This is a presentation on a research work we had done on software defined networking. It involves improving data plane processing in SDN networks by embedding application-level intelligence
1. ET2541: Advanced Topics in Telecommunication
systems
Application-aware Data-Plane Processing in SDN
Nitin Reddy Ayyagari
Pruthviraj Reddy Kanmantha
{niay14, prkb14@student.bth.se}
2. Software-Defined Networking
Key Aspects:
Changing traffic patterns and rise of Cloud Services-bandwidth hungry
Current infrastructure limitations-complexity, vendor lock-in and
scalability
SDN-New paradigm in network automation, aims to meet the dynamic
needs of future networks
Decoupling control plane from the forwarding plane in a network
Enabling software programs to monitor, operate and manage networks
Reduction in CAPEX and OPEX, flexible traffic managment and
enhanced control over the network
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
1
3. OpenFlow
Key Aspects
Programmability of data plane through an open API like OpenFlow
Operates through <match, action> rules
Forwarding rules installed in network
Elements by centralized controller
Parsing of packet headers-checked against
entries, corresponding actions taken!
Implemented in TCAM
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
2
SDN Framework
4. Need for application
awareness in data-plane
processing
Key Aspects
Current works more focused in programmability of control plane and little
with respect to data plane
Parsing of headers limited to L2-L4
More functionality can be extended by adding upto L7 processing
Different services have different requirements, think about multi-tenant
data centres
Ex: Bandwidth requirement for Web browsing and Video Streaming
Network functions such as Load balancing and Firewall require deep
packet inspection above transport layer.
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
3
5. Application-aware architecture
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
4
Flow specific actions- inspection and
matching of various packet fields
Packets Kernel Flow table Flow table
pipeline Connection manager
Controller
Round trip delay from Switch to the
controller
Application logic locally at data plane
instead of controller
Intercept the packets before being sent to
the controller
Adds stateful app processing capability to
Fig: Extended SDN architecture
Source: Bell labs, Alcatel Lucent
6. App table
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
Kurt Tutschku
Introduction of App table, similar to Flow table in principle
Experimented a case where request from client, directed
to servers based on L7 processing(content-aware
processing)
Reduced response times with less overhead
Service chaining of apps possible
Terminate all further action based on specific event
occurrence
Downside is no dynamic addition of app logic without
disruption
7. Tagging approach : TagFlow
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
6
OpenFlow, an open API for SDN
based on <match,action> rules
Main problem: predefined protocol headers,
need for support for more protocols,
convergence of fields
OpenFlow v1.1 has 15 fields, v1.3 has 40 fields
Approach: Tagging vs Hashing
Offloading classification load and label
assignment at network edge
Theme: Application layer classification at the
edge and one field matching at the core
Tag attached at the end of the packet for
Source: Akihiro Nakao,
University of Tokyo
Fig 1: TagFlow system architecture
8. TagFlow
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
Kurt Tutschku
TagFlow supports a more flexible field-matching using
tagging approaches as an alternative to OpenFlow
Tag classification- on basis of security, priority based
forwarding
Advantage: Much less overhead on core network
Experimented on FLARE switch-open deeply
programmable switch
Tagging < Hashing < Deep packet inspection in terms of
processing times
9. User-defined actions
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
Kurt Tutschku
Actions in OpenFlow are not flexible to modify
No feasibility of adding user-defined actions to the
current architecture
User, here refers to the network operator and not end-
user
Freedom to implement new functions rather than doing it
through middle boxes
Running applications in south bound data plane
promising than running in north bound control plane
Lack of accessibilty of packet payload to control plane,
consequence is difficulty in matching more than one bit
stream
Implementing two security solutions in control and data
10. Other approaches
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
Kurt Tutschku
Middle boxes extensively deployed! May not vanish in
foreseeable future
ETTM: End to the Middle, centralized software being
implemented on certain end points
Middle boxes extensively manipulate the packet headers
Flow Tag approach to track the flows of the packets
between middle boxes
Not revolutionary solutions, only for improving current
state of the infrastructure
11. Conclusion
• Rethinking networking
– Open interfaces to the data plane
– Separation of control and data
– Application awareness in routing and data processing
• Significant momentum
– In both research and industry
LP2 2014/15
ET2541: Adv. Topics in Telecom.-
systems - Technical Lecture 1
Kurt Tutschku