How many people use FAUCET? This is a difficult question to answer; there’s no requirement that FAUCET users tell the maintainers. However, there are a few ways we can see how many people download FAUCET – since you can install FAUCET a few different ways. These counts are known to be missing some historical data […]
In part II we demonstrated faking IP services for an entire subnet. Now, let’s eliminate the need for an interactive OpenFlow control entirely, with the magic OVS learn actions. These are almost like OVS assembly language instructions, that allow OVS rewrite packets or even add flows to itself. Once new pipette has programmed OVS, once, […]
If you’re like me – you live in the middle of nowhere, in New Zealand, without fiber let alone any DSL, and you develop a lot of software using docker – you might find your build/deploy cycle a bit painful, since many docker builds download packages. Even if you are an unusual case – you […]
In our last post, we used a new L2 OVS proxy to fake TCP services on an entire IP subnet. We used network namespaces for isolation. However, using namespaces can make running fake services under docker somewhat inconvenient. So this time around, we’re going to have pipette do L3 NAT for us as well, so […]
In a previous post, we introduced coprocessing and faking a TCP service on a single IP. The FAUCET coprocessor feature allows an external host to inject packets to a given VLAN (or even port). FAUCET ACLs are used to select traffic to be sent to the coprocessor (by default nothing is sent for coprocessing). In […]
We are proud to present Open Source SDN using @faucetsdn and @alliedtelesis OpenFlow gear at JRES 2019. Come and see a live demo using our stackable SDN switches and wireless APs at our booth! #networksmarter #alliedtelesis #SDN #JRES2019 pic.twitter.com/iSzIK6C38f — Rahul (@rahul_gupta86) December 3, 2019 Great to see FAUCET stacking!
FAUCET ACLs are great for locking things down. And it is possible to add FAUCET ACL rules, that count traffic and let it through (instead of counting and denying it). But sometimes that’s not enough – you want to deny the traffic, but you also want to see what it was. FAUCET’s ACL language lets […]
Docker based systems are great, but if you live in New Zealand (and in rural New Zealand, like I do), repeated docker pulls to the Internet can be a little painful. Fortunately you can configure docker-registry to locally cache. First install docker-registry and configure it as a proxy. # apt-get install docker-registry # vi /etc/docker/registry/config.yml […]
Google’s 2017 presentation at OVScon on FAUCET and SDN.