Is every router is a switch? - router

I wanna know this hierarchy.Does any router can do what switch do?
My master said it "yes,router is switch at the same time." Is that real? Thank you.

The answer is "No".
Ports could be switched from L3 to L2 back and forth to serve routing or switching functions, but this is not general rule. Depending of vendor and model there could be no option for port level switching. There also could be no advansed switching features on router

Related

Prioritizing packets streaming in OpenFlow, mininet

I am doing work on security and priority in SDN.
I have a typology of this form
h1---s1--s2---h2
I have to pass packets of h1 to h2, prioritizing packets streaming. And check somehow they are correct. i don't know how to do that with OpenFlow and MiniNet. Anyone have any idea how to do it?
I believe from security and priority, you mean to say FireWall and Traffic shaping services respectively. As far as I know you cannot achieve traffic shaping just be OpenFlow(Though firewall service could be achieved to an extent by OpenFlow). In short OpenFlow is meant for setting forwarding rules for an in coming packet. Though there are plugins such as NICIRA which can add some functionality such as handling TCP, UDP, ARP packets, but the primary job of openflow packet is to forward packet to next port, drop or punt to controller based on flow rules.
However in your case, You need to implement SFC. You need to deploy firewall or traffic shaping applications(an opensource traffic shaping application here) in a separate server. you need to configure VXLAN on S1 and S2. Then add flows on S1 and S2 such that packets are forwarded to the server. and other flow to forward the flows from the server to next destination. In the Server you apply firewall and traffic shaping rules on packet by packet basis.
Hope this basic information atleast helps you to where to look for information / get going.
EDIT
Please look at really good tutorial from David Mahler, specifically the introduction to OpenFlow, this would clear your doubts on Packet traversal in OpenvSwitch.
Coming to Controller, there are number of controller implementations with languages from C++, Python, Java to Ruby.
Assuming you are a python developer, you can check with POX, here are good tutorial links(link1 and link2) however I'm not sure how well its maintained, I see the commits for code was last done 3 years ago, not sure it is actively maintained. There is also example to parse the packet here, where you can apply appropriate algorithm. If you are looking for Java there are controllers such as Floodlight and Opendaylight, which has pretty much better community support.

How to make fiddler less intrusive?

Fiddler is a great tool for testing a wide variety of http scenarios. However Fiddler also blocks all kinds of traffic that it shouldn't. This intrusive behavior can be annoying and time consuming.
Is there a way to specify what Fiddler does and does not listen to? So I want to say only monitor and report on traffic going to localhost or www.google.com, everything else would be ignored.
Is that possible ?
Its just rather tedious to have to close fiddler whenever it blocks something it should not.
Fiddler acts as a system proxy, so you can't have some traffic flow through it and some not, unless you can configure the client to not use the proxy for some connections.
You can use Fiddler's filter options to determine what is captured and shown in the sessions window.
However, what does it block ? I use Fiddler extensively, and have no issues with connections being blocked. Perhaps there is another solution than closing Fiddler.
I faced the same problem when setting up Fiddler just now (Win7). My problem was that Fiddler (Fiddler2) was not detecting and using my corporate Proxy settings. I had to go and set them manually in Fiddler Options > Gateway
That is why all my non-local, non-intranet traffic was appearing to blackhole. Hope that helps.

How to sync an application state over multiple iphones in the same network?

I am developing an iPhone application that allows to basically click through a series of actions. These series are predefined and synced with a common configuration server.
That app might be running on multiple devices at the same time. All devices are assumed to have the same series of actions defined on them. All devices are considered equal, there is not a server and multiple clients or something like that.
(Only) one of these devices is used by a person at any given time, it is however possible that the person switches to a different device at any given time. All "passive" devices need to be synchronized with the active one, so that they display the same action.
The whole thing should happen as automatically as possible. No selection of devices, configuration, all devices in the same network take part in the same series of actions.
One additional requirement is that a device could join during a presentation (a series of actions) and needs to jump to the currently active action.
Right now, I see two options to implement the networking/communication part of that:
Bonjour. I have implemented a working prototype that can automatically connect with one (1) other device in the network and communicate with that. I am not sure at this point how much additional work the "multiple devices" requirement is. Would I have to open a set of connections for every device and manually send the sync events to all of them? Is there a better way or does bonjour provide anything to help me with that? What does Bonjour provide given that I want to communicate with every device in the network anyway?
Multicast with AsyncUdpSocket. Simply define a port and send multicast sync events out to that port. I guess the main issue compared to using bonjour with tcp would be that the connection is not safe and packets could be lost. This is however in a private, protected wlan network with low traffic if that would really be an issue. Are there other disadvantages that I'm not seeing? Because that sounds like a relatively easy option at this point...
Which one would you suggest? Or is there another, better alternative that I'm not thinking of?
You should check out GameKit (built in to iOS)--they have a lot of the machinery you need in a convenient package. You can easily discover peers on the network and easily send data back for forth between clients (broadcast or peer to peer)
In my experience Bonjour is perfect for what you want. There's an excellent tutorial with associated source code: Chatty that can be easily modified to suit your purposes.
I hobbled together a distributed message bus for the iphone (no centralized server) that would work great for this. It should be noted that the UI guy made a mess of the code, so thar' be dragons there: https://code.google.com/p/iphonebusmiddleware/
The basic idea is to use bonjour to form a network with leader election. The leader becomes the hub through which all the slaves subscribe to topics of interest. Then any message sent to a given topic is delivered to every node subscribed to said topic. A master disconnection simple means restarting the leader election process.

Is there a way to discover what different types of switches am I connected to?

I wanted to know if we could find out what type of switch our machine is directly connected to ..
For instance if I am connected to a Cisco,Brocade,foundry and Force10 switch .
Is it possible to write a perl script to find out the management address of the switch [without logging in]
Is it possible to write a perl script to find out the switch vendor and model number ...
Thanks for your suggestions.
EDIT: Wanted to add that I am directly connected to the switch .. I can disable the firewall on my machine ...
nmap is what you want. If that doesn't do it, the answer is probably "no". If you need the IP address of the switch, run traceroute/tracert to see what the next hop is.
There is no guaranteed way of being able to achieve this. It depends very much on how your switch has been configured and how open your network admins have made it.
If everything is completely open then the best way of finding out the type of switch is to use snmp. The net-snmp library for perl (see docs here) is a good place to start.
But that assumes that the management interface is exposed to your box.
There is no guarantee that it will be.
If it is then nmap (as suggested by others) may work. At least it might tell you if the management interface is accessible at which point you can use snmp to tell you the rest.
Traceroute might yield some more information, but only if the address used for it's routing is the same as the management address. (and assuming that your "switch" is really a "router". If not then this won't yield any useful information.)
ping might yield some information about the manufacturer, but only if it hasn't been configured to proxy-arp.
On Cisco switchs if CDP is activated you should be able to see CDP traffic on your wire which will indicate switch model, name and switch port you are connected to.
Don't know for other brands.
Not really. In the modern world of firewalled, packet-modifying, NATed subnetworks, you really can't do anything reliably to inspect a network from a client machine.
That said, trying nmap on your router might tell you something interesting. Or it might not. The results are entirely up to the admins of your network.
follow the wire
You can ping it to get its Ethernet address, and then look it up in one of the vendor code lists.

Maintaining state between two machines

We have two industrial controllers that are used to control critical systems. The idea is that on failure of one controller, the other controller will automatically take over. To ensure the swap over is seamless, each the standby controller must mirror the state of the online controller at all time.
We have a solution, which is poorly coded and documented. The question is, is there a common design pattern that implements such a system or open source software that achieves a similar thing thaty could be used to create a generic solution that could be used for controllers or PC's and can be extended to allow any number of controllers to act as standby routines.
On approach is "cache coherence". Commercial products -- Tangosol, for example -- do this.
Another approach is a light-weight version of an Enterprise Service Bus (ESB) or Service Oriented Architecture (SOA). Almost all the SOA vendors have products for this. I'd start with Tibco, which has a lightweight component set that you can use for this.
Since SOA isn't that hard, you can roll your own using the HTTP protocol so one controller can POST status to it's shadow controllers.
There is a difference between failover and transparent failover. Do you really have requirements for transparent failover? If so, you're going to end up paying for it (in both cost and complexity).
That being said, take a look at this post on Buddy Replication for an elegant solution to the problem.
There is the standard Master-Slave pattern used my almost all DBMS' that support clustering, distributed architectures and replication (http://en.wikipedia.org/wiki/Database_replication).
So, very basically in your situation you could have the Master machine maintaining state, and the slave sitting there doing nothing except updating its own state from that of the master. If the master goes down, the slave sees the master is no longer there, and can take over the control of state, with the master only being used again once it has updated its own state from that of the slave (which has maintained state while the master has not been active).
The traditional approach taken in controlling realtime critical systems is to run the two units in lockstep. Tandem have been building some very impressive fault-tolerant machines using this technique for years.
However, lockstep is very much a hardware-level solution; i don't think you could implement classic lockstep purely at the software level. Or at least, not straightforwardly. Maybe using state machines synchronised by exchange of vector clocks or something equally propeller-headed?
There is an analogous situation with the space shuttle computers. In that situation, they used 5 computers and if one machine was late or different from the others, it was (in essence) voted off of the island.
In your situation, how do you determine which controller has gone bad? Is the determining machine also considered for single-point failure?
What level of communications are available between the two controllers? Shared memory, Ethernet, or something even slower?
How fast does state information change between the two?
Is it possible to feed identical information to both controllers and would both controllers calculate the same state transitions?
Maybe a shared SQLite database or something similar?