I created a fat tree topology using mininet(with ovsk kind of switch and OpenFlow13) with remote ONOS(2.0) controller. Now I need to emulate SDN specific attacks like poket_in flooding. I need some recommendation on tools and may be methods to reproduce such attack.

For now I tried to reproduce this attack in a stupid way: I made an assumption that I have access to one host and one switch. Then: 1) On switch I started bash script which did 'ovs-ofctl drop-flows s1' in infinite cycle. 2) On host I just make ping -f

This try was based on my assumption that making s1 drop all rules in flow table may cause s1 flood controller with "packet_in" kind of messages. But analysing traffic with Wireshark I found out that number of "packet_in" increased but not significantly to abuse controller. Instead, "flow_add" kind of messages increased more than "packet_in" but also not significantly.

0 Answers