SD-WAN

 View Only
  • 1.  Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 07:49 AM

    Hi,

    I am facing a problem, regarding IP/ICMP packets in SDN. Consider the topology 

    (Windows)A(192.168.0.10)<----------------> (192.168.0.51)HPE(192.168.7.51) <-------------->(192.168.7.52)B(UBUNTU)

    HPE ports, shown in topology are in the same VLAN(untagged). 

    If A tries ping to B.

    • Flow entries are installing/updating
    • ICMP echo packet passes through the router
    • B receiving the packet
    • No response is generating

    Finding: Checksum calculated by HPE Aruba is WRONG!. Confirmed by Wireshark. 

    If B tries ping to A.

    • Flow entries are installing/updating
    • ICMP echo packet passes through the router
    • B is NOT receiving the packet

     

    Controller: RYU/rest_router (JL075A Configuration Editor; Created on release #KB.16.07.0003)

    HPE Aruba 3810M

    Routes are available at both hosts.

     

    Doubts:

    • Why HPE is calculating the wrong Checksum?
    • Why a packet passes the router and not received it at the end host?

     

    some parts of running configure

    openflow
    controller-id 1 ip 10.0.2.15 controller-interface vlan 2
    instance aggregate
    controller-id 1
    version 1.3
    table-num sw-table-1 0
    enable
    exit
    enable
    exit
    oobm
    disable
    ip address dhcp-bootp
    exit
    vlan 1
    name "DEFAULT_VLAN"
    no untagged 1-9,11-16
    untagged 10
    ip address 192.168.51.51 255.255.255.0
    ipv6 enable
    ipv6 address dhcp full
    exit
    vlan 2
    name "Controller LAN"
    untagged 2
    ip address 10.0.2.16 255.255.255.0
    exit
    vlan 3
    name "OpenFlow LAN"
    untagged 1,3-9,11-16
    no ip address
    exit
    management-vlan 1

     

    Please give comments or suggestions on it.

    Thanks in advance.


    #SDN
    #HPE3810
    #Ryu


  • 2.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 09:54 AM

    Hi!

    You wrote:


    @AJAYNEHRA wrote: I am facing a problem, regarding IP/ICMP packets in SDN. Consider the topology 

    (Windows)A(192.168.0.10)<----------------> (192.168.0.51)HPE(192.168.7.51) <-------------->(192.168.7.52)B(UBUNTU)

    HPE ports, shown in topology are in the same VLAN(untagged).

    ...but how it is possible on the HPE (center of your topology) that the same untagged VLAN id is used on different ports where are connected hosts (host A against host B) belonging to two different subnets (192.168.0.0/24 versus 192.168.7.0/24, I guessed the 24 bit subnets...but I'm quite confident my guess is correct)?

    Does the HPE switch is doing IP Routing...looking at the portion of running configuration not only I don't see ip routing enabled but also subnets (SVI on VLAN id) are differents with respect to ones on the schema above (192.168.51.0/24 and 10.0.2.0/24). 



  • 3.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 10:10 AM

    Thanks for Reply,

    In SDN configuration, I suppose routing is handled by Flow entries, installed by SDN controller. So the use of ip routing command is not working due to OpenFlow enabled. 

    IP addresses to the router is assigned is with REST API to SDN Controller(RYU).

    For VLAN information, See VLAN 3. On port 1 is connected to 192.168.0.10/24 and port 6 is connected to 192.168.7.52/24. 

     



  • 4.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 10:25 AM

    @AJAYNEHRA wrote: For VLAN information, See VLAN 3. On port 1 is connected to 192.168.0.10/24 and port 6 is connected to 192.168.7.52/24. 

    I miss something here...I'm not an expert about OpenFlow / SDN Controllers but...if port 1 in untagged member of VLAN id 3 and port 6 is untagged member of the same VLAN id 3 it means that "internally" to the switch traffic received by those ports are tagged with VLAN id 3 (so ports are part of the same broadcast domain) and traffic with destinations outside those ports has the tag removed and flow outside "untagged"...so how an external router knows how to route packets if they are coming from hosts being part of different subnets if those packets are "ingested" from the very same untagged messages?

     



  • 5.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 10:44 AM

    hi again,

    Given configuration is working perfectly fine in normal communication. Only creating problem in the Openflow environment. Regarding VLAN and subnet relation, HP allows configuring,

    vlan 3
    name "OpenFlow LAN"
    untagged 1,3-9,11-16
    ip address 192.168.0.51 255.255.255.0
    ip address 192.168.2.51 255.255.255.0
    ip address 192.168.7.51 255.255.255.0
    exit

    maybe this article can help. 

    https://www.pluralsight.com/blog/it-ops/5-big-misconceptions-about-virtual-lans-



  • 6.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 11:33 AM

    Nice blog article. I'll read what misconcepiton about VLANs I'm currently suffering...in the meantime it's worth to note that initially you hadn't any SVI defined on VLAN 3:

    vlan 3
    name "OpenFlow LAN"
    untagged 1,3-9,11-16
    no ip address
    exit
    management-vlan 1

     then instead you report:

    vlan 3
    name "OpenFlow LAN"
    untagged 1,3-9,11-16
    ip address 192.168.0.51 255.255.255.0
    ip address 192.168.2.51 255.255.255.0
    ip address 192.168.7.51 255.255.255.0
    exit

    my comment was related to VLAN 3 as in its first incarnation.



  • 7.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Jul 13, 2020 11:38 AM

    Hi,

    It is not needed in RYU/rest_router. As we have to insert addresses using REST. This is an example only to demonstrate One VLAN with different subnets. 



  • 8.  RE: Wrong(undesired) IP Checksum calculated by HPE Aruba 3810M with RYU (rest_router)

    Posted Aug 20, 2020 12:39 AM

    Can you tell me the complete architecture, like whats in data plane control plane and mgmt plane and I will suggest possibel things to check.?