Using Docker Containers as Mininet Hosts

Introduction
Talentica believes in continuous learning and innovation. We the Talenticans have always been encouraged to undertake learning and experimenting with emerging technologies. With the same objective, we have setup an internal R&D group working on upcoming areas. Software defined networking (SDN) is one the areas where we are developing proficiency.
         As a part of SDN group, we are working on a measuring Hadoop Map Reduce shuffle phase network transfer and also possible traffic engineering solutions for optimizing shuffle phase network transfer. While working on the same, we encountered several challenges, this blog is highlighting solution to one the challenges we faced. Continue reading Using Docker Containers as Mininet Hosts

SDN Captive Portal

Introduction
Captive portal is a networking solution which performs authentication of the users before granting them network access. It secures the network from unwanted and unauthorized access by providing a landing web page where all the browser’s requests from an unauthenticated user are redirected and authentication is performed. Traditionally a captive portal solution is implemented on the networking device itself by enabling the device to redirect the browser’s requests from unauthenticated users. In a SDN environment we can separate the logic from the device to a centralized controller platform and write our own applications for networking solutions. In this post we explain a captive portal solution for Software Defined Networking (SDN) infrastructure. Continue reading SDN Captive Portal

WiFi direct – android local networking

In my earlier blog post I discussed data sharing between two android devices in same network using NSD. In this post we will see communication between two non-connected android devices (can be connected to same or other network, doesn’t really matter) via WiFi direct. Devices should be in WiFi range. I will start with a bit of theory about WiFi direct and then we will see how it is implementable using android APIs (Sample app source code git link at the end of post). Continue reading WiFi direct – android local networking

Packet Interception Application: Simple Firewall

In continuation with the previous blog, we will now have a look at a basic agent which can act as a firewall. This firewall will drop all the packets outgoing to a particular IP destination and let other packets go through.

First we ensure that the following IPTABLES rule is installed:

sudo iptables -A OUTPUT -p ip -j NFQUEUE --queue-num 0

We can validate this by listing all the iptable rules using:  

sudo iptables –list

Continue reading Packet Interception Application: Simple Firewall

Introduction to Packet Interception Using Netfilter

In the first blog of this series, we will focus on the concept of packet interception in user space and later on we will also look into use cases pertaining to this concept.

Such a user space agent can be developed using C (Python also has a similar set of libraries.) on a linux based OS.

Following external libraries would be required:

* libnfnetlink: A low level library for kernel/userspace communication

* libnetfilter_queue: A userspace library providing an API for packets queued by kernel

* libmnl: Internally used by libnetfilter_queue

Additionally, a command line utility called IPTABLES is also needed in order to install rules. Continue reading Introduction to Packet Interception Using Netfilter

Packet Interception Application: Elephant flow detection in SDN

Before proceeding to this use case, it would be better if the reader is acquainted with some basic SDN concepts.

Modern data center networks rely on multi-rooted topologies that offer many alternative data paths between any pair of hosts. As an example, a fattree topology is shown below.

Fattree topology with 4 core switches Continue reading Packet Interception Application: Elephant flow detection in SDN