Tuesday, December 20, 2011

NS2 simulation for PIM-SM multicasting

I am going to show you how to perform traditional PIM-SM simulation in NS2. For those who doesn't know PIM-SM (Protocol Independent Multicast - Sparse Mode) check the RFC 4601.

Definition extracted from RFCs:
PIM-DM (RFC3973) is a multicast routing protocol that uses the underlying unicast routing information base to flood multicast datagrams to all multicast routers. Prune messages are used to prevent future messages from propagating to routers without group membership information.

PIM-SM (RFC4601) is a multicast routing protocol that can use the underlying unicast routing information base or a separate multicast-capable routing information base. It builds unidirectional shared trees rooted at a Rendezvous Point (RP) per group, and optionally creates shortest-path trees per source.

In simple language, -->PIM-DM uses a push model to flood multicast traffic to every corner of the network. This process is considered to be very “heavy”, since it floods its message to all sub-networks. In PIM-SM environments only sub-networks that have active receivers that have explicitly requested the data will be forwarded the multicast traffic. PIM-SM introduces the concept of Rendezvous Point (RP). The RP it is a appointed router where all the multicast messages flow and from witch it forward through the multipoint tree.

-->The Network Simulator2 (NS-2) is the most popular simulator in the scientific field and in the great telecommunications companies, allowing the creation of any network topology and analyze any kind of protocol.

This simulation simulates PIM-SM environment based IP infrastructure with one multicast source, one group address and two nodes joining the group. Node0 thru Node7 are all routers. Source1 is attached to Router0. Receiver1 and Receiver2 are attached to Router6 and Router7 respectively. Router1 is defined as Rendezvous Point (RP).

Source1 starts at 0.5 sec
Receiver1 joins the group at 1.0 sec
Receiver2 joins the group at 1.5 sec
Receiver1 leaves the group at 6.0 sec
Receiver2 leaves the group at 6.5 sec
Source1 stops at 9.5 sec

Network Topology for multicast simulation

File: mulicast.tcl
#//////////////////CODE STARTS HERE/////////////////////////////////
#Create an event scheduler wit multicast turned on
set ns [new Simulator -multicast on]
#$ns multicast
#Turn on Tracing

set tf [open output.tr w]
$ns trace-all $tf

# Turn on nam Tracing
set fd [open mcast.nam w]
$ns namtrace-all $fd

# Create nodes
set n0 [$ns node]
set n1 [$ns node]
set n2 [$ns node]
set n3 [$ns node]
set n4 [$ns node]
set n5 [$ns node]
set n6 [$ns node]
set n7 [$ns node]

# Create links
$ns duplex-link $n0 $n1 1.5Mb 10ms DropTail
$ns duplex-link $n1 $n2 1.5Mb 10ms DropTail
$ns duplex-link $n2 $n3 1.5Mb 10ms DropTail
$ns duplex-link $n3 $n4 1.5Mb 10ms DropTail
$ns duplex-link $n1 $n4 1.5Mb 10ms DropTail
$ns duplex-link $n3 $n5 1.5Mb 10ms DropTail
$ns duplex-link $n5 $n6 1.5Mb 10ms DropTail
$ns duplex-link $n5 $n7 1.5Mb 10ms DropTail

# Allocate group addresses
set group1 [Node allocaddr]
set group2 [Node allocaddr]

# Routing protocol: PIM-SM
$ns mrtproto BST
BST set RP_($group1) $n1

# UDP Transport agent for the traffic source
set udp0 [new Agent/UDP]
$ns attach-agent $n0 $udp0
$udp0 set dst_addr_ $group1
$udp0 set dst_port_ 0
set cbr1 [new Application/Traffic/CBR]
$cbr1 set packetSize_ 210
$cbr1 set rate_ 1000k
$cbr1 attach-agent $udp0

# Create receiver
set rcvr1 [new Agent/Null]
$ns attach-agent $n6 $rcvr1
set rcvr2 [new Agent/Null]

$ns attach-agent $n7 $rcvr2

$ns at 1.0 "$n6 join-group $rcvr1 $group1"
$ns at 1.5 "$n7 join-group $rcvr2 $group1"

$ns at 6.0 "$n6 leave-group $rcvr1 $group1"
$ns at 6.5 "$n7 leave-group $rcvr2 $group1"

# Schedule events
$ns at 0.5 "$cbr1 start"
$ns at 9.5 "$cbr1 stop"

$ns at 10.0 "finish"
proc finish {} {
global ns tf
$ns flush-trace
close $tf
exec nam mcast.nam &
exit 0

# For nam
#Colors for packets from mcast packets
$ns color 10 red

#udp0 traffic has flow ID 10
# Group 0 source

$udp0 set fid_ 10
$n0 color red
$n0 label "Source 1"

$n6 label "Receiver 1"
$n6 color blue
$n7 label "Receiver 2"
$n7 color blue

# Animation rate
$ns set-animation-rate 3.0ms
$ns run
#//////////////////CODE ENDS HERE/////////////////////////////////

Make sure that you make your .tcl file executable
#chmod 700 multicast.tcl

Execute the .tcl file as
#ns multicast.tcl

If you run into any issues, refer to NS2 documentation. It's really nice documentation.

Thursday, December 1, 2011

Apache2.2: Defining Virtual Hosts, Re-direction and LDAP authentication uncovered

I usually put references at the bottom of the article. But this time I want to put it in the beginning of the article. If you are Apache beginner, trust me you want to go through these references before you start doing anything.

Apache Directives: http://httpd.apache.org/docs/2.2/mod/directive-dict.html#Context
Name-Based Virtual Hosts: http://httpd.apache.org/docs/2.2/vhosts/name-based.html
LDAP directory for authentication: http://httpd.apache.org/docs/2.3/mod/mod_authnz_ldap.html
LDAP and Active Directory Terminologies: http://rapidtechguide.blogspot.com/2011/07/directories-terminology-active.html

Practice Scenario:

Windows Server
Web Server: Apache2.2
IP add:
Port: 80
Websites hosted:

Before you start testing your apache setup make sure that DNS is configured properly, hosts file is configured properly.

File: C:\Windows\System32\drivers\etc\hosts www1.test.org www.mytest.org www.urtest.org www.ourtest.org www.everyonetest.org www.lovetest.org

#everyonetest.org and lovetest.org are alias of ourtest.org

Configure DNS server to point those domains 'mytest.org, urtest.org, ourtest.org,everyonetest.org,lovetest.org' to You can contact your DNS administrator

Say Apache2.2 is installed in C: drive

and you are publishing your web contents at C:\website

C:\apache\conf\httpd.conf# Change this to Listen on specific IP addresses as shown below to
# prevent Apache from glomming onto all bound IP addresses.

#uncomment these for LDAP authentication support
LoadModule authnz_ldap_module modules/mod_authnz_ldap.so
LoadModule ldap_module modules/mod_ldap.so

ServerName www1.test.org

# DirectoryIndex: sets the file that Apache will serve if a directory
# is requested.
<IfModule dir_module>
DirectoryIndex index.htm index.html index.shtml index.html.var index.php index.pl default.html default.htm

#Set LogLevel to debug if you are configuring Apache for first time so that you can collect enough logging information for troubleshooting purpose
LogLevel debug

<IfModule mime_module>
#Uncomment this line to have shtml MIME support
AddType text/html .shtml

# Uncomment following line to add Virtual hosts in different file
Include conf/extra/httpd-vhosts.conf
# Use name-based virtual hosting.
#Regular Virtual Host Configuration Example# WWW.MYTEST.ORG BEGIN
# mytest.org is published at C:/website/mytest

ServerName www.mytest.org
DocumentRoot C:/website/mytest

<Directory C:/website/mytest>
AllowOverride None
Order deny,allow
Allow from all

ErrorLog "logs/www.mytest.org-error.log"
CustomLog "logs/www.mytest.org-access.log" common

ErrorDocument 401 /unauth.shtml
ErrorDocument 403 /forbid.shtml
ErrorDocument 404 /notfound.shtml
ErrorDocument 500 /error.shtml

#Re-Direction Configuration Example
# urtest.org is simply re-directed to www.wikipedia.org

ServerName www.urtest.org
Redirect permanent / https://www.wikipedia.org


#LDAP Authentication Configuration Example
# ourtest.org is published at C:/website/ourtest
# LDAP authentication is required to access the conents of C:/website/ourtest

ServerName www.ourtest.org
ServerAlias everyonetest.org lovetest.org
DocumentRoot C:/website/mytest

<Directory C:/website/mytest>
AllowOverride None
Order deny,allow
Allow from all

AuthType Basic
AuthBasicProvider ldap
AuthzLDAPAuthoritative on

AuthLDAPBindDN "cn=ldapuser,ou=\"Super Accounts\",DC=ad,DC=test,DC=org"
AuthLDAPBindPassword ipassword

AuthName "Only for registered users"

AuthLDAPURL "ldap://ldap.test.org:389/ou=students,ou=toefl,dc=ad,dc=test,dc=org?name"

#Syntax for AuthLDAPRUL ldap://host:port/basedn?attribute?scope?filter
#For more info refer to page 3 of https://www.ietf.org/rfc/rfc2255.txt
require valid-user

ErrorLog "logs/www.mytest.org-error.log"
CustomLog "logs/www.mytest.org-access.log" common

ErrorDocument 401 /unauth.shtml
ErrorDocument 403 /forbid.shtml
ErrorDocument 404 /notfound.shtml
ErrorDocument 500 /error.shtml

Some other tips:
I would prefer to use Internet Explorer(IE) for testing webpages as lots of users are using IE. In IE go to Tools--> Internet Options and Check 'Delete Browsing History on Exit". Sometimes Internet Browser displays webpages from it's temp files, so even if your apache/web server is stopped you might see webpages working (I have seen it and it took me quite a time to get around with it). Or sometimes if you make some content changes, your browser may not reflect those changes. So, while perfoming apache setup and testing 'Delete Browsing History' really helps. Close the browser. Re-open the browser and see if you got ur desired output.
Sometime you might have to flush local DNS cache. If you have to you can use following command
> ipconfig /flushdns

Good Luck!!!

Additional References:

Also read per-User web directories documentation from Apache