Due to a ransomware attack, the wiki was reverted to a July 2022 version. . We apologize for the lack of a more recent valid backup.
...
| Code Block | ||||
|---|---|---|---|---|
| ||||
$ sudo apt-get install python3-pip -y $ sudo -H pip3 install -r ~/onos/tools/tutorials/artemis/requirements.txt $ nano ~/onos/tools/tutorials/artemis/configs/exabgp.conf |
You must put the absolute path at run command, e.g., /home/user/onos/tools/tutorials/artemis/server.py.
Verify the path that is specific to your setup, using cd and/or pwd/ls, as shown in Figure 3.
Fig. 3: Verifying the absolute path for the exaBGP configuration file (exabgp.conf).
...
1. Connect to the BGP speaker named R3, and also check connectivity between hosts H1 and H4:
| Code Block | ||||
|---|---|---|---|---|
| ||||
mininet> xterm R3 (opens a new terminal on R3) mininet> pingall (to make the hosts visible) mininet> h1 ping h4 (to see the data plane interactions) |
...
Now the hijacker (AS65003) will attract all the traffic away from AS65001 (destined to 40.0.0.0/8); at the same time, the ExaBGP speaker will send the BGP update of the hijack (among other updates seen by AS65004) to the ONOS instance (running ARTEMIS) and the hijack will be detected. Checking Observing the ONOS logs, you will see that the attack is actually detected and the deaggregation mechanism has successfully mitigated the attack (by announcing the more specific prefixes 40.0.0.0/9 and 40.128.0.0/9 from the BGP speaker of the protected AS). After BGP converges and the control and data planes are consistent, the traffic of AS65001, destined to 40.0.0.0/8, returns to the protected AS, as shown in Figure 5.
...
3. Also, by checking the current configuration of R4, following similar steps as for R3:
| Code Block | ||||
|---|---|---|---|---|
| ||||
mininet> xterm R4 (opens a new terminal on R4) R4> telnet localhost bgpd Password: sdnip (this is the password) bgp> en (enable) bgp# sh run (show running configuration) |
...