This document is for a deprecated release of Opendaylight and will receive only security updates.
The Usecplugin-OpenFlow User Guide contains information about configuration, administration, management, using and troubleshooting the feature.
Usecplugin-OpenFlow collects information about potential OpenFlow Packet_In attacks to OpenDaylight. A threshold (water mark) can be set for the Packet_In rate which when breached will trigger Packet_In message information collection.
Usecplugin listens on OpenFlow southbound interface for Packet_In messages. When the rate of Packet_In breaches the high water mark the application parses the message for header information which is subsequently stored in YANG Data Store and a log file. Usecplugin has PacketHandler class that implements the PacketProcessing interface to override the OnPacketReceived notification by which the application is notified of Packet_In messages.
Install the Usecplugin-OpenFlow feautre in OpenDaylight with the
feature:install odl-usecplugin-openflow at the Karaf CLI.
A user can set the low water mark and high water mark for Packet_In rates as well as number of samples for checking the time interval to calculate Packet_In rate.
{"usecplugin:sample-data-hwm": { "samples":"3000","highWaterMark":"3000"}}{"usecplugin:sample-data-lwm": { "samples-lwm":"2000","lowWaterMark-lwm":"2000"}}Use RPC POST APIs in the following format for getting the attack related information.
{"usecplugin:input": { "NodeID":"openflow:1"}}{"usecplugin:input": { "SrcIP":"10.0.0.1"}}{"usecplugin:input": { "DstIP":"10.0.0.2"}}