SDN (OpenFlow)
Download
Report
Transcript SDN (OpenFlow)
Software
Defined
Networking
Olaf Hagemann
SE Director for DACH and HGM
[email protected]
© 2011 Extreme Networks, Inc. All rights reserved.
SDN Drivers
User, Device, App
Mobility
Dynamism
Scale
Cloud-Sourcing
Complexity
Consumerization
of IT
Silo’d Workflows
2
© 2011 Extreme Networks, Inc. All rights reserved.
Vendor
Dependence
Cost
Remember the Mainframe?
App
Specialized
Applications
Specialized
Operating
System
App
App
App
Programmable Open Interface
Windows
(OS)
or Linux or
Mac
OS
Open Interface
Specialized
Hardware
•
•
•
•
3
Commercial Off The
Shelf
Microprocessor
•
•
•
Vertically integrated
Closed, proprietary
Slow innovation
Controlled industry
© 2011 Extreme Networks, Inc. All rights reserved.
Open interfaces
Rapid innovation
Broad industry
Participation
What is SDN: Networking
App
Control
Plane
4
Tight Vertical integration
Closed, proprietary
Slow innovation
Tightly controlled
App
or
Control
Plane
or
Control
Plane
Open Interface
Merchant
Switching Chips
Specialized
Hardware
•
•
•
•
App
Open Interface
Specialized
Features
Specialized
Control
Plane
App
•
•
•
•
© 2011 Extreme Networks, Inc. All rights reserved.
De-coupling of Layers
Open interfaces
Rapid innovation
Broad Industry Opportunity
Software Defined Networking (SDN) Model
Make Control and Management Plane Programmable
Centralize Network Intelligence
Abstract Network Infrastructure for Applications
Separate Control Plane from Data Plane
5
© 2011 Extreme Networks, Inc. All rights reserved.
Today – Closed Boxes, Fully Distributed Protocols
Closed
App
App
App
Operating
System
App
Specialized Packet
Forwarding Hardware
App
App
App
App
Operating
System
Specialized Packet
Forwarding Hardware
App
Operating
System
App
Specialized Packet
Forwarding Hardware
App
App
Operating
System
App
App
App
Specialized Packet
Forwarding Hardware
Operating
System
Specialized Packet
Forwarding Hardware
© 2011 Extreme Networks, Inc. All rights reserved.
6
Another Approach – Centralized Control
App
App
App
Network Operating System
Open
App
App
App
Operating
System
App
Specialized Packet
Forwarding Hardware
App
App
App
App
Operating
System
App
Specialized Packet
Forwarding Hardware
Operating
System
App
Specialized Packet
Forwarding Hardware
App
App
Operating
System
App
App
App
Specialized Packet
Forwarding Hardware
Operating
System
Specialized Packet
Forwarding Hardware
© 2011 Extreme Networks, Inc. All rights reserved.
7
The “Software-defined Network”
2. At least one good operating system
Extensible, possibly open-source
3. Well-defined open API
App
App
App
Network Operating System
1. Open interface to hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
© 2011
Extreme Networks, Inc. All rights reserved.
8
Isolated “slices”
App
App
Network
Operating
System 1
Many operating systems, or
Many versions
App
App
Network
Operating
System 2
App
App
Network
Operating
System 3
App
App
Network
Operating
System 4
Open interface to hardware
Virtualization or “Slicing” Layer
Open interface to hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
9
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
© 2011Hardware
Extreme Networks, Inc. All rights reserved.
Simple Packet
Forwarding
Hardware
Extreme Networks SDN Approach
SDN Apps
VM Lifecycle
Management
(XNV)
User Identity
Management
Application
Performance
Management
BYOD
….
Management Platforms
Ridgeline
XOS – Extensible, Open Secure
XML
Modular
OpenStack
Quantum Plugin
External App SDK
Scripts
Predictable Performance
Memory Protected
Hardware Abstracted
High Performance Converged Open Fabric
Low Latency
High Capacity
MLAG
Page
10
© 2011 Extreme Networks, Inc. All rights reserved.
OpenFlow
DCB
Programmability: New Open Interfaces For SDN
Extending SDN Strategy
with OpenFlow
• Supporting multiple OpenFlow
controllers
Open Multi-Vendor
Approach to SDN
Extending SDN Strategy
with Openstack
Creating SDN Developer
Community Portal with
XKit
11
• Support for OpenFlow across all
Ethernet Switch products
• Powered by ExtremeXOS
• Will be available as a dynamically
downloadable module
• Hybrid mode of operation
• Support for OpenStack Quantum with
Plug-In
• Launching Xkit for collaborative
• Programmable Network
Applications
© 2011 Extreme Networks, Inc. All rights reserved.
Page 11
SDN (OpenFlow) Details
© 2011 Extreme Networks, Inc. All rights reserved.
What is OpenFlow?
OpenFlow is a protocol that allows an external node to control
the forwarding tables of a switch.
© 2011 Extreme Networks, Inc. All rights reserved.
13
What is OpenFlow?
• Started 2008 at Stanford University
• Is now driven by Open Networking Foundation(ONF)
• ONF has over 70 members including:
– Extreme Networks
– Broadcom
– Google
– Microsoft
– Yahoo
– Facebook
– Deutsche Telekom
–.....
© 2011 Extreme Networks, Inc. All rights reserved.
What is OpenFlow?
• Definitions:
– OpenFlow-only switch: supports the mandatory client features of the OpenFlow
protocol.
– OpenFlow-capable switch: supports the mandatory client features of OpenFlow in
addition to normal switch functions (e.g., STP, EAPS).
– Controller: supports the server feature of the OpenFlow protocol. Manages the
forwarding behavior of one or more OpenFlow switches.
– Flow entry: the basic unit of forwarding management.
– Flow table: consists of a set of priority ordered flow entries. A switch may support
more than one flow table.
– Emergency flow table: flow table that the switch uses in case connectivity with all
configured controllers fails.
• A switch may simultaneously connect to multiple Controllers, but only one
controller is master.
– Flowvisor: can be used to slice a switch into multiple logical switches, each
managed by a different Controller.
© 2011 Extreme Networks, Inc. All rights reserved.
15
New Programmable Interfaces For SDN: OpenFlow
• OpenFlow 1.0 API XMOD; Hybrid Support
• OpenFlow controller redundancy; Out-of-band management port
Flow Table
Ingress
Port
VLAN ID &
Priority
DA
Type
SA
DA
Actions
Forward Out-port/Enqueue/Controller
Drop: Drop a packet (Security)
Modify a packet (Source/Destination MAC, VLAN ID)
16
TCP
IP
Ethernet
SA
Counters
Match Action
Match Condition
© 2011 Extreme Networks, Inc. All rights reserved.
Proto
SRC
Counters
•
•
•
Per Table
Per flow
Per port
DST
Flow Entry Actions
• Forward: forward packet to the following physical or virtual ports:
– Output port: forward to a specified physical output port
– ALL: forward to all ports, excluding the incoming port
– CONTROLLER: encapsulate packet (Packet-In message) and send it to the
controller
– LOCAL: forward via the switch’s local networking stack
– TABLE: perform actions in the flow table (for Packet-Out messages only)
– IN_PORT: forward the packet back out of the incoming port
– NORMAL (optional): forward according to the traditional forwarding path (e.g.,
generated by STP + learning)
– FLOOD (optional): flood the packet along the minimum spanning tree, excluding the
incoming port
• Drop: drop the packet
• Enqueue (optional): enqueue the packet in a specified output port queue.
• Modify-Field (optional): modify a header field
© 2011 Extreme Networks, Inc. All rights reserved.
17
Flow Entry Modify Actions
• Set VLAN ID
• Set VLAN Priority
• Strip VLAN header
• Modify Ethernet MAC SA
• Modify Ethernet MAC DA
• Modify IPv4 SA (and update IPv4/TCP/UDP checksum)
• Modify IPv4 DA (and update IPv4/TCP/UDP checksum)
• Modify IPv4 ToS (DSCP)
• Modify TCP/UDP source port
• Modify TCP/UDP destination port
© 2011 Extreme Networks, Inc. All rights reserved.
OpenFlow Startup Example
OpenFlow Controller
• Switch connects to controller. Both exchange Hello’s.
Version negotiation.
• Controller requests features with Features-Request.
• Switch responds with Features-Reply to indicate
supported features and OpenFlow-enabled ports.
© 2011 Extreme Networks, Inc. All rights reserved.
Topology OpenFlow Application Example
Switch and controller startup already
complete.
Packet-Out
LLDP Request
OpenFlow Controller
Packet-Out
LLDP Request
Packet-Out
LLDP Request
Controller discovers topology of the network by forwarding
LLDP’s out to the switching and inspecting the replies.
A
© 2011 Extreme Networks, Inc. All rights reserved.
B
Topology OpenFlow Application Example
OpenFlow Controller
Packet-In LLDP
Request
A
Packet-In LLDP
Request
Packet-In LLDP
Request
•
Each switch forwards the LLDP’s out the indicated ports.
•
Each switch forwards the LLDP’s to the controller as
Packet-in’s.
•
Controller now knows the network topology.
© 2011 Extreme Networks, Inc. All rights reserved.
B
Reactive OpenFlow Application Example
OpenFlow Controller
Packet-In
ARP Request
ARP Request
A
Packet-Out
ARP Request
Packet-Out
ARP Request
ARP Request
• System A needs to communicate with B.
• No path exists.
• OpenFlow controller reactively establishes path
through the switching network.
© 2011 Extreme Networks, Inc. All rights reserved.
ARP Request
B
Reactive OpenFlow Application Example
OpenFlow Controller
Packet-In
ARP Reply
ARP Reply
A
© 2011 Extreme Networks, Inc. All rights reserved.
B
Reactive OpenFlow Application Example
OpenFlow Controller
Flow-Mod
Add
A
Flow-Mod
Add
Flow-Mod
Add
© 2011 Extreme Networks, Inc. All rights reserved.
B
Reactive OpenFlow Application Example
OpenFlow Controller
Packet-Out
ARP Reply
IP Packet
ARP Reply
A
© 2011 Extreme Networks, Inc. All rights reserved.
B
Extreme Networks SDN Controlled Fabric in action
SDN Community Portal – XKIT
Crowdsourcing, Network Applications store
Open Multi-vendor Approach
BigSwitch, NEC, Floodlight Controller etc.
Extending SDN with OpenStack
Network-as-a-service, Quantum Plugin
Enabling SDN with OpenFlow
OpenFlow 1.0 API, XMOD, Hybrid Support
26
© 2011 Extreme Networks, Inc. All rights reserved.
Key SDN OpenFlow Features in EXOS
Open vSwitch (OVS)
based OpenFlow
Advanced Traffic
Management
Multiple Tables for
Deployment
Flexibility
Multiple VLANs with
Edit actions
MAC Address
Rewrite
27
Robust implementation based on OVS Long Term
Support (LTS)
Traffic distributed using LAG hashing
Queuing support based on EXOS profiles
FDB based flows for simple L2 flows – Higher Scale
ACL based flows for complex match & set conditions
Simple OF based routing between VLANs
Support Applications requiring control of multiple VLANs
Rewrite source and destination MAC
Support L3 SDN applications requiring MAC rewrite
© 2011 Extreme Networks, Inc. All rights reserved.
EXOS SDN Differentiation: Advanced Traffic
Management
QP 0
QP 1
OF
Controller
LAG Hashing function
Ingress
Traffic
Switch
Fabric/OF
Logic
Ports in LAG
Group
1
2
WDRR
Output traffic
to port 1
QP 2
QP 3
QP 4
QP 5
QP 6
QP 7
3
4
OpenFlow traffic distributed using LAG hashing function, instead of one port
OpenFlow traffic distributed through different QoS Profiles on egress port
28
© 2011 Extreme Networks, Inc. All rights reserved.
SDN OpenFlow: Deployment Flexibility with Unified
Forwarding Table
Legacy
L2 MAC
Optimal
Table
Utilization
L3
IPv4/v6
IP
Multicast
ACL/Flow
Unified Forwarding Table (UFT)
SDN
Deployment
Profiles
L2/L3 Balanced
L3 Heavy
© 2011 Extreme Networks, Inc. All rights reserved.
Flow/ACL Heavy
SDN OpenFlow: Multiple Tables for Deployment
Flexibility
OpenFlow needs flow oriented architecture scaling requirements
L2 MAC
FDB Tables can be used for macro flows that
doesn’t need finer-granular traffic control
L3
IPv4/v6
LPM Tables can be used for some complex
flows involving IP address match conditions
ACL/Flow
ACL Tables can be used for micro flows that
requires finer granular control of traffic with
complex match and set conditions
OpenFlow abstracts all these tables into one table. From controller’s
perspective, OpenFlow behaves as if there is a single table
© 2011 Extreme Networks, Inc. All rights reserved.
X-Kit: Application Portal
Crowd-Sourced Knowledge Base for SDN Applications
31
© 2011 Extreme Networks, Inc. All rights reserved.
SDN Differentiations
Extreme Networks has specific capabilities that provide clear differentiation among
competition. Shipping TODAY !
Hardware Link Aggregation
–
EXOS represents the LAG as a single virtual interface to the OpenFlow controller
enabling bandwidth scaling, load balancing and link redundancy
Hybrid Mode Support
•
Standard Ethernet switching and OpenFlow based forwarding on a “per-vlan” basis.
Hardware Quality of Service
•
Configured profile queues are reported to the OpenFlow controller, enabling flows to be
programmed directly to hardware queues.
Automated Flow Management
•
32
EXOS intelligently classifies and maps flows to hardware resources, both the ACL and
FDB tables, allowing up to 100,000 flows per switch.
© 2011 Extreme Networks, Inc. All rights reserved.
Extreme Networks Products & SDN Support
Campus Enterprise
Summit X350
Data Center
Summit X450a/e
Summit X670
Summit X480
BlackDiamond X8
Summit X650
Summit X250e
Summit X440
Summit X460
Summit X150
WM3xxx
Mobile Backhaul
Altitude
45xx/46xx/47xx
N/S: Not Supported
Altitude 4511
BlackDiamond 8800
E4G-200
© 2011 Extreme Networks, Inc. All rights reserved.
E4G-400
SDN Technology Leadership Continues….
OpenFlow Rel. 2
with Open vSwitch
extensions
Extreme starts
discussions with
Big Switch
Openstack Rel. 2
Extreme demos
OpenFlow switch at
INTEROP 2011
Extreme demo
OpenFlow at
ONS
Extreme demo
OpenFlow at
Interop 2012
2011
2010
Extreme XOS supports
Stanford software
implementation of
OpenFlow 1.0
2012
34
OpenFlow &
Openstack GA in
Extreme’s Open
Fabric 1QCY2013
Extreme XOS
OpenFlow distributed
to over 20 customers
Extreme enters
partnering discussions
with controller vendors
(BigSwitch, Nicira etc.)
© 2011 Extreme Networks, Inc. All rights reserved.
2013
OpenFlow Rel. 1
with Open vSwitch
extensions
Openstack Rel. 1
OpenFlow Implementation Plan-of-Record*
*FUTURE AVAILABILITY – PRODUCTS AND FEATURES SUBJECT TO CHANGE
SDN Rel1.1*
FDB based flows for
increased scale
VLAN modification (Edit)
SDN Rel2.1*
SDN Rel1.2*
Multiple OpenFlow VLANs
Source MAC modification
MediLight SDN Applications
Support for OF 1.3
Open Controller Strategy
Intermediate
Releases
Feb’13
35
Apr’13
Jun’13
Dec’13
EXOS 15.3
SDN Rel1.0
EXOS 15.4*
SDN Rel2.0*
Open Virtual Switch (OVS) based on
OpenFlow 1.0 XMOD
ACL Based Flows
Redundant Controller Support
Multiple Actions per Flow
OpenFlow QOS Support using EXOS
QOS Profiles
Platform Support: X440, X460, X480,
X670
Integration with BigSwitch, NEC &
Floodlight Controllers
All previous features merged into
Mainline Releases
FDB based flows for increased scale
VLAN modification (Edit)
Multiple OpenFlow VLANs
Enhanced ACL flow performance
Multiple OpenFlow VLANs
Source MAC modification
Merge to
Mainstream EXOS
© 2011 Extreme Networks, Inc. All rights reserved.
Feb’14
OpenStack Implementation Plan-of-Record*
*FUTURE AVAILABILITY – PRODUCTS AND FEATURES SUBJECT TO CHANGE
DROP 2
DROP 1
HA on management ports
Porting to Grizzly
Provider Network Extension
API
DROP 3
VR Insertion API
API for Router
Configuration
SR-IOV Data Model
DROP 4
QoS Rate limiting per
Quantum port Profile
Management.
Intermediate
Releases to
Feb’13
Aug’13
Oct’13
Nov’13
SDN 1.0
OpenStack Release 1.0
Quantum based on Folsom
Topology Aware Scheduler
VLAN & VMAN configuration through
API for Multi-tenancy
Live VM Migration
36
Merge to
Mainstream EXOS
© 2011 Extreme Networks, Inc. All rights reserved.
Dec’13
Feb’14
SDN 2.0*
Openstack Release 2.0
All features from
intermediate drops
merged
Controller & Applications
© 2011 Extreme Networks, Inc. All rights reserved.
Multi-Vendor Interoperability & Applications with
OpenFlow
Future Support
Big Switch
NEC
Floodlight
VMware
App
App
App
App
……
Controller tier
Controller Platform
OpenFlow API
Switch
Switch
Switch
Switch
Switch
38
Applications
© 2011 Extreme Networks, Inc. All rights reserved.
Data plane tier
Big Network Controller mit Hyperglance
39
© 2011 Extreme Networks, Inc. All rights reserved.
Big Network Controller mit Hyperglance
40
© 2011 Extreme Networks, Inc. All rights reserved.
Floodlight Dashboard
41
© 2011 Extreme Networks, Inc. All rights reserved.
Floodlight Topology View
42
© 2011 Extreme Networks, Inc. All rights reserved.
Floodlight Switchview Detail
43
© 2011 Extreme Networks, Inc. All rights reserved.
Floodlight Switchview
44
© 2011 Extreme Networks, Inc. All rights reserved.
Software-Defined Networking: Myths vs. Reality
“SDN is just a research topic”
Seeing real production
deployments for early adopters,
moving to early majority
“OpenFlow can (can’t) solve any
real-world network problem”
“We’ve been doing SDN with
scripts for years…”
There has been a trend toward
central controllers, but a
programmable dataplane is
different from configuration
automation
OpenFlow is at version 1.0 and can
solve a few problems well, but is
expanding
“OpenFlow can’t scale”
Key point: it is a *control* (not a
Google’s entire datacenter
data) protocol
backbone runs on OpenFlow 1.0
“SDN == OpenFlow”
OpenFlow is an open, standard
protocol between the control & data
planes in an SDN architecture
“SDN == Network Virtualization”
Network Virtualization is an
important, key application for SDN,
but others are possible
“SDN/OpenFlow deployment is
rip-and-replace ”
All our current deployments have
SDN/OpenFlow interoperating with
existing networks
© 2011 Extreme Networks, Inc. All rights reserved.
Architectural Disruptions
Open architectures bring waves of innovation
Open
Architectures
Linux OS
Disruption
X86 Architecture
Closed,
Proprietary
Systems
Compute
Mobile
© 2011 Extreme Networks,
46 Inc. All rights reserved.
Networking
Looking to the Future of SDN and OpenFlow
OpenFlow becomes the Android of networking
•
•
Open network OS and controller for Ethernet switches and routers
OpenFlow and related specifications all available as Open Source
Apps for every need
•
From QoS, to PBR, to Identity Management, to Mobility Management,
to multi-tenancy and so on
Controller vendors eventually become application developers
•
Apps come in free, premium, and freemium models
Switch vendors continue to build and sell switches
•
Much like phone vendors continue to sell phones
App Stores and Marketplaces for OpenFlow and SDN Apps
47
© 2011 Extreme Networks, Inc. All rights reserved.
And the Hardware......?
48
© 2011 Extreme Networks, Inc. All rights reserved.
.....still matters!
49
© 2011 Extreme Networks, Inc. All rights reserved.
THANK YOU
© 2011 Extreme Networks, Inc. All rights reserved.