HICN/How To Configure the Hicn Plugin of VPP with Open DayLight
Contents
Configure the Hicn Plugin of VPP with Open DayLight
This tutorial shows how to perform the following operations:
- Deploy a Docker container with vpp, the hicn-plugin, sysrepo and the netopeer2 server
- Deploy a Open Daylight Docker container
- Configure opendaylight for connecting to netopeer2, which will in turn connect to the hicn-plugin for pushing the configuration
- Push the hicn network configuration from to opendaylight using REST
- Check the configuration is effectively applied on hicn-plugin
Background
For the tutorial we will use a single ubuntu 18.04 machine where the 2 docker containers (the one with the hicn-plugin and the one with ODL) will be running. The two dockers should be able to communicate using the network.
A second machine will be then used for pushing the network configuration to Open Dayligh, using network API (REST).
Deploy a Docker container with vpp, the hicn-plugin, sysrepo and the netopeer2 server
Install docker on the ubuntu machine:
$ sudo apt-get update $ sudo apt-get install \ apt-transport-https . \ ca-certificates \ curl \ gnupg-agent \ software-properties-common $ curl -fsSL https://download.docker.com/linux/ubuntu/gpg | sudo apt-key add - $ sudo add-apt-repository \ "deb [arch=amd64] https://download.docker.com/linux/ubuntu \ $(lsb_release -cs) \ stable" $ sudo apt-get update $ sudo apt-get install docker-ce docker-ce-cli containerd.io
Deploy the icnteam/vswitch docker image
CONTAINER=vswitch $ docker run -d --privileged --name ${CONTAINER} icnteam/vswitch
Create a hicn private network:
$ GATEWAY=192.168.0.254 $ docker network create --subnet 192.168.0.0/24 --gateway ${GATEWAY} hicn-network
Connect the proxy container to the hicn network:
$ docker network connect hicn-network ${CONTAINER}
Connect the hicn network to the vpp forwarder:
$ IP_ADDRESS=$(docker inspect -f "{{with index .NetworkSettings.Networks \"hicn-network\"}}{{.IPAddress}}{{end}}"${CONTAINER}) $ INTERFACE=$(docker exec -it${CONTAINER} ifconfig | grep -B 1 ${IP_ADDRESS} | awk 'NR==1 {gsub(":","",$1); print $1}') $ docker exec -it ${CONTAINER} ip addr flush dev ${INTERFACE} $ docker exec -it ${CONTAINER} ethtool -K ${INTERFACE} tx off rx off ufo off gso off gro off tso off $ docker exec -it ${CONTAINER} vppctl create host-interface name ${INTERFACE} $ docker exec -it ${CONTAINER} vppctl set interface state host-${INTERFACE} up $ docker exec -it ${CONTAINER} vppctl set interface ip address host-${INTERFACE} ${IP_ADDRESS}/24 $ docker exec -it ${CONTAINER} vppctl ip route add 10.0.0.0/24 via ${GATEWAY} host-eth1
Now the container is able to communicate through the hicn-network bridge, using UDP faces. We must expose a port for injecting incoming ICN traffic inside the hicn vswitch. Here we choose the port 12345.
$ PORT=12345 $ sudo iptables -t nat -A DOCKER -p udp --dport ${PORT} -j DNAT --to-destination ${IP_ADDRESS}:${PORT} $ sudo iptables -t nat -A POSTROUTING -j MASQUERADE -p udp --source ${IP_ADDRESS} --destination ${IP_ADDRESS} --dport ${PORT} $ sudo iptables -A DOCKER -j ACCEPT -p udp --destination ${IP_ADDRESS} --dport ${PORT}