Cisco Controller Strategy
 

Like this? Share it with your network

Share

Cisco Controller Strategy

on

  • 341 views

Cisco Controller strategy update (Tae Hwang presenter)

Cisco Controller strategy update (Tae Hwang presenter)

Statistics

Views

Total Views
341
Views on SlideShare
341
Embed Views
0

Actions

Likes
0
Downloads
19
Comments
0

0 Embeds 0

No embeds

Accessibility

Categories

Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

Cancel
  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
    Processing…
Post Comment
Edit your comment

Cisco Controller Strategy Presentation Transcript

  • 1. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 1Cisco Confidential 1C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Cisco Controller Strategy Tae Hwang, CCIE #5135 (RS and Voice), CISSP Customer Solutions Architect
  • 2. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2Cisco Confidential 2C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. SDN Introduction and Hybrid Mode
  • 3. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3 What Is Software Defined Network (SDN)? “…In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications…” Source: www.opennetworking.org What is OpenStack? Opensource software for building public and private Clouds; includes Compute (Nova), Networking (Quantum) and Storage (Swift) services. Source: www.openstack.org What is Overlay Network? Overlay network is created on existing network infrastructure (physical and/or virtual) using a network protocol. Examples of overlay network protocol are: MPLS, LISP, OTV and VXLAN What Is OpenFlow? “…open standard that enables researchers to run experimental protocols in campus networks. Provides standard hook for researchers to run experiments, without exposing internal working of vendor devices…” Source: www.opennetworking.org
  • 4. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4 How to program across any device, any layer, any service? Apps Controller OpenFlow Device Device w/ OpenFlow Device Apps Apps APIs Network Network Cisco Approach : Flexibility to choose - The Power of “AND” Physical and Virtual Virtual Overlay Other Agents Vendor A Vendor B Vendor C
  • 5. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5 a Industry’s Most Comprehensive Networking Portfolio Hardware + Software Physical + Virtual Network + Compute Network Platform APIs Controllers and Agents Virtual Overlays Applications onePK XNC, APIC, APIC EM OpenFlow, ACI N1KV Enhancements
  • 6. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6 InnovationManageability App C Java IOS Events App EEM (TCL)Actions Routing Data Plane Policy Interface Monitoring Discover y CLI AAA SNMP HTML XML Syslog Span Netflow CDP Routing Protocols Anythingyoucanthinkof
  • 7. Cisco Confidential© 2011 Cisco and/or its affiliates. All rights reserved. 7 App=QoS Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware App=DDoS App=BGP_LS Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Network Operating System = OpenFlow Controller 1. OpenFlow 7 Flow Table Flow Table Flow Table Flow Table Flow Table
  • 8. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8 OpenFlow Basics Flow Table Entries – Beyond Destination MAC or IP Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action Stats 1. Forward packet to zero or more ports 2. Encapsulate and forward to controller 3. Send to normal processing pipeline 4. Modify Fields 5. Any extensions you add! + mask what fields to match Packet + byte counters 8 VLAN pcp IP ToS [OpenFlow is just a forwarding table management protocol] You have to have an app to tell OpenFlow what to program on the table
  • 9. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
  • 10. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10 Router Control Plane OpenFlow Controller
  • 11. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11Cisco Confidential 11C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Cisco eXtensible Network Controller (XNC) & OpenDaylight
  • 12. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12 Industry’s Most Extensible ControllerArchitecture based on OpenDaylight REST Core Functionality Cisco Advanced Functions Cisco Apps Customer Apps ISV Apps Network Infrastructure JAVA More Coming onePKOpenFlow More Coming Open Src Apps Extensible, Modular Architecture Core developed on OpenDaylight Advanced Functionality for Production Deployments:: Applications Extensibility allows the Controller to support a wide variety of use cases with topology-specific Apps and south-bound plug-ins Monitor Manager Transit Selection Network Slicing • Advanced Flow Management • Flow Based Troubleshooting • Role Based Authentication • onePK Support • Scalabilty • Advanced GUI • Cisco TAC support Service Abstraction Layer (SAL)
  • 13. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13 Southbound APIs Physical and Logical Topology Manager Device Manager Host Tracker ARP Handler Forwarding Rules Manager Dijkstra SPF L3 Interface Advanced Infrastructure JavaBundle H/A NETWORK DEVICES OF 1.xOnePK* Troubleshooting Comprehensive Production Network Support Integrated Slicing and Custom Forwarding Advanced GUI with Extended Features Cisco eXtensible Network Controller Architecture Based on Java OpenDaylight Service Abstraction Layer (SAL) Dynamic Protocol Plugins Advanced Analytics and Services via Cisco Intelligence Authentication Monitor Manager Topology Independent Forwarding (TIF) Controller Applications Slice Manager Advanced Components Cisco GUICisco XNC Northbound APIsOSGI RESTful Cisco Sourced Customers 3rd Parties Network Applications Expansion of Services from OD Code Base *onePK Plugin will be available post XNC 1.0 GA
  • 14. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14 Network Segmentation (a.k.a. Slicing) Network Partitioning at higher levels of granularity Topology Independent Forwarding (Traffic Steering) Per Flow Control Static or dynamic creation of business rules using a variety of parameters Policy based approach of mirroring production traffic to analysis tools with off-the- shelf switches Network Tapping ( Matrix switch use case)
  • 15. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15 Next Migration Step After Monitor Manager Simple Forwarding Rules for efficient WAN link Utilization Transit Selection
  • 16. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16 Controller ApplicationsControllerInfra Supported Devices  Monitor Manager  Topology Independent Forwarding  Network Slicing Cisco XNC Roadmap OpenDaylight Components • Modular architecture based on OSGi • Northbound API  RESTful API  JAVA OSGi Cisco Extensions • Advanced Troubleshooting • Integrate with external AAA system for RBAC • Secure communication using HTTPS and TLS • High Availability using Active-Active clustering • User Interface • Web based GUI Protocol Plugins  OpenFlow 1.0 Devices supported  Nexus 3000  Catalyst 6500 (EFT/POC)  Catalyst 3850 (EFT/POC)  ASR 9000 (EFT/POC)  Nexus 7000 (EFT/POC) XNC 1.0 (Available Now) XNC 2.0 (In Planning)XNC 1.5 (Targeted Jan 2014) • Monitor Manager Enhancements  Q-in-Q support  GUI/Usability Enhancements  Slice aware • Hosting support in Nexus 3000/3100 LXC container • Virtual Patch Panel • Inter-DC traffic load balancing • Improved scalability and Performance • Topology visualization enhancements • TLS Support for onePK plugin • GUI Enhancements for scaling • Usability enhancments Protocol Plugins added  Cisco onePK  OpenFlow 1.3 plugin (EFT/POC) Added Device Support  Nexus 3100 • High Resolution – Latency Based Forwarding • Physical + Virtual + Service Chaining • Integration with SP Controller • BigData/Hadoop related use cases • Integration with Openstack • Coordinated Threat Control OpenDaylight Components • Migrate to Hydrogen release code base • Model Driven SAL Cisco Extensions • New UI framework • GUI Enhancements • Usability enhancments Protocol Plugins added  OpenFlow 1.3 , PCEP/BGP-LS, OVS-DB, NetConf, SNMP  CLI Added Device Support  Nexus 3548, 5000, 6000, 7000  Nexus 9000 (Investigating)  ASR 9000  Catalyst 6500  Catalyst 3850
  • 17. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17 Tabs based on functionality and/or applications
  • 18. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18 Slice specific Network View
  • 19. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
  • 20. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20 Daylight is an open source project formed by industry leaders and others under the Linux Foundation with the mutual goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common vendor supported framework. Platinum Gold Silver 10 full-time Developers Cisco – 20 Developers!
  • 21. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21 OpenDaylight Controller: OpenSource Approach Southbound APIs Physical and Logical Topology Manager Device Manager Host Tracker Forwarding Rules Manager Dijkstra SPF Basic Operation Infrastructure JavaBundle H/A NETWORK DEVICES OF 1.0 Service Abstraction Layer (SAL) GUIOpenDaylight Controller Northbound APIsOSGI RESTful Network Applications ARP Handler Pre-Hydrogen Release Beyond OF – i.e. Openstack Plugin using OVSDB
  • 22. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22Cisco Confidential 22C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Application Policy Infrastructure Controller (APIC)
  • 23. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23 New operational models are driving the need for infrastructure change. DevOps
  • 24. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24 Web VLAN App VLAN DB VLAN Web Subnet App Subnet DB Subnet Security Services Routing
  • 25. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25 Start with Better infrastructure Open Policy Driven Infrastructure EfficiencyScaleTelemetry Policy Based Forwarding Service Insertion OptimizationApp Awareness Build a Fabric (Nexus 9000) Unified API – Unified Information Model (RESTful XML/JSON API) Hypervisor Network Services ASA Network Management, Automation, Orchestration
  • 26. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26 ACI Introduces Logical Network Provisioning of Stateless Hardware with Application Network Profile (ANP) ACI Fabric Nexus 9000 based Non-Blocking Penalty Free Overlay - eVXLAN App DBWeb Outside (Tenant VRF) QoS Filter QoS Service QoS Filter Application Policy Infrastructure Controller APIC Common Policy, Management, and Operations Framework High Level Policy Driven rather than programming (JAVA, C, Python..). APIs are also provided integrating OpenStack and so on Policy
  • 27. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27Cisco Confidential 27C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Application Policy Infrastructure Controller (APIC) Enterprise Module
  • 28. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28 Enterprise Applications SAL REST APIs Enterprise Services Inventory and State Identity and Location Application Awareness Policy Management QoS ReservedZTD ACL Elastic Infrastructure CLIOpenflow Advanced Topology ManagementENG ControllerServices for Day0/1 Applications Day0/1 Applications Addresses Low Programming Tolerance Addresses Brownfield Support Addresses Scale Out Requirements
  • 29. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29 QoS Manager Utilizes QoS policy templates as inputs to provide network view for interrogation, analysis, compliance, and policy change management ACL Manager Enables inspection, interrogation and analysis, and ACL change management including identification of conflicts and shadow ACLs. ZTD Enables any network device located anywhere in the network that with a recognizable IP address to be configured remotely
  • 30. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
  • 31. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
  • 32. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32Cisco Confidential 32C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Other Controllers
  • 33. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33 • Simplest Form – Control Planes (CP) leverages signaling to automate what is done manually today. Rou ng Domain DWDM Domain Rou ng Domain DWDM Domain nLight CP WSON IP/MPLS Constraint based / intelligent service crea on • Independent IP/MPLS CP • Independent Optical CP – WSON • Wall separating layers • No real information sharing PMO • Remove the Wall • Leverage Layered CP • Insert ML Signaling via UNI • Share Relevant Layered Info Multi Layer CP (nLight) • Centralize CP • Leverage Layered CP • Application Driven rather then human driven • Global View SDN Rou$ng'Domain' Op$cal'Domain' CLI / TL1 / SNMP / Net Conf UNI.. OF / PCEP / I2RS / TL-1 / UNI Central Control / Compute Open APIs Plug In BW Calendaring or NOS Provisioning / Management Open APIs
  • 34. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34 Scalable Multi-tenant Cloud Infrastructures – foundation for Secure Hybrid cloud Nexus 1000V OpenStack Quantum API REST API Any Hypervisor Tenant 1 Virtual Services vWAAS VSGASA 1KV Tenant 3 ASA 55xx Physical Workloads Physical (VLAN) Network VXLAN Gateway Secure Consistent Experience Across Physical and Virtual Environments Virtual Workloads Tenant 2 Nexus 1000V enhancements • Multi-hypervisor: VMware, Microsoft, Citrix, RedHat • OpenStack/REST API • VXLAN Gateway VXLAN, vPath vRouter, Intercloud *N1K VSM – Controller?
  • 35. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35 FABRIC
  • 36. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36 • Cisco continually supports Hybrid OpenFlow architecture through XNC and OpenDaylight (OpenSource) Controllers. • Cisco onePK API is supported through XNC and APIC EM (future). • Insieme Application Policy Infrastructure Controller (APIC) provides “high level policy” driven architecture where “high level policies” are applied to the Fabric seamlessly through APIC. APIC provides various North and Southboud APIs for rich programmability. OpenFlow is on the roadmap for a Southbound API • APIC EM provides easy applications on the network such as QoS, ACL configuration and management throughout the network. • Controller technology is evolving throughout the whole Cisco. Network/Fabric will provide network information in order for controllers to make intelligent decisions. • Question – Can you describe the difference between SNMP and Controller approach?
  • 37. © 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37Cisco Confidential 37C97-708996-00 © 2012 Cisco and/or its affiliates. All rights reserved. Thank You