#!/usr/bin/python from mininet.cli import CLI from mininet.log import setLogLevel from mininet.net import Mininet from mininet.topo import Topo from mininet.link import TCLink, Intf from mininet.node import OVSController, Host, Node class MyTopo(Topo): def build(self): ### PARTE 1 ### # Create pool servers in branch 1 server11 = self.addHost('server11', ip='10.0.1.1/16', mac='00:00:00:00:00:11') server12 = self.addHost('server12', ip='10.0.1.2/16', mac='00:00:00:00:00:12') server13 = self.addHost('server13', ip='10.0.1.3/16', mac='00:00:00:00:00:13') server14 = self.addHost('server14', ip='10.0.1.4/16', mac='00:00:00:00:00:14') server15 = self.addHost('server15', ip='10.0.1.5/16', mac='00:00:00:00:00:15') # Create pool servers in branch 2 server21 = self.addHost('server21', ip='10.0.2.1/16', mac='00:00:00:00:00:21') server22 = self.addHost('server22', ip='10.0.2.2/16', mac='00:00:00:00:00:22') server23 = self.addHost('server23', ip='10.0.2.3/16', mac='00:00:00:00:00:23') server24 = self.addHost('server24', ip='10.0.2.4/16', mac='00:00:00:00:00:24') server25 = self.addHost('server25', ip='10.0.2.5/16', mac='00:00:00:00:00:25') # Create pool servers in branch 1 server31 = self.addHost('server31', ip='10.0.3.1/16', mac='00:00:00:00:00:31') server32 = self.addHost('server32', ip='10.0.3.2/16', mac='00:00:00:00:00:32') server33 = self.addHost('server33', ip='10.0.3.3/16', mac='00:00:00:00:00:33') server34 = self.addHost('server34', ip='10.0.3.4/16', mac='00:00:00:00:00:34') server35 = self.addHost('server35', ip='10.0.3.5/16', mac='00:00:00:00:00:35') # Create branches branch4 = self.addHost('branch4', ip='10.0.4.1/16', mac='00:00:00:00:00:40') cloud = self.addHost('cloud', ip='10.0.5.1/16', mac='00:00:00:00:00:50') # Create user user = self.addHost('user', ip='10.0.10.1/16', mac='00:00:00:00:00:ff') # Create load balancers lb1 = self.addHost('lb1', ip='10.0.0.1/16', mac='00:00:00:00:00:01') lb2 = self.addHost('lb2', ip='10.0.0.2/16', mac='00:00:00:00:00:02') lb3 = self.addHost('lb3', ip='10.0.0.3/16', mac='00:00:00:00:00:03') # Create switches for load balancers sb1 = self.addSwitch('sb1') sb2 = self.addSwitch('sb2') sb3 = self.addSwitch('sb3') # Create firewalls L2, L3, L4 ngfw1 = self.addSwitch('ngfw1') fw2 = self.addSwitch('fw2') fw4 = self.addSwitch('fw4') # Create switch s1 and s2 s1 = self.addSwitch('s1') s2 = self.addSwitch('s2') ### PARTE 2 ### # Connect servers in branch 1 to SD-WAN # -- servers connected to ngfw1 firewall # -- firewall ngfw1 to sb1 self.addLink(server11, ngfw1, bw=1000, delay='1ms') self.addLink(server12, ngfw1, bw=1000, delay='1ms') self.addLink(server13, ngfw1, bw=1000, delay='1ms') self.addLink(server14, ngfw1, bw=1000, delay='1ms') self.addLink(server15, ngfw1, bw=1000, delay='1ms') self.addLink(ngfw1, sb1, bw=1000, delay='1ms') # Connect servers in branch 2 to SD-WAN # -- servers connected to firewall fw2 # -- firewall fw2 to sb2 self.addLink(server21, fw2, bw=1000, delay='1ms') self.addLink(server22, fw2, bw=1000, delay='1ms') self.addLink(server23, fw2, bw=1000, delay='1ms') self.addLink(server24, fw2, bw=1000, delay='1ms') self.addLink(server25, fw2, bw=1000, delay='1ms') self.addLink(fw2, sb2, bw=1000, delay='1ms') # Connect servers in branch 3 to SD-WAN # -- servers connected to sb3 self.addLink(server31, sb3, bw=1000, delay='1ms') self.addLink(server32, sb3, bw=1000, delay='1ms') self.addLink(server33, sb3, bw=1000, delay='1ms') self.addLink(server34, sb3, bw=1000, delay='1ms') self.addLink(server35, sb3, bw=1000, delay='1ms') # Connect branch 4 to SDWAN # -- branch4 server connected to firewall fw4 self.addLink(branch4, fw4, bw=1000, delay='1ms') # Connect cloud branch to s1 (only forwarding traffic) self.addLink(cloud, s1, bw=1000, delay='1ms') # Connect user to switch s2 self.addLink(user, s2, bw=1000, delay='1ms') # Connect SD-WAN components self.addLink(s1, sb1, bw=1000, delay='1ms') self.addLink(s1, sb2, bw=1000, delay='1ms') self.addLink(s1, sb3, bw=1000, delay='1ms') self.addLink(s1, lb1, bw=1000, delay='1ms') self.addLink(s1, lb2, bw=1000, delay='1ms') self.addLink(s1, lb3, bw=1000, delay='1ms') self.addLink(s1, fw4, bw=1000, delay='1ms') # Connect user to SD-WAN s1 switch self.addLink(s2, s1, bw=1000, delay='1ms') if __name__ == '__main__': ### PARTE 3 ### setLogLevel('info') topo = MyTopo() net = Mininet(topo=topo, link=TCLink, controller = OVSController) net.start() # Deploy load balancing algorithms in load balancers (lb1, lb2, lb3) lb1 = net.get('lb1') lb1.cmd('python3 lb.py &') lb2 = net.get('lb2') lb2.cmd('python3 lb_round_robin.py &') lb3 = net.get('lb3') lb3.cmd('python3 lb_weighted_round_robin.py &') # Run https service in servers server11 = net.get('server11') server11.cmd('python3 https_server.py &') server12 = net.get('server12') server12.cmd('python3 https_server.py &') server13 = net.get('server13') server13.cmd('python3 https_server.py &') server14 = net.get('server14') server14.cmd('python3 https_server.py &') server15 = net.get('server15') server15.cmd('python3 https_server.py &') server21 = net.get('server21') server21.cmd('python3 https_server.py &') server22 = net.get('server22') server22.cmd('python3 https_server.py &') server23 = net.get('server23') server23.cmd('python3 https_server.py &') server24 = net.get('server24') server24.cmd('python3 https_server.py &') server25 = net.get('server25') server25.cmd('python3 https_server.py &') server31 = net.get('server31') server31.cmd('python3 https_server.py &') server32 = net.get('server32') server32.cmd('python3 https_server.py &') server33 = net.get('server33') server33.cmd('python3 https_server.py &') server34 = net.get('server34') server34.cmd('python3 https_server.py &') server35 = net.get('server35') server35.cmd('python3 https_server.py &') branch4 = net.get('branch4') branch4.cmd('python3 https_server.py &') cloud = net.get('cloud') cloud.cmd('python3 https_server.py &') # Configurating VLAN interfaces # VLAN 100 server11.cmd('sudo ip link add link server11-eth0 name eth0.100 type vlan id 100') server11.cmd('sudo ip link set eth0.100 up') server11.cmd('sudo ip addr add 192.168.0.11/24 dev eth0.100') server31.cmd('sudo ip link add link server31-eth0 name eth0.100 type vlan id 100') server31.cmd('sudo ip link set eth0.100 up') server31.cmd('sudo ip addr add 192.168.0.31/24 dev eth0.100') # VLAN 200 server32.cmd('sudo ip link add link server32-eth0 name eth0.200 type vlan id 200') server32.cmd('sudo ip link set eth0.200 up') server32.cmd('sudo ip addr add 192.168.0.32/24 dev eth0.200') server21.cmd('sudo ip link add link server21-eth0 name eth0.200 type vlan id 200') server21.cmd('sudo ip link set eth0.200 up') server21.cmd('sudo ip addr add 192.168.0.21/24 dev eth0.200') # VLAN 300 cloud.cmd('sudo ip link add link cloud-eth0 name eth0.300 type vlan id 300') cloud.cmd('sudo ip link set eth0.300 up') cloud.cmd('sudo ip addr add 192.168.0.51/24 dev eth0.300') server22.cmd('sudo ip link add link server22-eth0 name eth0.300 type vlan id 300') server22.cmd('sudo ip link set eth0.300 up') server22.cmd('sudo ip addr add 192.168.0.22/24 dev eth0.300') # Configurating firewalls # ngfw1 blocks traffic from load balancers, branch 3, cloud branch to branch 1 ngfw1 = net.get('ngfw1') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=5,action=DROP"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:ff,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:40,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:50,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:11,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:12,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:13,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:14,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:15,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:21,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:22,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:23,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:24,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,dl_src=00:00:00:00:00:25,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.2.1,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.2.2,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.2.3,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.2.4,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.2.5,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.4.1,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.1.1,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.1.2,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.1.3,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.1.4,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.1.5,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=10,ip,nw_src=10.0.10.1,action=NORMAL"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=20,udp,action=DROP"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=20,http,action=DROP"') ngfw1.cmd('ovs-ofctl add-flow ngfw1 "priority=100,dl_vlan=100,actions=NORMAL"') # fw2 blocks layer 3 traffic from load balancers, branch 3, cloud branch to branch 2 # all ARP traffic is permitted fw2 = net.get('fw2') fw2.cmd('ovs-ofctl add-flow fw2 "priority=5,action=DROP"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,arp,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.1.1,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.1.2,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.1.3,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.1.4,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.1.5,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.4.1,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.10.1,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.2.1,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.2.2,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.2.3,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.2.4,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=10,ip,nw_src=10.0.2.5,action=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=20,udp,action=DROP"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=20,http,action=DROP"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=100,dl_vlan=200,actions=NORMAL"') fw2.cmd('ovs-ofctl add-flow fw2 "priority=100,dl_vlan=300,actions=NORMAL"') # fw4 blocks layer 2 traffic from/to load balancers to/from branch 4 # all IP traffic is permitted fw4 = net.get('fw4') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=5,action=DROP"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,ip,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:11,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:12,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:13,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:14,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:15,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:21,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:22,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:23,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:24,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:25,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:31,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:32,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:33,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:34,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:35,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:50,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:ff,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=10,dl_src=00:00:00:00:00:40,action=NORMAL"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=20,udp,action=DROP"') fw4.cmd('ovs-ofctl -O OpenFlow13 add-flow fw4 "priority=20,http,action=DROP"') # Test connectivity #net.pingAll() # Start the CLI CLI(net) # Stop the network net.stop()