[Click] FromHost help
Robert Ross
rross at dsci-usa.com
Tue Jun 20 00:10:13 EDT 2006
Our group here is attempt to utilize Click for a high-fidelity packet-based
network simulation. I would very much appreciation some clarification on
the configuration and expected behavior of the Click FromHost element. We
have a "single interface" router configuration which we're fairly sure works
properly in a typical router-only capacity. However, we would also like the
ability to have packets "bubble up" to the Linux host and also capture ALL
packets coming back from the Linux host. So far we have no trouble getting
packets up to the host. Those packets look to be intact as far as tcpdump
is concerned. The problem seems to be getting packets captured on the way
back from host. Specifically, the documentation on FromHost seems a bit
unclear as to the purpose of the configuration parameter and the effect it
has on routing. We've tried the examples in the documentation but those do
not appear to work. We'd honestly like the FromHost "fake0" interface to be
the default route out of the system but Click does not appear to like a
parameter of "0.0.0.0/0" in the FromHost element.
We see ping requests appear in tcpdump but the replies never appear and
nothing comes back down via the FromHost input. However, we DO see FromHost
input when we initiate a ping on the Click system. That leads us to believe
we either have a problem with our FromHost configuration or possibly with
how we send packets up ToHost. Can someone provide real-world examples on
how to send to and capture ALL packets coming from the host?
Thanks,
Robert Ross
EXAMPLE CONFIG
----------------------------------------------------------
//The config is for runs three subnets:
//
// subnet 1: 192.168.90.1/24
// subnet 2: 192.168.91.2/24
//
//on the single interface.
//**************************************************************************
********
// Declarations
rt :: RadixIPLookup( 192.168.90.1/32 0, //Aliased IP address directed
traffic goes to host
192.168.90.255/32 0, //Aliased IP address broadcast goes to host
192.168.90.0/32 0, //Aliased IP address broadcast goes to host
192.168.91.2/32 0, //Aliased IP address directed traffic goes to host
192.168.91.255/32 0, //Aliased IP address broadcast goes to host
192.168.91.0/32 0, //Aliased IP address broadcast goes to host
255.255.255.255/32 0, //Global broadcast goes to host
0.0.0.0/32 0, //Global broadcast goes to host
192.168.90.0/24 1, //192.168.90.0 network route
192.168.91.0/24 2, //192.168.91.0 network route
192.168.92.0/24 192.168.91.1 2, //192.168.92.0 network route
192.168.93.0/24 192.168.91.1 2, //192.168.93.0 network route
0.0.0.0/0 192.168.90.2 1 //Default route
);
// Shared IP input path and routing table
ip :: Strip(14)
-> CheckIPHeader
-> rt;
// ARP responses are copied to each ARPQuerier and the host.
arpt :: Tee(3);
// The classifier sends packets to the following outputs:
// [0] ARP queries
// [1] ARP responses for subnet 1
// [2] ARP responses for subnet 2
// [3] IP Packets
// [4] Other
c0 :: Classifier( 12/0806 20/0001,
12/0806 20/0002 38/C0A85A01,
12/0806 20/0002 38/C0A85B02,
12/0800,
-
);
// Local delivery
tohost :: ToHost;
// Devices
fromhost0 :: FromHost(fake0, 192.0.0.1/8);
fromdevice0 :: FromDevice(eth0);
todevice0 :: ToDevice(eth0);
// Queue with 1500 packet limit
outq0 :: Queue(1500);
// ARP Reponses and Queries. Must investigate for
// possible consolidation of these elements
arpr0 :: ARPResponder( 192.168.90.1 192.168.91.2 00:14:22:22:EC:CC,
0.0.0.0 1:1:1:1:1:1
);
arpq0 :: ARPQuerier(192.168.90.1, 00:14:22:22:EC:CC);
arpq1 :: ARPQuerier(192.168.91.2, 00:14:22:22:EC:CC);
//**************************************************************************
********
// Flow
fromhost0 -> Print("FromHost",0) -> c0; //Packets arrive from host
fromdevice0 -> c0; //Packets arrive from device into classifier
c0[0] -> arpr0; //ARP queries go to the ARP responder
c0[1] -> arpt; //ARP responses go to the ARP tee
c0[2] -> arpt; //ARP responses go to the ARP tee
c0[3] -> Paint(1)
-> ip; //IP packets go to the painter
c0[4] -> Discard; //Everything else is discarded
arpr0 -> outq0; //ARP responder sends response to out queue
arpt[0] -> [1]arpq0; //ARP tee sends IP address #1 response to ARP
querier
arpt[1] -> [1]arpq1; //ARP tee sends IP address #2 response to ARP
querier
arpt[2] -> tohost; //ARP tee sends all responses to host cache
arpq0 -> outq0; //ARP querier sends IP address #1 query to out queue
arpq1 -> outq0; //ARP querier sends IP address #2 query to out queue
outq0 -> c::Counter -> todevice0; //Packets are pulled off out queue by
device
//Packets meant for host get a fake ethernet header pushed
//back onto packet and then the packet gets pushed up to the host
rt[0] -> EtherEncap(0x0800, 1:1:1:1:1:1, 2:2:2:2:2:2) -> Print("ToHost",0)
-> tohost;
// Forwarding path for eth1 IP address #1
rt[1] -> DropBroadcasts
-> cp0 :: PaintTee(2)
-> gio0 :: IPGWOptions(192.168.90.1)
-> FixIPSrc(192.168.90.1)
-> dt0 :: DecIPTTL
-> fr0 :: IPFragmenter(1500)
-> [0]arpq0;
dt0[1] -> ICMPError(192.168.90.1, timeexceeded) -> rt;
fr0[1] -> ICMPError(192.168.90.1, unreachable, needfrag) -> rt;
gio0[1] -> ICMPError(192.168.90.1, parameterproblem) -> rt;
cp0[1] -> ICMPError(192.168.90.1, redirect, host) -> rt;
// Forwarding path for eth0 IP address #3
rt[2] -> DropBroadcasts
-> cp1 :: PaintTee(3)
-> gio1 :: IPGWOptions(192.168.91.2)
-> FixIPSrc(192.168.91.2)
-> dt1 :: DecIPTTL
-> fr1 :: IPFragmenter(1500)
-> [0]arpq1;
dt1[1] -> ICMPError(192.168.91.2, timeexceeded) -> rt;
fr1[1] -> ICMPError(192.168.91.2, unreachable, needfrag) -> rt;
gio1[1] -> ICMPError(192.168.91.2, parameterproblem) -> rt;
cp1[1] -> ICMPError(192.168.91.2, redirect, host) -> rt;
-------------- next part --------------
A non-text attachment was scrubbed...
Name: smime.p7s
Type: application/x-pkcs7-signature
Size: 3672 bytes
Desc: not available
Url : https://amsterdam.lcs.mit.edu/pipermail/click/attachments/20060620/44221d5d/smime.bin
More information about the click
mailing list