Description
The VirtualNetworkFilter module is simple layer 2 (MAC) based network virtualization. This allows you to create multiple logical layer 2 networks in a single layer 2 domain. This module can be used for an OpenStack deployment or standalone.
Services Provided
- IVirtualNetworkService
Service Dependencies
- IDeviceService
- IFloodlightProviderService
- IRestApiService
Java File
The module is implemented in net.floodlightcontroller.virtualnetwork.VirtualNetworkFilter.
How it works
When Floodlight starts up no virtual networks are created. The result is that hosts will not be able to talk to each other. Once the user creates virtual networks hosts can be added to it. The module will insert itself before the forwarding implementation in the processing chain for PacketIn messages. Once a PacketIn is received it will look at the source and destination MAC addresses. If the MACs are both on the same virtual network, the module will return Command.CONTINUE and the flow will continue to be processed. If source and destination MAC addresses are on different networks the module will return Command.STOP and the packet will be dropped.
Limitations
- The physical network must be one layer 2 domain
- You can only have one gateway per virtual network (it can be shared with multiple virtual networks)
- Multicast and broadcast traffic is not isolated
- All DHCP traffic is allowed
Configuration
The module is not enabled by default. It must be added to the configuration file and Floodlight must be restarted in order for it to be loaded. A sample configuration file is posted below. The module is called "VirtualNetworkFilter". The default configuration file used for this is in src/main/resources/quantum.properties.
# The default configuration for openstack floodlight.modules = net.floodlightcontroller.storage.memory.MemoryStorageSource,\ net.floodlightcontroller.staticflowentry.StaticFlowEntryPusher,\ net.floodlightcontroller.forwarding.Forwarding,\ net.floodlightcontroller.jython.JythonDebugInterface,\ net.floodlightcontroller.counter.CounterStore,\ net.floodlightcontroller.perfmon.PktInProcessingTime,\ net.floodlightcontroller.ui.web.StaticWebRoutable,\ net.floodlightcontroller.virtualnetwork.VirtualNetworkFilter net.floodlightcontroller.restserver.RestApiServer.port = 8080 net.floodlightcontroller.core.FloodlightProvider.openflowport = 6633 net.floodlightcontroller.jython.JythonDebugInterface.port = 6655
|
For more information on the module loading system see the documentation here. |
If you are using the Floodlight VM the configuration file is already on the machine. Simply execute these commands to enable it.
floodlight@localhost:~$ touch /opt/floodlight/floodlight/feature/quantum floodlight@localhost:~$ sudo service floodlight stop floodlight@localhost:~$ sudo service floodlight start
Configuration Options
None.
REST API
URI |
Method |
URI Arguments |
Data |
Data Fields |
Description |
---|---|---|---|---|---|
/networkService/v1.1/tenants/{tenant}/networks/{network} |
PUT/POST/DELETE |
Tenant: Currently ignored |
Unknown macro: {"network"}
\ |
IP: Gateway IP in "1.1.1.1" format, can be null |
Creates a new virtual network. Name and ID are required, gateway is optional. |
/networkService/v1.1/tenants/{tenant}/networks/{network}/ports/{port}/attachment |
PUT/DELETE |
Tenant: Currently ignored |
Unknown macro: {"attachment"}
|
Network ID: Network ID as a string, the one you just created |
Attaches a host to a virtual network. |
/networkService/v1.1/tenants/{tenant}/networks |
GET |
Tenant: Currently ignored |
None |
None |
Shows all networks and their gateway, ID, and hosts mac in json format |
Examples using curl
Creating a virtual network named "VirtualNetwork1", the ID is "NetworkId1", the gateway is "10.0.0.7", and the tenant is "default" (which is currently ignored).
curl -X PUT -d '{ "network": { "gateway": "10.0.0.7", "name": "virtualNetwork1" } }' http://localhost:8080/networkService/v1.1/tenants/default/networks/NetworkId1
Adding a host to VirtualNetwork1 with the MAC address "00:00:00:00:00:08" and the port "port1".
curl -X PUT -d '{"attachment": {"id": "NetworkId1", "mac": "00:00:00:00:00:08"}}' http://localhost:8080/networkService/v1.1/tenants/default/networks/NetworkId1/ports/port1/attachment