Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre
Wilfried van Haeren CTO Edgeworx Solutions Inc. www.edgeworx.solutions
Topics
2
� Intro Edgeworx � Past-Present-Future � Challenges � SDN � OpenFlow � OpenStack � Use Cases
© Edgeworx Solutions Inc. Proprietary & Confidential
About Edgeworx Solutions Inc. � Leading systems integrator of next-generation WAN
optimization and application performance management solutions
� Focusing on an improved and more consistent user experience for business critical applications
� Providing visibility and understanding of application behavior and performance metrics
� Offering Project Management, Application Assessments, Network Audits, NOC deployments
� Technology Solutions: Industry Leaders, Best Practices, Niche Vendors with Proven Track Records
www.edge-worx.com/+1.647.793.4731/[email protected]
Introducing the third computing era
VMware released ESX and started virtualizing servers
this broke hierarchical network architectures
2001
Amazon releases AWS defined a new IT operating model
2006
100MW+ mega-data centers are built to support hosting and cloud
scale changed everything
2009
Software Defined Networking …a customer (and SP) cry for help
2012
9 © Edgeworx Solutions Inc. Proprietary & Confidential
Problems we’re trying to address
10
� Faster response to business demands for new tenants, services and
applications. � More intelligent configuration of network services such as load
balancers, firewalls etc. � The ability to dynamically map application tiers to required services. � Reductions in cost i.e. CapEx via enabling purchase of lower cost
infrastructure � Same for OpEx via reducing administrative overhead of device centric
configuration. � Ability to create new revenue streams via more intelligent network
service offerings, think Cloud Storage and “AWS services” � Reduction in lock-in from proprietary systems. � Better network integration with cloud management systems and
orchestration tools. � Better network efficiency through closer match of network resources to
application demands.
© Edgeworx Solutions Inc. Proprietary & Confidential
a host of new network intensive and network integrated applications
changed the end-to-end IT stack
Infrastructure specific to specific apps Applications abstracted from infrastructure
Vertically integrated, proprietary stacks Open technologies, maximum generalization
Vendor lock-in, Forklift refreshes Best-of-breed, continuous innovation
Multiple management domains Homogenous, universal automation
Complex and custom architectures Simple, repeatable and scalable architectures
SDN thinking in a nutshell
IT becomes the service provider
What is Software Defined Networking? Purist View
a strict separation of control plane and data plane
Pragmatic View a network architecture designed to be programmed by high-level languages and APIs
A Common View SDN = Network Virtualization
SDN, DC considerations
14
Assess all aspects to deliver cohesive network service: � Packet delivery – routing/switching as required. Considerations such
as requirements for bridging semantics (flooding, broadcast), bandwidth, multi-pathing etc.
� L4-L7 service integration – The ability to map application tiers to required network services such as load-balancers and firewalls.
� Virtual network integration – Virtual switching support for your chosen hypervisor(s). This will be more complex in multi-hypervisor environments.
� Physical network integration – Integration with bare-metal servers, standalone appliances, network storage and existing infrastructure.
� Physical management – The management of the physical network nodes, required configuration of ports, VLANs, routes, etc.
� Scalability – Ability to scale application or customer tenancy beyond the 4000 VLAN limit.
� Flow management – The ability to program network policy from a global perspective.
© Edgeworx Solutions Inc. Proprietary & Confidential
Software Defined Networking (SDN)
15
� SDN centralizes control of the network by separating the control logic to off-device computer resources.
� All SDN models have some version of an SDN Controller, as well as southbound APIs and northbound APIs
� Controllers: The “brains” of the network, SDN Controllers offer a centralized view of the overall network � Controllers enable network administrators to dictate to the underlying
systems (like switches and routers) how the forwarding plane should handle network traffic.
� Southbound APIs: SDN uses southbound APIs to relay information to the switches and routers “below.” � OpenFlow, considered the first standard in SDN, was the original
southbound API and remains as one of the most common protocols. � Northbound APIs: SDN uses northbound APIs to communicates with
the applications and business logic “above.” � These help network administrators to programmatically shape traffic and
deploy services.
© Edgeworx Solutions Inc. Proprietary & Confidential
SDN framework
16 Source: www.opennetworking.org
SDN Physical and Virtual Network Integration
17 © Edgeworx Solutions Inc. Proprietary & Confidential
Open to Many Controllers & Programming Models
OpenFlow support with all major controller vendors
OpenStack support with contributions to Quantum to enable seamless provisioning
Native VMware integration into vCloud and NSX - VXLAN integration Native OMI Microsoft Integration
Native API calls being developed with key partners. Enables network automation through event manager
What is OpenFlow? In a Nutshell …
Wikipedia Definition:
"A communications protocol that gives access to the forwarding plane of a network switch or router over the network."
• Essentially a remote API for control that allows an external controller to manage (mostly) L2/L3 forwarding and some header manipulation
• Developed at Stanford 2007-2010, since 2011 managed by the Open Networking Foundation
• Implementations exist from all major networking vendors (although commercial availability varies)
• It is currently the only open and standardized SDN protocol out there
- Many opinions on design, features, and scope - General consensus that it is "good enough"
The Benefits of SDN
20
� Offering a centralized, programmable network that can dynamically provision so as to address the changing needs of businesses, SDN also provides the following benefits:
� Reduce CapEx: SDN potentially limits the need to purchase purpose-built, ASIC-based networking hardware, and instead supports pay-as-you-grow models
� Reduce OpEX: SDN enables algorithmic control of the network of network elements (such as hardware or software switches / routers that are increasingly programmable, making it easier to design, deploy, manage, and scale networks. The ability to automate provisioning and orchestration optimizes service availability and reliability by reducing overall management time and the chance for human error.
� Deliver Agility and Flexibility: SDN helps organizations rapidly deploy new applications, services, and infrastructure to quickly meet changing business goals and objectives.
� Enable Innovation: SDN enables organizations to create new types of applications, services, and business models that can offer new revenue streams and more value from the network.
© Edgeworx Solutions Inc. Proprietary & Confidential
OpenStack
21 Source:https://www.openstack.org/
22 © Edgeworx Solutions Inc. Proprietary & Confidential
Introducing the third computing era
Use Cases
24
Network Monitoring � OpenFlow switches provide detailed accounting data (similar to SNMP interface counters) with every flow. OpenFlow
controller can collect that data and give network operators the traffic statistics at the exact granularity they need – be it aggregate IP statistics, per-MAC address (or VM) statistics, or even per-application statistics.
Programmable Network Taps � Using OpenFlow to implement programmable network taps – either more intelligent traffic mirroring than the traditional
SPAN/RSPAN functionality or filtering the traffic before it’s sent to the monitoring/troubleshooting tools – has become the Hello World SDN application.
Service Insertion � OpenFlow functionality is trialed by large service providers to insert user-specific services (authentication, firewalling,
caching ...) into the packet forwarding path.
Scale-Out Load Balancing � Stateful network services implemented with OpenFlow remain an elusive goal – it’s still impossible to implement a
flow-based hardware switching fabric programmed with individual user session flows in real time.
� On the other hand, you can use OpenFlow for coarse-grained traffic distribution to a scale-out farm of stateful network services nodes; an architecture that allows you to bypass the limitations of traditional stateful hardware appliances like load balancers and firewalls.
© Edgeworx Solutions Inc. Proprietary & Confidential
25 Source:http://www.cohodata.com/
Use Cases (2)
26
DoS Mitigation Tools � DoS mitigation solutions can use traffic statistics provided
by OpenFlow switches to detect traffic anomalies, engage the traffic redirection capabilities of an OpenFlow controller to divert suspicious traffic to a DoS detection appliance
Policy Enforcement � You can use the comprehensive traffic filtering functionality
offered by some virtual networking SDN solutions to implement a network edge policy enforcement solution.
OpenStack Virtual Networking � OpenStack cloud management platform implements
network virtualization with third-party plugins.
© Edgeworx Solutions Inc. Proprietary & Confidential
Thank You
www.edge-worx.com
Network Performance Monitoring
Application Performance Monitoring
Secure Communications Solutions
Identity & Access Management
Consultancy Services
Application Visibility
WAN bandwidth optimization
MANAGE THE TRAFFIC ON YOUR NETWORK WITH