Transcript Software Defined-Networking

Software Defined-Networking
Network Policies
• Access control: reachability
– Alice can not send packets to Bob
• Application classification
– Place video traffic in the gold queue
Network Management: Past
Networking Yesterday
BGP
IP
OSPF
VLAN
Prefix
10.10.2.10
2.3.4.23
Port
1
3
MPLS Label
23
45
Path
1
3
MPLS
• Data plane
– Determines how to forward a packet
– Looks up the forwarding table to determine output port for a packet
• Control plane
– Determines how to populate the forwarding tables
– Translate user commands into hardware
• ACLs, MPLS
– Runs a bunch of routing protocols
• IGPs: OSPF, IS-IS, RIP, & EGPs: BGP
Networking Yesterday
• Control + Data-plane on each device
– Network is a Distributed systems
– Built to avoid failure (ArpaNet)
• A network is supported by an infinite number of protocols
– New protocols developed to support new functionality
– Takes time to standardize and to change the hardware
• Think: writing a distributed program in Perl
– Error prone (Over 50% of errors caused by misconfig)
– Time consuming
•
•
•
IT Operators are the most costly portion of IT
Takes up to 6 months for ISPs to roll out services for new costumers
Very difficult to add new functionality into the network
Networking Evolution
• SDN is nothing new
• Circuit switching in Telephone networks
• RCP – Centralize control plane
– Configure protocols rather than control plane
• 4D – clean-slate architecture
• Ethane/Sane – Centralize control plane
– Forces switches do encrypt/decrypt each packet
– No standardized interface
Requirements for SDN
• Operate without Guarantees
Network
Operating
System
– Need abstraction for distributed state
– Want to deal with information without worrying about the fact that the state
is from a distribution
– Logically Centralized
• Compute configuration of each device
– Need abstraction that simplifies configuration
– Want to specify your intent  desired goal; the what
– NOT: how to do it.
Network
Operating
System
• Operate within given network-level protocol
– Need abstraction for forwarding model
– Hide details about hardware specifics
– No need to worry about he exact harware
OpenFlow
Protocol
Enter Software Defined Networking:
Separation of concerns
– Network operator
• Specify behavior on a model
• Behavior == network policies
– Network runtime
• Provides abstract view of the network
• Maps abstract view to global view
• Function of the types of network policies to be supported
– Network Operation System
• Maps global view to physical view
• Translate abstract commands to device configuration
• Device interface: forwarding abstractions
Thinks to think about
• Distributed state abstraction
– What is the right central view
• Configuration abstraction
– What should the interface to the Switch hardware
look like
• Forwarding abstraction
– What to expose to the network operator
SDN Network
Network Controller
Network Operation System
OpenFlow Protocol
• Message between controller and switches
– Synchronous
• Stats, Flow-mods
– Asynchronous
• Packet-in
• Abstract hardware details
• Allows direct control over forwarding table
Match
Action
10.2.3.4:10.2.3.3
Fwd Port 1
A2:e3:f1:ba:ea:23:*
Drop
The SDN Stack
Controller
Commercial Switches
HP, NEC, Pronto,
Juniper.. and many
more
Software
Ref. Switch
NetFPGA
Broadcom
Ref. Switch
OpenWRT
PCEngine
WiFi AP
Open vSwitch
OpenFlow
Switches
13
The SDN Stack
NOX
Beacon
Trema
Maestro
…
Controller
Commercial Switches
HP, NEC, Pronto,
Juniper.. and many
more
Software
Ref. Switch
NetFPGA
Broadcom
Ref. Switch
OpenWRT
PCEngine
WiFi AP
Open vSwitch
OpenFlow
Switches
14
Controllers
Name
Lang
Original Author
Notes
OpenFlow
Reference
C
Stanford/Nicira
not designed for extensibility
NOX
Python, C++
Nicira
actively developed
Beacon
Java
David Erickson (Stanford)
runtime modular, web UI framework,
regression test framework
Maestro
Java
Zheng Cai (Rice)
Trema
Ruby, C
NEC
includes emulator, regression test
framework
RouteFlow
?
CPqD (Brazil)
virtual IP routing as a service
POX
Python
Floodlight
Java
BigSwitch, based on Beacon
Too many to easily keep track of…
http://yuba.stanford.edu/~casado/of-sw.html
15
The SDN Stack
NOX
Beacon
FlowVisor
Console
Trema
Maestro
…
Controller
Slicing
Software
FlowVisor
Commercial Switches
HP, NEC, Pronto,
Juniper.. and many
more
Software
Ref. Switch
NetFPGA
Broadcom
Ref. Switch
OpenWRT
PCEngine
WiFi AP
Open vSwitch
OpenFlow
Switches
16
FlowVisor Creates Virtual Networks
Simple switch
CloudNaaS
Stratos
Each application runs in an
isolated slice of the network.
OpenFlow
Protocol
OpenFlow
Switch
OpenFlow
Switch
OpenFlow
Protocol
OpenFlow
Switch
FlowVisor
Reservations
FlowVisor slices OpenFlow
networks, creating multiple
isolated and programmable
logical networks on the
same physical topology.
17
The SDN Stack
Simple
Switch
NOX
CloudNaaS
Beacon
FlowVisor
Console
Trema
Applications
…
Stratos
Maestro
…
Controller
Slicing
Software
FlowVisor
Commercial Switches
HP, NEC, Pronto,
Juniper.. and many
more
Software
Ref. Switch
NetFPGA
Broadcom
Ref. Switch
OpenWRT
PCEngine
WiFi AP
Open vSwitch
OpenFlow
Switches
18
The Dark Side of SDN
• “Logically” centralized controller
– Scalability
– Fault tolerance
• Flowtable entries
– Limited number of TCAM entries
– Can only support so many TCAM entries
• SDN Abstractions
– Currently one set of abstraction for all devices
– Edge and Core fundamentally different
– Switches Versus Middleboxes