春风十里不如你 —— Taozi - karaf https://www.xiongan.host/index.php/tag/karaf/ zh-CN Sat, 06 May 2023 20:34:03 +0800 Sat, 06 May 2023 20:34:03 +0800 【SDN】防DDoS攻击应用开发 https://www.xiongan.host/index.php/archives/204/ https://www.xiongan.host/index.php/archives/204/ Sat, 06 May 2023 20:34:03 +0800 admin 防DDoS攻击SDN应用开发

基础环境

  • Opendaylight + Mininet (安装好karaf等组件)
  • Open vSwitch 2.3.1

实验步骤

查看控制器ip和交换机的连接状态

登录控制器,查看端口是否处于监听状态

netstat -an|grep 6633

68336330055

登录交换机,查看交换机与控制器的连接情况

root@guest-virtual-machine:/home/guest# ovs-vsctl show
2e6efe16-6875-4feb-8451-7da554fbd3c8
    ovs_version: "2.0.2"
//以上是交换机与控制器未连接成功,需要手动连接,显示以下的“is_connected:true”
root@guest-virtual-machine:/home/guest# ovs-vsctl add-br br-sw
root@guest-virtual-machine:/home/guest# ovs-vsctl set-controller br-sw tcp:192.168.123.10:6633
root@guest-virtual-machine:/home/guest# ovs-vsctl show

68336341161

登陆主机,查看主机与控制器连接情况,如果没连接,需要手动连接

登录交换机,连接控制器(基于OVSDB协议创建一个新的连接)

ovs-vsctl set-manager tcp:192.168.123.10:6640

68336412963

安装sFlow

将sFlow安装包上传至控制器,并解压

68336484626

登录交换机,部署sFlow Agent

ovs-vsctl -- --id=@sflow create sflow agent=s1 target=\"192.168.123.10:6633\" header=128 sampling=10 polling=1 -- set bridge br-sw sflow=@sflow

68336511422

查看已配置的sFlow Agent信息

ovs-vsctl list sflow

68336517033

登录控制器,启动sFlow

68336550170

验证防DDoS攻击

打开浏览器,查看状态

http://192.168.123.10:8008/html/index.html#status

68336584307

]]> 1 https://www.xiongan.host/index.php/archives/204/#comments https://www.xiongan.host/index.php/feed/tag/karaf/ 【OpenDaylight】Karaf的使用 https://www.xiongan.host/index.php/archives/193/ https://www.xiongan.host/index.php/archives/193/ Fri, 24 Mar 2023 11:20:00 +0800 admin Karaf使用

ssh可能会连接不上,需要配置本地VM8的网卡,或者ssh,推荐下面方法

vi /etc/ssh/sshd_config
//最后添加一行
PermitRootLogin yes
//保存后重启服务器即可用远程工具连接Ubuntu主机

首先连接虚拟机

image-20230324103545964

上传安装包,解压缩并进入目录中,启动控制台

root@guest-virtual-machine:/home/guest# tar -zxvf distribution-karaf-0.3.0-Lithium.tar.gz
root@guest-virtual-machine:/home/guest# cd distribution-karaf-0.3.0-Lithium
//启动一(不推荐)
root@guest-virtual-machine:/home/guest# ./bin/karaf
//启动二(后台运行)
root@guest-virtual-machine:/home/guest/distribution-karaf-0.3.0-Lithium# ./bin/start
root@guest-virtual-machine:/home/guest/distribution-karaf-0.3.0-Lithium# ./bin/client -u karaf

image-20230324104253817

安装opendaylight组件

//安装REST API功能
opendaylight-user@root>feature:install odl-restconf
//安装L2交换机和OpenFlow功能
opendaylight-user@root>feature:install odl-l2switch-switch-ui
opendaylight-user@root>feature:install odl-openflowplugin-flow-services-ui
//安装Karaf控制台的md-sal功能
opendaylight-user@root>feature:install odl-mdsal-apidocs
//安装DLUX功能 0.3.0无需安装,0.6.0可以安装
//opendaylight-user@root>feature:install odl-dluxapps-applications
//opendaylight-user@root>feature:install odl-faas-all
//列出所有组件
opendaylight-user@root>feature:list

image-20230324105618145

验证opendaylight功能

首先查看ip地址:

image-20230324110258172

连接控制器

root@guest-virtual-machine:/home/guest# mn --controller=remote,ip=192.168.123.10,port=6633
mininet> pingall
*** Ping: testing ping reachability
h1 -> h2 
h2 -> h1 
*** Results: 0% dropped (2/2 received)

访问web控制器(账号密码admin)

image-20230324110455866

image-20230324110537387

卸载opendaylight组件

opendaylight-user@root>logout

logout退出,回到上一目录中

root@guest-virtual-machine:/home/guest/distribution-karaf-0.3.0-Lithium# rm -rf data
root@guest-virtual-machine:/home/guest/distribution-karaf-0.3.0-Lithium# ./bin/karaf clean
opendaylight-user@root>feature:list -i

查看已安装组件,确认已卸载

image-20230324110931770

]]> 5 https://www.xiongan.host/index.php/archives/193/#comments https://www.xiongan.host/index.php/feed/tag/karaf/