanks a lot man, I appreciate it.

Should I create a separate issue about launching the attack?

using enp0s3, addr: 10.0.2.15, MTU: 1500
[open_sockraw] socket(): Operation not permitted
[main] can't open raw socket

I don't have a .Xauthority to copy to root on Ubuntu. Is it a macOS only file?

omar-dulaimi commented 2 years ago

Also, does wireshark need to be installed separately?

mininet> xterm h1 h2
mininet> h4 wireshark &
2022-08-30T12:18:09Z I! Starting Telegraf 1.13.0
2022-08-30T12:18:09Z I! Loaded inputs: net
2022-08-30T12:18:09Z I! Loaded aggregators: 
2022-08-30T12:18:09Z I! Loaded processors: 
2022-08-30T12:18:09Z I! Loaded outputs: file
2022-08-30T12:18:09Z I! Tags enabled: host=test
2022-08-30T12:18:09Z I! [agent] Config: Interval:2s, Quiet:false, Hostname:"test", Flush Interval:2s
bash: wireshark: command not found
omar-dulaimi commented 2 years ago

Nevermind the wireshark question, I managed to solve it.

Right now, the normal script returns 100% loss normal

Even when I run it alone, without running the attack script.

Though from inside of mininet, I get 100% reachability with commands like pingall and h1 ping h3

DJrmn commented 1 year ago

Also, does wireshark need to be installed separately?

mininet> xterm h1 h2
mininet> h4 wireshark &
2022-08-30T12:18:09Z I! Starting Telegraf 1.13.0
2022-08-30T12:18:09Z I! Loaded inputs: net
2022-08-30T12:18:09Z I! Loaded aggregators: 
2022-08-30T12:18:09Z I! Loaded processors: 
2022-08-30T12:18:09Z I! Loaded outputs: file
2022-08-30T12:18:09Z I! Tags enabled: host=test
2022-08-30T12:18:09Z I! [agent] Config: Interval:2s, Quiet:false, Hostname:"test", Flush Interval:2s
bash: wireshark: command not found

Can you let me know how you fixed the wireshark error?