Due to a ransomware attack, the wiki was reverted to a July 2022 version. . We apologize for the lack of a more recent valid backup.
| Status | ||||
|---|---|---|---|---|
|
| Table of Contents |
|---|
Team
| Name | Organization | Role | |
|---|---|---|---|
| Dimitris Mavrommatis | ONF / Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Lead Developer | dimitris@opennetworking.org |
| Lefteris Manassakis | Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Engineering Supervisor / | |
| Vasileios Kotronis | Foundation for Research and Technology - Hellas (FORTH), Institute of Computer Science, INSPIRE group | Research Supervisor / | vkotronis@ics.forth.gr |
...
| Code Block | ||
|---|---|---|
| ||
"org.onosproject.artemis" : {
"artemis" : {
"prefixes" : [
{
"prefixmoas": : "40.0.0.0/8"[ ],
"paths" : [
{
"originneighbor" : 65004,[
"neighbor" : [{
{
"asn": 65002,
"asnneighbor" : 65002,[
"neighbor": [ 65001
]
}]
]
}
}
],
],
"moasorigin" : [ ]65004
}
],}
"frequency" : 3000,
],
"prefix": "40.0.0.0/8"
}
]
},
"moas": { },
"monitors" : {
"ripe" : [ ],
"exabgp": [
"192.168.1.2:5000"
],
"exabgpripe": [ "192.168.1.2:5000" ]
}
}
} |
Explanation of fields
prefixes:List consisting of prefixes with their AS-PATH information and (optionally) legitimate MOAS ASes.
prefix: a CIDR representation of the prefix that is monitored/protected.
paths: a list of dictionaries that contain the ASN of the protected AS (origin), along with a list of dictionaries for the neighbors.
neighbor: list of dictionaries that contain each neighbor's ASN and a list of ASNs for the neighbor's neighbor.
For example, in the demo topology the protected (origin) AS65004 sees the AS65002 as a first-hop neighbor, and AS65001 as a second-hop neighbor (resulting in the legitimate announced path AS65004 - AS65002 - AS65001).
Note: While the operator can supply the origin and first-hop neighbor ASNs as ground-truth in the configuration, the N-hop (N > 1) neighbor information is planned to be generated automatically by ARTEMIS in future versions of the tool, based on the received BGP updates.moas: *in-progress*
future versions of the tool, based on the received BGP updates.
moas: *in-progress*
moas: *in-progress*
frequency:Polling interval in milliseconds for the detection mechanism to check batches of BGP update messages (stored in the application cache). In the demo configuration file, it is set to check every 3s (3000ms).monitors: List of the route collectors that ARTEMIS is using for monitoring. Currently it supports RIPE and ExaBGP route collectors through the socket-io interface, and is extendable to include more monitoring services/APIs.
RIPE Route Collectors have specific identifiers ("rrc17rrc18", "rrc18rrc19", "rrc19rrc20", "rrc20rrc21"). You can configure them following this example: "ripe" : ["rrc17rrc18", "rrc19"]
An ExaBGP Route Collector (RC) is implemented inside the tutorial folder (/onos/tools/tutorials/artemis/). You can host such an RC locally by running an ExaBGP instance with the exabgp.conf and server.py files provided (will require modifications in directory paths). In the demo topology we have an ExaBGP speaker running on 192.168.1.2:5000, monitoring the BGP control plane from the perspective of AS65001.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
$ cd ~ $ sudo apt-get install git $ git clone -b 3.4 https://github.com/Exa-Networks/exabgp $ cd exabgp; git checkout 3.4exabgp $ echo 'export PATH=$PATH:~/exabgp/sbin' >> ~/.bashrc $ source ~/.bashrc |
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
$ sudo apt-get install python3-pip -y $ sudo -H pip3 install -r ~/onos/tools/tutorials/artemis/requirements.txt $ nanocd ~/onos/tools/tutorials/artemis/ $ sed -i 's?/absolute/path/to/onos/tools/tutorials/artemis?'`pwd`'?' configs/exabgp.conf |
You must put verify that the run command in config file now has the absolute path at the run command, e.g., /home/user/onos/tools/tutorials/artemis/server.py.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
$ cd onos/tools/tutorials/artemis
$ sudo ./artemis-topo.py |
While having the two terminals open (ONOS instance and mininet), open a new terminal and load the network configuration with onos-netcfg. From this terminal, login to the ONOS CLI:
...
Fig. 6: Current configuration of R4.
Frequently
...
asked questions (FAQ)
Q: Why is the CLI output empty when I write bgp-routes in the ONOS CLI, is the output empty?
A: There might be multiple different problems that might cause this issue (e.g., Quagga not running or ExaBGP not running). To verify that everything is running correctly please run ps aux; the result should look as follows:
...
Q: Why am I getting an error when running the topology file?
A: You should check if the python3 requirements are installed correctly. Sometimes, the python deployment may consider the python3 package installed; it is though the python2 package instead. You could try installing again the dependency separately using pip3 install .
Q: All the processes run correctly buy but I still don't get the BGP routes to show; why?
A: This situation tends to happen if you have the networking manager enabled because sometimes it messes up the interfaces of the mininet topology. Please stop the network manager and restart the demo from scratch.
...