We are building a proof of concept piece that uses ONOS to update the flow tables on an OVS switch to either block or allow traffic connected to the OVS switch. We have got a piece working on a local machine using using virtual machines on virtual box. We're trying to see if we can get it working using virtual machines in Azure. Here's the setup:
I have three Linux virtual machines running in Azure.
One virtual machine has ONOS installed on it. Ley's call this ONOS-1.
The second virtual machine has OVS installed on it. Let's call this OVS-1.
And the third virtual machine is just a standard Linux virtual machine that is being used by a user. Let's call this HOST-1.
The OVS-1 has two network interface cards, one for management access and another used by OVS for bridging. In OVS there are multiple vPorts configured on the single NIC that is on the data network.
The idea is that ONOS-1 is connected to OVS-1, and the OVS-1 is connected to HOST-1via one of the OVS vPorts. ONOS-1 should be able to control OVS-1. Currently, ONOS-1 can see OVS-1, but any vPorts created on OVS-1 show as enabled=False in ONOS-1. What is the problem or what are we missing? Any help, guidance, or direction would be greatly appreciated.
Network diagram
We've tried adding additional NIC for each OVS vPort. This did not work either.
Related
I've a mac address which belongs to VMware virtual machine in my network(about 4k devices).
The virtual machine is used by VMware workstation on some host in my network.
All i got is a mac address of the virtual machine.
Is there any way to find it(by DOS/bash or similiar) without installing PowerCLI on each device or using arp table details(not allways the virtual machines appears there)?
thanks!
I very much doubt that this is possible since identifying host information from a guest could be a security concern. However, what you could do if using ”Workstation PRO” is to call the rest api from within the guest - if that sort of traffic is allowed.
I am following the security onion docs and am using vmware. I created the 2nd network adapter and set it to bridged for the monitor interface, ran the setup, selected evaluation mode, and setup the network interfaces.
My monitor interface does not see any traffic, I used wireshark to to test both interfaces and the management interface sees the traffic but the monitor interface does not. Has anyone else come across this issue?
Would be useful if you'll provide your Host OS, and versions of OS, VMWare and Security Onion- to be clear from the start and helpful for any future requests.
Out of assumption that you are using MAC-I may say it may be a known issue, see:
https://docs.vmware.com/en/VMware-Fusion/12/rn/VMware-Fusion-12-Release-Notes.html#knownissues
-here is short excerpt from it:
"Users are unable to capture transfer packets in the same subnet of a virtual network inside a virtual machine.
Virtual machine's virtual interface doesn't report packet exchanges between other virtual machines in the same subnet on Big Sur hosts.
Workaround: Use the virtual interface on the host to capture traffic information in the subnet. For example, use the interface bridge100 on macOS host to capture the traffic in the subnet"
It was reported as a known issue in Fusion 12.0, but it isn't listed in the Resolved Issues for 12.1, so it so safe to assume that it is known pending issue by now.
I have 2 PC (with Windows as default OS), let's say PC_master and PC_slave. Since it is recommended to work with Linux to manage a spark Cluster i created one Virtual Machines with Linux on each of theses PC: VM_master on PC_master and VM_slave on PC_slave.
I would like to setup a Standalone Spark Cluster, so which Networking configuration should i use (NAT, Bridge, HostOnly?) for theses 2VM in order that they own their private IP adress letting me ssh from one to another without the need of port forwarding ?
Edit: My two laptop are linked to the same box, so they have private IP and supposed to be linked to the same router.
Finally it seems that if i want to give each VM its own Ip adress to create a private Network i have to choose Bridge Network which will assign a unique Ip for each VM!
I am new to embedded linux development.I have inherited a particular way of Embedded linux development from the previous developer.
I was just wondering if there is a more industry standard way of working.
This is how he was working,
There is an ARM embedded linux board which is not on the corporate network and has a fixed IP address of 192.168.0.52.I have a virtualbox based linux host which is connected directly to this linux board via an Ethernet cable.This host has an NFS shared with the target for running the cross compiled binaries.I have to set a fixed IP address for the host of 192.168.0.50.Then I can telnet with the target to run the compiled binaries on the NFS folder. Also as the VM host is not connected to the corporate network.I cannot use the company issued SVN for version control.So what I do is have a shared folder via virtual box between Windows and Linux host and I manually keep transferring the files which I have to commit/test.
What I would I ideally like, is both networks connected to the corporate network,so that I can update the OS,use version control.Is there way by which the VM on Windows access the corporate network and also be connected to the target.IT is not willing to give a static IP to the target.If we connect the target via DHCP what is the best way to discover it on the network.Also IT is concerned about the traffic it will generate.Can I use a switch to create a subnetwork,so that the target can have a fixed address?
Another question is they are open to a linux based host as well.Is a VM based linux any worse off than a Linux PC.The only problem I have been having are networking based issues,not really Virtualbox issues.But I am curious to know if there are any limitations at all.
In order to have the VM connected to the corporate network, you can setup the VM network adapter in bridge mode.
In order to discover the embedded device, you can use the arp command (for instance: arm -i eth0 -a).
If you have got two network interfaces you could also connect the remote device directly through this interface and setup a dhcp server in your VM.
Personally, I think that with the VM you can do everything that you need (cross-compiling the Kernel and bootloader and creating the remote File System). I have been using a VM for embedded linux development on a AT91SAM board without problems at all.
I'm setting up a linux server in a VM for my development.
Previously I've had PHP, MySQL etc etc all installed locally on my Mac. Apart from being a security risk, it's a drag to maintain and keep up to date, and there's a risk that an OS upgrade will wipe part of your setup out as the changes you make are fairly non-standard.
Having the entire server contained within a VM makes it easily upgradable and portable between machines. It means I can have the same configuration as the destination server and with shared folders even if the VM gets corrupted my work is safe on the host machine.
Previously with the local installation I was able to develop on convenient URLs like http://site.dev. I'd quite like to carry this over to the VM way of development but I'm struggling to figure out how, if it's possible at all.
Here's the problem:
In Bridged mode, the VM is part of the same network as the host. This is great but I can't choose a fixed IP address as I may be joining other networks and that address may be taken already. I'd like a consistent way of addressing my VM.
In NAT mode I can't directly address the VM without using port forwarding. I can use http://site.dev if I use the hosts file to forward that to localhost and then localhost:8080 forwards to the vm:80. The trouble is I have to access http://site.dev:8080 which is inconvenient for URL construction.
Does anyone know a way around this? I'm using ubuntu server and virtualbox.
Thanks!
The answer is to define a separate host-only network adapter and use that for host->guest communication.
You can do this by powering down the guest and adding the adapter in the VM settings. Once that's done you can boot the guest again and configure the new network interface however suits you best. I chose a fixed IP address in an unused range.