intracom-telecom-sdn / oftraf

pcap-based, RESTful OpenFlow traffic monitor
Eclipse Public License 1.0
6 stars 1 forks source link

Build Status Code Health Docker Automated build Code Issues

oftraf

pcap-based, RESTful OpenFlow traffic monitor

Filters OpenFlow packets from a network interface and reports statistics.

Features:

Requirements

On an Ubuntu-based machine, install the required packages as follows:

sudo apt-get install python-pypcap python-dpkt python-bottle

Usage

sudo python oftraf.py --rest-host <host> --rest-port <port> --of-port <ofport> --ifname <interface> [--server]

Command line arguments:

Example:

  1. Launch an SDN controller and a Mininet topology on the same machine
  2. Launch oftraf:
    sudo python oftraf.py --rest-host localhost --rest-port 5555 --of-port 6653 --ifname lo

    This starts sniffing and counting OF packets on the lo interface. The statistics are being displayed in real-time in a curses-based console which refreshes every 1 second. Sample output:

Elapsed seconds:89.1658
OF in pps:                49.0
OF in Bps:             27532.0
OF out pps:               29.0
OF out Bps:            16000.0

Packet Type                           Count          Bytes
--------------------------------------------------------------
Total OF in:                          9807           4275930
Total OF out:                         5282           3328935

Incoming
----------------
OF13_OFPT_ECHO_REQUEST:               6              360
OF13_OFPT_ERROR:                      10             800
OF13_OFPT_FEATURES_REPLY:             10             840
OF13_OFPT_HELLO:                      10             680
OF13_OFPT_MULTIPART_REPLY:            6424           2061320
OF13_OFPT_PACKET_IN:                  508            89560
OF13_OFPT_PORT_STATUS:                26             3432
OF10_OFPT_ECHO_REQUEST:               9              540
OF10_OFPT_ERROR:                      4              288
OF10_OFPT_FEATURES_REPLY:             10             1512
OF10_OFPT_HELLO:                      10             600
OF10_OFPT_PACKET_IN:                  284            43054
OF10_OFPT_PORT_STATUS:                81             9396
OF10_OFPT_STATS_REPLY:                648            200048

Outgoing
----------------
OF13_OFPT_ECHO_REPLY:                 6              360
OF13_OFPT_FEATURES_REQUEST:           7              420
OF13_OFPT_HELLO:                      14             1024
OF13_OFPT_MULTIPART_REQUEST:          1301           1159444
OF13_OFPT_PACKET_OUT:                 153            57012
OF13_OFPT_SET_CONFIG:                 11             992
OF10_OFPT_ECHO_REPLY:                 9              540
OF10_OFPT_FEATURES_REQUEST:           6              360
OF10_OFPT_HELLO:                      7              428
OF10_OFPT_PACKET_OUT:                 47             11515
OF10_OFPT_SET_CONFIG:                 11             704
OF10_OFPT_STATS_REQUEST:              100            92344

OF in and OF out refer to OF traffic traveling into and out of the SDN controller, respectively. pps and Bps are packets-per-second and bytes-per-second.

  1. The REST server starts together with oftraf. Let's try to send some statistics requests.

    On another console, issue the following REST request to access summary statistics:

    curl  http://localhost:5555/get_of_counts

    Response:

    {
    "OF_out_counts": [366417, 114676077],
    "OF_in_counts": [700581, 212923343]
    }

    In each statistic returned, the first number (e.g. 366417) is the packet count, and the second (114676077) is the byte count.

    OF_out_counts refers to the packets travelling from the controller to the switches, OF_in_counts refers to the packets travelling at the opposite direction.

    To access detailed OF13 statistics, issue the following REST request:

    curl http://localhost:5555/get_of13_counts

    Response:

    {
    "OF13_in_counts":
    {
      "OFPT_ERROR": [10, 800],
      "OFPT_PORT_STATUS": [82, 10824],
      "OFPT_MULTIPART_REPLY": [107, 28276],
      "OFPT_FEATURES_REPLY": [10, 840],
      "OFPT_HELLO": [10, 680],
      "OFPT_PACKET_IN": [216, 38324],
      "OFPT_ECHO_REQUEST": [10, 600]
    },
    "OF13_out_counts":
    {
      "OFPT_PACKET_OUT": [35, 7201],
      "OFPT_FEATURES_REQUEST": [7, 420],
      "OFPT_MULTIPART_REQUEST": [17, 8240],
      "OFPT_SET_CONFIG": [9, 1332],
      "OFPT_HELLO": [11, 788],
      "OFPT_ECHO_REPLY": [10, 600]
    }
    }

    Similarly, use the following REST request for OF10 statistics:

    curl http://localhost:5555/get_of10_counts
  2. To stop oftraf, hit Ctrl-C in the console where it runs, or issue a REST request as follows:

    $ curl  http://localhost:5555/stop

Deployment of Docker containers

This project provides two options for deployment with the use of Docker Containers

In both cases, the docker platform must be installed on the host side.

and the actions below have to be followed

There are 2 different folders, containing Dockerfiles, under the path <PROJECT_DIR>/deploy. The one Dockerfile is for a proxy environment and one is for a no_proxy environment. The names of the folders containing these Dockerfiles are proxy and no_proxy respectively.

in order to deploy the proxy Dockerfile (<PROJECT_DIR>/deploy/proxy/Dockerfile), edit the proxy settings in the file. These settings are in the following lines.

ENV http_proxy="http://<proxy_ip>:<port>/"
ENV https_proxy="http://<proxy_ip>:<port>/"

RUN echo 'Acquire::http::Proxy "http://<proxy_ip>:<port>/";' | tee -a /etc/apt/apt.conf
RUN echo 'Acquire::https::Proxy "http://<proxy_ip>:<port>/";'| tee -a /etc/apt/apt.conf

RUN echo "http_proxy=http://<proxy_ip>:<port>/" | tee -a /etc/environment
RUN echo "https_proxy=http://<proxy_ip>:<port>/" | tee -a /etc/environment
RUN echo "no_proxy=127.0.0.1,localhost" | tee -a /etc/environment
RUN echo "HTTP_PROXY=http://<proxy_ip>:<port>/" | tee -a /etc/environment
RUN echo "HTTPS_PROXY=http://<proxy_ip>:<port>/" | tee -a /etc/environment
RUN echo "NO_PROXY=127.0.0.1,localhost" | tee -a /etc/environment

After configuring the proxy settings, from the path of Dockerfile, run the command

docker build -t oftraf_base .

The above command would be the first step in case we deploy a no_proxy docker environment.

Verify that the image has been built successfully by running the command

  docker images

the output of this command should look like the following sample

REPOSITORY         TAG             IMAGE ID          CREATED           SIZE
<repo_name>        oftraf_base     c2c3152907b5      4 minutes ago     275.1 MB

to run the environment and start the Docker container, execute the following line

docker run -it <repo_name>:oftraf_base /bin/bash

and enter the password

password: root123

After the above step we get a console inside the docker environment and oftraf can be executed with the following command

/opt/oftraf/start.sh <host_ip> <rest_server_port> <port_to_monitor_for_OpenFlow_messages>

or alternatively, activate the virtual environment

source /opt/venv_oftraf/bin/activate

and follow the Usage section.

Deploy using prebuild image

The first step is to get the image from Docker Hub

docker pull intracom/nstat-sdn-controllers

Once the image pull operation is complete, check locally the existence of the image

docker images

which should list the intracom/nstat-sdn-controllers:latest image. For running a container out of the intracom/nstat-sdn-controllers:latest image

docker run -it intracom/nstat-sdn-controllers /bin/bash

password: root123

Run oftraf as described in the previous section after starting the Docker container.

Future Extensions