search

zeek / zeek-netcontrol

Connectors for the Zeek NetControl framework
https://www.bro.org
Other
19 stars 12 forks source link

Can't connect switch to ryu controller. #11

Open cravies opened 2 years ago

cravies commented 2 years ago

Hi, I am testing controller.py and example.zeek in /openflow. Apologies if this is a silly question as I am new to Zeek.

My goal is to have a simple virtual network defined in mininet with an openflow switch. I would then like to connect this switch to the ryu controller, which is in turn connected to the Zeek instance. The goal is to monitor traffic with Zeek and then modify the switch table to quarantine malicious hosts.

First I define a simple network topology and connect to the ryu controller.

ryu-manager --verbose controller.py
sudo mn --controller=remote,port=6633 --topo=single,3 --switch=ovsk,protocols=OpenFlow13 --mac

The controller connects to the switch. However, If I try to pingall to test the hosts in mininet, it fails, dropping all the packets.

mininet> pingall
*** Results: 100% dropped. (0/6 received).

Then, if I try to run the zeek instance, it connects to the ryu controller, but in the process the controller crashes.

zeek example.zeek
>>> Broker peer added, [address=127.0.0.1, bound_port=9999/tcp]
>>> NeControl is starting operations

Ryu controller output:

EVENT BroController->ofctl_service SendMsgRequest
ofctl_service: Exception occurred during handler processing. Backtrace from offending handler [_handle_send_msg] servicing event [SendMsgRequest] follows.
Traceback (most recent call last):
  File "/usr/lib/python3/dist-packages/ryu/base/app_manager.py", line 290, in _event_loop
    handler(ev)
  File "/usr/lib/python3/dist-packages/ryu/app/ofctl/service.py", line 150, in _handle_send_msg
    datapath.set_xid(msg)
  File "/usr/lib/python3/dist-packages/ryu/controller/controller.py", line 416, in set_xid
    msg.set_xid(self.xid)
  File "/usr/lib/python3/dist-packages/ryu/ofproto/ofproto_parser.py", line 224, in set_xid
    assert self.xid is None
AssertionError

Thanks in advance for the help!

0xxon commented 2 years ago

Hi,

the Ryu controller was written a long time ago - I assume there sadly has been a bit of bitrot. That being said - it can't be really that bad; the code does not do super much. If it would be helpful I can try to update it - I just won't be able to test it in practice (I don't have easy access to an OF switch anymore). Though I guess I could try going your way with a virtual switch.

For the pingall issue - at the beginning, I think that the controller has no routes at all installed; hence all packets will be dropped.