Wednesday, April 4, 2018

ONOS traffic analytics

Open Network Operating System (ONOS) is "a software defined networking (SDN) OS for service providers that has scalability, high availability, high performance, and abstractions to make it easy to create applications and services." The open source project is hosted by the Linux Foundation.

Mininet and onos.py workflow describes how to run ONOS using the Mininet network emulator. Mininet allows virtual networks to be quickly constructed and is a simple way to experiment with ONOS. In addition, Mininet flow analytics describes how to enable industry standard sFlow streaming telemetry in Mininet, proving a simple way monitor traffic in the ONOS controlled network.

For example, the following command creates a Mininet network, controlled by ONOS, and monitored using sFlow:
sudo mn --custom ~/onos/tools/dev/mininet/onos.py,sflow-rt/extras/sflow.py \
--link tc,bw=10 --controller onos,1 --topo tree,2,2
The screen capture above shows the network topology in the ONOS web user interface.
Install Mininet dashboard to visualize the network traffic. The screen capture above shows a large flow over the same topology being displayed by ONOS, see Mininet weathermap for more examples.

In this case, the traffic was created by the following Mininet command:
mininet-onos> iperf h1 h3
The screen capture above shows top flows, busiest switch ports, and the diameter of the network topology.


The Mininet dashboard is a simple application running on the sFlow-RT analytics platform. For a more realistic example, watch the demonstration of SDN leaf and spine traffic engineering recorded at the Open Networking Summit. In the demonstration, a redundant pair of ONOS controllers implement segment routing, using OpenFlow 1.3 to control an eight switch leaf and spine network of commodity switches. Real-time flow analytics drives the dashboards in the demonstration and trigger load balancing of flows across the fabric. Leaf and spine traffic engineering using segment routing and SDN provides a more detailed explanation.

Mininet with ONOS and sFlow-RT is a great way to rapidly develop and test SDN applications, avoiding the time and expense involved in setting up a physical network.

19 comments:

  1. hello peter ,, where to get the onos.py?

    ReplyDelete
    Replies
    1. There is a link to the onos.py documentation int the article. The ~/onos/tools/dev/mininet/onos.py script should be part of the ONOS distribution you installed.

      Docker is the easiest way to run ONOS if you don't need a development environment, e.g. Mininet, ONOS, and segment routing. ONOS measurement based control provides an example that doesn't use onos.py.

      Delete
    2. i read the onter article ONOS measurement based control ... im sorry if im wrong but it also required onos.py?

      Delete
    3. Secondly, right now, i already installed mininet , sflow and onos, is there any way to connect all three withoust using docker and onos.py?

      Delete
    4. Start mininet with the argument "--controller=remote,ip=127.0.0.1" to connect to the ONOS controller (you need to have started ONOS first).

      You can use this technique in all the examples instead of running onos.py.

      Delete
    5. it works, the only problem right now, is it possible to also connect to sflow dashboard with onos as controller?

      Delete
    6. You need to install sFlow-RT with the mininet-dashboard application and include the sflow-rt/extras/sflow.py as a mininet custom startup parameter, see Mininet dashboard

      Delete
    7. hello peter,

      Thanks for you help, right now i already install sflow-rt with mininet-dashboard , onos (no docker) and mininet..indivually it work, i was to test able to sflow-rt it work,,, mininet and onos , it work but i cant seem to connect all three together, do i need some script or command?...

      Delete
    8. Use three terminal windows:
      1. Run sFlow-RT ./sflow-rt/start.sh
      2. Run ONOS
      3. Run mininet: mn --custom sflow-rt/extras/sflow.py --controller=remote,ip=127.0.0.1

      Delete
    9. Thanks peter, it works, is there any example i can use to do custom topology in sflow.py?

      Delete
    10. Custom Topologies describes how to add topologies to Mininet. Run mininet with --custom=mytopo.py,sflow.py --topo mytopo

      Mininet flow analytics with custom scripts discusses different options.

      Delete
    11. Thanks peter. rn i manage to use the custom topolog and test the ddos attack using hping3.. is there any way i can learn about or used some script to mitigate the ddos?

      Delete
  2. peter just want to know if sflow here can be consider as firewall appilcation for onos?

    ReplyDelete
    Replies
    1. I wouldn't consider these examples to be a firewall application - they are geared toward capacity planning and traffic engineering.

      Delete
    2. i mean in your other example "ONOS measurement based control", it shows the way to mitigate dos.. so can i say sflow able to detecting the potential ddos?... or onos have its own firewal framewaork to deal with this?

      Delete
    3. sFlow is widely used to detect volumetric DDoS attacks. The POLICY FRAMEWORK FOR ONOS is implementing firewall functionality.

      Delete
    4. does this policy framework need to be activate or it is already embedded with the installation of onos?

      Delete
    5. Sorry, I haven't used ONOS recently and don't have any further information.

      Delete