Pox proactive openflow rule

Question

I created a rule to add to an open vswitch when it connects to the controller. The rule allows h1 to communicate with h2 which are both on the same switch. The rule below is added when the connection to the controller comes up.

event.connection.send(
                of.ofp_flow_mod(action=of.ofp_action_output(port=1), priority=45,
                                match=of.ofp_match(dl_type=0x800, nw_dst="10.0.0.7")))

For some reason the flow will not work, but if i change it to match using ports instead if IP it will work. As there is multiple switches i can't just match on ports alone.

at first i though maybe ICMP wasnt IPV4 but i confirmed it is using Tcpdump.

sudo tcpdump -e -r tcpdump.pcap dst 192.168.0.103
reading from file tcpdump.pcap, link-type EN10MB (Ethernet)
14:24:30.940749 00:a0:98:ae:2c:fe (oui Unknown) > 00:1d:ec:0e:0b:fa (oui Unknown), ethertype IPv4 (0x0800), length 98: 192.168.0.112 > 192.168.0.103: ICMP echo request, id 1962, seq 1, length 64

the network consists of a spine switch connected to 2 leaf switches and 2 hosts per leaf switch.

Any help would be greatly appreciated.

def _handle_ConnectionUp(self, event):
        #dpid = event.connection.dpid
        # printing the dpid
        # log.info("Switch with DPID of %s has come up.",dpid_to_str(event.dpid))
        print("Switch with DPID of %s has come up." % (dpid_to_str(event.dpid)))

        # printing the dpid in hex
        # log.info("Switch with DPID in HEX format of %s has come up." % (hex(event.dpid)))
        print("Switch with DPID in HEX format of %s has come up." % (hex(event.dpid)))

        if event.dpid == 0x1:

            event.connection.send(
                of.ofp_flow_mod(action=of.ofp_action_output(port=2), priority=45,
                                match=of.ofp_match(in_port = 1)))
            event.connection.send(
                of.ofp_flow_mod(action=of.ofp_action_output(port=1), priority=45,
                                match=of.ofp_match(dl_type=0x800, nw_dst="10.0.0.1")))

Answer 1

In a typical L2 network, two hosts need to communicate with the ARP protocol to exchange hardware addresses before they can ping (or any other IP-based protocol) each other.

My best guest is that, with your current configuration, h1 can send an ARP request to h2 (thanks to the rule on the ingress port) but h2 cannot answer. Thus, h1 doesn't know the hardware address of h2 and can't send it IP packets. To check this hypothesis, you can run:

$ arp
Address               HWtype  HWaddress           Flags Mask            Iface
10.0.0.7                      (incomplete)                              eno1
10.0.0.254            ether   00:00:00:00:00:08   C                     eno1

Here, for instance, the address of 10.0.0.7 is unknown.

You have at least two solutions:

1. Manually set new ARP entries in h1 and h2. See arp -h .
2. Let h1 and h2 communicate through ARP by adding the necessary rules.