OpenFlow - Enabling Innovation in Your Network FAQ: What is OpenFlow and why is it needed? Frequently asked questions about the OpenFlow protocol and its potential. What is OpenFlow? OpenFlow is a programmable network protocol designed to manage and direct traffic among routers and switches from various vendors. It separates the programming of routers and switches from underlying hardware. It is the result of a six-year research collaboration between Stanford University and the University of California at Berkeley. IN THE SPOTLIGHT: OpenFlow gets wide backing How does OpenFlow work? The technology consists of three parts: flow tables installed on switches, a controller and a proprietary OpenFlow protocol for the controller to talk securely with switches. Why is OpenFlow needed? Vendors offer varying degrees of user programmability on their routers and switches. Wasn't MPLS designed to do this? Yes, MPLS is a traffic management and engineering technique. When will OpenFlow be available? A limited number of vendors are offering it now. Learn more about this topic
How to export packet summary to text file? - Wireshark Q&A If you you really want all the information from the Info column, then you are probably better off using tshark for this. Something like: tshark -r file.pcap -P -Y "http" -o gui.column.format:'"Info", "%i"' > http_info.txt Otherwise, if you're just looking for specific http fields from specific http packets, then you might want to just extract those specific fields of interest. A hypothetical example: tshark -r file.pcap -Y "http.request.method == GET" -T fields -e frame.number -e http.request.uri -e http.user_agent ... I believe I made a mistake above in thinking that you only wanted the Info column, but I think you are interested in all columns, so all you really should need to do is to run tshark as follows (substituting "http" for whatever filter is desirable for you): tshark -r file.pcap -P -Y "http" > http_summary.txt This will get you all of the columns that Wireshark is currently configured to display.
Software Defined Virtual Networks | NIST Background Data networks have enabled extraordinary growth in capabilities such as email, the web, and social media; and today form the technical basis for our information-centric economy[1]. However, current network architectures and processes for technical evolution cannot support the complexity and pace innovation in emerging applications such as Virtualized / Cloud Computing, Internet of Things, ubiquitous Mobile Computing and Big Data Analytics. Today’s industry norm of deploying special purpose, fixed-function hardware appliances (e.g., routers, switches, firewalls, load balancers) that implement standardized protocols no longer scales with the required pace of innovation for new services, nor the economics of modern virtualized computing. In today’s networking industry, these barriers to innovation result in lead times of years to design and develop new network services and require tremendous capital and operational expenses to deploy and operate new network functions. Context
Software Defined Networking (SDN) Embrace Digital Transformation Lead innovation from within using Cisco Application Centric Infrastructure. Learn More Need Faster Application Rollouts? Discover the Power of Application Centric Infrastructure. View Webcast Overcoming SDN, NFV Challenges Learn which factors can help or hinder the adoption of SDN and NFV. Read Report Transformation Through Innovation Software Defined Networking (SDN) is enabling organizations to accelerate application deployment and delivery, dramatically reducing IT costs through policy-enabled workflow automation. SDN accomplishes these business objectives by converging the management of network and application services into centralized, extensible orchestration platforms that can automate the provisioning and configuration of the entire infrastructure. SDN delivers speed and agility when deploying new applications and business services. Enterprises, Are You Looking to Control Expenses While Innovating? Greater Success with Cisco Services
Packet sniffing Create a virtual promiscuous interface Edit /etc/network/interfaces: iface eth1 inet manual up ifconfig $IFACE 0.0.0.0 up up ip link set $IFACE promisc on down ip link set $IFACE promisc off down ifconfig $IFACE down Then use `ifup eth1` to bring up the interface. The problem with this is that it may still dirty the network by sending some packets (in response to ARP and ICMP and the like). Create undetectable interface Untested! # Set the interface MAC address so that it is invalid # even if it does send out a packet (which it shouldn't). # Turn on promiscuous mode. ifconfig eth0 hw ether 00:00:00:00:00:00 promisc # Bring up the interface and ignore ARP. ifconfig eth0 -arp up ARP can also be disabled via `sysctl`. echo 1 > /proc/sys/net/ipv4/conf/eth0/arp_ignore You can permanently set this by editing /etc/sysctl.conf: net.ipv4.conf.eth0.arp_ignore = 1 Create a virtual wifi monitor mode interface iw dev wlan0 interface add wlan0-mon type monitor ifconfig wlan0-mon up Packet Sniffing Tools ipaudit or
Software Defined Networking (SDN) - Overview Transformation Through Innovation Software Defined Networking (SDN) is enabling organizations to accelerate application deployment and delivery, dramatically reducing IT costs through policy-enabled workflow automation. SDN technology enables cloud architectures by delivering automated, on-demand application delivery and mobility at scale. SDN enhances the benefits of data center virtualization, increasing resource flexibility and utilization and reducing infrastructure costs and overhead. SDN accomplishes these business objectives by converging the management of network and application services into centralized, extensible orchestration platforms that can automate the provisioning and configuration of the entire infrastructure. Common centralized IT policies bring together disparate IT groups and workflows. SDN delivers speed and agility when deploying new applications and business services. Greater Success with Cisco Services
Top 10 Wireshark Filters (by Chris Greer) Author Profile - Chris Greer is a Network Analyst for Packet Pioneer. Chris has many years of experience in analyzing and troubleshooting networks. He regularly assists companies in tracking down the source of network and application performance problems using a variety of protocol analysis and monitoring tools including Wireshark. When he isn’t hunting down problems at the packet level, he can be found teaching various analysis workshops at Interop and other industry trade shows. The filtering capabilities of Wireshark are very comprehensive. 1. ip.addr == 10.0.0.1 [Sets a filter for any packet with 10.0.0.1, as either the source or dest] 2. ip.addr==10.0.0.1 && ip.addr==10.0.0.2 [sets a conversation filter between the two defined IP addresses] 3. http or dns [sets a filter to display all http and dns] 4. tcp.port==4000 [sets a filter for any TCP packet with 4000 as a source or dest port] 5. tcp.flags.reset==1 [displays all TCP resets] 6. http.request [displays all HTTP GET requests] 8. !