Download as PDF, PPTX
More Related Content
Similar to Analytics driven SDN and commodity switches
![How Big Brands are Taking Your Traffic in Alberta [Data Inside].pptx](https://cdn.slidesharecdn.com/ss_thumbnails/howbigbrandsaretakingyourtrafficinalbertadatainside-260123180142-42d276f3-thumbnail.jpg?width=640&height=640&fit=bounds)
Analytics driven SDN and commodity switches
- 1. Analytics driven SDNand commodity switches Peter Phaal Founder and President, InMon Corp. Silicon Valley SDN Group, May, 2014
- 2. Copyright © 2014InMon Corporation Controller Analyze Plan Act Network Measurement Protocol Control Protocol Feedback control “You can’t control what you can’t measure” Tom DeMarco
- 3. Copyright © 2014InMon Corporation Separation of edge and core Fabric: A Retrospective on Evolving SDN by Martin Casado, Teemu Koponen, Scott Shenker, and Amin Tootoonchian Network Elements Controller Functions Edge flexible software virtual switches network virtualization, tenant isolation, security, NFV… e.g. NSX, Nuage … Fabric simple, low cost, vendor neutral, hardware switches traffic analytics and control to increase efficiency dard headers) , this requires dreds of bits; d only match e forwarding y far from the y. We expect to increasing in turn means owed and the ign paradigm, ery switch. It a sweet spot functionality ion towards a generality. ements to the to but more hange in the IPv4 to IPv6) Fabric Elements Fabric Controller Src Host Dst Host Edge Controller Ingress Edge Switch Egress Edge Switch Figure 1: The source host sends a packet to an edge switch, which after providing network services, sends it across the fabric for the egress switch to deliver it to the destination host. Neither host sees any internals of the fabric. The control planes of the edge and fabric are similarly decoupled. a new concept but rather we believe it should be included as an architectural building block within SDN. We now identify the key properties for these fabrics. Separation of Forwarding. In order for a fabric to remain decou- pled from the edge it should provide a minimal set of forwarding primitives without exposing any internal forwarding mechanisms Simple, low cost, vendor neutral → merchant silicon
- 4. Copyright © 2014InMon Corporation Rise of merchant silicon 20132011 Ports Opportunity to leverage merchant silicon traffic analytics and apply targeted controls to increase fabric efficiency
- 5. Copyright © 2014InMon Corporation Large “Elephant” flows http://research.microsoft.com/en-us/UM/people/srikanth/data/imc09_dcTraffic.pdf Elephant flows are the small number of long lived large flows responsible for majority of bytes on network http://blog.sflow.com/2013/02/sdn-and-large-flows.html
- 6. Copyright © 2014InMon Corporation packets decode hash sendflow cache flushsample Flow Records flow cache embedded on switchcustom ASIC based switch NetFlow IPFIX … decode hash sendflow cache flush Flow Records packets send poll i/f counters sample multiple switches export sFlow packets send poll i/f counters sample ... external software flow cache merchant silicon based switch (Broadcom, Intel/Fulcrum, and Marvell) JSON/REST NetFlow IPFIX … • Reduce ASIC cost / complexity • Fast response (data not sitting on switch) • Centralized, network-wide visibility • Increase flexibility → software defined analytics Move flow cache from ASIC to external software Scale-out alternative to SNMP polling Traffic analytics with sFlow Centralized real-time analytics identifies large flows, paths, hot spots etc. → plan corrective actions How can controls be efficiently deployed?
- 7. Copyright © 2014InMon Corporation • Simple, no change to normal forwarding behavior - BGP, OSPF, SPB, TRILL, LAG/MLAG etc. used to control L2 / L3 forwarding tables • Efficient, merchant silicon hardware multipath forwarding efficiently handles most flows. OpenFlow used to control ACL table and selectively override forwarding of specific flows (block, mark, steer, rate-limit), maximizing effectiveness of limited general match capacity. Note: very few ACLs needed in fabric since policy has shifted to edge - mainly required to protect control plane • Scaleable, flows handled by existing control plane, OpenFlow only used when controller wants to make an exception. Note: An OpenFlow controller could pro-actively configure L2/L3 tables to define “NORMAL” forwarding and still support hybrid control of ACL table • Robust, if controller fails, network keeps forwarding Traffic control with hybrid OpenFlow Hybrid Programmable Forwarding Plane, David Ward, ONF Summit, 2011
- 8. Copyright © 2014InMon Corporation sFlow-RT feedback controller Large flow steering DDoS Mitigation REST API Open “Southbound” APIs Data Plane Real-time analytics and control Hosts Open “Northbound” APIs User defined policy sFlow-RT controller real-time analytics hybrid OpenFlow controller Open JavaScript/ECMAScript API optimized for SDN traffic engineering applications Large flow marking … Web portal OpenStack etc.
- 9. Copyright © 2014InMon Corporation Brocade/InMon: DDoS mitigation http://www.opennetsummit.org/pdf/2014/sdn-idol/Brocade-SDN-Idol-Proposal.pdf “Real-Time SDN Analytics for DDoS Mitigation” winner of ONS SDN Idol 2014
- 10. Copyright © 2014InMon Corporation ALU/InMon: Large flow marking http://enterprise.alcatel-lucent.com/docs/?id=23847
- 11. Copyright © 2014InMon Corporation Extend control beyond network Analyze Plan Act Network, Storage, Compute sFlow-RT Feedback Controller Maximize data center efficiency through coordinated workload placement and resource allocation of network, storage, and compute based on measured loads and communication patterns e.g. reduce network congestion by instructing OpenStack to move virtual machine
- 12. Copyright © 2014InMon Corporation • InMon.com • blog.sFlow.com • sFlow.org • Host-sFlow.SourceForge.net • Velocity 2012 http://blog.sflow.com/2013/04/velocity-conference-talk.html • Bay Area Network Virtualization Meetup http://blog.sflow.com/2013/06/bay-area-network-virtualization-talk.html • Mininet testbed http://blog.sflow.com/2014/04/mininet-integrated-hybrid-openflow.html Explore further