SDN/Openflow	  June	  14,	  2013	  1	  	  	  	  Xin	  Huang	  	  	  	  	  CYAN,	  Inc.	  	  	  	  	  	  xin.huang@cyaninc.c...
2	  What?	  	  Why?	  	   How?	  	  
Million	  of	  lines	  of	  source	  code	  6000+	  RFCs	   Barrier	  to	  entry	  Billions	  of	  gates	   Bloated	   Pow...
4	  Current	  Internet	  	  Closed	  to	  InnovaOons	  in	  the	  Infrastructure	  Specialized	  Packet	  Forwarding	  Har...
“SoXware	  Defined	  Networking”	  !!!	  	  Specialized	  Packet	  Forwarding	  Hardware	  Service	   Service	   Service	  ...
Simple	  Packet	  Forwarding	  Hardware	  Simple	  Packet	  Forwarding	  Hardware	  Simple	  Packet	  Forwarding	  Hardwar...
Ethernet	  Switch	  7	  
8	  Data	  Plane	  (Hardware)	  Control	  Path	  Control	  Plane	  (SoXware)	  
Data	  Plane	  (Hardware)	  OpenFlow	  Client	  OpenFlow	  Controller	  OpenFlow	  Protocol	  (SSL/TCP)	  9	  
ControllerPCOpenFlow	  Usage	  Alice’s codeDecision?OpenFlowProtocolAlice s RuleAlice s Rule Alice s RuleOpenFlow offloads...
OpenFlow	  Basics	  	  Flow	  Table	  Entries	  11	  Switch	  Port	  MAC	  src	  MAC	  dst	  Eth	  type	  VLAN	  ID	  IP	 ...
Examples	  12	  Firewall	  service	  *	  Switch	  Port	  MAC	  src	  MAC	  dst	  Eth	  type	  VLAN	  ID	  IP	  Src	  IP	  ...
Why	  is	  Everyone	  So	  Excited?	  •  The	  Promise	  – Faster	  introducOon	  of	  services	  and	  applicaOons	  – Au...
ApplicaOon	  in	  DCs:	  Network	  VirtualizaOon	  1.  MulO-­‐tenancy	  –  Traffic	  isolaOon,	  overlapping	  IP	  addressi...
ApplicaOon	  in	  WAN:	  E2E	  OrchestraOon	  •  Today’s	  service	  provisioning	  (using	  CMS	  like	  OpenStack)	  is	...
ApplicaOon	  in	  NFV	  •  NFV:	  Network	  FuncOon	  VirtualizaOon	  •  SDN/Openflow	  could	  help	  in	  traffic	  navigaO...
ClarificaOon	  •  SDN	  is	  not	  equal	  to	  Openflow	  •  SDN	  vs.	  Openstack	  •  SDN	  vs.	  NFV	  vs	  network	  in...
 	  Demo	  18
Setup	  Mininet-­‐based	  Virtual	  Topology	  	  Controller	  port6633	  	  	  c0	  OpenFlow	  Switch	  s1	   dpctl	  (us...
ApplicaOon	  1:	  Hub	  20	  OF	  Switch	  RYU	  Hub	  (1)(2)(3) (4)(5)(6)
ApplicaOon	  2:	  Learning	  L2	  Switch	  21	  OF	  Switch	  RYU	  simple_switch	  (1)(2)(3) (4)(5)(6)Packet-in handlerPo...
 	  Thank	  you!	  22
Sample	  open-­‐source	  controllers	  Controller	   Notes	  Ryu	   • Apache	  license	  • Python	  NOX/POX	   • GPL	  • C...
Sample	  OF	  commercial	  switches	  Model	   Virtualize	   Notes	  HP	  Procurve	  5400zl	  or	  6600	  1	  OF	  instanc...
Upcoming SlideShare
Loading in …5
×

SDN/OpenFlow #lspe

1,379 views

Published on

Xin Huang's presentation from http://www.meetup.com/SF-Bay-Area-Large-Scale-Production-Engineering/events/114852392/

Published in: Technology, Business
0 Comments
5 Likes
Statistics
Notes
  • Be the first to comment

No Downloads
Views
Total views
1,379
On SlideShare
0
From Embeds
0
Number of Embeds
2
Actions
Shares
0
Downloads
3
Comments
0
Likes
5
Embeds 0
No embeds

No notes for slide

SDN/OpenFlow #lspe

  1. 1. SDN/Openflow  June  14,  2013  1        Xin  Huang          CYAN,  Inc.            xin.huang@cyaninc.com    
  2. 2. 2  What?    Why?     How?    
  3. 3. Million  of  lines  of  source  code  6000+  RFCs   Barrier  to  entry  Billions  of  gates   Bloated   Power  Hungry    Many  complex  funcOons  baked  into  the  infrastructure  OSPF,  BGP,  mul,cast,  differen,ated  services,  Traffic  Engineering,  NAT,  firewalls,  MPLS,  redundant  layers,  …      Slide  courtesy:  Nick  McKeown  Welcome  to  the  Ossified  Network  Specialized  Packet  Forwarding  Hardware  OperaOng  System  Feature   Feature  3  
  4. 4. 4  Current  Internet    Closed  to  InnovaOons  in  the  Infrastructure  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  OperaOng  System  OperaOng  System  OperaOng  System  OperaOng  System  OperaOng  System  Service   Service   Service  Closed  
  5. 5. “SoXware  Defined  Networking”  !!!    Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  Service   Service   Service  Specialized  Packet  Forwarding  Hardware  OperaOng  System  OperaOng  System  OperaOng  System  OperaOng  System  OperaOng  System  Service   Service   Service  Network  OperaOng    System  LBserviceFWserviceIP routingservice
  6. 6. Simple  Packet  Forwarding  Hardware  Simple  Packet  Forwarding  Hardware  Simple  Packet  Forwarding  Hardware  Simple  Packet  Forwarding  Hardware  Simple  Packet  Forwarding  Hardware            A  SoXware-­‐defined  Network  LBserviceFWserviceIP routingserviceNetwork  OperaOng    System  e.g.,  OpenFlow  North-­‐bound  interface  API  
  7. 7. Ethernet  Switch  7  
  8. 8. 8  Data  Plane  (Hardware)  Control  Path  Control  Plane  (SoXware)  
  9. 9. Data  Plane  (Hardware)  OpenFlow  Client  OpenFlow  Controller  OpenFlow  Protocol  (SSL/TCP)  9  
  10. 10. ControllerPCOpenFlow  Usage  Alice’s codeDecision?OpenFlowProtocolAlice s RuleAlice s Rule Alice s RuleOpenFlow offloads control intelligence to a remote software
  11. 11. OpenFlow  Basics    Flow  Table  Entries  11  Switch  Port  MAC  src  MAC  dst  Eth  type  VLAN  ID  IP  Src  IP  Dst  IP  Prot  L4  sport  L4  dport  Rule   AcOon   Stats  1.  Forward  packet  to  zero  or  more  ports  2.  Encapsulate  and  forward  to  controller  3.  Send  to  normal  processing  pipeline  4.  Modify  Fields  5.  Any  extensions  you  add!  +  mask  what  fields  to  match  +  priority  +  Omeout  (idle  and  hard)  Packet  +  byte  counters  VLAN  pcp  IP  ToS  
  12. 12. Examples  12  Firewall  service  *  Switch  Port  MAC  src  MAC  dst  Eth  type  VLAN  ID  IP  Src  IP  Dst  IP  Prot  TCP  sport  TCP  dport  AcOon  *   *   *   *   *   *   *   *   22   drop  IP  RouOng  service  *  Switch  Port  MAC  src  MAC  dst  Eth  type  VLAN  ID  IP  Src  IP  Dst  IP  Prot  TCP  sport  TCP  dport  AcOon  *   *   *   *   *   5.6.7.8  *   *   *   port6  VLAN  mulOcast  service  *  Switch  Port  MAC  src  MAC  dst  Eth  type  VLAN  ID  IP  Src  IP  Dst  IP  Prot  TCP  sport  TCP  dport  AcOon  *   *   vlan1   *   *   *   *   *  port6,    port7,  port9  00:1f..  
  13. 13. Why  is  Everyone  So  Excited?  •  The  Promise  – Faster  introducOon  of  services  and  applicaOons  – Automate  network  configuraOon  – Lower  CAPEX  and  OPEX  ©  2006-­‐2012  CYAN,  INC.   13  
  14. 14. ApplicaOon  in  DCs:  Network  VirtualizaOon  1.  MulO-­‐tenancy  –  Traffic  isolaOon,  overlapping  IP  addressing,  etc.  2.  AutomaOc  network  configuraOon  –  AutomaOcally  create  required  network  configs  for  new  tenants  –  Reduced  Ome  to  revenue    3.  Hybrid  clouds  with  bursOng  –  Adding  computaOonal  capacity  (in  the  form  of  new  VMs)  as  needed  –  Lossless  live  migraOon  Cloud  DC  PhysicalnetworkfabricHypervisor  Hypervisor  Hypervisor  VM  VM  VM  VM  VM  vm  vm  VM  Logical  L2  Switch  Logical  Network  ControllerClusterLogical  L2  Switch  vm  vm  Openstack  (www.openstack.org)  
  15. 15. ApplicaOon  in  WAN:  E2E  OrchestraOon  •  Today’s  service  provisioning  (using  CMS  like  OpenStack)  is  fragmented  and  incomplete.  Requires  several  manual  steps  for  configuring  the  WAN  (specifically,  the  PE  router)  to  support  QoS  for  the  cloud  tenants.  •  End-­‐to-­‐end  orchestraOon  to  between  DCs  and  enterprises.  WANWANcontrol + mgmt planeDC1 DC2blueplanet / applications APIsNetwork controllersNetwork controllersNetwork controllersCYAN  Inc.  (www.cyaninc.com)  
  16. 16. ApplicaOon  in  NFV  •  NFV:  Network  FuncOon  VirtualizaOon  •  SDN/Openflow  could  help  in  traffic  navigaOon  •  SDN/Openflow  could  help  to  Virtualize:  •  DC  gateway/router  •  BRAS/BNG  •  CPE/home  gateway  •  Route-­‐Reflectors  •  DNS  •  Firewall  •  NAT  •  DHCP  •  Load  balancer  •  DPI  •  etc…    hrp://portal.etsi.org/portal/server.pt/community/NFV/367  
  17. 17. ClarificaOon  •  SDN  is  not  equal  to  Openflow  •  SDN  vs.  Openstack  •  SDN  vs.  NFV  vs  network  innovaOon  
  18. 18.    Demo  18
  19. 19. Setup  Mininet-­‐based  Virtual  Topology    Controller  port6633      c0  OpenFlow  Switch  s1   dpctl  (user  space  process)  h3  10.0.0.3  h2  10.0.0.2  h1  10.0.0.1  virtual  hosts  OpenFlow  Tutorial  3hosts-­‐1switch  Topology   loopback  (127.0.0.1:6633)  loopback  (127.0.0.1:6634)  s1-­‐eth0   s1-­‐eth1   s1-­‐eth2  h1-­‐eth0   h2-­‐eth0   h3-­‐eth0  19$ sudo mn --topo single,3 --mac --switch ovsk --controller remote  
  20. 20. ApplicaOon  1:  Hub  20  OF  Switch  RYU  Hub  (1)(2)(3) (4)(5)(6)
  21. 21. ApplicaOon  2:  Learning  L2  Switch  21  OF  Switch  RYU  simple_switch  (1)(2)(3) (4)(5)(6)Packet-in handlerPort status handler
  22. 22.    Thank  you!  22
  23. 23. Sample  open-­‐source  controllers  Controller   Notes  Ryu   • Apache  license  • Python  NOX/POX   • GPL  • C++  and  Python  Stanford’s  Beacon   • BSD-­‐like  license  • Java-­‐based  Maestro    (from  Rice  Univ)  • GPL  • Based  on  Java  NEC’s  Trema   • Open-­‐source  • Wriren  in  C  and  Ruby  • Included  test  harness  Big  Switch’s  Floodlight   • Apache  license  • Java-­‐based  23  
  24. 24. Sample  OF  commercial  switches  Model   Virtualize   Notes  HP  Procurve  5400zl  or  6600  1  OF  instance  per  VLAN  -­‐ LACP,  VLAN  and  STP  processing  before  OpenFlow  -­‐ Wildcard  rules  or  non-­‐IP  pkts  processed  in  s/w  -­‐ Header  rewriOng  in  s/w  -­‐ CPU  protects  mgmt  during  loop  NEC  IP8800   1  OF  instance  per  VLAN  -­‐ OpenFlow  takes  precedence  -­‐ Most  acOons  processed  in  hardware  -­‐ MAC  header  rewriOng  in  h/w  Brocade  MLX  routers  MulOple  OF  instance  per  switch  -­‐ Hybrid  OpenFlow  switch  with  legacy  protocols  and  OpenFlow  coexisOng  -­‐ OpenFlow  commands  can  override  state  created  by  legacy  protocos  Pronto  3290  or  3780  with  Pica8  or  Indigo  firmware  1  OF  instance  per  switch  -­‐ No  legacy  protocols  (like  VLAN,  STP)  -­‐ Most  acOons  processed  in  hardware  -­‐ MAC  header  rewriOng  in  h/w   24  

×