TiE Cloud - SDN Nov 10 2011Presentation Transcript
Software Defined Networking Guru Parulkar email@example.com
“OpenFlow and Software Defined Networking (SDN) are not only here to stay, but they will define the future of networking.” Network World, 10/18/2011
What is the Problem with Internet? Routing, management, mobility management, access control, VPNs, … Feature Feature Million of lines 6000+ RFCs of source code Operating System Specialized Packet Billions of gates Bloated Power Hungry Forwarding Hardware Vertically integrated, complex, closed, proprietary Too difficult to program because no good abstractions and interfaces Not suitable for experimental ideasNot good for network owners & users; Not good for researchers.
Solution: Software-Defined NetworkWell-defined open API Routing TE Mobility Network Map Abstraction Network OS Open interface to forwarding (L1/L2/L3) (OpenFlow) Separation of Packet Data and Control Forwarding Plane Programmable Basestation Packet Forwarding Packet Forwarding
Software Defined Network w/ Virtualization Abstract Network Map Network Virtualization Control Program Global Network Map Network OS
Stanford/Berkeley SDN Activities GEC6 GEC9 SIGCOMM08 GEC3 SIGCOMM09 Interop + Demo ON Summit VM Migration Trans-Pacific SDN Concept Baby GENI Nation Wide GENI “The OpenFlow Show” (Best Demo) VM Migration (Best Demo) – IT World Over 68 countries Other countries Deployment Europe, Japan, China, Korea, Brazil, … US R&E Community GENI: 8 Universities + Internet2 + NLR Many other campuses Stanford University 45 switch/APs ~25user CIS/EE Building In McKeown Group Production Network Development GENI software suite Expedient/Opt-in Manager/FOAM Platform Virtualization FlowVisor FlowVisor (Java) Network OS NOX SNAC Beacon Tools Test Suite oftrace Measurement tools MininetEthane Reference Switch NetFPGA Software Broadcom OpenFlow Spec v0.8.9 v1.0 v1.12007 2008 2009 2010 2011
SDN Offers Value in All Domains of Use Data Center Enterprise • Simpler network management• Virtualization & multi-tenancy support • Effective access Control• Scalable network management • Eliminate service specific appliances• Integration with cloud • Integration w/ private/public cloud• Capex, opex, and power savings • Capex and opex savings SDN Fea Fea Fea tur tur tur e e e Programming System/Tools Network HyperVisor Network OS OF Switch OF Switch OF Switch OF Switch • Remote Management • Capex and opex reduction • Delegation of home network • Service differentiation slices to different providers • Unified control of Circuit/Packet • SDN control plane for MPLS Home Network Service Provider
To some, OpenFlow/SDN is yet another featureTo others it represents a disruptive change
Why does Industry Care?• Network owners/operators face real challenges – scale and management => capex and opex – They want more control via programmability to enable and accelerate innovation and customization• SDN is the solution of choice – Owners/operators want to deploy it – Vendors stepping up to provide products/solutions• SDN has to mature to deliver on the promise – OpenFlow protocol, switches, and SDN software stack And it will with all this community interest & participation
Industry Embracing SDN March 2011 Open Networking Foundation Established 40+ Companies joined so far May 2011 Interop Las Vegas 14 companies demonstrated OpenFlow “Interop 2011 could have been called The OpenFlow Show” – IT world October 2011 1st Open Networking SummitSold out, 400+ registrations, 20+ demos from different industry segments
Disruptive: Product Opportunities Routing TE Mobility Abstract Network Map Network Virtualization Global Network Map Network OS
Disruptive: Product Opportunities at Every Level In Different Domains of Use Routing TE Mobility Domains of Use Abstract Network Map Network Virtualization Data Center Global Network Map Network OS Enterprise Service Provider Cellular/wireless Home
History of OpenFlow/SDN Dan Wendlandt – firstname.lastname@example.org On behalf of: Martin Casadohttp://networkheresy.wordpress.com
OpenFlow Pre-history• Hard to guarantee even simple security properties in large scale production network.• Ex: hosts in group X can NEVER communicate with hosts in group Y * * Despite: - host mobility - traffic re-routing due to link failures - hardware device replacement - tired network operators with fat fingers…
Stanford Research (Ethane)• Applying network policy is traditionally a manual, device-by-device process.• People want to describe high-level policies, have system “compile” them down to forwarding rules in network devices.• Control system automatically reprograms devices in response to network dynamics or policy changes.
Ethane: Decoupling Network Control Policy * Control Logic Ethane Controller itself may be Ethane Controller distributed. Decouple Control Logic Hardware Abstraction Layer Hardware Abstraction Layer Abstraction Layer Hardware Hardware Hardware * Could also be a physical Network Device or virtual switch.
OpenFlow Ventures into the World… Application Ethane Controller Network OS (NOX)OpenFlow (OVS) Decouple SDN Control Logic Abstraction Layer Network Device Hardware
OpenFlow Today• Lots of press/buzz around OpenFlow/SDN.• Open Network Foundation (ONF) founded to standardize OpenFlow, promote adoption.• Large-scale Production Deployments: – SDN-systems capable of manages 100s of switches, 10,000s of ports. – Applied to interesting challenges: connectivity + security policies that follow VMs as they move, even between data centers.
Why does OpenFlow/SDN Matter?• Enables innovation by decoupling the network control plane from forwarding devices.• Let’s you apply real distributed systems principles (think: Amazon S3) to the network.
Does OpenFlow Scale?• Wrong Question.• Its not about OpenFlow, its about the SDN system built on top (OpenFlow is just an enabler).
Is SDN wedded to OpenFlow?• Not really…• Its really about having an(y) open interface that is rich enough to build a powerful SDN- system for network control.• Key is for community to demand open interfaces to the network.
Thanks! Dan Wendlandt – email@example.com://networkheresy.wordpress.com
Arista Networks Facts• 1000 customers in 3 years• Key markets - Financial, Cloud Providers & Web2.0• 275+ employees• #2 in purpose built 10GbE rack switch share
Distributed Network Network✔ Resilient Control ✗ ControllerNetwork: ✗ New✔ L2 or L3: basedindependent✔ Hardware protocols/longstandard&devices protocols ✗ All or some tools standardization ✗ Debugginglearningunderstood✔ Well learning in time to be software need optimize forforwarding✗ Not optimized fordebugging ✔ Can new ✔ Invent developed✗ Tied flowsspecific to features flows/topology✗ Manage device protocols point of ✔ Single for newavailable onmultiple✗ Limited bydevices use cases ✔ Can design for managementavailable scale scale
• Separate state from processing=Resilience • Controllers can program SysDB with thin client • EOS APIs provide connectivity • All native APIs accessible: needed to program hardwareLinux Kernel
Dist Control Example: Zero Touch Provisioning DHCP Server Boot Configuration vSphere• No ports forward but all portslook for boot data• Provision config & boot imagevia DHCP• Optimized for Data centers• Available on all Arista http://autoconfig.company.com/EOS.swiswitches # config or script follows #!/usr/bin/env python from scapy import srp,Ether,ARP,conf def arping(iprange="10.0.1.0/24"): conf.verb=0 collection =  curl http://autoconfig.company.com:EOS.swi -o /mnt/flash/EOS.swi curl http://autoconfig.company.com:boot-script -o /mnt/flash/startup-config
Distributed. Control Example : Auto Network Provisioning DHCP Server Boot Configuration vSphereSwitch is VM aware with vmTracer VLANs are provisioned automatically VMware ESX/i VMware ESX/i
OpenFlow, integrated into EOS plugins for OpenStack Arista works with vSphere/vCloud as aArista EOS, enables dynamic enable Zero Touch controller for the automated provisioningpacket redirection useful for Provisioning for network and of VLAN based segments as VMs areTap Aggregation, Lawful server horizontal scale-out as created and migrated as well as the auto-Intercept/CALEA, and topology well as a provisioning provisioning of VXLAN network multicastagnostic network segmentation integration for customer routes for L3 Stateful vMotion anddeployments segments and routed interfaces topology agnostic workload balancing
Eth Eth47 6 h4 48 Et‣Integrating with VXLAN for scalable L3 live migration of dynamic connected workloads
DistributedOpenflow Controller Control ✔ Orchestrate Plane network traffic: ✔ Invent program new ✔ Controller custom paths L2/L3 Pre-program based protocols forwarding information learning; but ✗ Controllers In labs hardware need support not production forwarding many features ready developed over past 20 years
Single Pane of Mgmt & Network wide Automation STP Virtualization active active Distributed Cloud ControlAdvanced Cloud Topology
Three Major Trends are Driving the Evolution of the Datacenter Hardware Costs43
The Data Center is Majority Virtualized % Virtualized (of all installed workloads WW) 69% 65% 59% 51% 42% 33% 22% 14% 9% 2005 2006 2007 2008 2009 2010 2011 2012 2013 A New Datacenter Architecture Source: IDC Worldwide Virtualization Tracker, 201044
Enterprise Data Center Networking Today Users Backend Services VDI Web Sites DMZ vSphere Data Center Networking & Security Architectures Need to Change To Keep Pace with Virtualization and Cloud Initiatives!45
How Do We Transform Rigid Silos Into Secure Elastic Clouds? OUCH! VLAN 1 VLAN 246
Enabling Dynamic, Workload-aware Networks Provisioning and Automation VDC VDC Extensible, Scale Out SDN & Network Virtualization Network Services Performant, Scalable Networks47