32
1
The OpenFlow Standard: a Software Defined Network
___________________________________________________________________________________________
Prepared by
Rahil Aftab __________________________________________
In Partial Fulfillment of the requirements
For Senior Design – CTC 492
Department of Computer Science California State University, Dominguez Hills
Fall 2012
Committee Members/Approval Dr. Mohsen Beheshti ______________________ ____________ Faculty advisor Signature Date Dr. Jack Han______ ____________________ __ ____________ Committee member Signature Date Dr. Kazimierz Kowalski ___________________ __ ____________ Committee member Signature Date Dr. Mohsen Beheshti ___________________ ___ ____________ Department Chair Signature Date
2
Table of Contents
Pages
Approval Sheet……………………………………………………………………………….…1
Table of Contents…………………………………………………………………….…………2
Abstract…………………………………………………………………………………………..3
Introduction…………………………………………………………………….………..………4
Background 1.0………………………………………………………………..………………..5
Section 1.1 Networking Basics………...……………………………………….…………..5-7
Section 1.2 Software defined networking(SDN)…………………………………….……8-9
Section 1.3 Introduction to OpenFlow…………………………………………………….9-11
Section2.0: OpenFlow Basic Components………………………………...……..…….11-14
Section2.1: OpenFlow Control Platforms…………………………………………………..15
Section2.2: FlowVisor……………………………………………………………….……15-17
Section 2.3: OpenPipes……………………………………………..….…………..…….17-19
Section 2.4: Load balancing using OpenFlow………...………………..…….…….….19-20
Section 2.5: Reducing energy costs within data centers………………………...........20-21
Section 2.6: Internet2, NDDI, OS3E……...……..……………………………………….21-24
Conclusion……………..………………………………………………………………...……25
References……………………………………………………………………….……..……..26
3
Abstract
So imagine a professor has a great idea for a new internet protocol and he wants
to test it out within the schools network. He needs access to the networks hardware to
change some settings within the firmware so the protocol can be tested. Of course the
vendor of the hardware does not want to reveal or edit any of the inner working of the
hardware. Even if he managed to edit the hardware setting, running a new protocol on a
network could disrupt the regular flow of traffic and even bring the entire network down.
Researchers at Stanford University came up with a solution to this problem. Building
upon software defined networks they came up with the OpenFlow Standard. Along with
being able to run test protocols on an isolated network within the campus, researchers
have developed add-ons to the protocol taking advantage of its unique nature. This
research paper will cover OpenFlow in its entirety along with the many advantages it
offers to campuses and data centers around the world.
4
Introduction
This paper will focus on the need and advantages of OpenFlow. It will cover
OpenFlows white paper and the specifics of how the protocol is used within a network.
Before one can understand how OpenFlow works the basics of networking is needed.
The OSI model is covered in basic detail. Since OpenFlow is a form of software defined
networking (SDN). This topic will be covered as well explain how SDN’s behave
differently from a normal network. Then an introduction is be given introducing the basic
concepts of OpenFlow. OpenFlow was designed to be an open system allowing
experimentation with new ways it can be used and modified. FlowVisor is an add-on
that will be explained. How OpenFlow can be used in aggregation of networks and
reducing energy costs within data center will be explained. The concept of OpenPipes
and network convergence will also be covered. OpenFlow is being used within Internet
2’s Network Development and Deployment Initiative (NDDI) and Open Science
Scholarship and Service Exchange (OS3E), which is planning to be a world-wide
network taking advantage of software defined networking aiding in network research.
5
1. Background
In order to understand how OpenFlow functions and why it is needed you must
first understand the basic of networking. The standard that most networks use follows
the open systems connect (OSI) model. OpenFlow is a form of software defined
networking (SDN) which is going to be next evolution of networking.
1.1 Networking Background
In order to understand how the OpenFlow protocol works one must know the
basic fundamentals of networking along with the open Systems Interconnection model.
The model consists of seven layers: physical layer, data link layer, network layer,
transport layer, session layer, presentation layer, and application layer. The seven layer
concept was developed during the 1977’s by a Honeywell employee Charles Backman.
Before then there wasn’t really a standard that could guide a network engineer in
developing network equipment that would be complaint within dissimilar networks. The
open system interconnection model also laid a standard on how network operating
systems communicate within a network. When the international organization for
standardization finished developing the OSI model it became a common link allowing
computers to transmit and exchange data reliably. The seven layers work together to
form a functioning network.
The physical layer (sometimes referred to as the hardware layer) defines the
physical characteristics of the network that include the cable specifications, the format
of the pins for the cables, voltages, line impedance, hubs, network adaptors and pretty
much any physical device that can be used within the network. It also establishes the
6
physical topology of the network along with choosing when to terminate or start a
connection. The data link layer sends data to the physical layer so it can be transmitted
over the network. It can also perform checksums and error detection on the data to
make sure the data about to be sent is the data that was received. The data link layer is
a little special from the other layers because it has two sub layers: the Logical Link
Control sub layer and the Media Access Control sub layer. The logical link control sub
layer is responsible for multiplexing mechanisms that allow for multiple network
protocols to be used over the same network media within a network. It also allows for
flow control and automatic repeat request which are error control methods. The media
access sub layer is responsible for frame synchronization which is basically determining
where one frame of data end and where the next one starts. It also controls access to
the network media and manages the protocols trying to use it. The network layer
provides a mechanism by which data can be transferred between two networks or
systems. It doesn’t define how data is moved it just picks the mechanism used to allow
for the transfer to occur. This is also known as a switching method, it describes how the
data is send from one node to another. Examples of some switching methods are circuit
switching, message switching, and packet switching. For example some mechanisms
that can be used are defining network addressing, route selection, maintenance and
discovery. Basically it performs network routing functions calculating the shortest route,
along with the occasional fragmentation and reassemble of data packets. Common
network layer protocols are IP (part of TCP/IP protocol suite), and IPX which are both
connectionless transport mechanisms. These connectionless protocols do not receive
acknowledgements upon receiving data unlike connection oriented protocols. They just
7
transmit data without caring if it got there or not. For example live streaming video uses
a connectionless protocol UDP, because so many frames have to be sent to see the
media having an acknowledgement for each packet sent would take up unnecessary
bandwidth and slow the stream down. Even if a packet was lost the stream would skip a
little but would barely be noticeable. The transport layer is responsible for transporting
data from one host to another. It also segments the data being transferred along with
reassembling it at the receiving end. Examples of protocols that operate at the transport
layer are TCP, UDP, and SPX. TCP and SPX are connection oriented mechanism
allowing for confirmation each time data is sent and the connection is maintained until
the communication is complete. Flow control also occurs at the transport level such as
buffering and windowing. The session layer is responsible for managing the
synchronization of data between applications on two devices. This is done by stabling,
maintaining, and breaking sessions. It performs the same function as the transport layer
but does it at an application level. The presentation layer is responsible for converting
the data received from the application layer into another format such as JPEG’s, ASCII
text, and MPEG’s. This layer also preforms encryption and decryption of the data being
sent and received. The application layer defines the processes that enable applications
to use network services. For example if an application wants to open a file residing on a
network drive, the functionality is provided by components in the application layer. Its
function is to take requests and data from the user and pass it to the lower layers of the
OSI model. Incoming data is passed to the application layer and then displayed for the
user, such as opening or printing a PDF saved on a network drive. Figure 1 shows an
example of what layers are traversed while sending/receiving data over a network.
8
Figure 1: Taken from About.com.
1.2 Software Defined Network (SDN)
Software defined networking is the next evolution in how a networks will
work in the future. When a packet arrives in a conventional network the switches built in
the firmware tells the switch where the packet will be forwarded. The switch treats all
the packets the same way and sends them on the same path. There are some very
expensive switches smart switches that application-specific integrated circuits that are
sophisticated enough to recognize different types of packets and treat them differently,
but they are not cost effective and very expensive.
In a software-defined network the network administrator can shape traffic from a
central control console without having to individually touch the switches. It is an
approach in which control over where the packets go is decoupled from the hardware
9
and given to a software application called a controller. The network administrator can
change the network switches rules on the fly and prioritize, de-prioritize, and even block
certain types of packets with a high level of detail. This allows for the administrator to
manage traffic in a more flexible and efficient manner. He can do all this with less
expensive network equipment and having more control over how network traffic flows
than ever before. Along with having full control of the network traffic SDN’s also allow
you to program interfaces into network equipment. The advantage of programmable
interfaces within network equipment is that it can allow for automation of tasks such as
policy and configuration management, thus enabling the network to dynamically
respond to application requirements. So basically you can write software that tells the
entire network how to function.
The most well-known group associated with developing standards based on
SDN’s is the non- profit organization Open Networking Foundation (ONF). It was
created in 2011 with a vision to make OpenFlow-based SDN the new standard for
networks. The organization has taken the responsibility to drive standardization of the
OpenFlow protocol. The group consists on more than 70 companies of all sizes from
start-ups to global powerhouse. The members have access to emerging standards,
frameworks, royalty-free access to OpenFlow protocols and intellectual property.
1.3 Introduction to OpenFlow
“Today, there is almost no practical way to experiment with new network
protocols (e.g., new routing protocols, or alternatives to IP) in sufficiently realistic
settings (e.g., at scale carrying real traffic) to gain the confidence needed for their
widespread deployment.” (Nick McKeown) OpenFlow allows for researchers to
10
experiment new protocol ideas within an isolated network without disrupting the regular
flow of traffic within the campus network.
“OpenFlow is based on an Ethernet switch, with an internal flow-table, and a
standardized interface to add and remove flow entries.” (Nick McKeown)
The ability to have an internal flow table that is customizable allows the switch to be
more versatile within the network. Many vendors have already started implementing
OpenFlow within their switches and routers. “Our goal is to encourage network-ing
vendors to add OpenFlow to their switch products for deployment in college campus
backbones and wiring closets. We believe that OpenFlow is a pragmatic compromise:
on one hand, it allows researchers to run experiments on hetero-geneous switches in a
uniform way at line-rate and with high port-density; while on the other hand, vendors do
not need to expose the internal workings of their switches.” (Nick McKeown)
Vendors have the peace of mind knowing their proprietary software embedded within
their devices is not accessible. Allowing OpenFlow within their devices allows increases
the versatility of their products within a network implementing OpenFlow.
“OpenFlow could serve as a useful campus component in proposed large-scale
testbeds like GENI.” (Nick McKeown) GENI is short for Global Environment for Network
Innovation. It is sponsored by the national science foundation consisting of the brightest
minds around working on a unique virtual laboratory. Their goal is to come up with new
possibilities for future internets. They have designed internet 2.0 taking advantage of
the OpenFlow protocols unique nature, which will be later section. Virtual programmable
networks GENI is developing can lower the barrier for new ideas but is also very costly
to deploy nationwide and would take years.
11
“This whitepaper focuses on a shorter-term question closer to home: As
researchers, how can we run experiments in our campus networks? If we can figure out
how, we can start soon and extend the technique to other campuses to benefit the
whole community.” (Nick McKeown) Allowing safe campus network research is very
important because it paves the way for innovation in the future. OpenFlow’s goals are to
implement a low-cost high-performance network along with supporting a broad range of
research isolating experimental traffic from production traffic.
2. OpenFlow Basic components
“The basic idea is simple: we exploit the fact that most modern Ethernet switches
and routers contain flow-tables (typically built from TCAMs) that run at line-rate to
implement firewalls, NAT, QoS, and to collect statistics. While each vendor’s flow-table
is different, we’ve identified an interesting common set of functions that run in many
switches and routers. OpenFlow exploits this common set of function” (Nick McKeown)
OpenFlow provides an open protocol allowing a programmable flow-table in different
switches and routers. The administrator of the network can separate traffic into two
groups the production and research flows. This is done by choosing the routes their
packets follow. Having this ability allows for a researcher to experiment with new routing
protocols, security models, addressing schemes, and even alternatives to the Internet
Protocol without disrupting the regular flow of traffic.
“An OpenFlow Switch consists of at least three parts: (1) A Flow Table, with an
action associated with each flow entry, to tell the switch how to process the flow, (2) A
Secure Channel that connects the switch to a remote control process (called the
12
controller), allowing commands and packets to be sent between a controller and the
switch using (3) The OpenFlow Protocol, which provides an open and standard way for
a controller to communicate with a switch. By specifying a standard interface (the
OpenFlow Protocol) through which entries in the Flow Table can be defined externally,
the OpenFlow Switch avoids the need for researchers to program the switch.” (Nick
McKeown) Not having to program the switch internally is a big plus because the
vendors do not have to worry about the proprietary software being exploited. Giving the
vendors peace of mind in enabling the OpenFlow feature within their routers and
switches. The controller plays a big part within OpenFlow allowing for programmability
within the flow-table. The OpenFlow protocol itself is the standard for the controller to
communicate with the switch or router. Figure 2 shows an example of the OpenFlow
switch.
There are two types of OpenFlow switches, a dedicated OpenFlow, and a
OpenFlow-enabled switch. “A dedicated OpenFlow Switch is a dumb data path element
that forwards packets between ports, as defined by a remote control process.” (Nick
McKeown)
For example all packets from a particular MAC address are forwarded to a designated
port within the network according to the flow table. A dedicated OpenFlow switch must
be able to forward packets to a given port or ports, encapsulate and forward the packets
to a controller though a secure channel, and are able to drop packets for security
reason such as defending against denial of service attacks.
13
Figure 2: (Taken from OpenFlow Whitepaper)
An OpenFlow enabled switch consists of commercial switches, routers, and access
points enhanced with the OpenFlow feature.” Typically, the Flow Table will re-use
existing hardware, such as a TCAM; the Secure Channel and Protocol will be ported to
run on the switch’s operating system.” (Nick McKeown) OpenFlow takes advantage of
the built in features of the devices and enhances their functions. OpenFlow isolates the
14
experimental traffic from the production traffic that is processed by the normal layer
2(Data Link Layer) and layer 3(Network Layer) pipeline of the switch. It does this by
forwarding the packets to the normal processing pipeline. There can also be separate
sets of VLAN’s for production and experimental traffic.
“A controller adds and removes flow-entries from the Flow Table on behalf of
experiments. For example, a static controller might be a simple application running on a
PC to statically establish flows to interconnect a set of test computers for the duration of
an experiment. In this case the flows resemble VLANs in current networks providing a
simple mechanism to isolate experimental traffic from the production network. Viewed
this way, OpenFlow is a generalization of VLANs.” (Nick McKeown) A controller can do
more than just run a simple VLAN. It can dynamically add/remove flows (entries in the
Flow table) as an experiment progresses. For example a more complicated controller
can support multiple researchers, each with different accounts and permissions,
allowing them to run different independent experiments on different sets of flow tables.
This is done by using a policy table running in the controller.
2.1 OpenFlow Control Platforms
NOX is the platform for building network controlled applications. This is what
programs the actions of the controller along with FlowVisor. NOX is used in the first
version of OpenFlow, and is programmable in C++.POX is the next version of platform
for building network controller application and is programed in Python using PyPy,
which is a more efficient faster implementation of Python. Using PyPy Python programs
run faster, are more memory efficient, highly compatible with existing python code,
15
allows for sandboxing ( ability to run untrusted code in a fully secure way), and
supports stackless mode which provides for micro-threads for massive concurrency.
POX is the most recent platform used by OpenFlow and allows for more features than
NOX. Such as reusable sample components for path selection along with topology
discovery, supports the same GUI and virtualization tools as NOX, PyPy allows for POX
to literally run anywhere, targets Linux, Mac OS, and Windows.
2.2: FlowVisor
FlowVisor is an add-on to the OpenFlow protocol that helps with the separation
of experimental networks within the test environment. “FlowVisor is implemented as an
OpenFlow proxy that intercepts messages between OpenFlow-enabled switches and
OpenFlow controllers.” (Bastin) FlowVisor is implemented between the switch and the
controller acting as a proxy server, sending the packets received by the switch to the
appropriate controller.
16
“In general, we say that FlowVisor slices traffic using flowspaces. Given a packet
header (a single ”point”), FlowVisor can decide which flowspace contains it, and
therefore which slice (or slices) it belongs to. FlowVisor can isolate two slices by making
sure their flowspaces don’t overlap anywhere in the topology; or it can decide which
switches can be used to communicate from one slice to another. It can also allow a
packet to belong to two or more slices; for example, if one slice is used to monitor other
slices.” (Bastin) FlowVisor allows a great deal of customization within the network and
helps separate the network flows for each experiment being run. This is the main
mechanism that separates the experimental networks from the production networks on
a campus. “FlowVisor was designed with the following goals: (1) the virtualization
17
should be transparent to the network controller, (2) there should be strong isolation
between network slices, and (3) the slice definition policy should be rich and extensible.”
(Bastin) These basic goals allow for FlowVisor to work seamlessly with OpenFlow.
Because FlowVisor operates between the switch and the controller “from a guest
controller’s perspective, FlowVisor appears as a switch (or a network of switches); from
a switch’s perspective, FlowVisor appears as a controller.” (Bastin)
Section 2.3 OpenPipes
OpenPipes goals are to distribute hardware design across multiple physical
resources. Hardware designers are often constrained by the amount of logic they can
place within a device. OpenPipes is a tool designed to enable complex designs to be
distributed across several sub systems, such as a combination of software and
hardware sub systems. Systems are built by composing modules together using
OpenFlow networking to interconnect between modules. This provides OpenPipes with
overall control of traffic flows within the network.” Any device that can attach to the
network can host modules, allowing software modules to be used alongside hardware
modules. The control provided by OpenFlow allows running systems to be modified
dynamically, and as we show in the paper, OpenPipes provides a mechanism for
migrating from software to hardware modules that simplifies testing.” (Glen Gibb) This
allows for the network to extend its scalability across multiple hardware/software
modules and allows for dynamic change according to its needs.
OpenPipes takes advantage of field-programmable gate arrays (FPGAs which
provide custom network hardware prototypes. Basically FPGAs can be configured to
18
run custom network hardware such as an IPv4 router with 32 ports. Doing so uses
about 86 percent of the hardware leaving little room for experiment. OpenPipes allows a
researcher to combine and partition multiple FPGAs together allowing for scalable slices
of an OpenFlow network.
“Hardware modules can be verified in a live system by providing the same input
to hardware and software versions of the same module, and checking that they produce
the same output.” (Glen Gibb) This allows for experimental modules tested within
software to be easily migrated to hardware modules and be tested. If the entire tests
pass and the outputs are the same the module can then be implemented within
hardware if needed according to the experiment.
An illustrated example is figure 4 below. The goal of this example is to use
different modules to edit a stream from a webcam. The desired system is in the box to
the left. The camera feed must first go to a color identification module located in
Houston using an OpenFlow switch located in Los Angeles. Then from there it is
connected to the gray scale module and the vertical flip module. When the color
identification module is connected to the gray scale module it asks which colors it
should transmit to the grey scale module. In this example if the colors are predominantly
red, blue, or no predominant color is present the feed will be in grey scale. Then the
color identification module is connected to the vertical flip module and is only flipped if
the predominate color is green. Then the feeds are connected to the output monitor
which shows a gray scale of the webcam feed. Now if a green filter is put in front of the
webcam the output stream will be flipped vertically because the predominate color is
19
green, which activates the vertical flip module. Also any of the modules can be added
and moved around in the network without affecting the stream.
(Figure 4 Taken from Glenn Gibb)
2.4 Load Balancing using OpenFlow
Load balancing is achieved within an OpenFlow network by programing it into the
OpenFlow controller. The controller is programed using the NOX or POX control
platform. An algorithm is programed into the controller evaluating the current use of the
network, such as which servers are currently being used; this is done by the servers
reporting their current load to the controller. The controller constantly listens to the
servers reporting loads on a UDP socket, keeping an array with the current loads for
20
each server. The controller analyzes the current loads and chooses the best route for
the packets. When it chooses which server the packet is going to be sent to the server
load in the array is incremented by one. This allows for the network to be more efficient
without needing any additional specialized hardware for load balancing. Making the
network low cost and high performance, which is one of OpenFlows main goals.
2.5 Reducing Energy Costs within Data Centers using Elastic Tree
Elastic Tree is a network-wide power manager, which dynamically adjusts the set
of active network elements such as links and switches to changing data center traffic
loads. ElasticTree also uses the OpenFlow standard with compatible switches to test
and implement within data centers. Elastic tree can save up to 50% of data centers
energy. Data centers are usually provisioned for peak workload and run below capacity
most of the time. Elastic tree continually monitors the data centers traffic conditions and
chooses the set of network elements that must stay active to meet the fault tolerance
and performance goals. Then it powers down unneeded switches and links as possible.
“ElasticTree is a system for dynamically adapting the energy consumption of a data
center network.
ElasticTree consists of three logical modules - optimizer, routing, and power control The
optimizer’s role is to find the minimum power network subset which satisfies current
traffic conditions. Its inputs are the topology, traffic matrix, a power model for each
switch, and the desired fault tolerance properties (spare switches and spare capacity).
The optimizer outputs a set of active components to both the power control and routing
21
modules. Power control toggles the power states of ports, linecards, and entire
switches, while routing chooses paths for all flows, then pushes routes into the
network.” (Brandson Heller) The combination of these modules allows ElasticTree tree
to save energy costs within the data centers. According to an estimate ElasticTree can
total a savings of 1 billion KWhr annually within data center across the United States.
Section 2.6 Internet2, NDDI, OS3E
Indiana University and the Clean Slate Program at Stanford University have
formed the Network Development and Deployment Initiative (NDDI), which is a
partnership to create a new network platform and complementary software. Their goals
are to support global scientific research in a revolutionary new way. Internet2 is an
advanced technology community owned and led by the U.S. research and education
community. Internet 2 and NDDI have come up with a network service called Open
Science, Scholarship and Services Exchange (OS3E). The goal of OS3E is to provide a
nationwide Software-Defined Networking platform that will support both productions
services and experimental services, in which new protocols or services can be
developed and tested. OS3E and NDDI use OpenFlow for its software defined network.
Internet2 and Indiana University (IU) have deployed advanced network services
such as QoS (Quality of Service) and IPv6 before they were deployed within the internet
we use today. The have also “provided wide area test-beds for the network research
community, including support for projects such as PlanetLab, HOPI, and GENI.”
(Internet2, Indiana University, Clean State Program at Standford University). Planet lab
is a testbed of a group of computers available for computer networking and distributed
22
systems research. “Internet2 and IU have driven the development of new types of
services, such as Layer 2 “circuit” services provisioned automatically through software
(IDC/ION) and multi‐layer multi‐network performance monitoring services (perfSONAR).
The unifying theme of Internet2’s network offerings has always included providing
network connectivity by the best available network transport technologies.” (Internet2,
Indiana University, Clean State Program at Standford University) There are three main
reasons why internet2 has decided to develop and deploy this new type of network. One
it has seen strong demand for an experimental networking in support of network
research, two there is a strong demand for broad access to VLAN-based network
infrastructure that supports flexible, persistent, and unrestricted VLAN’s, three a growing
need for scientists around the world to be able to collaborate during network research
and experiments. Scientists will no longer have to develop and operate their own
network for running experiments, thus enabling them to concentrate on the science
itself. OS3E will provide a large scale platform that will be professionally managed to
support the scientists doing research.
NDDI will have 35 access points around the United States and a campus can
gain access to it by asking their internet2 connector to provision some VLANs from the
campus to the nearest NDDI switch. An internet2 connector is a research or educational
organizations connecting directly to internet2. A campus can also attach workstations
within different labs on campus extending VLANs though their internet2 connector. Also
23
the Ethernet switches, routers and access points being used must be able to support
the OpenFlow standard. OS3E will be the first service that will be deployed on the NDDI
network. OS3E will be very useful to professors around the world conducting research
on different internet protocols and services.
In order to be about of the NDDI and deploy OS3E on top of it a campus or
company must become an investing partner or cooperating partner. “An Investing
Partner is a partner that contributes significant resources to the NDDI project in the form
of hardware, network capacity and/or software development. Investing Partners
contribute to all aspects of the NDDI project, not just a specific component or location.
The initial investing partners are Internet2, Indiana University and the Clean Slate
Program at Stanford University. A Cooperating Partner is defined as a partner that
either implements a similar infrastructure and links their infrastructure to the NDDI
substrate or contributes to specific components or aspects of the NDDI project.”(NDDI
OS3E FAQ pg 3). Having these requirements allows for NDDI to keep expanding as
they get more participants though out the world. Also any organization can pay port fees
and connect to OS3E and use it for an legal purpose. One must contact
[email protected] directly to inquire about port fees and usage fees. Below is the
24
NDDI and OS3E Topo logy draft taken from internet2.edu.
25
Conclusion
The OpenFlow standard is rapidly gaining support and momentum and support
has been announced by many major network equipment vendors. Several commercial
and non-commercial OpenFlow control platforms have been developed. Software
defined networks in general will be the future of networking due to fact that they can be
programed like a computer. Allowing it to dynamically change according to how it is
programmed. OpenFlow uses this to help professors and organizations conduct in
depth research within their current networks without disrupting the regular flow of traffic.
OpenFlow allows for complete isolation of experimental networks using OpenFlow
compatible network devices, which are becoming more common with major network
equipment vendors. OpenFlow and software defined networking will gain popularity as
time progresses and will become the norm within networking in the future.
26
References
Bastin, Nick. FlowVisor. n.d. 10 10 2012 <https://openflow.stanford.edu/display/DOCS/Flowvisor>. Brandson Heller, Srini Seetharaman, Priya Mehadevan, Yiannis Yiakomis, Puneet Sharma, Sujata
Banerjee, Nick McKeown. "Elastic Tree: Saving Energy in Data Center Networks." n.d. www.usenix.org. 15 10 2012 <www.usenix.org/event/nsdi10/tech/full_papers/heller.pdf>.
Glen Gibb, Nick McKeown. n.d. OpenPipes: making distributed hardware systems easier. 12 10 2012
<http://yuba.stanford.edu/~nickm/papers/openpipes.pdf>. Global Environment for Network innovations. n.d. 14 09 2012 <www.geni.net>. Internet2. NDDI OS3E FAQ. n.d. 12 11 2012
<http://www.internet2.edu/network/ose/docs/NDDI%20OS3E%20FAQ.pdf >. Internet2, Indiana University, Clean State Program at Standford University. "The Network Development
and Deploymeny Initiative: Expanding the Breadth and Reach of Internet2 Network Services Through the Devlopment of the Open Science, Scholarship, and Services Exchange." n.d. internet2. 12 11 2012 <http://www.internet2.edu/network/ose/docs/Open%20Science%20Exchange%20Whitepaper.pdf>.
List of OpenFlow Software Projects (that I know of). n.d. 05 09 2012
<http://yuba.stanford.edu/~casado/of‐sw.html>. Nick McKeown, Tom Anderson , Hari Balakrishnan , Guru Parulkar , Larry Peterson , Jennifer Rexford ,
Scott Shenker , Jonathan Turner. "OpenFlow." 14 03 2008. OpenFlow: Enabling Innovation in Campus Networks: White Paper. 03 09 2012 <http://www.openflow.org/documents/openflow‐wp‐latest.pdf>.
Open Networking Foundation. n.d. 12 09 2012 <https://www.opennetworking.org>. Serpanos, Dimitrios. Architecture of Network Systems. Morgan Kaufmann, 2011. Team, Standford OpenFlow. OpenFlow. 2011. 01 11 2012 <http://www.openflow.org>.
27
Appendix
Rahil Aftab11/29/2012CTC 492
Final Presentation
OverviewTopics
BackgroundOSI Model.SDN(Software Defined Networking).
OpenFlow Goals.OpenFlow BasicsOpenFlow Control PlatformsFlowVisorOpenPipesLoad Balancing using OpenFlowReducing Energy Cost within Data CentersInternet2,NDDI, OS3EConclusion
OSI ModelConcept developed by Charles Backman at HoneywellNetworking standard used to transmit and exchange data reliably.Consists of 7 Layers
Software Defined NetworksA Network Operating System controls the flow of the network. Allowing the network to act like a computer.SDN’s allow for automation of tasks such as policy and configuration management, thus enabling the network to dynamically respond to application requirements.It is also very cost effective and allows the network to become more flexible.Very useful in cloud computing. Greater control and flexibility over which IP’s can be used.
Goals of OpenFlowAllow campuses to experiment with new routing protocols, security models, addressing schemes, and even alternatives to the internet protocol. Without disrupting the production flow of the campus network.Keep it open source so add‐ons can be created to extend its functionality.Develop a low‐cost high‐performance switch.
OpenFlow BasicsAn OpenFlow switch consists of three parts.
A Flow Table‐ A list of actions associated with the packet identifiers/headers to tell the switch where to send the packets.A secure channel such as SSL to connect the switch to a remote control called the controller. Allowing commands and packets to be sent between the two.The OpenFlow protocol‐ a open standard way for the controller to communicate with a switch. This avoids modifying the internal firmware of the commercial switch, router, or access point.
Taken from OpenFlow: White Paper
OpenFlow Control PlatformsPlatforms for building network controlled applications.Either NOX or POX is used within controllers to program customized actions according to the networks needs.NOX is used in the first version 1.0 of OpenFlow, and is programmable in C++
OpenFlow Control PlatformsPOX or NOX is used in OpenFlow version 1.1 POX Better and faster version of NOXPOX is Programed in Python using PyPy, which is a more efficient faster implementation of Python.
FlowVisorFlowVisor is an add‐on to the OpenFlow protocol that helps with the separation of experimental networks when using multiple controllers.Works like a proxy server between the switch and the controller. Sends the packets received by the switch to the appropriate controller and vice versa.
OpenPipesHardware designers are constrained by the amount of logic they can place within a hardware device.OpenPipes is a tool that uses the OpenFlow standard to enable complex designs to be distributed across several sub systems.The systems can be built with a combination of both hardware and software subsystems.Goal: Test logic using software modules, then transfer logic to one hardware module and compare outputs.
OpenPipes Load Balancing using OpenFlowPrograming a load balancing algorithm into the controller. Evaluating the current use of the network.This is done by the servers constantly reporting their current load to the controller though a listening UDP socket. (Heart beat monitor)keeps an array with the current loads for each server.
Reducing Energy Costs within Data Centers
Developed at Stanford, uses OpenFlow switchesElasticTree is a network‐wide power manager, which dynamically adjusts the set of active network elements such as links and switches to the changing data center traffic loads.
Reducing Energy Costs within Data Centers
Continually monitors the data centers traffic conditions and chooses the set of network elements that must stay active to meet the fault tolerance and performance goals of the data center. According to an estimate ElasticTree can total a savings of 1 billion KWhr annually within data center across the United States.
Internet2, NDDI, OS3EInternet2: Is an advanced technology community owned and led by the U.S. research and education community.Network Development and Deployment Initiative (NDDI): A partnership between Indiana University and Stanford to create a new network platform and complementary software.Their goals are to support global scientific research in a revolutionary new way.
Internet2, NDDI, OS3EOpen Science, Scholarship and Services Exchange (OS3E): Created by Internet2 and NDDI to provide a nationwide Software‐Defined Networking platform that will support both productions services and experimental services, in which new protocols or services can be developed and tested.Scientists will no longer have to develop and operate their own network for running experiments, thus enabling them to concentrate on the science itself.
ConclusionThe OpenFlow standard is rapidly gaining support and momentum and support has been announced by many major network equipment vendors. (Cisco, Brocade, and juniper)SDN’s will be the future of networking because they can be programed like a computerSDN’s are more flexible and dynamic than the traditional network.
Future WorkResearch SDN SecurityCreate a virtual environment consisting of OpenFlow switches. Learn python and program the control console using POX.Research other types of SDNs
