UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Advanced Computer Networks ECE 540

TeamHusain Al YusufAlejandro Flores

Mustafa Al Mashhadani

Applying Software-Defined Networking to the Telecom

Domain

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

What is SDN ?

What is SDN Magic ?!

Wikipedia• …. decoupling the

system that makes decisions about where traffic is sent (control plane) from the underlying systems that forwards traffic to the selected destination (data plane)….

NetworkWorld• … focuses somewhat

less on decoupling and more on providing programmatic interfaces into network equipment, whether or not there is a separation of the control and forwarding planes

CISCO• Simplified Operation

• Enhanced Agility

• New Business Opportunity

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN Definition

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

What is SDN Magic ?!

$$ Operational Cost $$

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN Components• Programmable approach to network

multi-tenancy within the datacenterNetwork

Virtualization

• Software that makes policy decisions within the network. (Control Plane)Controller

• Programing interfaces between ‘applications’ and Controller.

Application API(Northband API)

• Programming interfaces between Controller and physical or virtual network device (OpenFlow)

Data Plan API(Southband API)

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Application API

Application API

Application API

OpenFlow Protocol

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Virtualization

Controller

Forwarding

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Applying SDN to the Telecom Domain

• Objective• Apply SDN on telecommunication domain

• Main Challenges• Legacy infrastructure constrains• Others…

• How to Implement SDN• “ SDN - Vertical Forwarding “• Definition: extend the concept of SDN to controller-programmed

en-/de-capsulation operations on top of IP

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture

-vs-SDN-based Architecture

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture

ControlPlaneDataPlane

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Limitations of the Gateway-based Architecture?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture LimitationsComplexity

Complexity that leads to stasis: any change must be done everywhere. (ACLs, QOS, FW … )• ScalabilityInability to scale; causing new investment! Must upgrade hardware to get new features.• Proprietary Vendor dependence (i.e. proprietary) or lack of openness.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture Limitations

Slow failure recovery time.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture Limitations

Inflexible and hard to upgrades (takes time)

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

What is the alternative?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Alternative to Gateway-based Architecture

SERVER

STORAGE

Separation of functions:

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN-based Architecture

Separate functionality into two:• Control Plane - Makes the forwarding

decisions (brain) • Data Plane – Does the actual forwarding

(workhorse)ControlPlane

DataPlane

FE

CE

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN-based Architecture

• Optimized for high throughput • Control function can be virtualized• Ease of upgrading the control

plane without affecting the FE’s.• Omits all inter-gateway signaling

protocols • Reduces routing update and

network status traffic

Why SDN?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Gateway-based Architecture

Faster failure recovery timeController

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN-based Architecture

Offers the option to distribute the controller function over multiple nodes.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

How do we fade out the old

technology?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

SDN and Gateway-based Architecture

Can interoperates with legacy gateways and allows incremental deployment.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

What is OpenFlow?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

OpenFlow

What is OpenFlow?• It defines the open communications protocol in SDNs that enables the Controller to interact with the forwarding plane and make

adjustments to the network.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

OpenFlow

•Basic Idea: Separate Control from Data pathThe switch and controller communicate via

OpenFlow protocol.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

OpenFlow

•Does all routers and switches support OpenFlow?OpenFlow is option that you can add to switch or router

Most of today routers and switches support OpenFlow

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

OpenFlow With Vertical SDN

•Do we need to make changes to OpenFlow in order to support Vertical SDN ?•Header

Additional flow match typesWith the corresponding flow match fields on encapsulation headers.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

•Do we need to make changes to OpenFlow in order to support Vertical SDN ?

•ProtocolExtensions to enable en- and decapsulation operations.

Represented as actions after flow matching.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

•Push and POP operations

When pushing or popping ESP and AH, information about the flow’s security policies and security associations have to be provided. Some of this information is already supplied by OpenFlow

•Do we need to make changes to OpenFlow in order to support Vertical SDN ?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

•Integrate Distributed routing protocols into openflow’s controller operation.

•Do we need to make changes to OpenFlow in order to support Vertical SDN ?

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Use Cases

•Does the vertical SDN applicable only with telecom domain?• We can benefit from this architecture in other

applications:I. IETF Mobility protocolII. 3GPP UMTS & SAEIII. Wireline Broadband networksIV. Virtual Private Networks and Secure

LinksV. IP protocol transition

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

VPN

• VPN’s are used to interconnect individual hosts with a security gateway (Tunnel).

`

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

VPN• Using SDN architecture:

The signaling protocol falls into the realm of the controller

The keys will not be exchanged over the network.

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Final Thoughts on SDN

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Implications of Change

Final Thoughts on SDN

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

$$ Marketing $$

Final Thoughts on SDN

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Vulnerability

Final Thoughts on SDN

UNM Electrical and Computer Engineering DepartmentUNM Electrical and Computer Engineering Department

Final Thoughts on SDN