Ask is moving to Stack Overflow and Serverfault.com! Please use the "opendaylight" tag on either of these sites. This site is now in Read-Only mode

Revision history [back]

Hi Sanket,

Add a bridge and set it to use SSL connection:

sudo ovs-vsctl add-br br0
sudo ovs-vsctl set-controller br0 ssl:10.0.1.6:6633 

Use this script to create your topology and set up your switch to use SSL connection:
#!/usr/bin/python
from mininet.net import Mininet
from mininet.node import Controller, RemoteController
from mininet.cli import CLI
from mininet.log import setLogLevel, info

def emptyNet():
    net = Mininet(controller=None)
    net.addController( 'c0', controller=RemoteController, ip='YOUR_CONTROLLER_IP', port=6633)
    h1 = net.addHost( 'h1' )
    h2 = net.addHost( 'h2' )
    s1 = net.addSwitch( 's1' )
    net.addLink( h1, s1 )
    net.addLink( h2, s1 )

    net.start()
    s1.cmd('ovs-vsctl set-controller s1 ssl:YOUR_CONTROLLER_IP:6633')

    CLI( net )
    net.stop()

if __name__ == '__main__':
    setLogLevel( 'info' )
    emptyNet()

Hi Sanket,

Add a bridge and set it to use SSL connection:

sudo ovs-vsctl add-br br0
sudo ovs-vsctl set-controller br0 ssl:10.0.1.6:6633 

Use this script to create your topology and set up your switch to use SSL connection:
#!/usr/bin/python
from mininet.net import Mininet
from mininet.node import Controller, RemoteController
from mininet.cli import CLI
from mininet.log import setLogLevel, info

def emptyNet():
    net = Mininet(controller=None)
    net.addController( 'c0', controller=RemoteController, ip='YOUR_CONTROLLER_IP', port=6633)
    h1 = net.addHost( 'h1' )
    h2 = net.addHost( 'h2' )
    s1 = net.addSwitch( 's1' )
    net.addLink( h1, s1 )
    net.addLink( h2, s1 )

    net.start()
    s1.cmd('ovs-vsctl set-controller s1 ssl:YOUR_CONTROLLER_IP:6633')

    CLI( net )
    net.stop()

if __name__ == '__main__':
    setLogLevel( 'info' )
    emptyNet()

To use TLS/SSL connections, modify the "42-openflowplugin.xml" or "42-openflowplugin-new.xml" file (depending on your version) from: ../openflowplugin/openflowplugin-controller-config/src/main/resources/initial

 
# add the <tls> blocks as shown to each of the existing OF-switch-connection-provider modules

        
        <module>
          <type xmlns:prefix="urn:opendaylight:params:xml:ns:yang:openflow:switch:connection:provider:impl">prefix:openflow-switch-connection-provider-impl</type>
          <name>openflow-switch-connection-provider-default-impl</name>
          <port>6633</port>
          <switch-idle-timeout>15000</switch-idle-timeout>
          <transport-protocol>TLS</transport-protocol>
          <tls>
            <keystore>configuration/ssl/ctl.jks</keystore>
            <keystore-type>JKS</keystore-type>
            <keystore-path-type>PATH</keystore-path-type>
            <keystore-password>opendaylight</keystore-password>
            <truststore>configuration/ssl/truststore.jks</truststore>
            <truststore-type>JKS</truststore-type>
            <truststore-path-type>PATH</truststore-path-type>
            <truststore-password>opendaylight</truststore-password>
            <certificate-password>opendaylight</certificate-password>
          </tls>

        </module>
        
        <module>
          <type xmlns:prefix="urn:opendaylight:params:xml:ns:yang:openflow:switch:connection:provider:impl">prefix:openflow-switch-connection-provider-impl</type>
          <name>openflow-switch-connection-provider-legacy-impl</name>
          <port>6653</port>
          <switch-idle-timeout>15000</switch-idle-timeout>
          <transport-protocol>TLS</transport-protocol>
          <tls>
            <keystore>configuration/ssl/ctl.jks</keystore>
            <keystore-type>JKS</keystore-type>
            <keystore-path-type>PATH</keystore-path-type>
            <keystore-password>opendaylight</keystore-password>
            <truststore>configuration/ssl/truststore.jks</truststore>
            <truststore-type>JKS</truststore-type>
            <truststore-path-type>PATH</truststore-path-type>
            <truststore-password>opendaylight</truststore-password>
            <certificate-password>opendaylight</certificate-password>
          </tls>

        </module>