Is it possible to install a rule on a switch that instructs the switch to do the following:
If packet_in is TCP:
send ( dummy packet )
send (packet_in)
send ( dummy packet)
else:
send (packet_in)
I appreciate that that's pretty poor pseudo code, but it should illustrate what I'm trying to do a bit better than me trying to explain it.
Basically I'm trying to space out the transmission of TCP packets for a project by transmitting dummy packets, without having to require every TCP packet to be sent to the controller. I want the switch to behave as normal, but when it recieves a TCP packet destined for a certain port, I want the switch to also transmit a dummy packet (which I have constructed) out of the same port, headed for the same destination.
I understand that there may be some better ways to do what I'm trying to achieve - I'm open to suggestions!
Thanks
As far as I know the answer is no OpenFlow does not support this concept let alone Pox. Pox can tell a switch to generate a packet but there is no flow table entry with an action of send this other packet over here.
A possible way this could be implemented is as follows though:
Match on the TCP protocol and port number have two actions. Action number one send the packet, action number 2 send the packet to some spare table for flow tables.
In this table have an action to modify the packet to send this dummy packet. You could not craft a specific one but you could say modify the destination IP to some nonsense value or set some nonsense VLAN as a kind of sudo marker.
Edit: User asked for clarification on what I meant by a spare table so I will try to find some pox commands to show the process I planned on using. First off I would suggest this wiki for a lot of the basic pox commands it's a bit dated and in some cases is wrong but over all it is very useful.
When stating a spare table I am talking about the concept that openflow 1.3 enabled which says all flow tables do not have to be a single list for processing. Instead all packets can go to table 0 for processing then if an action states it can send the packet to say table 5 for extended processing or a more targeted processing based on what table 0 found. This allows more versatile actions, you can think of this new concept as a table of tables or a 2d array where the final elements are flow table entries. Sorry the word table comes up a lot I wish they chose a different word for this concept.
Pox by default does not support this concept since it uses OpenFlow1.0 however there is an extension that enables it and more information on that can be found here. Some of the important pieces can be found below.
# Turn on Nicira packet_ins
msg = nx.nx_packet_in_format()
event.connection.send(msg)
# Turn on ability to specify table in flow_mods
msg = nx.nx_flow_mod_table_id()
event.connection.send(msg)
msg = nx.nx_flow_mod()
msg.priority = 1 # Low priority
msg.actions.append(of.ofp_action_output(port = of.OFPP_CONTROLLER))
msg.actions.append(nx.nx_action_resubmit.resubmit_table(table = 1))
event.connection.send(msg)
msg = nx.nx_flow_mod()
msg.table_id = 1
msg.priority = 1 # Low priority
msg.actions.append(of.ofp_action_output(port = of.OFPP_FLOOD))
event.connection.send(msg)
In this example multi table support is enabled, then a flow is added which sends all packets to the controller and table 1, from there table 1 has a flow which says flood all packets. Hopefully this gives you a general idea on how they work.
Incase you do not already know how to edit packets with pox an example action which can be appended to the actions list to change the destination mac address would be as follows.
ofp_action_dl_addr.set_dst(EthAddr("01:02:03:04:05:06"))
For vlan the method I proposed earlier you could do
msg.actions.append(of.ofp_action_vlan_vid(vlan_vid=1234))