Software Defined Networking/Openflow: A path to Programmable Networks

SOFTWARE DEFINED NETWORKING/OPENFLOW: A PATH TO PROGRAMMABLE NETWORKS

Eric Choi

Senior Manager, Product Management

Service Provider Business Unit, APJ

[email protected]

Outline

• OpenFlow Introduction

• Software Defined Networking (SDN) Use Case

• A SDN Architecture

• Internet2 - Case Study

© 2011-2012 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL— Discussed under NDA Only 2

From Past to Future Bringing modularity to network infrastructure


Physical Infrastructure Today

Features

OS

Hardware

Features

OS

Hardware

Features

OS

Hardware

Features

OS

Hardware

Features

Device OS

Hardware

Network Controller

OS

Hardware

Features

OS

Hardware

OpenFlow Client

OS

Hardware

OpenFlow Client

OS

Hardware

OpenFlow Client

Features (Applications)

With Software Defined Networking (SDN) • Network Controller abstracts physical network

• Innovation is limited by the capability of the networking vendors

• This approach is decades behind compared to Web 2.0 and SP Cloud provider requirements:

• Scale

• Operational Efficiency

• Service Velocity


Why Are We Talking About This? Because the network has become the problem!

“We are allowing the network to constrain optimization of the most valuable assets”

- James Hamilton, VP of Cloud Architecture, Amazon

• ONF launched publicly in March, 2011

• Support from more than 50 major companies

• The ONF defines OpenFlow and API specifications

• Founding members of ONF:


Who is behind Software Defined Networking? Open Networking Foundation (ONF)

Physical Network

OpenFlow

Network OS

Virtualization

App App App App

ONF SDN Model (simplified)

x

Features

OS

Hardware

Features

OS

Hardware

Features

OS

Hardware Features

OS

Hardware Features

OS

Hardware

Orchestration

OpenFlow Introduction


• In a classical router, the data plane (hardware) and control plane (software) are on the same device

• Part of the control plane functionality supported outside the router

• “Flow table” in a router manipulated by controller • Router and controller communicate via OpenFlow protocol

• Originally developed by the OpenFlow Consortium

• http://www.openflow.org

• OpenFlow is now being developed at the ONF

• http://www.opennetworkingfoundation.org/

OpenFlow Introduction Classical Router

Control Plane

(software)

Data Plane

(hardware)

(A)

(B)

OpenFlow-Enabled Router

OpenFlow

Client

Control Plane

Data Plane Flow Table

OpenFlow Controller

OpenFlow protocol

7 © 2011-2012 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL— Discussed under NDA Only

• OpenFlow-enabled router supports an OpenFlow Client (control plane software)

• OpenFlow Client communicates with an OpenFlow Controller using the OpenFlow protocol

• OpenFlow Controller runs on a server

• OpenFlow-enabled routers support the abstraction of a Flow Table, which is manipulated by the OpenFlow Controller

OpenFlow Introduction

OpenFlow-Enabled Router

OpenFlow

Client

Control Plane

Data Plane

Flow Table


OpenFlow

protocol

Server

OpenFlow Controller

• Flow Table contains Flow Entries

• Each Flow Entry represents a Flow, e.g., packets with a given destination IP address

• The flow table is sorted by flow priority, which is defined by the controller

• Highest priority flows are at the top of the Flow Table

• Incoming packets are matched against the flow entries (in order)

• Matching means: Does the packet belong to this Flow?

• If there is match, flow matching stops, and the set of actions for that flow entry are performed

• Packets that don’t match any flow entry are typically dropped


OpenFlow-Enabled Router Operation

Flow Table

Matching

search

Highest Priority

Lowest Priority

Flow Entries

Flow Table Entry OpenFlow 1.0

• Each flow table entry contains a set of rules to match (e.g., IP src) and an action list to be executed in case of a match (e.g., forward to port list)

• Forward packet to a port list

• Add/remove/modify VLAN Tag

• Drop packet

• Send packet to the controller

Packet counters, byte counters,

and etc

OpenFlow-Enabled

Router

OpenFlow

Client

Control Plane

Data Plane

Flow Table

Matching Fields Actions Stats

Flow Entry OpenFlow Controller

Ingress

Port

MAC

DA

MAC

SA EtherType

VLAN

ID

IP

Src

IP

Dst

IP

Protocol

TCP/UDP

src port

TCP/UDP

dst port P-bits

IP

DSCP

Layer 2 Layer 3


OpenFlow

protocol

• OpenFlow itself does not define or mandate any specific application

• OpenFlow is a key “enabler” for SDN. OpenFlow is *not* SDN.

• OpenFlow enables a large set of applications due to its flexibility

• Supported applications should increase over time as new functionality is added to the OpenFlow specification

• E.g., flow policing/rate limiting

• Ideal for automating common operations

• E.g. security via ACLs, isolation via VLANs or VRFs etc.


OpenFlow Applications What can we do with OpenFlow?

SDN USE CASE

Network Virtualization


For Hyper-Scale Data Centers


Network Virtualization A SDN Application

SP Physical Infrastructure

� A SDN application that enables the creation of logical networks (multi-tenancy) over a common physical network

� Logical networks contain VMs and physical workloads (e.g., physical servers, firewalls, etc)

� Enables seamless control of network resources regardless of location

� Logical networks can be used to bridge private and public clouds

VM VM VM

PHY PHY

VM VM VM

PHY PHY

VM VM VM

PHY PHY

Network Virtualization Using L2 over L3 Tunnels

• VxLAN (IETF draft, August 2011)

• Author: VMware

• NVGRE (IETF draft, September 2011)

• Author: Microsoft

• STT (IETF draft, March 2012

• Author: Nicira

TUNNEL TECHNOLOGY: RECENT INDUSTRY PROPOSALS


BROCADE SOLUTIONS WILL BE TUNNEL AGNOSTIC

L2 over L3 tunnel

L2 L2 L2 L3

Payload Tunnel header

VXLAN (Virtual eXtensible LAN) Optimizing Data Center Networking

October 18, 2012 © 2012 Brocade Communications Systems, Inc. CONFIDENTIAL 15

VXLAN VXLAN

IP Network With Multicast

IP+UDP Ethernet UDP Payload

Layer 2 Network Overlay Over IP Networks

ETH HDR VXLAN HDR Original Ether Frame

Enhanced Efficiency • Extend L2 across or within data centers

enabling infrastructure elasticity

Enhanced Flexibility • Preserve simplicity of L2 characteristics

• Spanning Tree Protocol is not needed

Enhanced Scalability • Offer 16 million VXLAN L2 segments

• Conceal VM MACs from L2 backbone

October 18, 2012 © 2012 Brocade Communications Systems, Inc. CONFIDENTIAL 16

VXLAN Tunnel Discovery and IP Multicast

IP Network with Multicast

VM 4 VM 1

10.1.1.1 20.1.1.1

ESX 1

50.1.1.1

ESX 2

10.1.1.2

VM 2

60.1.1.1

ESX 3

VM 5 VM 3

10.1.1.3 20.1.1.2

70.1.1.1

VNI IP Multicast Group

5001 223.1.1.1

5002 223.1.1.2

MAC Address VTEP

VM2 60.1.1.1 (ESX2)

vShield*

Manager

Dynamic Learning

Provisioning VTEP 1 MAC: MCAST MAC : VTEP 1 IP :223.1.1.1: VXLAN HDR : ARP 10.1.1.2

Outer L2 Outer L3 VXLAN Payload

5001

*vSphere 5.1 supports VXLAN

VTEP performs (*, G) join via IGMP

ARP for 10.1.1.2?

MAC Address VTEP

VM1 50.1.1.1 (ESX1)

Dynamic Learning

PHY1

PHY2

• L2 over L3 tunnels used to create Logical Networks (multi-tenancy) over physical network

• Supports virtual (VM) and physical workloads (PHY)

Network Virtualization using L2 over L3 Tunnels Hyper-Scale Data Centers

SDN Controller

Service Provider Data Center

Customer A

Server

Customer B


vSwitch

VM3

vSwitch: software switch

Customer A (Logical Network)

SP DC

VM1 VM2 PHY 1

VM1

Server

vSwitch

VM4 VM2

L2 over L3 tunnels

Physical workloads

L3 VPN or Internet

Virtual workloads

Customer B (Logical Network)

SP DC Customer DC

VM3 VM4 PHY VM VM PHY 2

VM VM VM VM

The network “edge” has moved!

VXLAN Gateway VXLAN G/W and L4-7 Application Delivery Service

October 18, 2012 © 2012 Brocade Communications Systems, Inc. CONFIDENTIAL

18

VXLAN G/W

VXLAN

VXLAN

VLAN

Internet

L3 Routing

Load Balancing

L2 Bridging

Internet

Tenant 1

Tenant 2

VXLAN Tunnel Termination

SDN USE CASE

Flow Management with OpenFlow


for Metro/WAN

• OpenFlow is well suited for flow management in the metro/WAN

• Facilitates deployment of innovative new applications, e.g.,

• Global network optimizations

• Solving complex traffic engineering challenges

• Support traffic engineering incorporating business rules

• Applicable to Layer 2, Layer 3, and MPLS networks


Flow Management in the Metro/WAN A SDN Application using OpenFlow

Network Controller

OS

Hardware

Features

OS

Hardware

OpenFlow Client

OS

Hardware

OpenFlow Client

OS

Hardware

OpenFlow Client

Features (Applications)

OpenFlow

Physical Networking Infrastructure


Flow Management in the Metro/WAN http://www.ietf.org/id/draft-pan-sdn-dc-problem-statement-and-use-cases-02.txt

OpenFlow for WAN Flow Management: Example

© 2011-2012 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL— Discussed under NDA Only

Network Operation Center

1 2

5

Customer

Site A

Customer

Site B 3 4

Service Provider OpenFlow Controller used

to setup a traffic tunnel between

customer sites A and B OpenFlow Controller pushes the

tunnel configuration to the required

LERs and LSRs

Service is enabled and traffic flows

between customer sites

Congestion sets in on network node.

Customer flow needs to use an

alternate path.

OpenFlow Controller is used to set up

alternate path and to tear down old

path.

New York San

Francisco

Dallas

Chicago

Network Operation Center

Customer

Site A

Customer

Site B

New York San

Francisco

Dallas

Chicago

SDN USE CASE

Service Insertion with OpenFlow


for Metro/WAN

Use Case: Flexible Value Added Service Creation Programmable Logical forwarding path for different Virtual Machine

24

FW DPI Analytics Caching Application

Optimization

A B C D

Data Centre Router

OpenFlow Controller

Rule Action Stats

Flow Table Entry

A B C D

A B C D

SDN USE CASE

Real Time Big Data Analytics


For Hyper-Scale Data Centers

12/7/20

12

© 2012 Brocade Communications Systems, Inc.

Handling BIG Data in Real Time Stream Computing

Current fact finding

Analyze data in motion – before it is stored

Low latency paradigm, push model

Data driven – bring data to the analytics

Historical fact finding

Find and analyze information stored on disk

Batch paradigm, pull model

Query-driven: submits queries to static data

Traditional Computing Stream Computing

Real-time Analytics

© 2012 Brocade Communications Systems, Inc. CONFIDENTIAL — For Internal Use Only

Network Analytics: Solution Components Telemetry-enabled Brocade MLX Series performs three key functions

Existing Network Brocade or Non-Brocade

SPAN Ports

TAP Ports

Analytics Tool Farm

HTTP Analyzer

VoIP Analyzer

Intrusion Detection

Custom Application (Billing)

Aggregation

Filtering

Replication

Telemetry Enabled

27

Openflow Controller

Brocade MLX

SDN Architecture


For Hyper-Scale Data Centers and WAN Networks

What if you could …

Build your next data center

optimized for highest demands

in flexibility, reliability, and

scale

Virtualize your network starting now for greater responsiveness and increased

asset utilization

Create and deliver

customized services and new offerings at the

speed of customer need

Unlock the intelligence from your network for

real-time orchestration and analytics

� Isolation

� Security

� SLAs

� Shared Services

� Service Interposition

© 2012 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL— Discussed under NDA 30

Why Can’t You Do These Things Today? The Network Is the Constraint

Pod Pod Pod Pod

VM VM

VM VM

VM VM

VM VM

VM VM

VM VM

VLANs

ACLs

QoS

PVLANs

Service Routing

Hierarchical Monolithic Closed North/South-optimized Inflexible

31

Cloud-Optimized Networks via SDN are the Solution Brocade delivers a clear path to Software Defined Networking

• Network changes are quick and easy

• Rapid deployment of new services

• Flexible, on demand networks

• Highly automated environments

More Resilient

Open Personalized

Flexible

Automated

Network Fabric

VM VM VM

PHY PHY VM VM VM

PHY PHY

VM VM VM

PHY PHY

Network Controller

Cloud Management

System

32

Cloud-Optimized Networking Architecture for building the software-defined network

Enabling

Technologies

Key

Benefits

Cloud-Optimized

Network Stack

Cloud APIs: OpenStack, VMware,

Microsoft, CloudStack, etc.

Automation and

orchestration Cloud Management Layer

Programmatic Control:

OpenFlow; OpenScript

Personalization and

monetization Services Layer

Overlay Networking:

VXLAN, NVGRE, STT; MPLS

Flexibility and efficient

asset utilization Network Virtualization Layer

Any-to-any connectivity:

Ethernet Fabrics; TRILL; IP routing

Reliability and

simplicity Network Fabric Layer

The Path to Software-Defined Networking

SDN-ready Simpler & automated

Open High performance

Start now with no risk

SDN-ready

network

SDN-Enabled Programmable Hybrid-mode

Non-disruptive

Layer in value-added services

Value added

services

SDN-enabled

network

Software-Defined Predictive Flexible

Intelligent

Transform your infrastructure

Value added

capabilities Software-Defined

Network

Internet2 Case Study Software Defined Networking (SDN) in the Wide Area Network (WAN)


Internet2 OpenFlow Enabled 100GbE Nationwide Backbone


Exchange Point

Internet 2 • 49 Custom Location

Facilities • 15,500 miles of dark Fiber • 8.8 Tbps of Optical Capacity • Hybrid Mode with protected

OpenFlow traffic

Seattle

Kansas City

Chicago (3)

Salt Lake City

Los Angeles

Houston (2)

Atlanta

Washington DC

Cleveland New York (2)

Boston Albany

Philadelphia Pittsburgh

Buffalo

Detroit

Raleigh

Charlotte

Jacksonville

Baton Rouge

Jackson

Chattanooga

Nashville

Louisville

Cincinnati Ashburn Indianapolis

St. Louis

Memphis Tulsa

Dallas

Madison

Minneapolis

San Antonio

El Paso

Albuquerque

Denver

Bismarck

Fargo Dickinson

Miles City

Billings

Bozeman

Missoula

Spokane

Boise

Las Vegas

Phoenix Tucson

San Diego

IP router node Optical add/drop facility

Reno

Olympia

Portland

Eugene

Sacramento

Sunnyvale

San Luis Obispo

SDN WAN USE CASE

Internet2 NDDI Initiative

• Platform for network innovation

• Collaboration between Internet2, Indiana University and the Clean Slate Program at Stanford University

• Goal: Provide a radically new platform upon which researchers and students will be able to innovate

• OpenFlow provides an API that allows researchers to control the network directly

• New Internet2 service called “Open Science, Scholarship and Services Exchange (OS3E)” on top of the NDDI infrastructure

Network Development and Deployment Initiative

Internet2 Innovation Platform

• Massive bandwidth through a 100GbE Layer 2 connection

• Address traditional bottleneck and aggregation points to pass high-bandwidth traffic and provide performance monitoring/verification thru implementation and support of a Science DMZ

• Introduce SDN capabilities to support the development and deployment of new applications


Thank You

© 2011-2012 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL— Discussed under NDA

Only 38

Date post:	08-May-2015
Category:	Technology
Upload:	malaysia-network-operators-group
View:	1,815 times
Download:	1 times

Software Defined Networking/Openflow: A path to Programmable Networks

Technology