Print this pagePrint this page

Email this topicEmail this topic

View PDFView PDF

Download EPUBDownload EPUB

Configuring OpenFlow

The following procedure describes configuring OpenFlow.

Click to expand in new window

OpenFlow Configuration

Step Tasks Command(s)
1

Enable OpenFlow on the switch.

A system reset is required for this command to take effect.

 set openflow enable
2 Configure a trusted controller CA certificate. Any controller attempting to connect to this switch must use a certificate that was issued by this CA certificate. 
set pki certificate cacert no-confirm
 -----BEGIN CERTIFICATE----- 
MIIDiDCCAnACAQEwDQYJKoZIhvcNAQEFBQAwgYkxCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEVMBMGA1UEChMMT3BlbiB2U3dpdGNoMRUwEwYDVQQLEwxjb250cm9s
...
kL9Xzted6QScKWtaNG9RKX2LnUG73gUcKwD26TOrn2jZucidpbgPc7uZcs4=
-----END CERTIFICATE-----
3 Configure switch‘s certificate. This is the switch‘s public certificate, which is presented to the controller during TLS authentication. 
set pki certificate sc-cert no-confirm
-----BEGIN CERTIFICATE----
MIIDfjCCAmYCAQIwDQYJKoZIhvcNAQEFBQAwgYExCzAJBgNVBAYTAlVTMQswCQYD
VQQIEwJDQTEVMBMGA1UEChMMT3BlbiB2U3dpdGNoMREwDwYDVQQLEwhzd2l0Y2hj
...
HHZu0NxDKdr6chrKUDqPNSOUeZjqq582AGkf1V1QWDogcijVJ20fKYknMu0pxkf4
66Dv/IVBwG6VR7PgVtXX8w8ufG6KcLsZyU9x5ud9LOg13DfjqQjvZz1TvsHuLtTx
vW8z85BXEUAa5FOMVnPBuFQa2vILUWz6fIq/eOszNDbLtg==
-----END CERTIFICATE-----
4 Configure switch‘s private key. This key corresponds to the switch‘s public certificate, and must remain a secret. 
set tls privkey 
Enter the PEM encoded key
End with the word "quit" on a line by itself
-----BEGIN RSA PRIVATE KEY-----
Proc-Type: 4,ENCRYPTED
DEK-Info: DES-EDE3-CBC,01D0CCCB6E8B2276

qA80e7OEEjOQSE93vCKQLkr9IOxZ4Y3BisydSCNBGL/LVMQ8rkBbY3DFZRXQ1NgU
67cmPNzoLBRDofpVmw72U42hsNsQggw8FpNAqlDLBxG4zLuaI1TiW/IWhdSEtwAjD
...
wzZ9tV1LUINx3a1u5EhiKpfWbsZmhZwNfZS9uJE9WIr9J1G4E9jJhY49V9QzRxuO
5tHGwGiFboGcRl8Z2Qi48c7BV+AafSHWIV6ZzJ4r9+ICfnlQurfE8F3hgg2WT/GC
-----END RSA PRIVATE KEY-----
quit
Please enter PEM passphrase:
5 Tell TLS to use the certificates configured in steps 1 and 2. 
set tls certificate sc-cert

set tls ca-cert cacert
6 Configure an active TLS connection to controller at address 10.10.10.10. set openflow controller active 10.10.10.10 tls
Published May 2016prev | next

Email this topicEmail this topic

Print this pagePrint this page