• Share
  • Email
  • Embed
  • Like
  • Save
  • Private Content
TiE Cloud - SDN Nov 10 2011

TiE Cloud - SDN Nov 10 2011






Total Views
Views on SlideShare
Embed Views



0 Embeds 0

No embeds



Upload Details

Uploaded via as Microsoft PowerPoint

Usage Rights

© All Rights Reserved

Report content

Flagged as inappropriate Flag as inappropriate
Flag as inappropriate

Select your reason for flagging this presentation as inappropriate.

  • Full Name Full Name Comment goes here.
    Are you sure you want to
    Your message goes here
Post Comment
Edit your comment
  • And we haven’t yet heard from our second set of great speakers… So here I go.
  • Yahoo!, Microsoft, DT, and Indiana University campus CIO I believe the best summary of what is going on is captured in a quote by Art in Network World today.
  • Now that the majority of servers are logical rather than physical servers, the entire industry is shifting. Every major hardware manufacturer, every ISV has as a top priority to support the dominant deployment model– Vmware Virtual Machines.
  • Key points:Today security is complicated – there are many complex, linkages and dedicated hardware Security is tied to the physical elements of the datacenter There are too many points of vulnerability and too many enforcement points

TiE Cloud - SDN Nov 10 2011 TiE Cloud - SDN Nov 10 2011 Presentation Transcript

  • Software Defined Networking Guru Parulkar parulkar@stanford.edu
  • “OpenFlow and Software Defined Networking (SDN) are not only here to stay, but they will define the future of networking.” Network World, 10/18/2011
  • What is the Problem with Internet? Routing, management, mobility management, access control, VPNs, … Feature Feature Million of lines 6000+ RFCs of source code Operating System Specialized Packet Billions of gates Bloated Power Hungry Forwarding Hardware Vertically integrated, complex, closed, proprietary Too difficult to program because no good abstractions and interfaces Not suitable for experimental ideasNot good for network owners & users; Not good for researchers.
  • Solution: Software-Defined NetworkWell-defined open API Routing TE Mobility Network Map Abstraction Network OS Open interface to forwarding (L1/L2/L3) (OpenFlow) Separation of Packet Data and Control Forwarding Plane Programmable Basestation Packet Forwarding Packet Forwarding
  • Software Defined Network w/ Virtualization Abstract Network Map Network Virtualization Control Program Global Network Map Network OS
  • Stanford/Berkeley SDN Activities GEC6 GEC9 SIGCOMM08 GEC3 SIGCOMM09 Interop + Demo ON Summit VM Migration Trans-Pacific SDN Concept Baby GENI Nation Wide GENI “The OpenFlow Show” (Best Demo) VM Migration (Best Demo) – IT World Over 68 countries Other countries Deployment Europe, Japan, China, Korea, Brazil, … US R&E Community GENI: 8 Universities + Internet2 + NLR Many other campuses Stanford University 45 switch/APs ~25user CIS/EE Building In McKeown Group Production Network Development GENI software suite Expedient/Opt-in Manager/FOAM Platform Virtualization FlowVisor FlowVisor (Java) Network OS NOX SNAC Beacon Tools Test Suite oftrace Measurement tools MininetEthane Reference Switch NetFPGA Software Broadcom OpenFlow Spec v0.8.9 v1.0 v1.12007 2008 2009 2010 2011
  • SDN Offers Value in All Domains of Use Data Center Enterprise • Simpler network management• Virtualization & multi-tenancy support • Effective access Control• Scalable network management • Eliminate service specific appliances• Integration with cloud • Integration w/ private/public cloud• Capex, opex, and power savings • Capex and opex savings SDN Fea Fea Fea tur tur tur e e e Programming System/Tools Network HyperVisor Network OS OF Switch OF Switch OF Switch OF Switch • Remote Management • Capex and opex reduction • Delegation of home network • Service differentiation slices to different providers • Unified control of Circuit/Packet • SDN control plane for MPLS Home Network Service Provider
  • To some, OpenFlow/SDN is yet another featureTo others it represents a disruptive change
  • Why does Industry Care?• Network owners/operators face real challenges – scale and management => capex and opex – They want more control via programmability to enable and accelerate innovation and customization• SDN is the solution of choice – Owners/operators want to deploy it – Vendors stepping up to provide products/solutions• SDN has to mature to deliver on the promise – OpenFlow protocol, switches, and SDN software stack And it will with all this community interest & participation
  • Industry Embracing SDN March 2011 Open Networking Foundation Established 40+ Companies joined so far May 2011 Interop Las Vegas 14 companies demonstrated OpenFlow “Interop 2011 could have been called The OpenFlow Show” – IT world October 2011 1st Open Networking SummitSold out, 400+ registrations, 20+ demos from different industry segments
  • Disruptive: Product Opportunities Routing TE Mobility Abstract Network Map Network Virtualization Global Network Map Network OS
  • Disruptive: Product Opportunities at Every Level In Different Domains of Use Routing TE Mobility Domains of Use Abstract Network Map Network Virtualization Data Center Global Network Map Network OS Enterprise Service Provider Cellular/wireless Home
  • History of OpenFlow/SDN Dan Wendlandt – dan@nicira.com On behalf of: Martin Casadohttp://networkheresy.wordpress.com
  • OpenFlow Pre-history• Hard to guarantee even simple security properties in large scale production network.• Ex: hosts in group X can NEVER communicate with hosts in group Y * * Despite: - host mobility - traffic re-routing due to link failures - hardware device replacement - tired network operators with fat fingers…
  • Stanford Research (Ethane)• Applying network policy is traditionally a manual, device-by-device process.• People want to describe high-level policies, have system “compile” them down to forwarding rules in network devices.• Control system automatically reprograms devices in response to network dynamics or policy changes.
  • Ethane: Decoupling Network Control Policy * Control Logic Ethane Controller itself may be Ethane Controller distributed. Decouple Control Logic Hardware Abstraction Layer Hardware Abstraction Layer Abstraction Layer Hardware Hardware Hardware * Could also be a physical Network Device or virtual switch.
  • OpenFlow Ventures into the World… Application Ethane Controller Network OS (NOX)OpenFlow (OVS) Decouple SDN Control Logic Abstraction Layer Network Device Hardware
  • OpenFlow Today• Lots of press/buzz around OpenFlow/SDN.• Open Network Foundation (ONF) founded to standardize OpenFlow, promote adoption.• Large-scale Production Deployments: – SDN-systems capable of manages 100s of switches, 10,000s of ports. – Applied to interesting challenges: connectivity + security policies that follow VMs as they move, even between data centers.
  • Why does OpenFlow/SDN Matter?• Enables innovation by decoupling the network control plane from forwarding devices.• Let’s you apply real distributed systems principles (think: Amazon S3) to the network.
  • Does OpenFlow Scale?• Wrong Question.• Its not about OpenFlow, its about the SDN system built on top (OpenFlow is just an enabler).
  • Is SDN wedded to OpenFlow?• Not really…• Its really about having an(y) open interface that is rich enough to build a powerful SDN- system for network control.• Key is for community to demand open interfaces to the network.
  • Thanks! Dan Wendlandt – dan@nicira.comhttp://networkheresy.wordpress.com
  • Arista Networks Facts• 1000 customers in 3 years• Key markets - Financial, Cloud Providers & Web2.0• 275+ employees• #2 in purpose built 10GbE rack switch share
  • Controller
  • Distributed Network Network✔ Resilient Control ✗ ControllerNetwork: ✗ New✔ L2 or L3: basedindependent✔ Hardware protocols/longstandard&devices protocols ✗ All or some tools standardization ✗ Debugginglearningunderstood✔ Well learning in time to be software need optimize forforwarding✗ Not optimized fordebugging ✔ Can new ✔ Invent developed✗ Tied flowsspecific to features flows/topology✗ Manage device protocols point of ✔ Single for newavailable onmultiple✗ Limited bydevices use cases ✔ Can design for managementavailable scale scale
  • • Separate state from processing=Resilience • Controllers can program SysDB with thin client • EOS APIs provide connectivity • All native APIs accessible: needed to program hardwareLinux Kernel
  • Multipath Cloud Options: L2 or L3 MLAG Spine (L2) ECMP L3 (OSPF/BGP) TRILL Future
  • Dist Control Example: Zero Touch Provisioning DHCP Server Boot Configuration vSphere• No ports forward but all portslook for boot data• Provision config & boot imagevia DHCP• Optimized for Data centers• Available on all Arista http://autoconfig.company.com/EOS.swiswitches # config or script follows #!/usr/bin/env python from scapy import srp,Ether,ARP,conf def arping(iprange=""): conf.verb=0 collection = [] curl http://autoconfig.company.com:EOS.swi -o /mnt/flash/EOS.swi curl http://autoconfig.company.com:boot-script -o /mnt/flash/startup-config
  • Distributed. Control Example : Auto Network Provisioning DHCP Server Boot Configuration vSphereSwitch is VM aware with vmTracer VLANs are provisioned automatically VMware ESX/i VMware ESX/i
  • OpenFlow, integrated into EOS plugins for OpenStack Arista works with vSphere/vCloud as aArista EOS, enables dynamic enable Zero Touch controller for the automated provisioningpacket redirection useful for Provisioning for network and of VLAN based segments as VMs areTap Aggregation, Lawful server horizontal scale-out as created and migrated as well as the auto-Intercept/CALEA, and topology well as a provisioning provisioning of VXLAN network multicastagnostic network segmentation integration for customer routes for L3 Stateful vMotion anddeployments segments and routed interfaces topology agnostic workload balancing
  • Eth Eth47 6 h4 48 Et‣Integrating with VXLAN for scalable L3 live migration of dynamic connected workloads
  • DistributedOpenflow Controller Control ✔ Orchestrate Plane network traffic: ✔ Invent program new ✔ Controller custom paths L2/L3 Pre-program based protocols forwarding information learning; but ✗ Controllers In labs hardware need support not production forwarding many features ready developed over past 20 years
  • Single Pane of Mgmt & Network wide Automation STP Virtualization active active Distributed Cloud ControlAdvanced Cloud Topology
  • A Little History The Internet in 1987 36© 2011 Infoblox Inc. All Rights Reserved.
  • Complexity is the Challenge! The Internet in 2009 37© 2011 Infoblox Inc. All Rights Reserved.
  • Legacy Networking Vendor Specific Management Plane Control Plane Control Plane Control Plane Data Plane Data Plane Data Plane Physical or Virtual Switches No Application Awareness, Labor Intensive to Deploy and Manage 38© 2011 Infoblox Inc. All Rights Reserved.
  • Software Defined Networks Northbound Interfaces to Applications Globalized Multi-vendor E-W Control Automation Plane Feedback Plane Data Plane Data Plane Data Plane Data Plane Data Plane Data Plane Data Plane Globalized Control Replaces Box Centric Control, Automation Replaces Management 39© 2011 Infoblox Inc. All Rights Reserved.
  • Rome is Burning! Value in Networks is Transitioning to Software, Similar to the End of the Mainframe! 40© 2011 Infoblox Inc. All Rights Reserved.
  • A New Eco-System is Emerging OpenFlow and the ONF are at the Center of the SDN Opportunity 41© 2011 Infoblox Inc. All Rights Reserved.
  • Software Defined Networks Allwyn Sequeira CTO & VP, Networking & Security, VMwareConfidential © 2011 VMware Inc. All rights reserved
  • Three Major Trends are Driving the Evolution of the Datacenter Hardware Costs43
  • The Data Center is Majority Virtualized % Virtualized (of all installed workloads WW) 69% 65% 59% 51% 42% 33% 22% 14% 9% 2005 2006 2007 2008 2009 2010 2011 2012 2013 A New Datacenter Architecture Source: IDC Worldwide Virtualization Tracker, 201044
  • Enterprise Data Center Networking Today Users Backend Services VDI Web Sites DMZ vSphere Data Center Networking & Security Architectures Need to Change To Keep Pace with Virtualization and Cloud Initiatives!45
  • How Do We Transform Rigid Silos Into Secure Elastic Clouds? OUCH! VLAN 1 VLAN 246
  • Enabling Dynamic, Workload-aware Networks Provisioning and Automation VDC VDC Extensible, Scale Out SDN & Network Virtualization Network Services Performant, Scalable Networks47
  • Secure Hybrid Clouds48