simulated whitelist results and test scripts

parent 34f87def
......@@ -13,3 +13,4 @@ result/*
input.xml
gr-result/*
mult-result/*
white-result/*
#!/bin/sh -x
if [ $# -eq 1 ]
then
HOST="$1";
else
HOST="localhost"
fi
curl -d "{\
'dpid':'0000000000000002',\
'ipv4_src':'10.0.0.1',\
'ipv4_dst':'10.0.0.3'
}" http://$HOST:8080/v1.0/nettopo/whitelist
#!/usr/bin/python
"""
Run deidtect to study the bandwdith sharing behaviour between
service traffic and tap traffic going through a common port.
Praveen Kumar Shanmugam
"""
import sys
sys.path = ['../'] + sys.path
import os
import random
import json
from time import sleep
from optparse import OptionParser
from subprocess import Popen, PIPE
import multiprocessing
from mininet.net import Mininet
from mininet.node import Controller, RemoteController, UserSwitch, CPULimitedHost
from mininet.link import TCLink, Intf
from mininet.cli import CLI
from mininet.log import setLogLevel, info, warn, error, debug
from mininet.util import custom, quietRun, run
import socket
import fcntl
import struct
def get_ip_address(ifname):
s = socket.socket(socket.AF_INET, socket.SOCK_DGRAM)
return socket.inet_ntoa(fcntl.ioctl(
s.fileno(),
0x8915, # SIOCGIFADDR
struct.pack('256s', ifname[:15])
)[20:24])
#Parse command line options and dump results
def parseOptions():
"Parse command line options"
parser = OptionParser()
parser.add_option( '-i', '--infile', dest='infile',
default=None, help='traffic gen input file' )
parser.add_option( '-r', '--runs', dest='runs',
type='int', default=1, help='specify number of runs of each test' )
parser.add_option( '-b', '--bw', dest='bw',
type='int', default=0, help='use bandwidth limiting' )
parser.add_option( '-c', '--cip', dest='cip',
type='string', default="localhost", help='controller IP' )
parser.add_option( '-p', '--cpu', dest='cpu',
type='float', default=-1, help='cpu fraction to allocate to each host' )
parser.add_option( '-s', '--static', dest='static',
default=False, action='store_true',
help='statically allocate CPU to each host' )
parser.add_option( '-t', '--time', dest='time',
type='int', default=30, help='duration for which to run the experiment' )
parser.add_option( '-q', '--queue', dest='queue',
type='int', default=100, help='set switch buffer sizes' )
( options, args ) = parser.parse_args()
return options, args
opts, args = parseOptions()
def clean():
'''Clean any running instance of mininet and ryu'''
p = Popen("ps aux | grep 'ryu' | awk '{print $2}'",
stdout=PIPE, shell=True)
p.wait()
procs = (p.communicate()[0]).split('\n')
for pid in procs:
try:
pid = int(pid)
Popen('kill %d' % pid, shell=True).wait()
except:
pass
os.system('sudo mn -c')
#Creat a topology with 10 Mbs links except the one with the src host
#connected to the network, configure that with bw
def bandwidthTopo(bw, controllerip):
net = Mininet(controller=RemoteController, switch=UserSwitch)
c0 = net.addController('c0', ip=controllerip, port=6633 )
srcLink = custom(TCLink, bw=bw)
otherLink = custom(TCLink, bw=4)
"Create custom topo."
attacker = net.addHost( 'h1', mac='00:00:00:00:00:21')
brosys = net.addHost( 'h2', mac='00:00:00:00:00:22')
brosys2 = net.addHost( 'h3', mac='00:00:00:00:00:23')
topSwitch = net.addSwitch( 's1' )
bottomSwitch = net.addSwitch( 's2' )
lvl2Switch = net.addSwitch( 's3' )
# Add links
srcLink( attacker, topSwitch )
srcLink( topSwitch, brosys )
otherLink( topSwitch, bottomSwitch)
otherLink( bottomSwitch, brosys2 )
otherLink( bottomSwitch, lvl2Switch )
intf = Intf('s3-eth2', node=lvl2Switch)
net.build()
c0.start()
topSwitch.start([c0])
bottomSwitch.start([c0])
lvl2Switch.start([c0])
ryu_c = Popen("./ryu_init.sh %s %d 1> ryu.out 2> ryu.out" % (controllerip, 3), shell=True)
print "wait 5 sec for controller to connect"
sleep(5)
return net, ryu_c
def hostArray( net ):
"Return array[1..N] of net.hosts"
try:
host_array = sorted(net.hosts, key=lambda x: int(x.name))
except:
host_array = sorted(net.hosts, key=lambda x: x.name)
return host_array
def monitor_devs_ifstat(fname="rate.csv"):
if_cmd = 'ifstat -a -t > %s &' % (fname)
print if_cmd
Popen(if_cmd, shell=True).wait()
def monitor_devs_ng(fname="txrate.csv" , interval_sec=0.01):
"""Uses bwm-ng tool to collect iface tx rate stats. Very reliable."""
cmd = ("sleep 1; bwm-ng -t %s -o csv "
"-u bytes -T rate -C ',' > %s" %
(interval_sec * 1000, fname))
Popen(cmd, shell=True).wait()
def monitorInterfacesInit(net, outfile):
monitors = []
#monitors.append(multiprocessing.Process(target=monitor_devs_ifstat,
# args=("rate.csv",)))
os.system("rm -f %s" % outfile)
monitors.append(multiprocessing.Process(target=monitor_devs_ng,
args=(outfile, 1,)))
return monitors
def bandwidthTest(bw=5, controllerip="localhost"):
print bw
print controllerip
net, ryu_c = bandwidthTopo(bw,controllerip)
hosts = hostArray(net)
#for h in hosts:
# print "Host : %s\n" % (h.name)
h1 = net.getNodeByName('h1')
print h1.name
h2 = net.getNodeByName('h2')
print h2.name
h3 = net.getNodeByName('h3')
print h3.name
s1 = net.getNodeByName('s1')
s1.cmd("ifconfig s1-eth1 mtu 900")
s2 = net.getNodeByName('s2')
s3 = net.getNodeByName('s3')
print s1.name
#populate l3 routes
net.pingAll();
#bandwidth = net.iperf( [ h1, h3], udpBw='%sM' % bw, seconds=5 )
#print bandwidth
outfile="txrate%s.csv" % bw
monitors = monitorInterfacesInit(net,outfile);
for m in monitors:
m.start();
#start the traffic generation wait for 5 seconds (H1->H3)
server_start = 'vsftpd &'
h2_tg_cmd = 'mz h2-eth0 -c 0 -t udp sp=51 -A 10.0.0.2 -B 10.0.0.3 -P \"Hello World\" &'
print "iperf server @H3"
h3.cmd("iperf -s &")
print "sFTP server started @ H3"
h3.cmd(server_start)
h1_tg_cmd='iperf -c 10.0.0.3 -t 200 &'
print "Traffic generation from H1,H2 -> H3 started"
h1.cmd('sudo ethtool -K h1-eth0 tso off')
h1.cmd("ifconfig h1-eth0 mtu 900")
h2.cmd('sudo ethtool -K h2-eth0 tso off')
h2.cmd("ifconfig h2-eth0 mtu 900")
h3.cmd('sudo ethtool -K h3-eth0 tso off')
h3.cmd("ifconfig h3-eth0 mtu 900")
print h1_tg_cmd
print h2_tg_cmd
sleep(5)
print "wait for configs to take effect 5s delay"
hrstr = h1.cmd(h1_tg_cmd)
print hrstr
hrstr = h2.cmd(h2_tg_cmd)
print hrstr
#CLI(net)
sleep_time = 20
print "Sleeping for %d seconds before TAP is applied" % sleep_time
sleep(sleep_time)
p = Popen(("./bwTestWhiteListTapFlow.sh %s" % controllerip), shell=True, stdout=PIPE, stderr=PIPE)
out, err = p.communicate()
print out
print err
print "TAP create complete.."
sleep_time = 40
print "Sleeping for %d seconds before Whitelisting TCP traffic between H1->H3" % sleep_time
sleep(sleep_time)
p = Popen(("./bwSimWhiteListFlow.sh %s" % controllerip), shell=True, stdout=PIPE, stderr=PIPE)
out, err = p.communicate()
print out
print err
print "Whitelist Flow create complete.."
sleep_time = 250
i = 10;
while ( i < sleep_time):
print "[%d] Sleep for %d seconds to show the effect of whitelist of H1->H3 [IP]" \
% (sleep_time/i,i)
print s1.cmd('dpctl unix:/tmp/s2 meter-config')
sleep(i)
sleep_time=sleep_time - i;
#stop the traffic generation
#h1.cmd('killall mz')
h3.cmd('killall vsftpd')
print "Stopped traffic generation"
print "Stopped sFTP server"
#generate the graph
for m in monitors:
m.terminate();
Popen("killall bwm-ng", shell=True).wait();
net.stop();
return
def drawGraph(directory, infile):
Popen(("mkdir -p white-result/bw/%s" % directory), shell=True).wait() ;
Popen(("cp -v ../graphScripts/drawBwGraph.sh drawBwGraph.sh"),
shell=True).wait();
Popen(("cp -v ../graphScripts/gnu_deidtect_bw.scr gnu_deidtect_bw.scr"),
shell=True).wait();
Popen(("./drawBwGraph.sh %s" % infile), shell=True).wait();
Popen(("mv -v *.pdf white-result/bw/%s/" % directory), shell=True).wait();
Popen(("rm -v drawBwGraph.sh gnu_deidtect_bw.scr"), shell=True).wait();
print "Graph Generated for BW = %d " % directory
def setupGreTunnelPort():
Popen(("./localGreInit.sh"), shell=True).wait();
print "GRE port initialised.."
def DEIDtectBWTest(opts):
bw = opts.bw
controllerip=opts.cip
Popen('cp -vf whitelist-test-input.xml input.xml', shell=True).wait()
print "Rollback to known state"
clean();
setupGreTunnelPort();
bandwidthTest(bw=bw,controllerip=controllerip)
print "Cleanup the process"
clean();
infile="txrate%s.csv" % bw
drawGraph(bw, infile);
if __name__ == '__main__':
#global opts
DEIDtectBWTest(opts);
This source diff could not be displayed because it is too large. You can view the blob instead.
Markdown is supported
0% or
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment