Open networking w/ OpenFlow @ Marist College

Software Defined Networks

http://openflow.marist.edu

Who’s Involved ?

This Talk…

What is SDN and why make the move towards SDN?

What can SDN provide?

How does OpenFlow fit into the SDN paradigm?

What can we do with the OpenFlow protocol?

Simple OpenFlow examples.

Where can I find more information about OpenFlow and SDN?

Why Software Defined Networks?

Buzzword “Virtualization of the Network”

Network Abstraction / Reduce Complexity (networks are inherently complex)

Traditional TCP/IP Layers

Centralized Network Intelligence (Control) Distribution Model is programmers choice not the

networks choice

State Control Control Plane separated from Data Plane Packet Forwarding

Software Defines Networks

SDN

Device

HW Abstraction

Decoupled Control Logic

Control Application

Software Defined Networks

Where does OpenFlow fit in?

OpenFlow “a piece of the SDN puzzle”

An Open Standard

Enables the ‘forwarding abstraction’ of the network (per device)

Cross-vendor communication solution

Enables Innovative software defined network solutions Routing Protocols Network Administration Load Balancing Security & More

OpenFlow: “An Interface”

An Open Standard (as stated before) Separates the Control and Data path of the switch “OpenFlow Controller” takes care of Control Logic Switch/Router communicate over OpenFlow Protocol

OpenFlow Protocol Defines OF Message

Creates a Flow Table abstraction Flows match on packet fields and have actions associated Static, Dynamic and Aggregate flow matching

Good place to start: OpenFlow Spec (1.1.0 also currently implemented)http://www.openflow.org/documents/openflow-spec-v1.0.0.pdf

OpenFlow: Part of SDN

What does OpenFlow do in SDN?

Marist, SDN and OpenFlow

Goal: Create an OpenFlow testing and compliance facility & network

Be part of the research around SDN

Develop and help the ONF/OpenFlow community grow

Contribute the the community

Marist OpenFlow SDN Environment

Research Plans

OpenFlow testing and compliance checklist

Research and Development publications

Open source OpenFlow controller code to community

Explore use cases for OpenFlow and test them i.e. How can OpenFlow be used in the datacenter? If any what type of benefits does OpenFlow have

that traditional networks don't? How scalable and robust is it/ the controllers?

The List goes on

Demos

ACLs (Firewall Based)

VLANING the network

Routing L2 & L3

QoS

Floodlight Modules Jason Parraga : Floodlight “Administrative Control

Panel”

Demo’s In Hancock Center Hallway

import httplibimport json

class StaticFlowPusher(object):

def __init__(self, server): self.server = server

def get(self, data): ret = self.rest_call({}, 'GET') return json.loads(ret[2])

def set(self, data): ret = self.rest_call(data, 'POST') return ret[0] == 200

def remove(self, objtype, data): ret = self.rest_call(data, 'DELETE') return ret[0] == 200

def rest_call(self, data, action): path = '/wm/staticflowentrypusher/json' headers = { 'Content-type': 'application/json', 'Accept': 'application/json', } body = json.dumps(data) conn = httplib.HTTPConnection(self.server, 8080) conn.request(action, path, body, headers) response = conn.getresponse() ret = (response.status, response.reason, response.read()) print ret conn.close() return ret

Create a StaticFlowPusher Object

This will allow a static programmable interface to write scripts to support flow tables across your network using Floodlight’s REST API.

• Supports Flow_Mod• Get• Set• Remove

• Sends HTTP Requests• GET• POST• DELETE

import StaticFlowPusher#Switches used for tests#Switch 00:0a:34:40:b5:3c:18:00#Switch 00:0a:34:40:b5:40:b8:00#Switch manufacturer: Blade Network Technologies#Switch manufacturer: Blade Network Technologiespusher = StaticFlowPusher.StaticFlowPusher(’xxx.xxx.xxx.xxx’)flow1 = {

'switch':"00:0a:34:40:b5:3c:18:00","name":"allow-webaccess","ingress-port":"19","cookie":"0","dst-ip":”x.x.x.223", #webserver"dst-port":"80","ether-type":"2048","protocol":"6","priority":"32768","active":"true","actions":"output=all"

}

flow2 = {"switch":"00:0a:34:40:b5:3c:18:00","name":"drop-web-access-all","ingress-port":"19","cookie":"0","dst-port":"80","ether-type":“2048","protocol":"6","active":"true","priority":"32768","actions":""

}

pusher.set(flow1)pusher.set(flow2)

import StaticFlowPusher

#Switches used for tests#Switch 00:0a:34:40:b5:3c:18:00#Switch 00:0a:34:40:b5:40:b8:00#Switch 00:0a:34:40:b5:3c:18:00 manufacturer: Blade Network Technologies#Switch 00:0a:34:40:b5:40:b8:00 manufacturer: Blade Network Technologies

pusher = StaticFlowPusher.StaticFlowPusher(’xxx.xxx.xxx.xxx')

flow1 ={ 'switch':"00:0a:34:40:b5:3c:18:00", "name":"flow-mod-2", "cookie":"0", "priority":"32768", "ingress-port":"19", "ether-type":"2048", "src-ip":”x.x.x.224", "active":"true", "actions":"output=17" }flow2 ={ 'switch':"00:0a:34:40:b5:3c:18:00", "name":"flow-mod-3", "cookie":"0", "priority":"32768", "ingress-port":"19", "ether-type":"2048", "src-ip":”x.x.x.225", "active":"true", "actions":"" }

pusher.set(flow1)pusher.set(flow2)

The Value Proposition

What Value do we get from SDN/OpenFlow?

Innovation

Networks will innovate as software does

Freedom to program the behavior of your local network

Do not have to abide by traditional protocols

Customization

Floodlight Administrative Control PanelMarist/IBM Joint Study

FACP

Goal: Address network administration using Floodlight

Reduce Complexity

Eliminate Python Scripting

Allow network behavior to be applied

Provide an abstraction of the network that can be configurable

Build network configuration application against that abstraction

Administrative Concerns

How can I program my network?

What's involved in programming my network?

I’m used to my bag-o-protocols, what now?

How can FACP help?

What are the plans for FACP?

Future Development

OpenFlow network and device compliance lab Develop testing compliancy documentation Tests “stamp of approval”

FACP Firewall configuration mappings Routing module (dynamic & static) QoS module for certain traffic VLAN administration MPLS?

Questions?

http://openflow.marist.edu http://openflow.marist.edu/liveview

http://openflow.marist.edu/static/media/files/ECC2012PRES.pptx

http://www.openflowhub.org/

http://opennetworking.org

http://floodlight.openflowhub.org

Marist OpenFlow/SDN DEMOS IN THE HALLWAY