Ce diaporama a bien été signalé.
Le téléchargement de votre SlideShare est en cours. ×

: Configuration of Kernel Virtual Machine (KVM) for Monitoring Software Defined Networks (SDN),

Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Usman Imran
051 - 12 - 116237
Faisal Mehmood Khan
051 - 11 - 116051
Mr.Muhammad Asad
A Final Year Project Report is
Submit...
Certificate
We here by accept the work contained in this report titled: Configuration of Kernel Virtual
Machine (KVM) for ...
iii
Declaration
We hereby declare that this work, neither whole nor in part, has been copied from any source. It
is furthe...
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Publicité
Prochain SlideShare
And the mountains echoed
And the mountains echoed
Chargement dans…3
×

Consultez-les par la suite

1 sur 107 Publicité

: Configuration of Kernel Virtual Machine (KVM) for Monitoring Software Defined Networks (SDN),

Télécharger pour lire hors ligne

Software-defined networking (SDN) is a new approach to designing, building, and managing
networks that separate the network’s control (brains) and forwarding (muscle) planes to better
optimize each.
In this project we have implemented SDN architecture on Linux platform using KVM. After
configuring SDN we have created a monitoring system that will take out information from
Packet like time, date, IP address(source and destination),MAC address(source and
destination),protocols(TCP,UDP,ICMP),packet size, port(source and destination). We have
created database for our Monitoring system that will store above described information. Apart
from Network Monitoring we have created a firewall that will drop TCP packet having all flags
high .In Addition with that we have also created an access control that will able to stop children
from accessing adult content apart from that we have set time limits in which children can’t
access internet so there studies won’t be affected.

Software-defined networking (SDN) is a new approach to designing, building, and managing
networks that separate the network’s control (brains) and forwarding (muscle) planes to better
optimize each.
In this project we have implemented SDN architecture on Linux platform using KVM. After
configuring SDN we have created a monitoring system that will take out information from
Packet like time, date, IP address(source and destination),MAC address(source and
destination),protocols(TCP,UDP,ICMP),packet size, port(source and destination). We have
created database for our Monitoring system that will store above described information. Apart
from Network Monitoring we have created a firewall that will drop TCP packet having all flags
high .In Addition with that we have also created an access control that will able to stop children
from accessing adult content apart from that we have set time limits in which children can’t
access internet so there studies won’t be affected.

Publicité
Publicité

Plus De Contenu Connexe

Plus récents (20)

Publicité

: Configuration of Kernel Virtual Machine (KVM) for Monitoring Software Defined Networks (SDN),

  1. 1. Usman Imran 051 - 12 - 116237 Faisal Mehmood Khan 051 - 11 - 116051 Mr.Muhammad Asad A Final Year Project Report is Submitted in Partial Fulfilment of the Requirements for the Degree of Bachelor of Science in Telecommunication and Networking Department of Computing & Technology Iqra University, Islamabad Campus June 2016 Configuration of Kernel Virtual Machine (KVM) for Monitoring Software Defined Networks (SDN)
  2. 2. Certificate We here by accept the work contained in this report titled: Configuration of Kernel Virtual Machine (KVM) for Monitoring Software Defined Networks (SDN), as a confirmation to the required standards for the partial fulfillment of the degree of Bachelors of Science in Telecommunication and Networking. Internal Examiner External Examiner Project Supervisor Head of Department
  3. 3. iii Declaration We hereby declare that this work, neither whole nor in part, has been copied from any source. It is further declared that we have prepared this report entirely on the basis of my personal efforts made under the sincere guidance of teachers especially my supervisor Mr. Muhammad Asad. If any part of this thesis is proved to be copied out from any source or found to be reproduction of some other, we will stand by the consequences. No portion of the work presented has been submitted in support of any application for any other degree or qualification of this or any other university or institute of learning. Usman Imran 16237(BSTN) Faisal Mehmood Khan 16051(BSTN)
  4. 4. iv Dedication We dedicate this project to our families who supported us in every problem and throughout the degree. We are also thankful to our friends who helped us and gave us moral support. Furthermore, we also dedicate this work to our valuable supervisor Mr. Muhammad Asad who guided us in each and every step and helped us to achieve this goal. We also dedicate this project to IQRA University who gave us 4 years of excellence and a chance to pursue our dreams.
  5. 5. v Acknowledgements First of all we want to thank Allah for this great achievement, for completing our degree and project. Then we will say thank to our parents whose hard work makes us succeeding in our goal. Our parents give us motivation whenever we got stuck in problem and help us by showing right direction of our goal. We believe that the main reason behind our success in our goal is our parents. After this we will say thank to our friends who support us during the achievement of our goal. Their support us in absents of our parents. We also thankful to our supervisor Mr. Muhammad Asad for guiding us. At the end we would also like to thank each other for helping and guiding each other through out the final year project.
  6. 6. vi Abstract Software-defined networking (SDN) is a new approach to designing, building, and managing networks that separate the network’s control (brains) and forwarding (muscle) planes to better optimize each. In this project we have implemented SDN architecture on Linux platform using KVM. After configuring SDN we have created a monitoring system that will take out information from Packet like time, date, IP address(source and destination),MAC address(source and destination),protocols(TCP,UDP,ICMP),packet size, port(source and destination). We have created database for our Monitoring system that will store above described information. Apart from Network Monitoring we have created a firewall that will drop TCP packet having all flags high .In Addition with that we have also created an access control that will able to stop children from accessing adult content apart from that we have set time limits in which children can’t access internet so there studies won’t be affected.
  7. 7. vii Contents Declaration...................................................................................................................................................iii Dedication....................................................................................................................................................iv Acknowledgements.......................................................................................................................................v Abstract........................................................................................................................................................vi List of Tables .............................................................................................................................................xiii Chapter 1 Introduction............................................................................................1 1.1. Overall Description.......................................................................................................................2 1.1.1 Objectives ....................................................................................................................................2 1.1.2 Problem Description ....................................................................................................................2 1.1.3 Product Scope ..............................................................................................................................3 1.1.4 Business Context..........................................................................................................................3 1.1.5 User Classes and Characteristics..................................................................................................3 1.1.6 Operating Environment................................................................................................................3 1.1.7 Assumptions and Dependencies...................................................................................................3 1.2. External Interface Requirements...................................................................................................3 1.2.1 User Interfaces .............................................................................................................................3 1.2.2 Hardware Interfaces.....................................................................................................................4 1.2.3 Software Interfaces ......................................................................................................................4 1.2.4 Safety Requirements ....................................................................................................................4 1.2.5 Security Requirements.................................................................................................................4 Chapter 2 Literature review and Background .....................................................5 2.1. History...........................................................................................................................................6 2.1.1. The Path OF SDN:................................................................................................................6 2.1.2. Active Networking................................................................................................................7 2.1.3. Split Up Of Control and Data Plane......................................................................................7 2.2. What is SDN? ...............................................................................................................................7
  8. 8. viii 2.2.1. Application Layer .................................................................................................................8 2.2.2. Controller..............................................................................................................................8 2.2.3. Infrastructure Layer...............................................................................................................8 2.3 Related Works.....................................................................................................................................8 2.3.1 Categorization of Existing Techniques/Works/Research.............................................................9 Chapter 3 System Design.......................................................................................10 3.1. Introduction.................................................................................................................................11 3.1.1. Purpose................................................................................................................................11 3.1.2. System overview.................................................................................................................11 3.1.3. Design Map.........................................................................................................................12 3.2. Design Considerations ................................................................................................................13 3.2.1 Assumptions...............................................................................................................................13 3.2.2 Constraints .................................................................................................................................13 3.2.3 Systems environment.................................................................................................................13 3.3. Architecture.................................................................................................................................14 3.4. Database Schema ........................................................................................................................14 3.4.1.1 Tables, Fields and Relationships.............................................................................................14 3.4.1.2 New Tables .............................................................................................................................15 3.4.1.3 New Fields(s)..........................................................................................................................15 3.4.1.4 Fields Change(s) .....................................................................................................................15 3.4.2 Data Migration...............................................................................................................................15 3.4.3 Low Level Design..........................................................................................................................15 3.5. Summary..........................................................................................................................................16 Chapter 4 Implementation and Methodology.....................................................17 4.1. Methodology...............................................................................................................................18 4.2. Openflow technology..................................................................................................................18 4.3. Openflow switch.........................................................................................................................19
  9. 9. ix 4.4. POX Controller...........................................................................................................................20 4.5. Discussion...................................................................................................................................20 4.6. Development Methodologies ......................................................................................................20 4.7. Implementation Tools and Technologies....................................................................................21 4.8. Installation of KVM (kernel virtual machine) ............................................................................22 4.9. Installation of OVS .....................................................................................................................28 4.10. Configuration of OVS.................................................................................................................29 4.11. POX installation..........................................................................................................................29 4.12. Implementation of My SQL........................................................................................................30 4.13. Further prospects of MySQL database........................................................................................33 4.14. Startup of OVS and POX............................................................................................................37 4.15. Message ping ..............................................................................................................................44 Chapter 5 Testing...................................................................................................45 5.1. Testing Techniques Employed for This Project..........................................................................46 5.2. Test Cases ...................................................................................................................................46 Case 1: Mac Address and Destination IP in List ...................................................................................46 Case 2: Mac Address in List and Destination IP Address not in List.....................................................47 Case 3: Mac Address Not in List and Destination IP Address Not in List ....................................48 Case 4: Firewall Packet Drop..................................................................................................................48 Case 5: Firewall Packet Transfer ............................................................................................................50 5.3. Test Results.................................................................................................................................51 Chapter 6 Conclusions and Future Work ...........................................................53 6.1 Contributions.....................................................................................................................................54 6.2 Future Work......................................................................................................................................54 References...............................................................................................................................................56 Appendix A.............................................................................................................................................59 Appendix B: Configuration of OVS .......................................................................................................91
  10. 10. x Appendix C: POX installation ................................................................................................................93 Appendix D: MySQL commands ...........................................................................................................94
  11. 11. xi List of Figures Figure 2.1 history of SDN.............................................................................................................................6 Figure 2.2 SDN architecture .........................................................................................................................7 Figure 3.1 basic architecture.......................................................................................................................11 Figure 3.2 system overview ........................................................................................................................12 Figure 3.3 design map.................................................................................................................................13 Figure 3.4 architecture ................................................................................................................................14 Figure 3.5 low level design.........................................................................................................................15 Figure 4.1 openflow technology .................................................................................................................18 Figure 4.2 openflow switch.........................................................................................................................19 Figure 4.3 development methodologies......................................................................................................21 Figure 4.4 VMM.........................................................................................................................................22 Figure 4.5 new VM step 1...........................................................................................................................23 Figure 4.6 step 2..........................................................................................................................................24 Figure 4.7 step 3..........................................................................................................................................25 Figure 4.8 final step ....................................................................................................................................26 Figure 4.9 final installation.........................................................................................................................27 Figure 4.10 VM in running condition.........................................................................................................27 Figure 4.11 supporting version ...................................................................................................................28 Figure 4.12 configuration of OVS ..............................................................................................................29 Figure 4.13 asking for installation of mySQL ............................................................................................30 Figure 4.14 mySQL installation starts ........................................................................................................31 Figure 4.15 password window ....................................................................................................................31 Figure 4.16 repeat password .......................................................................................................................32 Figure 4.17 mySQL installation is done .....................................................................................................32 Figure 4.18 interface of mySQL .................................................................................................................33 Figure 4.19 show database..........................................................................................................................33 Figure 4.20 database fields .........................................................................................................................34 Figure 4.21 columns of different fields.......................................................................................................34 Figure 4.22 TCP packet database................................................................................................................35 Figure 4.23 UDP packet database...............................................................................................................35 Figure 4.24 specific date database ..............................................................................................................36 Figure 4.25 specific date and MAC address ...............................................................................................36
  12. 12. xii Figure 4.26 non repeating dates of packets.................................................................................................37 Figure 4.27 VMs in shutdown condition ....................................................................................................38 Figure 4.28 VMs in running condition........................................................................................................38 Figure 4.29 host A logging .........................................................................................................................39 Figure 4.30 interface of host A ...................................................................................................................40 Figure 4.31 host B logging..........................................................................................................................40 Figure 4.32 interface of host B ...................................................................................................................41 Figure 4.33 POX terminal...........................................................................................................................42 Figure 4.34 OVS terminal...........................................................................................................................42 Figure 4.35 POX connected........................................................................................................................43 Figure 4.36 OVS connected........................................................................................................................43 Figure 4.37 message ping ...........................................................................................................................44 Figure 5.1 MAC address and destination IP in list .....................................................................................46 Figure 5.2 host A terminal ..........................................................................................................................47 Figure 5.3 MAC address in List and destination IP address not in List......................................................47 Figure 5.4 host A (Time finish) ..................................................................................................................48 Figure 5.5 all high flags ..............................................................................................................................49 Figure 5.6 firewall packet drop...................................................................................................................49 Figure 5.7 not all flags high ........................................................................................................................50 Figure 5.8 firewall packet transfer ..............................................................................................................50 Figure 5.9 before implementation of firewall .............................................................................................51 Figure 5.10 after implementation of firewall..............................................................................................52
  13. 13. xiii List of Tables Table 1: Tables, Fields and Relationships………………………………………………………………...11
  14. 14. 1 Chapter 1 Introduction
  15. 15. 2 In this world we are connected with each other and the way of communication is done by internet. Numbers of devices are connected to internet and these things are increasing day by day. In IOE (Internet of everything) it is said that by 2022 everything will be connected to internet. But there is a problem. A large amount of data transfers between these devices. Considering to this, Errors are frequent and hardware is too expensive. It is necessary to add new solutions to reduce the problem and open new way for communication. In this world on internet platform there is multiple approaches to reduce problems and SDN (Software defined networks) is one of them. Software-defined networking (SDN) is a new approach to designing, building, and managing networks that separate the network’s control (brains) and forwarding (muscle) planes to better optimize each. In our project we are using SDN to design network monitoring system along with firewall, access control and defined priority for packets. In this project we will be using 1. LINUX 2. KVM 3. POX 1.1.Overall Description 1.1.1 Objectives Purpose of this project is that it will help the administrator of organization to monitor the network in their organization. 1.1.2 Problem Description Problems we have faced while designing this project were numerous. Most problems we faced were of configuration. First we have installed Linux version 12.04 and we faced problems while configuring OVS. We tried multiple solutions but failed to configure OVS. Then we changed our Linux version to 14.04 LTS and again failed to configure OVS we tried multiple versions of OVS but failed. After weeks of effort we finally got right commands and exact version of OVS. Although source was Chinese so we have to translate it in order to understand it .After Configuring OVS the next step was to create Virtual Machines and establish a bridge between them. It took couple of days to find solution for that problem. The Next problem we faced was limitations in creating virtual machine as our systems were not capable of running more than 2 virtual machines we have to compromise on virtual machines. After Setup the next thing was to understand
  16. 16. 3 the whole structure of Networks and specifically SDN. It took us months to understand the structure of SDN. For this project we had learn Python and Mysql. 1.1.3 Product Scope Product scope of this product is that:  Administrator can monitor network.  Administrator can also allow and block access to specific address.  Firewall to protect network from infected packet.  Defined priority for packet. 1.1.4 Business Context Research and Development. 1.1.5 User Classes and Characteristics In this Product there will 1 main user. • Administrator Administrator who will control the network and database will create record with time. 1.1.6 Operating Environment The operating environment of this product is Linux. 1.1.7 Assumptions and Dependencies Our project is depending on POX .It is a openflow switch. With the help of POX controller will program the switches. If POX does not work or out of order it will effect on project. Project will stop working or I can say that if it is implement in any organization the network of that organization will get disturb. 1.2.External Interface Requirements 1.2.1 User Interfaces Interface between user and software in this product will be Linux. User will use Linux to control the product.
  17. 17. 4 1.2.2 Hardware Interfaces Interface between the hardware and software is openflow protocol .we will make a bridge on POX to connect switches and virtual machines. It will be use to interact with the hardware device (switches, server computer). 1.2.3 Software Interfaces Interface between creator and software in this product will be openflow protocol which will use for coding and controlling the product. 1.2.4 Safety Requirements There is no need of safety cautions or requirements. This project is safe because it cannot be linked with the health of human being. 1.2.5 Security Requirements According to security .The security level of this product is very low. So to maintain security of your product (admin server) you have to change password every week and use some other security software’s like firewall etc.
  18. 18. 5 Chapter 2 Literature review and Background
  19. 19. 6 2.1.History SDN is a software defined network.SDN is new structure of network, the most significant thing about which is that the data plane and the control plane happen to be apart from one another. The new model of network states that the switches happen to be the most simple and not so complicated active component of the system and of course not to mention that they focus only on 2 headers only (i.e. Layer 1 and Layer 2). Switches happen to be intelligent enough themselves that they are capable of upgrading their own forwarding table and transmission of traffic between different ports all by themselves. Whereas, a router is capable of storing routing tables in their memory, through which they forward traffic between multiple networks. 2.1.1. The Path OF SDN: Computer Networks are not only responsible for enhancing the programmable mechanism of a network, but also the controlling part. The history of SDN can be classified into three parts that are shown in the following picture. Figure 2.1 history of SDN Given in the figure above, it can be seen that the network programmability always plays a great part. The discussion started off in 1990 with The Active network, which went all the way over a decade. The separation of control and data plane took place from 2001 to 2007. Ever-since then, the making of link between data and control plane took place. From 2007 to 2010, the API of Open Flow and Operating System was the centre of attention.
  20. 20. 7 2.1.2. Active Networking With the beginning of 1990s, network did use to be a programmable one. The radical alternative choices were subjected to evaluation for the operations of interpretation for usual enormous quantity Internet with IP and ATM. 2.1.3. Split Up Of Control and Data Plane Before 2000s, there was an increasing traffic volume. They hold a strong influence on a network reliability and monotony. The procedure for applying traffic engineering for the control of router, on the basis of routing protocols, that lessens the hurdles of network operator. 2.2. What is SDN? As stated before, SDN is, on the whole, network architecture. Figure 2.2 SDN architecture Given the way it is defined, SDN happens to have two significant features, at first comes the separation of data plane from control plane and after which, comes the part where control plan is programmable, which proves that SDN is a new of organizing a network structure. Once the separation has been done, the control plane and data plane ports end up becoming nothing but forwarding elements. Based on instructions, packets are forwarded.
  21. 21. 8 SDN is something past the old techniques of managing network by open networking foundation. Figure 1 shows SDN design; which consists of many layers such as infrastructure layer, application layer as well as control layer. Starting with infrastructure layer, it consists of layer 2 switches. They are not capable of building up the forwarding table themselves. All of it comes down to the controller. Here, flow tables are installed to switches with the use of API. Once compared to general forwarding table packets, they can be restricted according to the information provided from layer 2 to 4. 2.2.1. Application Layer This particular layer is responsible for allowing SDN to permit business application for the instructions to be given from controller to pass the traffic between the networks. 2.2.2.Controller A controller is capable of passing traffic among convinced applications. Even though the decisions regarding switching are made on the basis of headers from the OSI multilayer model. The good thing is, it doesn’t even involve any complicated devices such were used in the past network structure. 2.2.3.Infrastructure Layer One of the most utilized protocols in SDN is Open Flow. It is used in many applications between the controller and the switch to setup flow table. SDN has a number of controllers, one of which happens to be referred to as NOX. It is the first software and is used in C++ format, for controlling the network and many other operations. 2.3 Related Works In pass few years lot of work done in network field of SDN.SDN is a flexible way of controlling/maintaining network by switches and POX/NOX controllers. Some of related works are following:
  22. 22. 9 1. Ethane is a early flow-based technology. It is use to show that when a restriction is apply in network before an identity is authenticated by a central controller, strong security can be apply in network. 2. Maestro shows how to resolve the performance problems of controller by a simple programming. 3. Beacon is Java based open source openflow controller. Beacon discovered new areas in openflow controller by making it friendly, high performance and have ability to run and stop at run time of the application. 2.3.1 Categorization of Existing Techniques/Works/Research In this we are comparing the existing works on SDN with our project.SDN can be use for multiple purposed. Now a day’s people are using SDN for quality of services and fire wall securities. But in our project we use SDN for network monitoring, access controller for better performance of network.
  23. 23. 10 Chapter 3 System Design
  24. 24. 11 3.1.Introduction In this chapter we will show the system design and architecture because this project is based on coding and no application is connected with it so we will just show architecture and database of the project that is use in it. Openflow Figure 3.1 basic architecture 3.1.1. Purpose The purpose of database using in this project is that to store the information of packets in it and if we want to know any user information like when he send that packet and what data is in it. So we use database for keeping record. 3.1.2. System overview System view of the product is that we design a programmable switch which is more flexible than normal switches. In this product an administrator of any organization can monitor the network. He will use Linux through which he will monitor the network. It’s LINUX POX OVS VM2 VM1
  25. 25. 12 also priority base network and firewall securities is used in it and one thing more it will provide QOS quality of service to you. Figure 3.2 system overview 3.1.3. Design Map Design map of this project is not very difficult to understand. In this project we are just taking out information from every coming packet like time ,date, IP address(source and destination),MAC address(source and destination),protocols(TCP,UDP,ICMP),packet size, port(source and destination) and store them into a data base.
  26. 26. 13 Figure 3.3 design map 3.2. Design Considerations The design considerations are as follow: 3.2.1 Assumptions This project has only one is user end and that one administrator end. Administrator end requires UPS in case of load shedding to provide 24 hours service to the clients. The user must have connected to the internet to use the system and know how to operate it. 3.2.2 Constraints The constraints are like the product is Linux based and can be run on only Linux. Another constraint is that application product is online so it requires internet connection to operate. 3.2.3 Systems environment The proposed product is going to replace all existing switch in network because it is more flexible then existing switches. This system is revolutionizing step in the world of network. System environment for that product can be home, organization, school, company or any place where a network is available. This product need only one admin to operate it on network and it can be any one. PACKET TIME DATE IP(S,D) MAC(S,D) PROTOCOL SIZE PORT DATABASE
  27. 27. 14 3.3. Architecture This system is made up of two levels. Figure shows the 3 levels of the system, first is administrator, second is Linux, with which administrator interacts, where all the database of the system is located. Figure 3.4 architecture 3.4. Database Schema 3.4.1.1 Tables, Fields and Relationships FIELD TYPE NULL KEY DEFAULT EXTRA Id int (3) NO PRI NULL Auto increment Date Char (10) YES NULL Time Varchar (16) YES NULL Source Mac Char (17) YES NULL Destination IP Char (16) YES NULL Destination Mac Char (17) YES NULL Source IP Char (16) YES NULL Protocol name Char (5) YES NULL Source port Char (5) YES NULL Destination port Char (5) YES NULL Packet size Char (4) YES NULL Table 1 Table, Fields and Relationships ADMINISTRATOR LINUX DATABASE SWITCH
  28. 28. 15 3.4.1.2 New Tables New tables can add latterly. The tables can only be added by the developer of that product and he will add new tables in database by doing programming in product. 3.4.1.3 New Fields(s) Developer can make new fields in the future if it requirement is needed. 3.4.1.4 Fields Change(s) Yes fields can be change or updated by developer. 3.4.2 Data Migration No data Migration is available. 3.4.3 Low Level Design Low level design shows you the inner process of product. It shows you the process of the product from start to the end. Following figure will show you all the working process step by step done by the product. Figure 3.5 low level design User sending packet Packet Date, Time Database Firewall Access control Priority list Data send IP(S, D) MAC (S, D) Protocol Size
  29. 29. 16 3.5. Summary In this chapter we discuss the system design and database of it. First of all we start it from system overview in which we discuss how it interact with user. After this then we discuss design map, architecture in which we shows you how it works. Then we discuss it database how we make it and how we design the database. Its tables, fields are also shown in figure.
  30. 30. 17 Chapter 4 Implementation and Methodology
  31. 31. 18 4.1. Methodology In this chapter we will show you step by step working of our project. 1. In first step we study about SDN what is software defined networking? And also get knowledge about Open flow protocol. 2. In second step we installed Linux. 3. In third step we installed OVS (open V-switch) using Linux. 4. We used egrep -c to check virtualization support 5. We installed KVM (kernel virtual machines) in Linux. 6. We installed virtual machine manager to manage virtual machine. It gives us graphical view to manage virtual machines. 7. We created 2 virtual machines with 1 GB ram and installed Ubuntu 12.04 in them 8. We created bridge between OVS and KVM to communicate with each other. 9. We installed pox controller to control OVS. 10. We installed nemesis traffic generator to generate different types of packet. 4.2. Openflow technology In openflow technology set of elements are provided to the network administrators. Set of elements are use to allow them to define flows. These elements have separate path to avoid current traffic. It shows path automatically to get through certain things like less latency, bandwidth and decreasing number of hops to reach the destination. Figure 4.1 openflow technology
  32. 32. 19 In normal switch devices and router devices control and data path are combined but openflow switches are different. The main work of openflow switch is to separate control and date path. By separating the control and data path it allow to take routing decisions by the controller. Openflow protocol connect switch with controller. It is use to define data packets for example sending packets and receiving packets from switch, stats, update forwarding table. When more than one openflow switch is used a openflow network is designed. Switches have built-in flow table in which flow entries are stored. According to these flow entries switch forward the packets. In these switches one or more controller is involved who can drop and add flow entries. 4.3. Openflow switch Openflow switch can be use as hardware based or software based switch. Normal switches are basically hardware based switches. In our project we are not using these normal switches basically we are using software based switches. For software based switches we need Linux/Ubunto version 14.04 operating system. After the installation of Ubuntu in machine we need to implement openflow version 2.04. There are three main part of openflow switch. 1. Flow table in switches which store flow entries and switch forward packets according to these flow entries. 2. Switch and controller communicate through a secure channel. 3. Openflow protocol allow controller to communicate with switch by which a controller can control these switches. Controller can add and drop flow entries from flow table. Figure 4.2 openflow switch
  33. 33. 20 4.4. POX Controller POX controller is basically a main element of openflow switch. POX controller is needed to manage these openflow switches. POX is a python based SDN control application. This used as openflow SDN controller. It becomes more common than NOX. NOX is actually java based control application. 4.5. Discussion This product is actually design to monitor the network easily by the administrator of any network. Actually it is done on programmable switch which is more flexible than normal switches which are uses in our companies, school, universities, institutes, home etc. In this administrator will use Linux to monitor the network with the help of database. Administrator will decide who will be select for high priority and who will be select for low priority. Then he will set access control and firewall securities. Many problems we faced during implementation. First of all our project is based on SDN (Software defined network).SDN is new platform in the fields of network. Future network will depend on it. So it is very difficult for us to get information about it and related works on it but we do researches and hard work to find information and get to know what is SDN and how we can use it in our project. After knowing about SDN we faced problems in installing Linux 14.04 LTS in our laptop. After resolve the Linux problem and successful install it in our laptop it start configuration problems with openflow switch (OVS).sometime it shows that you insert wrong command for OVS. To resolve that problem reinstall OVS in your device. When we resolve the problem between Linux and OVS. Then we get disturb by Virtual Machine (VM).whenever we make two hosts in VM it works properly but whenever we use more than two hosts it starts making disturbs and didn’t work. After this when we resolve these entire problems we faced problem in SQL database. We don’t know how to make SQL database and make tables and fields in database through coding in Python. 4.6. Development Methodologies We develop our product by combination of different modules. First of all we develop this product on Python platform using POX. In POX we take out fields from packet by Python. These are the following fields:  Date  Time  IP(S,D)  MAC(S,D)  Protocol(UDP,TCP,ICMP)  Size
  34. 34. 21  Port After this then we make a module Database by using Python. After making a database then we connect database with these fields which we take out from packet. Then we add access control module in it. Then we add module Firewall in it for security. At the end we add one more module it is priority modules. After all these we combine these modules to make our final product (Virtual Switch). Figure 4.3 development methodologies 4.7. Implementation Tools and Technologies For our product implementation we used few tools and technologies. For implementation of project we need specific tools and technologies through which can complete project. These are the following tools and technologies we used: Tools • Linux 14.04(operating system). • Python (POX). • SQL (Database). Technologies • PC (Device). • Switch (programmable switch). PACKET TIME DATE IP(S,D) MAC(S,D) PROTOCOL SIZE PORT DATABASE Access control Firewall Priority FINAL PRODUCT VIRTUAL SWITCH
  35. 35. 22 4.8. Installation of KVM (kernel virtual machine) In Linux we don’t need VMware or virtual box for creating virtual machines we can use kernel based virtual machines (KVM) creating virtual machines. Before installing KVM we need to check our system that it support virtualization or not by following command. egrep -c ‘(svm|vmx)’ /proc/cpuinfo 0 indicates that it doesn’t support virtualization and 1 and more indicates it does support virtualization For installing KVM and packages we use following command sudo apt-get install qemu-kvm libvirt-bin bridge-utils virt-manager for using kvm we will give permissions and add users who will acess to use kvm by following command sudo adduser name libvirtd We can use KVM directly by terminal but for graphical application we will install Virtual machine manager for managing KVM. For Virtual Machine Manager we will go Ubuntu software center and install it from there. For creating virtual machine we need to go dash and find VMM (virtual machine manager). Figure 4.4 VMM After opening VMM we will create virtual machine by clicking create new virtual machine button on the tool bar and select a method for it and install an operating system of your choice.
  36. 36. 23 Figure 4.5 new VM steps 1 You can install operating system from a disc, ISO image, or even a network location. We installed Linux 12.04 for our virtual machines
  37. 37. 24 Figure 4.6 step 2 After that you will allocate ram and storage to your KVM we have allocated 1GB RAM.
  38. 38. 25 Figure 4.7 step 3 After that there are some network settings it can be changed according to need. We used default settings for our project.
  39. 39. 26 Figure 4.8 final step After selection of installation method VMM will boot operating system .Install operating system as we install on physical machines.
  40. 40. 27 Figure 4.9 final installation Once installation is done the virtual machines manager will show list of virtual machines. Right click virtual machine and start running them Figure 4.10 VM in running condition
  41. 41. 28 4.9. Installation of OVS For open v switch the first think we have to check our kernel version this can be done by using following command. uname -r after getting your linux kernal version you will ovs version compatible with your kernal version . Figure 4.11 supporting version After determine your ovs version go the official website of ovs and download the specific package or you can download it by following command. Once you downloaded the package unzip it by the following command. tar -xzf openvswitch- 2.4.0. tar .gz once package is unzip we will open it by using following command. cd openvswitch- 2.4.0
  42. 42. 29 We will make our system ready for installation by using following command these commands will clean our system and will install ovs in the specified directory. aptitude install dh-autoreconf libssl-dev openssl . / configure --with-linux = / lib / modules / 'uname -r' / build For compiling and installation of ovs we used following commands make make install For install and loading the kernal we used following commands modprobe gre insmod datapath / linux / openvswitch.ko make modules_install modprobe openvswitch We will following command to initialize and configure ovs db if it carry out smoothly your ovs is successfully installed . 4.10. Configuration of OVS Commands for configuration of OVS in given in appendix B Figure 4.12 configuration of OVS 4.11. POX installation Commands for POX installation is given in appendix C.
  43. 43. 30 4.12. Implementation of My SQL MySQL is a database management system which is freely available. It is most famous language for the management of content in database. It is reliable, fast in processing and free to use. For installing MySQL database we will use following commands  sudo apt-get update  sudo apt-get install mysql-server Figure 4.13 asking for installation of mySQL After that it will asked permission for user to install. Once the permission is given it will install MySQL.
  44. 44. 31 Figure 4.14 mySQL installation starts After installing packages it will ask to set password Figure 4.15 password window Once password is set it will ask to repeat password after that installation is finished.
  45. 45. 32 Figure 4.16 repeat password Figure 4.17 mySQL installation is done After installing MySQL we will connect it with python by using python-MySQL connector sudo apt-get install python-mysqldb Commands for root MySQL and for different operations are given in appendix D.
  46. 46. 33 4.13. Further prospects of MySQL database It is the start of MySQL or we can say that interface of MySQL. Shown in figure below. Figure 4.18 interface of mySQL After this we will use command to show database Figure 4.19 show database
  47. 47. 34 After this we can see fields of database by inserting command Figure 4.20 database fields Figure 4.21 columns of different fields After this we can also see specific protocol packet in database table
  48. 48. 35 Figure 4.22 TCP packet database Figure 4.23 UDP packet database We can find packet information of any specific date in database
  49. 49. 36 Figure 4.24 specific date database We can also find packet information of specific date and MAC address Figure 4.25 specific date and MAC address We can also use distinct commands to get packet information of non repeating dates
  50. 50. 37 Figure 4.26 non repeating dates of packets 4.14. Startup of OVS and POX For OVS and POX startup first of all we have to run virtual machines like shown in figure below
  51. 51. 38 Figure 4.27 VMs in shutdown condition Figure 4.28 VMs in running condition
  52. 52. 39 After running virtual machines we will enter in these VMs to perform further tasks. Shown in figures below. Figure 4.29 host A logging
  53. 53. 40 Figure 4.30 interface of host A Figure 4.31 host B logging
  54. 54. 41 Figure 4.32 interface of host B After this we will open POX and OVS terminals to give commands to get connected. Shown in figures below.
  55. 55. 42 Figure 4.33 POX terminal Figure 4.34 OVS terminal
  56. 56. 43 Figure 4.35 POX connected Figure 4.36 OVS connected
  57. 57. 44 4.15. Message ping In this we ping an ICMP message from a host to check the POX controller. POX will show MAC address and IP address of both source and destination. As shown in figure below Figure 4.37 message ping
  58. 58. 45 Chapter 5 Testing
  59. 59. 46 5.1. Testing Techniques Employed for This Project Whenever we make any product or project first thing we do is that we take test of it. we pass it from few test according to its environment. We do testing because we want to know that this product can work in any kind of environment or not. It is not necessary that all product should be pass through all kind of tests. Some products are different and they work on environment. Few testing names are mentioned below:  Validation test  Verification test  System check test 5.2. Test Cases Actually we are now testing access control in which we give list of MAC address and destination IP address of adult or block site. Test cases we perform for our product are the following: Case 1: Mac Address and Destination IP in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address .we use Nemesis to generate packet it is packet generator tool. If the MAC address and destination IP address found in the list then packet will be drop and will not be forward to the destination. Figure 5.1 MAC address and destination IP in list
  60. 60. 47 After blocking the packet at switch these result will be shown on host A terminal Figure 5.2 host A terminal Case 2: Mac Address in List and Destination IP Address not in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address. If the MAC address exist and but no destination IP address found in the list then time check will apply on it. If the packet is send before time out it will be send to the destination but it the packet is send and time is finish packet will be drop and will not be forward to the destination. Figure 5.3 MAC address in List and destination IP address not in List
  61. 61. 48 Figure 5.4 host A (Time finish) Case 3: Mac Address Not in List and Destination IP Address Not in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address. If the MAC address and destination IP address both not found in the list then packet will be forward to the destination. Case 4: Firewall Packet Drop In this case we use firewall securities in network. If any packet containing virus it will be drop. How it works? Its work on flag when all the flags are achieve and all flags are high then that packet will be drop by the switch and it will not be send forward to the destination. Shown in figure.
  62. 62. 49 Figure 5.5 all high flags Figure 5.6 firewall packet drop
  63. 63. 50 Case 5: Firewall Packet Transfer In this case we use firewall securities in network. If any packet containing no virus it will be send forward. How it works? Its works on flag when the flags are achieved and all flags are not high then that packet will be forward by the switch and it will be send forward to the destination. Shown in figure. Figure 5.7 not all flags high Figure 5.8 firewall packet transfer
  64. 64. 51 5.3. Test Results Figure 5.9 before implementation of firewall Netstat –s of Host B receiver in which host received 36 packets. These stats are before implementation of firewall. Shown in figure.
  65. 65. 52 Figure 5.10 after implementation of firewall Netstat –s of Host B receiver in which host received 37 packets. These stats are after implementation of firewall. Shown in figure
  66. 66. 53 Chapter 6 Conclusions and Future Work
  67. 67. 54 6.1 Contributions In our project we worked on SDN by using openflow protocol. We use POX controller in which we do coding.POX controller is python based controller. In past years people used number of different controllers to improve working of network but we use POX controller to make secure communication between hosts. So we make a product which monitor the network. We use network monitoring algorithms. Through these algorithms POX controller will give instructions to the openflow switch which will control the hosts. First we will send packet of ICMP for checking the communication between hosts. Then using POX controller will we take out information of different fields from the packet and store these into a database tables. After this we will apply some access control algorithms in the flow table of openflow switch. In this flow table we will give two attributes Mac address of PCs and Destination IP address. These algorithms will work on these two attributes. If these two attributes are true then packet will be dropped and if any one attributes is false then packet will be send forward to the destination. Then we apply priority based algorithms. This algorithm works like we will store MAC address of those PCs whom we want to give priority in the openflow switch flow table. Then if any packet coming from these MAC address PC it will be detect by openflow switch and that packet will be send first and other packets will be dropped. Then we use security algorithms like firewall. This will work on flags if any packet caring all flags high it means that packet is caring virus and it will be blocked. If any packet having few flags then it means that packet is virus free and it will be send forward. 6.2 Future Work Large amount of work can be done in the field of software defined networking. SDN has no boundaries in the field of internet.SDN is a open way to do what you want to do with a network. Future works in the field of SDN are the following: 1. Congestion Control You can control the traffic of network according to your daily routine. For example in one second how many packets should pass through it and if the limit exceed drop the packet.
  68. 68. 55 2. Quality of Service Now a day, the Quality of Service (QoS) technology is a top priority task set by the OpenFlow Switching community. It will be great to develop an environment in which different flows have different Quos. 3. Bandwidth Optimization Now a day people take advantage of other internets for example employee of any company will take advantage of that company internet by downloading movies, music etc which will slow the internet of that company. So by bandwidth limitation every department of that company will get bandwidth according to the work load which will improve the network of that company.
  69. 69. 56 References [1] http://kimia.fi/papers/sdn.pdf [2] Nick feamster,jennifer rexford,ellen zequra “The road the SDN: An intellectual History of Programmable Networks”. [3] K. Calvert. Reflections on network architecture: An active networking perspective. ACM SIGCOMM Computer Communications Review, 36(2):27–30, 2006. [4] Wenfeng Xia, Yonggag Wen, "A Survey on Software-Defined Networking” IEEE COMMUNICATION SURVEYS & TUTORIALS, VOL. 17, NO. 1, FIRST QUARTER 2015 [5] “Software-defined networking: The new norm for networks,” Palo Alto, CA, USA, White Paper,Apr.2012.[Online].Available:https://www.opennetworking.org/images/stories/downloads/ white- papers/wp- sdn- newnorm.pdF [6] D. E. Comer. Internetworking with TCP/IP: Principles, protocols and architecture, volume 1. Pearson Prentice Hall, Upper Saddle River, NJ, fifth edition, 2005. [7] Open Networking Foundation. Software-defined net- working: The new norm for networks. ONF White Pa- per, 2012. [8] L. Yang, R. Dantu, T. Anderson, R. Gopal, “Forwarding and Control Element Separation (ForCES) Framework,” RFC 3746 (Informational), 2004. Available online: https://datatracker.ietf.org/doc/rfc3746/ (accessed on 22 July 2013). [9] http://bradhedlund.com/2011/04/21/data-center-scale-openflow-sdn/ [10] Ferguson, A. Guha, J. Place, R. Fonseca, and S. Krishnamurthi, “Participatory networking,” in Proc. Hot-ICE, San Jose, CA, USA, 2012, p. 2. [11] K. Jeong, J. Kim, and Y. Kim, “QoS-aware network operating system for software defined networking with generalized OpenFlows,” in Proc. IEEE NOMS, 2012, pp. 1167–1174. [12] N. Handigol, S. Seetharaman, M. Flajslik, R. Johari, and N. McKeown, “Aster∗ x: Load- balancing as a network primitive,” in Proc. 9th GENI Eng. Conf. (Plenary), 2010, pp. 1–2. [13] M. Ghobadi, S. Yeganeh, and Y. Ganjali, “Rethinking end-to-end con- gestion control in software-defined networks,” in Proc. 11th ACM Work- shop Hot Topics Netw., 2012, pp. 61–66 [14] A. Gember, P. Prabhu, Z. Ghadiyali, and A. Akella, “Toward software- defined middlebox networking,” in Proc. 11th ACM Workshop Hot Top- ics Netw., 2012, pp. 7–12.
  70. 70. 57 [15] R. Curtis, J. C. Mogul, J. Tourrilhes, P. Yalagan- dula, P. Sharma, and S. Banerjee. Devoflow: Scaling flow management for high-performance networks. In Proceedings of the ACM SIGCOMM 2011 Conference, SIGCOMM ’11, pages 254–265, New York, NY, USA, 2011. ACM [16] Ethane: Taking control of the enterprise, Martin Casado Michael J.Freedman Justin Pettit Jianying Luo Nick McKeown Scott Shenker. Web site: http://www.standford.edu/jpettit/papers/ethne-Sigcomm07.pdf [17]OpenFlow: Enabling Innovation in Campus Networks. Web site: http//standards.ieee.org/getieee802/. [18] http://www.projectfloodlight.org/floodlight/ [19] Amin Tootoonchian, Monia Ghobadi, and Yashar Ganjali. OpenTM: traffic matrix es- timator for OpenFlow networks. In Proceedings of the 11th international conference on Passive and active measurement, PAM’10, pages 201–210, Berlin, Heidelberg, 2010. Springer-Verlag. [20] Jeffrey R. Ballard, Ian Rae, and Aditya Akella. Extensible and scalable network moni- toring using OpenSAFE. In Proceedings of the 2010 internet network management con- ference on Research on enterprise networking, INM/WREN’10, pages 8–8, Berkeley, CA, USA, 2010. USENIX Association. [21] Curtis Yu, Cristian Lumezanu, Yueping Zhang, Vishal Singh, Guofei Jiang, and Har- sha V. Madhyastha. FlowSense: monitoring network utilization with zero measurement cost. In Proceedings of the 14th international conference on Passive and Active Measure- ment, PAM’13, pages 31–41, Berlin, Heidelberg, 2013. Springer-Verlag. [22] OpenFlow: Enabling Innovation in Campus Networks. Web site: http://www. openflowswitch.org//documents/openflow-wp-latest.pdf [23]OpenFlow Switch Specification v0.8.9. Brandon Heller (brandonh@stanford.edu).Website:http://www.openflowswitch.org/documents/openflow-spec- v0.8.9.pdf [24] Andrea Bianco "OpenFlow Switching Performance" Corso di Laurea in Telecommunication Engineering, luglio 2009 [25] https://users.ece.cmu.edu/~vsekar/teaching/fall14/18859/papers/procers.pdf [26] Nick McKeown, Tom Anderson, Hari Balakrishnan, Guru Parulkar, Larry Peterson, Jennifer Rexford, Scott Shenker, and Jonathan Turner. OpenFlow: enabling innovation in campus networks. SIGCOMM Comput. Commun. Rev., 38(2):69–74, March 2008.
  71. 71. 58 [27] http://networkstatic.net/installing-and-configuring-openvswitch-on-ubuntu-12-04-precise- pangolin/ [28]The Open Networking Foundation. OpenFlow Switch Specification v1.3.1URL:https://www.opennetworking.org/images/stories/downloads/specification/openflow- spec-v1.3.1.pdf. Online, September 2012. [29] http://networkstatic.net/pox-openflow-controller-installation-screencast/ [30] http://www.howtogeek.com/117635/how-to-install-kvm-and-create-virtual-machines-on- ubuntu [31] http://archive.openflow.org/documents/openflow-spec-v1.1.0.pdf [32] Kim, Hyojoon, and Nick Feamster. "Improving network management with software defined networking." Communications Magazine, IEEE51, no. 2 (2013): 114 119.
  72. 72. 59 Appendix A 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 1/20 Software Defined Networking for Monitoring Networks by Usman Imran, Faisal Mehmood Khan From Reports (Teachers CSD) Processed on 06Sep2016 10:29 PKT ID: 701587460 Word Count: 6382 Similarity Index 8% Internet Sources: 4% Publications: 2% Student Papers: 4% Similarity by Source 1 2 3 4 5 6 7
  73. 73. 60 Turnitin Originality Report sources: 2% match (student papers from 22Feb2016) Submitted to Higher Education Commission Pakistan on 20160222 1% match (Internet from 25May2016) http://digilib.teiemt.gr/jspui/bitstream/123456789/2727/1/022006x03x215.pdf 1% match (Internet from 11Apr2015) http://www.howtogeek.com/117635/howtoinstallkvmandcreatevirtualmachinesonubuntu/? showcomments=1 1% match (student papers from 14Jun2016) Submitted to Higher Education Commission Pakistan on 20160614 < 1% match (student papers from 24Mar2013) Submitted to University of Westminster on 20130324 < 1% match (student papers from 22Mar2016) Submitted to Higher Education Commission Pakistan on 20160322 < 1% match (Internet from 20Nov2013) 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 2/20 8 9 10 11 12 13
  74. 74. 61 14 15 16 http://www.cs.rice.edu/~eugeneng/papers/TR1011. pdf < 1% match (publications) Erickson, David. "The beacon openflow controller", Proceedings of the second ACM SIGCOMM workshop on Hot topics in software defined networking HotSDN 13, 2013. < 1% match (student papers from 27Apr2015) Submitted to Lovely Professional University on 20150427 < 1% match (Internet from 31Mar2010) http://gamestats.ittc.ku.edu/publications/documents/Allen2002_RSL%20TR%20186802. pdf < 1% match (Internet from 05May2014) http://mumble.sourceforge.net/Murmurguide < 1% match (Internet from 20May2016) http://dscholarship. pitt.edu/22144/5/Zargar_Thesis.pdf < 1% match (Internet from 24Jun2016) http://mdpi.com/19995903/ 8/2/24/htm < 1% match (Internet from 04Sep2014) http://essay.utwente.nl/64411/1/Luca_Valtulina_MSc_Report_final.pdf < 1% match (Internet from 08Sep2010)
  75. 75. 62 http://www.cyberessays.com/lists/literature/page270.html < 1% match (Internet from 12Jul2010) http://www.dcc.ufmg.br/pos/cursos/defesas/108D.PDF 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 3/20 17 18 19 20 21 22 23 24 25 < 1% match (Internet from 28Apr2016) http://oa.upm.es/37782/1/PFC_TAO_YUAN_2015.pdf < 1% match (Internet from 06Sep2014) http://www.thujinqing.cn/2014a/0123/21656.html < 1% match (Internet from 13Mar2016) http://mysql.veryoo.com/2013_12_01_archive.html < 1% match (Internet from 30Apr2015) http://sites.ieee.org/sdn4fns/files/2013/11/SDN4FNS13proceedings. pdf < 1% match (Internet from 24May2015)
  76. 76. 63 https://www.opennetworking.org/images/stories/downloads/sdnresources/ IEEEpapers/ evolutionofsdnandof. pdf < 1% match (Internet from 24May2016) http://docs.di.fc.ul.pt/bitstream/10451/16052/1/ulfc112569_tm_Gon%c3%a7alo_Semedo.pdf < 1% match (Internet from 25Nov2014) http://www.ece.gatech.edu/research/labs/bwn/projects/sdntecs/ SDNTEsurvey. pdf < 1% match (publications) "Software Defined Networking Concepts", Software Defined Mobile Networks (SDMN), 2015. < 1% match (publications) Shin, Seungwon, Vinod Yegneswaran, Phillip Porras, and Guofei Gu. "AVANTGUARD : scalable and vigilant switch flow management in softwaredefined networks", Proceedings of the 2013 ACM SIGSAC conference on Computer & communications security CCS 13, 2013. 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 4/20 26 27 < 1% match (publications)
  77. 77. 64 Qadir, Junaid, Nadeem Ahmed, and Nauman Ahad. "Building programmable wireless networks: an architectural survey", EURASIP Journal on Wireless Communications and Networking, 2014. < 1% match (publications) HyperV for VMware Administrators, 2015. paper text: Chapter 1 Introduction In this world we are connected with each other and the way of communication is done by internet. Numbers of devices are connected to internet and this thing is increasing day by day. In IOE (Internet of everything) they said that by 2022 everything will be connected to internet. But 19there is a problem. A large amount of data transfers between these devices. Considering to this, routing table become smaller for global routing. Errors are frequent and hardware acquires too expensive. It is necessary to add new solutions to reduce the problem and open new way for communication. In this world on internet platform there is one way to reduce problems and that one is SDN (Software defined networking). A useful definition of 13software defined networking is a new approach to design and manages the network using 17the separation of control plan and data plane to achieve the best optimization of each subject. In our project we are going to design a SDN monitoring network through which we will monitor the bandwidth of switches in a local area network. In the project we will use two things 1. POX 2. LINUX
  78. 78. 65 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 5/20 POX: POX controller is basically a main element of openflow switch. POX controller is needed to manage these openflow switches. POX is a python based SDN control application. This used as openflow SDN controller. It becomes more common than NOX. NOX is actually java based control application. LINUX: With the help of LINUX the administrator will give command to the switches in that network .what he wants to do. 1.1. Overall Description Objectives Purpose of this project is that it will help the administrator of organization to monitor the network in their organization. Problem Description Problems we have faced while designing this project were numerous. Most problems we faced were of configuration. First we have installed Linux version 12.04 and we faced problems while configuring OVS. We tried multiple solutions but failed to configure OVS. Then we changed our Linux version to 14.04 LTS and again failed to configure OVS we tried multiple version of OVS but failed. After weeks of effort we finally right commands and exact version of OVS. Although source was Chinese so we have to translate it in order to understand it .After Configuring OVS the next step was to create Virtual Machines and establish a bridge between them. It took couple of days to find solution for that problem. The Next problem we faced was limitations in creating virtual machine as our systems were not capable of running more than 2 virtual machines we have to compromise on virtual
  79. 79. 66 machines. After Setup the next thing was to understand the whole structure of Networks and specifically SDN. It took us months to understand the structure of SDN. For this project we had learn Python and Mysql. Product Scope Product Scope of this product is that: ? Administrator of organization can monitor his organization/department network. ? Administrator can also allow and block access to specific address. ? Firewall to protect network from infected packet. Business Context Organization specially Companies, Universities, Hospitals etc. User Classes and Characteristics In this Product there will 1 main user. • Administrator Administrator who will control the network and database will create record with time. Operating Environment The operating environment of this product is in organization where server and switches are in use. An administrator which will use server. On that server POX controller will be use to control the switches and through these switches network will be monitor. Assumptions and Dependencies Our project is depending on POX .It is a openflow switch. With the help of POX controller will program the switches. If POX does not work or out of order it will effect on project. Project will stop working or I can say that if it is implement in any organization the network of that organization will get disturb. 1.2. External Interface Requirements User Interfaces Interface between user and software in this product will be Linux. User will use linux to control the product. Hardware Interfaces Interface between the hardware and software is
  80. 80. 67 openflow protocol .we will make a bridge on POX to connect switches and virtual machines. It will be use to interact with the hardware device (switches, server computer). Software Interfaces Interface between creator and software in this product will be openflow protocol which will use for coding and controlling the product. Safety Requirements 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 6/20 6There is no need of safety cautions or requirements. This project is safe because it cannot be linked with the health of human being. Security Requirements According to security .The security level of this product is very low. So to maintain security of your product (admin server) you have to change password every week and use some other security software’s like firewall etc. 15Chapter 2 Literature review and Background 2.1. History SDN is a 21software defined network .SDN is new structure of network, the most significant thing about which is that 25the data plane and the control plane happen to be apart from one another. The new model of network states that the switches happen to be the most simple and not so complicated active component of the system and of course not to mention that they focus only on 2 headers only (i.e. Layer 1 and Layer 2). Switches happen to be intelligent enough
  81. 81. 68 themselves that they are capable of upgrading their own forwarding table and transmission of traffic between different ports all by themselves. Whereas, a router is capable of storing routing tables in their memory, through which they forward traffic between multiple networks. 2.1.1. The Path OF SDN: Computer Networks are not only responsible for enhancing the programmable mechanism of a network, but also the controlling part. The history of SDN can be classified into three parts that are shown in the following picture. Given in the figure above, it can be seen that the network programmability always plays a great part. The discussion started off in 1990 with The Active network, which went all the way over a decade. The separation of control 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 7/20 and data plane took place from 2001 to 2007. Eversince then, the making of link between data and control plane took place. From 2007 to 2010, the API of Open Flow and Operating System were the centre of attention. 2.1.2. Active Networking With the beginning of 1990s, network did use to be a programmable one. The radical alternative choices were subjected to evaluation for the operations of interpretation for usual enormous quantity Internet with IP and ATM. 2.1.3. Split Up Of Control and Data Plane Before 2000s, there was an increasing traffic volume. They hold a strong influence on a network reliability and monotony. The
  82. 82. 69 procedure for applying traffic engineering for the control of router, on the basis of routing protocols, that lessens the hurdles of network operator. 2.2. What is SDN? As stated before, SDN is, on the whole, network architecture. Figure 1 SDN architecture Given the way it is defined, SDN happens to have two significant features, at first comes 26the separation of data plane from control plane and after which, comes the part where control plan is programmable, which proves that 24SDN is a new of organizing a network structure. Once the separation has been done, the control plane and data plane ports end up becoming nothing but forwarding elements. Based on instructions, packets are forwarded. SDN is something past the old techniques of managing network by open networking foundation. Figure 1 shows SDN design; which consists of many layers such as infrastructure layer, application layer as well as control layer. Starting with infrastructure layer, it consists of layer 2 switches. They are not capable of building up the forwarding table themselves. All of it comes down to the controller. Here, flow tables are installed to switches with the use of API. Once compared to general forwarding table packets, they can be restricted according to the information provided from layer 2 to 4. 2.2.1. Application Layer This particular layer is responsible for allowing SDN to permit business application for the instructions to be given from controller to pass the traffic between the networks. 2.2.2. Controller A controller is capable of passing traffic among convinced applications. Even though the decisions
  83. 83. 70 regarding switching are made on the basis of headers from the OSI multilayer model. The good thing is, it doesn’t even involve any complicated devices such were used in the past network structure. 2.2.3. Infrastructure Layer One of the most utilized protocols in SDN is Open Flow. It is used in many applications between the controller and the switch to setup flow table. SDN has a number of controllers, one of which 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 8/20 happens to be referred to as NOX. It is the first software and is used in C++ format, for controlling the network and many other operations. 2.3 Related Works In pass few years lot of work done in network field of SDN.SDN is a flexible way of controlling/maintaining network by switches and POX/NOX controllers. Some of related works are following: 1. Ethane is a early flowbased technology. It is use to show that when a restriction is apply in 7network before an identity is authenticated by a central controller, strong security can be apply in network. 2. Maestro shows how to resolve the performance problems of controller by a simple programming. 3. 8Beacon is Java based open source openflow controller. Beacon discovered new areas in openflow controller by making it 8friendly, high performance and have ability to run and stop at run time of the application. 2.3.1 Categorization of Existing Techniques/Works/Research In this we are
  84. 84. 71 comparing the existing works on SDN with our project.SDN can be use for multiple purposed. Now a day’s people are using SDN for quality of services and fire wall securities. But in our project we use SDN for network monitoring, parental controller for better performance of network. 2.2. Summary In this project we will monitor the network. By monitoring the networking we will take out information from packet like time ,date, 5IP address(source and destination),MAC address(source and destination),protocols(TCP,UDP,ICMP), 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 9/20 packet size, port(source and destination).Then we will make database of network monitoring and store packet information in database with respect to different fields. After this then we will use parental controller. Using parental controller, we can manage the network efficiently. 10Chapter 3 System Design 3.1. Introduction In this chapter we will show the system design and architecture because this project is based on coding and no application is connected with it so we will just show architecture and database of the project that is use in it. 3.1.1. Purpose The purpose of database using in this project is that to store the information of packets in it and if we want to know any user information like when he send that packet and what data is in it. So we use database for keeping record.
  85. 85. 72 3.1.2. System overview System view of the product is that we design a programmable switch which is more flexible than normal switches. In this product a administrator of any organization can monitor the network. He will use Linux through which he will monitor the network. It’s also priority base network and firewall securities is used in it and one thing more it will provide QOS quality of service to you. Figure 2 system overview 3.1.3. Design Map Design map of this project is not very difficult to understand. In this project we are just taking out information from every coming packet like time ,date, 5IP address(source and destination),MAC address(source and destination),protocols(TCP,UDP,ICMP), packet size, port(source and destination) and store them into a data base. PACKET TIME DATE IP(S,D) MAC(S,D) PROTOCOL SIZE PORT DATABASE Figure 3 4Design map 3.2. Design Considerations The design considerations are as follow: Assumptions This project has only one is user end and that one administrator end. 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 10/20 1Administrator end requires UPS in case of load shedding to provide 24 hours service to the clients. The 1user must have connected to the internet to use the system and know how to operate it.
  86. 86. 73 1Constraints The constraints are like the product is Linux based and can be run on only Linux. Another constraint is that application product is online so it requires internet connection to operate. Systems environment The proposed product is going to replace all existing switch in network because it is more flexible then existing switches. This system is revolutionizing step in the world of network. System environment for that product can be home, organization, school, company or any place where a network is available. This product need only one admin to operate it on network and it can be any one. 43.3. Architecture This system is made up of two levels. Figure shows the 3 levels of the system, first is administrator, second is Linux, with which administrator interacts, where all the database of the system is located. ADMINISTRATOR LINUX SWITCH DATABASE Figure 4 Architecture 3.4. Database Schema Tables, Fields and Relationships 2FIELD TYPE NULL KEY DEFAULT EXTRA Id int (3) NO PRI NULL Auto increment Date Char (10) YES NULL Time Varchar (16) YES NULL Source Mac 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 11/20 Char (17) YES NULL Destination IP Char (16) YES NULL Destination Mac Char (17) YES NULL Source IP Char (16) YES NULL Protocol name Char (5) YES NULL Source port 2Char (5) YES NULL Destination port Char (5) YES NULL Packet size Char (4) YES NULL Table 1 Table, Fields and Relationships 3.4.1.2 New Tables New tables can add latterly. The tables can only
  87. 87. 74 be added by the developer of that product and he will add new tables in database by doing programming in product. 3.4.1.3 1New Fields(s) Developer can make new fields in the future if it requirement is needed. 3.4.1.4 1Fields Change(s) Yes fields can be change or updated by developer. 3.4. 2 Data Migration No data Migration is available. 1Low Level Design Low level design shows you the inner process of product. It shows you the process of the product from start to the end. Following figure will show you all the working process step by step done by the product. Packet DATE,TIME IP(S,D) MAC (S,D) Protocol User sending Size data/packet Firewall Data send Database Parental control Priority list Figure 5 Low level design 1.1. 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 12/20 12Summary In this chapter we discuss the system design and database of it. First of all we start it from system overview in which we discuss how it interact with user. After this then we discuss design map, architecture in which we shows you how it works. Then we discuss it database how we make it and how we design the database. Its tables, fields are also shown in figure. Chapter 4 Implementation and
  88. 88. 75 Methodology 4.1. Methodology In this chapter we will show you step by step working of our project. 1. In first step we study about SDN what is software defined networking? And also get knowledge about Open flow protocol. 2. In second step we installed Linux. 3. In third step we installed OVS (open Vswitch) using Linux. 4. We used egrep c to check virtualization support 5. We installed KVM (kernel virtual machines) in Linux. 6. We installed virtual machine manager to manage virtual machine. It gives us graphical view to manage virtual machines. 7. We created 2 virtual machines with 1 GB ram and installed Ubuntu 12.04 in them 8. We created bridge between OVS and KVM to communicate with each other. 9. We installed pox controller to control OVS. 10. We installed nemesis traffic generator to generate different types of packet. 4.2. Openflow technology In openflow technology set of elements are provided to the network administrators. Set of elements are use to allow them to define flows. These elements have separate path to avoid current traffic. It shows path automatically to get through certain things like less latency, bandwidth and decreasing number of hops to reach the destination. Figure 6 Openflow technology In normal switch devices and router devices control and data path are combined but openflow switches are different. The main work of openflow switch is to separate control and date path. By separating the control and data path it allow to take routing decisions by the controller. Openflow protocol connect switch with controller. It is use to define data packets for
  89. 89. 76 example sending packets and receiving packets from switch, stats, update forwarding table. When more than one openflow switch is used a openflow network is designed. Switches have builtin flow table in which flow entries are stored. According to these flow entries switch forward the packets. In these switches one or more controller is involved who can drop and add flow entries. 4.3. Openflow switch Openflow switch can be use as hardware based or software based switch. Normal switches are basically hardware based switches. In our project we are not using these normal switches basically we are using software based switches. For software based switches we need Linux/Ubunto version 14.04 operating system. After the installation of Ubuntu in machine we need to implement openflow version 2.04. There are three main part of openflow switch. 1. Flow table in switches which store flow entries and switch forward packets according to these flow entries. 2. 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 13/20 20Switch and controller communicate through a secure channel. 3. Openflow protocol allow controller to communicate with switch by which a controller can control these switches. Controller can add and drop flow entries from flow table. Figure 7 Openflow switch 4.4. POX Controller POX controller is basically a main element of openflow switch. POX controller is needed to manage these
  90. 90. 77 openflow switches. POX is a python based SDN control application. This used as openflow SDN controller. It becomes more common than NOX. NOX is actually java based control application. 4.5. Discussion This product is actually design to monitor the network easily by the administrator of any network. Actually it is done on programmable switch which is more flexible than normal switches which are uses in our companies, school, universities, institutes, home etc. In this administrator will use Linux to monitor the network with the help of database. Administrator will decide who will be select for high priority and who will be select for low priority. Then he will set parental control and firewall securities. Many problems we faced during implementation. First of all our project is based on SDN 22(Software defined network ).SDN is new platform in the fields of network. Future network will depend on it. So it is very difficult for us to get information about it and related works on it but we do researches and hard work to find information and get to know what is SDN and how we can use it in our project. After knowing about SDN we faced problems in installing Linux 14.04 LTS in our laptop. After resolve the Linux problem and successful install it in our laptop it start configuration problems with openflow switch (OVS).sometime it shows that you insert wrong command for OVS. To resolve that problem reinstall OVS in your device. When we resolve the problem between Linux and OVS.Then we get disturb by Virtual Machine (VM).whenever we make two host in VM it works properly but whenever we use
  91. 91. 78 more than two hosts it starts making disturbs and didn’t work. After this when we resolve these entire problems we faced problem in SQL database. We don’t know how to make SQL database and make tables and fields in database through coding in Python. 4.6. Development Methodologies We develop our product by combination of different modules. First of all we develop this product on Python platform using POX. In POX we take out fields from packet by Python. These are the following fields: ? Date ? Time ? IP(S,D) ? MAC(S,D) ? Protocol(UDP,TCP,ICMP) ? Size ? Port After this then we make a module Database by using Python. After making a database then we connect database with these fields which we take out from packet. Then we add parental control module in it. Then we add module Firewall in it for security. At the end we add 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 14/20 one more module it is priority modules. After all these we combine these modules to make our final product (Virtual Switch). TIME PACKET DATE IP(S,D) MAC(S,D) PROTOCOL SIZE PORT DATABASE Parental control Priority Firewall FINAL PRODUCT VIRTUAL SWITCH Figure 8 Development Methodologies 4.7. Implementation Tools and Technologies For our product implementation we used few tools and technologies. For implementation of project we need specific tools and technologies through which can complete project. These are the following tools and technologies we used: Tools • Linux 14.04(operating
  92. 92. 79 system). • Python (POX). • SQL (Database). Technologies • PC (Device). • Switch (programmable switch). 4.8. Installation of KVM (kernel virtual machine) In Linux we don’t need VMware or virtual box for creating virtual machines we can use kernel based virtual machines (KVM) creating virtual machines. Before installing KVM we need to check our system that it support virtualization or not by 3following command. egrep c ‘(svm|vmx)’ /proc/cpuinfo 0 indicates that it doesn’t support virtualization and 1 and more indicates it does support virtualization For installing KVM and packages we use following 9command sudo aptget install qemukvm libvirtbin bridgeutils virtmanager for using kvm we will give permissions and add users who will acess to use kvm by following command sudo adduser name libvirtd We can use KVM directly by terminal but for graphical application we will install 27Virtual machine manager for managing KVM. For Virtual Machine Manager we will go Ubuntu software center and install it from there. For creating virtual machine we need to go dash and find VMM (virtual machine manager). Figure 9 VMM After opening VMM we will create virtual machine by clicking 3create new virtual machine button on the tool bar and
  93. 93. 80 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 15/20 select a method for it and install an operating system of your choice. Figure 10 new VM step 1 3You can install operating system from a disc, ISO image, or even a network location. We installed Linux 12.04 for our virtual machines Figure 11 step 2 After that you will allocate ram and storage to your kvm we have allocated 1GB RAM. Figure 12 step 3 After that there are some network settings it can be changed according to need. We used default settings for our project. Figure 13 final step After selection of installation method VMM will boot operating system .Install operating system as we install on physical machines. Figure 14 final installation Once installation is done the virtual machines manager will show list of virtual machines. Right click virtual machine and start running them Figure 15 VM in running condition 4.9. Installation of OVS For open v switch the first think we have to check our kernel version this can be done by using following command. uname r after getting your linux kernal version you will ovs version compatible with your kernal version . Figure 16 supporting version After determine your ovs version go the official website of ovs and download the specific package or you can download it by following command. Once you downloaded the package unzip it by the following command. tar xzf openvswitch2.4.0. tar .gz once package is unzip we will open it by using following command. cd openvswitch2.4.0
  94. 94. 81 We will make our system ready for installation by using following command these commands will clean our system and will install ovs in the specified directory. aptitude install dhautoreconf libssldev openssl . / 18configure withlinux = / lib / modules / 'uname r' / build For compiling and installation of ovs we used following commands make make install For install and loading the kernal we used following commands modprobe gre insmod datapath / linux / openvswitch.ko make modules_install modprobe openvswitch We will following command to initialize and configure ovs db if it carry out smoothly your ovs is successfully installed . 4.10. Configuration of OVS Commands for configuration of OVS in given in appendix B Figure 17 configuration of OVS 4.11. POX installation Commands for POX installation is given in appendix C. 4.12. Implementation of My SQL MySQL is a database management system which is freely available. It is most famous language for the management of 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 16/20 content in database. It is reliable, fast in processing and free to use. For installing MySQL database we will use
  95. 95. 82 11following commands ? sudo aptget update ? sudo aptget install mysql server Figure 18 asking for installation of MySQL After that it will asked permission for user to install. Once the permission is given it will install MySQL. Figure 19 MySQL installation starts After installing packages it will ask to set password Figure 20 password window Once password is set it will ask to repeat password after that installation is finished. Figure 21 repeat password Figure 22 MySQL installation is done After installing MySQL we will connect it with python by using pythonMySQL connector sudo aptget install pythonmysqldb Commands for root MySQL and for different operations are given in appendix D. 4.13. Further prospects of MySQL database It is the start of MySQL or we can say that interface of MySQL. Shown in figure below. Figure 23 interface of MySQL After this we will use command to show database Figure 24 show database After this we can see fields of database by inserting command Figure 25 database fields Figure 26 column of different fields After this we can also see specific protocol packet in database table Figure 27 TCP packet database Figure 28 UDP packet database We can find packet information of any specific date in database Figure 29 specific date database We can also find packet information of specific date and MAC address Figure 30 specific date and MAC address We can also use distinct commands to get
  96. 96. 83 packet information of non repeating dates Figure 31 non repeating dates of packets 4.14. Startup of OVS and POX For OVS and POX startup first of all we have to run virtual machines like shown in figure below Figure 32 VMs in shutdown condition Figure 33 VMs in running condition After running virtual machines we will enter in these VMs to perform further tasks. Shown in figures below. Figure 34 Host A logging Figure 35 interface of host A Figure 36 Host B logging Figure 37 interface of host B After this we will open POX and OVS terminals to give commands to get connected. Shown in figures below. Figure 38 POX terminal Figure 39 OVS terminal Figure 40 POX connected Figure 41 OVS connected 4.15. Message ping In this we ping an ICMP message from a host to check the POX controller. POX will show MAC address and IP address of both source and destination. As shown in figure below Figure 42 Message ping Chapter 5 Testing 5.1. Testing Techniques Employed for This Project Whenever we make any product or project first thing we do is that we take test of it. we pass it from few test according to its environment. We do testing because we want to know that this product can work in any kind of environment or not. It is not necessary that all product should be pass through all kind of tests. Some products are different and they work on environment. Few 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 17/20 testing names are mentioned below: ? Validation test ? Verification test ? System check test 5.2. Test Cases
  97. 97. 84 Actually we are now testing parental control in which we give list of MAC address and destination IP address of adult or block site. Test cases we perform for our product are the following: Case 1: Mac Address and Destination IP in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address .we use Nemesis to generate packet it is packet generator tool. If the MAC address and destination IP address found in the list then packet will be drop and will not be forward to the destination. Figure 43 MAC ADDRESS AND DESTINATION IP IN LIST After blocking the packet at switch these result will be shown on host A terminal Figure 44 Host A terminal Case 2: Mac Address in List and Destination IP Address not in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address. If the MAC address exist and but no destination IP address found in the list then time check will apply on it. If the packet is send before time out it will be send to the destination but it the packet is send and time is finish packet will be drop and will not be forward to the destination. Figure 45 MAC ADDRESS IS IN LIST AND DESTINATION IP ADDRESS IS NOT IN LIST Figure 46 HOST A (TIME FINISH) Case 3: Mac Address Not in List and Destination IP Address Not in List In this case when a packet is send to a switch. Switch checks the packet its MAC and destination IP address. If the MAC address and 14destination IP address both not found in the list then packet will be
  98. 98. 85 forward to the destination. Case 4: Firewall Packet Drop In this case we use firewall securities in network. If any packet containing virus it will be drop. How it works? Its work on flag when all the flags are achieve and all flags are high then that packet will be drop by the switch and it will not be send forward to the destination. Shown in figure. Figure 47 All high flags Figure 48 Firewall packet drop Case 4: Firewall Packet Transfer In this case we use firewall securities in network. If any packet containing no virus it will be send forward. How it works? Its works on flag when the flags are achieved and all flags are not high then that packet will be forward by the switch and it will be send forward to the destination. Shown in figure. Figure 49 Not all flags high Figure 50 Firewall packet transfer 5.3. Test Results Figure 51 before implementation of firewall Netstat –s of Host B receiver in which host received 36 packets. These stats are before implementation of firewall. Shown in figure. Figure 52 after implementation of firewall Netstat –s of Host B receiver in which host received 37 packets. These stats are after implementation of firewall. Shown in figure Case 5: Data base 16Chapter 6 Conclusions and Future Work 6.1 Contributions 18/10/2016 Turnitin Originality Report https://turnitin.com/newreport_printview.asp?eq=0&eb=1&esm=0&oid=701587460&sid=0&n= 0&m=0&svr=09&r=51.03559165351194&lang=en_us 18/20 In our project we worked on SDN by using openflow protocol. We use POX controller in which we do coding.POX controller is python based controller. In past years people used number of different controllers

×