can not connect ICX 7250-24 with Opendaylight oxygen controller

  • 1
  • Question
  • Updated 3 weeks ago
  • Answered
Hello Everyone,
I have ICX 7250-24 switch and ODL oxygen version. I have connected the ethernet interface 1/1/1 to the  ODL controller. the controlling is running on ip address 192.168.2.25 port 8181. I have enabled the openflow ofv130 and have connected with controller using no ssl in Config mod. Then I enabled openflow layer23 on ethernet interface 1/1/1 with VLAN1  However, the switch is not getting connected with the controller. When I disabled openflow and assigned ip address to 1/1/1 ethernet interface, then the controller is pinged. However, it is necessary that the ip address should not be assigned to ethernet interface 1/1/1 if we want to enable the openflow. When the ip address is not assigned to the ethernet interface 1/1/1, then the switch cannot ping the controller. Can you help me in this regard?
thanks!
Nadir


Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes

Posted 1 month ago

  • 1
Photo of Jijo Panangat

Jijo Panangat, Employee

  • 42 Posts
  • 14 Reply Likes
Hi Nadir,

Make sure your Management interface is up and hope ICX and controller are on same subnet , if that is not the case route it thr default gateway with necessary routes added.


Thanks
(Edited)
Photo of Vu Pham

Vu Pham, Employee

  • 11 Posts
  • 8 Reply Likes
Hi Nadir - Like Jijo said, please double check IP configuration on the ICX and the controller. If they're directly connected, make sure they're on the same vlan/subnet.  It would help you could 'cut and paste' the 'show run' and 'show openflow' outputs here.

Thanks,

Vu
Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes
Hello Vu,
thanks for your comment. Actually the problem is that the IP address cannot be configured on the interface that has openflow enabled on. Without configuring IP address on the interface, the router cannot be connected to  ODL
Thanks!
Nadir
Photo of Vu Pham

Vu Pham, Employee

  • 11 Posts
  • 8 Reply Likes

Hi Nadir - I believe we need a dedicated 'Ethernet' port for ip management. In other words, port with openflow enable will not able to configured with an ip address to carry switch's management traffic. Below is a couple examples/scenarios how to set this up. If you still run into issues or have more questions, please open a support-case so one of us can help.  Thanks. Vu

******
******
Example 1:
ICX running Layer2 (switching code):
ODL server: 192.168.2.25/24
ODL server directly connected to ICX port 1/1/1

On ICX:
config t
int e 1/1/1
no openflow enable
exit
ip address 192.168.2.26/24
ip default-gateway 192.168.1.1 (optional if need to route management traffic elsewhere. ICX would need a router 192.168.1.1)
exit

write mem

//you should be able to ping ODL now!


******
******
Example 2: ICX running Layer3 (routing code):
ODL server: 192.168.2.25/24
ODL server directly connected to ICX port 1/1/1

On ICX:

config t
int e 1/1/1
no openflow enable
exit

vlan 10
untag e 1/1/1
router-interface ve 10
exit

interface ve 10
ip address 192.168.2.26/4
exit
write mem

//you should be able to ping ODL now!
******


Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes
Hello Vu,
thanks for the reply, the pinging is done following the layer3 commands. However, when I connect to ODL controller using "openflow controller ip-address 192.168.2.25 no-ssl port 8181" it gives me error like "ERROR: Ctrl-1 in ver 1 sends pkt with hdr: ver 72 type 84 len 21584 xid 791752241
"

Can you help me that what is wrong? I have enabled send-to-controller default-behavior 

Looking forward for your guidance.
thanks!
Nadir
Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes
i had the following commands
1. CS7250(config)#openflow enable ofv130
2. CS7250(config-if-e1000-1/1/1)#openflow enable layer23 hybrid-mode
3.CS7250(config)#openflow hello-reply disable
4. CS7250(config)#openflow controller ip-address 192.168.2.25 no-ssl port 8181
ERROR: Ctrl-1 in ver 4 sends pkt with hdr: ver 72 type 84 len 21584 xid 791752241
Bad Controller - teardown all connections!
CS7250(config)#

why is this error?
+++++++++++++++++++++++show run starts+++++++++++++++++++++++++++++
CS7250(config)#show running-config
Current configuration:
!
ver 08.0.80dT213
!
stack unit 1
  module 1 icx7250-24-port-management-module
  module 2 icx7250-sfp-plus-8port-80g-module
!
!
!
!
!
vlan 1 name DEFAULT-VLAN by port
!
vlan 10 by port
 untagged ethe 1/1/1
 router-interface ve 10
!
vlan 250 by port
 tagged ethe 1/1/2
!
!
!
!
!
!
!
!
!
!
!
openflow enable ofv130
openflow hello-reply disable
openflow controller ip-address 192.168.2.25 no-ssl port 8181
!
!
aaa authentication web-server default local
aaa authentication login default local
boot sys tf 10.0.0.2 spz10111.bin
hostname CS7250
!
username admin password .....
!
!
!
!
!
!
!
!
!
!
!
!
!
!
interface management 1
 ip address 10.0.0.4 255.255.255.0
!
interface ethernet 1/1/1
 openflow enable layer23 hybrid-mode
!
interface ethernet 1/2/1
 speed-duplex 1000-full
!
interface ethernet 1/2/2
 speed-duplex 1000-full
!
interface ethernet 1/2/3
 speed-duplex 1000-full
!
interface ethernet 1/2/4
 speed-duplex 1000-full
!
interface ethernet 1/2/5
 speed-duplex 1000-full
!
interface ethernet 1/2/6
 speed-duplex 1000-full
!
interface ethernet 1/2/7
 speed-duplex 1000-full
!
interface ethernet 1/2/8
 speed-duplex 1000-full
!
interface ve 10
 ip address 192.168.2.26 255.255.255.0
!
!
!
!
!
!
!
!
!
!
end
CS7250(config)#

+++++++++++++++++++++++show run ends++++++++++++++++++++++++++++++

show open flow is follow
$$$$$$$$$$$$$$$$$$$$$$$$$$$ show openflow starts$$$$$$$$$$$$$$$$$$$

CS7250#show openflow
Administrative Status:       Enabled
SSL Status:                  Enabled
Controller Type:             ofv130
HELLO Reply:                 disabled
Number of Controllers:       1
Controller 1:
Connection Mode:       active, TCP
Controller Address:     192.168.2.25
Connection Port:       8181
Connection Status:      CLOSED
Role:                   EQUAL
Packet-in config:       no-match, action
Port-status config:     add, delete, modify
Flow-removed config:    delete, group-delete

Match Capability:
L2 : Port, SMAC, DMAC, Ether type, Vlan, Vlan PCP
L3 : Port, Vlan, Vlan PCP, Ethertype(IP,IPv6,ARP,LLDP), Source (IP/IPv6), Destination (IP/IPv6), IP Protocol, IP DSCP,
     TCP/UDP/SCTP(Src Port,Dst Port), ICMPv4/ICMPv6(Type,Code)
L23: Port, SMAC, DMAC, Vlan, Vlan PCP, Ethertype (IP,IPv6,ARP,LLDP), Destination (IP/IPv6), IP Protocol, IP DSCP,
     TCP/UDP/SCTP(Src Port,Dst Port), ICMPv4/ICMPv6(Type,Code)
Normal Openflow Enabled Ports:
Openflow Hybrid Interfaces:
e1/1/1
Protected VLANs   : None
Unprotected VLANs :    10,

Default action: drop
Maximum number of flows allowed: 3072
Active flow: 0
SLIB Switchover detected: YES
Maximum number of Protected Vlans allowed: 40
Maximum number of Unprotected Vlans allowed: 40
Total number of Protected Vlans: 0
Total number of Unprotected Vlans: 1

$$$$$$$$$$$$$$$$$$$$$$$$$$ show openflow ends$$$$$$$$$$$$$$$$$$$$$
looking forward for your help
thanks!
Nadir

Photo of Vu Pham

Vu Pham, Employee

  • 11 Posts
  • 8 Reply Likes
Hi Nadir - please try disable openflow on 1/1/1 if it is connected to the ODL server.

config t
interface ethernet 1/1/1
 no openflow enable layer23 hybrid-mode

write mem
exit

Let me know if it made any diff.

Thanks,

Vu
Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes
it does not work
and the error is
--------------------------------------------------------------------------------
CS7250(config)#openflow controller ip-address 192.168.2.25 no-ssl port 8181

CS7250(config)#ERROR: Ctrl-1 in ver 4 sends pkt with hdr: ver 72 type 84 len 21584 xid 791752241
Bad Controller - teardown all connections!
---------------------------------------------------------------------------------------
on the server it is 
=========================================
$sudo netstat -an | grep 8181

tcp6   0   0  :::8181     :::*   LISTEN

tcp6   0   0  192.168.2.25:8181     192.168.2.26:7801   TIME_WAIT

=================================================

Please what is wrong?
Thanks!
Nadir
Photo of Vu Pham

Vu Pham, Employee

  • 11 Posts
  • 8 Reply Likes
HI Nadir - It seems like ICX is rejecting the ODL controller because it received an Openflow message with header version other than '100' or '130'. I would recommend open a support case so someone can help troubleshooting the issue further. It would help to have a wireshark capture the communication between ICX and ODL controller to verify.

Thanks,

Vu
Photo of Nadir Shah

Nadir Shah

  • 9 Posts
  • 0 Reply Likes
I opened the case, let us see for the output