SlideShare a Scribd company logo

bruce-sdn.pptx

Download as PPTX, PDF
Sameer Ali
Sameer Ali

act

Software
1 of 38
Bruce Davie Systems Approach, LLC Software-Defined Networks A Systems Approach
• There’s a simple answer: • SDN (software-defined networking) is the separation of control and data planes • The separation allows control topology to be independent of physical network topology • The more interesting question is: • Why would anyone want to do this? • That question has a lot of answers… Logically centralized control plane Data Plane e.g. OpenFlow What is SDN?
• History of SDN • Challenges faced by IP networks • SDN architecture • Case Studies: • Network Virtualization • Traffic Engineering • SD-WAN • Bare metal switching Outline
A Revolution in Networking
• 4D, Greenberg et al. – part of a broader set of “Clean Slate” initiatives • Ipsilon General Switch Management Protocol – RFC 2297 (1996) • IETF Forces WG (2001-2015!!) • Ethane (2007) Foundations of SDN
• Lack of abstractions • Inability to express intent • Unpredictable outcome from complex distributed algorithms • Interactions among protocols (e.g. IGP & EGP) • Can’t manage a device unless it’s properly configured • bootstrap issue – control & management plane dependent on correct data plane • Fragility, risk of change • Glacial pace of innovation Challenges with IP networks
Terminal Protocol: Telnet Terminal Protocol: SSH 1996 2016 Evolution of network provisioning: 1996-2016
• Centralizing the control plane enables more powerful abstractions • E.g. X and Y should be able to communicate • Express intent network-wide • Distributed systems techniques to make central control scalable and fault tolerant • Central control means a single API for the network, rather than an API per box • Networks provisioned by software, not humans • Disaggregation → innovation • Network-wide intent → better security Key SDN Insights
Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Linux Mac OS Windows or or Open Interface Microprocessors Disaggregation of computing Industry
Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Open Interface Merchant Silicon Switching Chips Network OS or or Network OS Network OS Disaggregation of networking Industry
• Just because an idea has been tried before without success doesn’t mean it’s a bad idea Random side observation
SDN Architecture
Routing Table (RIB) Forwarding Table (FIB) Data Plane Control Plane Traditional Control and Data Planes Control Plane • Protocols: BGP, OSPF, RIP • RIB: Collection of Link/Path Attributes • Northbound Configuration Interface − e.g., Cisco CLI Data Plane • Protocols: IP • FIB: Optimized for Fast Lookup • Northbound Control Interface − Historically Private/Internal
Control App . . . Control Plane Data Plane Flow Rules Control App Control App Control App Network OS Global Network Map SDN Control and Data Planes
OpenFlow Switch Table 0 Table 1 Table n Execute Action Set . . . Packet In Packet Out Action Set = {} Action Set Packet + Metadata Action Set Packet OpenFlow-style data plane (MAC) (VLAN) (IP) MAC Header … Payload … IP Header TCP/UDP Header Src Addr Dst Addr Type Src Addr Dst Addr Proto … … … Src Port Dst Port … VLAN ID Ctl Type Optional 802.1Q VLAN Tag
Programmable Parser Programmable Deparser Programmable Match-Action Pipeline Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU PISA: Protocol Independent Switching Architecture
Programmable Switch API Merchant Silicon Stratum + ONL gNMI + gNOI + P4Runtime/OpenFlow Tofino (Barefoot), Tomahawk (Broadcom) forward.p4 arch.p4 P4 Compiler Control App Control App Control App gRPC Trellis Network Operating System gRPC API Switch OS ONOS gNMI + gNOI + FlowObjectives SDN Software Stack
Scaling the Central Control Plane Controller Controller Controller Controller Controller Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster
Summary Definition of SDN A network in which the control plane is physically separate from the forwarding plane, and a single control plane controls several forwarding devices. – Nick McKeown (2013) Dimensions • Disaggregated Control and Data planes • Centralized vs Decentralized Control Plane • Fixed-Function vs Programmable Data Plane Phases of SDN • Phase 1: Network operators took ownership of the control plane. • Phase 1a: Non-traditional entrants to the networking business (via disaggregation) • Phase 2: Network operators are taking ownership of the data plane.
• Network Virtualization • SD-WAN • Traffic Engineering • Bare Metal Switching • Inband Network Telemetry Use Cases
Physical Compute & Memory Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled Network Virtualization – An Analogy
2009 22
2012 23
Network, storage, compute Virtualization layer Virtual Machines to Virtual Networks
Network, storage, compute Virtualization layer “Network hypervisor” Virtual Data Centers Virtual Machines to Virtual Networks
Cloud Consumption Manager Controller Data Plane • Self Service Portal • OpenStack, Kubernetes, etc • High–Performance Data Plane • Scale-out Distributed Forwarding Model • Single configuration portal • REST API entry-point • Manages Logical networks • Run-time state • Scale out, HA • Separation of Control and Data Plane Distributed Services • Logical Switch • Distributed Logical Router • Firewall • Load Balancer Virtual Edge 26 Network Virtualization Components
MANAGEMENT PLANE CONTROL PLANE DATA PLANE Translated State Discovered State Network topology request Request stored and acknowledged Calculate data plane state Identify data plane resources Desired State Realized State Management, Control and Data Planes
Perimeter-centric network security has proven insufficient Internet Today’s security model focuses on perimeter defense IT Spend Security Spend Security Breaches But continued security breaches show this model is not enough Problem: Data Center Network Security
App VLAN DMZ VLAN Services VLAN DB VLAN Perimeter firewall Inside firewall Finance Finance Finance HR HR HR IT IT IT AD NTP DHCP DNS CERT Microsegmentation and Zero Trust
 Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them Visibility: changing the laws of physics
• 90% of Fortune 100 have deployed network virtualization • Foundational to hyperscale data centers • Network configuration no longer the “long pole” • A key step towards better network security (but much work remains) • Increasingly important for microservices, kubernetes etc. • Commodifying effect on physical networking • Service Mesh can be viewed as a form of Network Virtualization Network Virtualization – Discussion
SD-WAN Cloud Services Corporate Datacenter Branch SD-WAN Controller Main Office SD-WAN Edge Overlay Tunnel Network Policies
Datacenter Datacenter Datacenter Traffic Engineering Controller Network Policies
Leaf Leaf Leaf Leaf Spine Spine Spine Datacenter Switching Fabric Leaf-Spine Topology • Leaf Switches = Top-of-Rack (ToR) • Optimized for East-West Traffic • Built-in Redundancy (not shown) • Scale with additional layers Well-Established in Commodity Clouds • Bare-Metal Switches • Control Plane running in the cloud Internet
Leaf-Spine Switching Fabric Trellis Design • Intra-Rack: L2 Domain within L3 Subnet • Inter-Rack: L3 Routing between Subnets • Segment Routing across Fabric Trellis Features • VLANs / QinQ • End-to-End L2 Tunnels • IPv4 / IPv6 Routing • Multicast (with IGMP) • ARP (IPv4) / NDP (IPv6) • DHCPv4 / DHCPv6 • High Availability Leaf Leaf Leaf Leaf Spine Spine Spine
S1 Add Switch ID, arrival time, departure, queue delay, etc. Log, analyze, replay, visualize Generate report with switch metadata Header Metadata S1 Payload Header Payload Header Payload Header Metadata S1 Payload Metadata S2 Metadata S1 Metadata S2 Metadata S5 S2 S3 S4 S5 Inband Network Telemetry (INT) Fine-Grain Telemetry • Flow Rule(s) that matched • Queuing delays of individual packets • Other flows being buffered • … Uses • Verify correct behavior • Identify micro-bursts • …
• Scale • Stability & Correctness • Timeliness • Inter-domain SDN Challenges
Discussion

Recommended

Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisDave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisWorld Wide Technology
 
Software Defined Networking: Primer
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer Bangladesh Network Operators Group
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
Introductionto SDN
Introductionto SDN Introductionto SDN
Introductionto SDN Md. Shariful Islam Robin
 
LinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterLinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterShawn Zandi
 
Distributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingDistributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingUS-Ignite
 
4_SDN.pdf
4_SDN.pdf4_SDN.pdf
4_SDN.pdfssuser054b31
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNMuhammad Moinur Rahman
 

Recommended

Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisDave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisWorld Wide Technology
 
Software Defined Networking: Primer
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer Bangladesh Network Operators Group
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
Introductionto SDN
Introductionto SDN Introductionto SDN
Introductionto SDN Md. Shariful Islam Robin
 
LinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterLinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterShawn Zandi
 
Distributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingDistributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingUS-Ignite
 
4_SDN.pdf
4_SDN.pdf4_SDN.pdf
4_SDN.pdfssuser054b31
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNMuhammad Moinur Rahman
 
RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPsnvirters
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys Corporation
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud MigrationJolyne Marie
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentationAbdullah Salama
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFVCoreStack
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networkinginovex GmbH
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsCisco Service Provider
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Deborah Porchivina
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptxHadeeb
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)Milson Munakami
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Raga_SDN_NSX_1
Raga_SDN_NSX_1Raga_SDN_NSX_1
Raga_SDN_NSX_1Ranjith Kumar
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNNetCraftsmen
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptitrups7778
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...APNIC
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3Wen-Pai Lu
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingAPNIC
 
Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxSameer Ali
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.pptSameer Ali
 

More Related Content

Similar to bruce-sdn.pptx

RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPsnvirters
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys Corporation
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentationAbdullah Salama
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFVCoreStack
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networkinginovex GmbH
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsCisco Service Provider
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Deborah Porchivina
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptxHadeeb
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)Milson Munakami
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNNetCraftsmen
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptitrups7778
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...APNIC
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3Wen-Pai Lu
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingAPNIC
 

Similar to bruce-sdn.pptx (20)

RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPs
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud Migration
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentation
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFV
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networking
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox Communications
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptx
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
Raga_SDN_NSX_1
Raga_SDN_NSX_1Raga_SDN_NSX_1
Raga_SDN_NSX_1
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_trupti
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined Networking
 

More from Sameer Ali

Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxSameer Ali
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.pptSameer Ali
 
secure_mobile.ppt
secure_mobile.pptsecure_mobile.ppt
secure_mobile.pptSameer Ali
 
F14_Class1.pptx
F14_Class1.pptxF14_Class1.pptx
F14_Class1.pptxSameer Ali
 
SINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSameer Ali
 

More from Sameer Ali (8)

Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptx
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
Intro (1).ppt
Intro (1).pptIntro (1).ppt
Intro (1).ppt
 
secure_mobile.ppt
secure_mobile.pptsecure_mobile.ppt
secure_mobile.ppt
 
CDP_2(1).pptx
CDP_2(1).pptxCDP_2(1).pptx
CDP_2(1).pptx
 
hel1 (1).ppt
hel1 (1).ppthel1 (1).ppt
hel1 (1).ppt
 
F14_Class1.pptx
F14_Class1.pptxF14_Class1.pptx
F14_Class1.pptx
 
SINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdf
 

Recently uploaded

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfjoe51371421
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationkaushalgiri8080
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...kellynguyen01
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comFatema Valibhai
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providermohitmore19
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEOrtus Solutions, Corp
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsAlberto González Trastoy
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfkalichargn70th171
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about usDynamic Netsoft
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio, Inc.
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideChristina Lin
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfkalichargn70th171
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxComplianceQuest1
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...MyIntelliSource, Inc.
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantAxelRicardoTrocheRiq
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...OnePlan Solutions
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Modelsaagamshah0812
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVshikhaohhpro
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...MyIntelliSource, Inc.
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdfWave PLM
 

Recently uploaded (20)

why an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdfwhy an Opensea Clone Script might be your perfect match.pdf
why an Opensea Clone Script might be your perfect match.pdf
 
Project Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanationProject Based Learning (A.I).pptx detail explanation
Project Based Learning (A.I).pptx detail explanation
 
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
Short Story: Unveiling the Reasoning Abilities of Large Language Models by Ke...
 
HR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.comHR Software Buyers Guide in 2024 - HRSoftware.com
HR Software Buyers Guide in 2024 - HRSoftware.com
 
TECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service providerTECUNIQUE: Success Stories: IT Service provider
TECUNIQUE: Success Stories: IT Service provider
 
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASEBATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
BATTLEFIELD ORM: TIPS, TACTICS AND STRATEGIES FOR CONQUERING YOUR DATABASE
 
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time ApplicationsUnveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
Unveiling the Tech Salsa of LAMs with Janus in Real-Time Applications
 
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdfThe Ultimate Test Automation Guide_ Best Practices and Tips.pdf
The Ultimate Test Automation Guide_ Best Practices and Tips.pdf
 
DNT_Corporate presentation know about us
DNT_Corporate presentation know about usDNT_Corporate presentation know about us
DNT_Corporate presentation know about us
 
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed DataAlluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
Alluxio Monthly Webinar | Cloud-Native Model Training on Distributed Data
 
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop SlideBuilding Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
Building Real-Time Data Pipelines: Stream & Batch Processing workshop Slide
 
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdfLearn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
Learn the Fundamentals of XCUITest Framework_ A Beginner's Guide.pdf
 
A Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docxA Secure and Reliable Document Management System is Essential.docx
A Secure and Reliable Document Management System is Essential.docx
 
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
Steps To Getting Up And Running Quickly With MyTimeClock Employee Scheduling ...
 
Salesforce Certified Field Service Consultant
Salesforce Certified Field Service ConsultantSalesforce Certified Field Service Consultant
Salesforce Certified Field Service Consultant
 
Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...Advancing Engineering with AI through the Next Generation of Strategic Projec...
Advancing Engineering with AI through the Next Generation of Strategic Projec...
 
Unlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language ModelsUnlocking the Future of AI Agents with Large Language Models
Unlocking the Future of AI Agents with Large Language Models
 
Optimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTVOptimizing AI for immediate response in Smart CCTV
Optimizing AI for immediate response in Smart CCTV
 
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
Try MyIntelliAccount Cloud Accounting Software As A Service Solution Risk Fre...
 
5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf5 Signs You Need a Fashion PLM Software.pdf
5 Signs You Need a Fashion PLM Software.pdf
 

bruce-sdn.pptx

  • 1. Bruce Davie Systems Approach, LLC Software-Defined Networks A Systems Approach
  • 2. • There’s a simple answer: • SDN (software-defined networking) is the separation of control and data planes • The separation allows control topology to be independent of physical network topology • The more interesting question is: • Why would anyone want to do this? • That question has a lot of answers… Logically centralized control plane Data Plane e.g. OpenFlow What is SDN?
  • 3. • History of SDN • Challenges faced by IP networks • SDN architecture • Case Studies: • Network Virtualization • Traffic Engineering • SD-WAN • Bare metal switching Outline
  • 4. A Revolution in Networking
  • 5. • 4D, Greenberg et al. – part of a broader set of “Clean Slate” initiatives • Ipsilon General Switch Management Protocol – RFC 2297 (1996) • IETF Forces WG (2001-2015!!) • Ethane (2007) Foundations of SDN
  • 6. • Lack of abstractions • Inability to express intent • Unpredictable outcome from complex distributed algorithms • Interactions among protocols (e.g. IGP & EGP) • Can’t manage a device unless it’s properly configured • bootstrap issue – control & management plane dependent on correct data plane • Fragility, risk of change • Glacial pace of innovation Challenges with IP networks
  • 7. Terminal Protocol: Telnet Terminal Protocol: SSH 1996 2016 Evolution of network provisioning: 1996-2016
  • 8. • Centralizing the control plane enables more powerful abstractions • E.g. X and Y should be able to communicate • Express intent network-wide • Distributed systems techniques to make central control scalable and fault tolerant • Central control means a single API for the network, rather than an API per box • Networks provisioned by software, not humans • Disaggregation → innovation • Network-wide intent → better security Key SDN Insights
  • 10. Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Open Interface Merchant Silicon Switching Chips Network OS or or Network OS Network OS Disaggregation of networking Industry
  • 11. • Just because an idea has been tried before without success doesn’t mean it’s a bad idea Random side observation
  • 13. Routing Table (RIB) Forwarding Table (FIB) Data Plane Control Plane Traditional Control and Data Planes Control Plane • Protocols: BGP, OSPF, RIP • RIB: Collection of Link/Path Attributes • Northbound Configuration Interface − e.g., Cisco CLI Data Plane • Protocols: IP • FIB: Optimized for Fast Lookup • Northbound Control Interface − Historically Private/Internal
  • 14. Control App . . . Control Plane Data Plane Flow Rules Control App Control App Control App Network OS Global Network Map SDN Control and Data Planes
  • 15. OpenFlow Switch Table 0 Table 1 Table n Execute Action Set . . . Packet In Packet Out Action Set = {} Action Set Packet + Metadata Action Set Packet OpenFlow-style data plane (MAC) (VLAN) (IP) MAC Header … Payload … IP Header TCP/UDP Header Src Addr Dst Addr Type Src Addr Dst Addr Proto … … … Src Port Dst Port … VLAN ID Ctl Type Optional 802.1Q VLAN Tag
  • 17. Programmable Switch API Merchant Silicon Stratum + ONL gNMI + gNOI + P4Runtime/OpenFlow Tofino (Barefoot), Tomahawk (Broadcom) forward.p4 arch.p4 P4 Compiler Control App Control App Control App gRPC Trellis Network Operating System gRPC API Switch OS ONOS gNMI + gNOI + FlowObjectives SDN Software Stack
  • 18. Scaling the Central Control Plane Controller Controller Controller Controller Controller Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster
  • 19. Summary Definition of SDN A network in which the control plane is physically separate from the forwarding plane, and a single control plane controls several forwarding devices. – Nick McKeown (2013) Dimensions • Disaggregated Control and Data planes • Centralized vs Decentralized Control Plane • Fixed-Function vs Programmable Data Plane Phases of SDN • Phase 1: Network operators took ownership of the control plane. • Phase 1a: Non-traditional entrants to the networking business (via disaggregation) • Phase 2: Network operators are taking ownership of the data plane.
  • 20. • Network Virtualization • SD-WAN • Traffic Engineering • Bare Metal Switching • Inband Network Telemetry Use Cases
  • 21. Physical Compute & Memory Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled Network Virtualization – An Analogy
  • 24. Network, storage, compute Virtualization layer Virtual Machines to Virtual Networks
  • 25. Network, storage, compute Virtualization layer “Network hypervisor” Virtual Data Centers Virtual Machines to Virtual Networks
  • 26. Cloud Consumption Manager Controller Data Plane • Self Service Portal • OpenStack, Kubernetes, etc • High–Performance Data Plane • Scale-out Distributed Forwarding Model • Single configuration portal • REST API entry-point • Manages Logical networks • Run-time state • Scale out, HA • Separation of Control and Data Plane Distributed Services • Logical Switch • Distributed Logical Router • Firewall • Load Balancer Virtual Edge 26 Network Virtualization Components
  • 27. MANAGEMENT PLANE CONTROL PLANE DATA PLANE Translated State Discovered State Network topology request Request stored and acknowledged Calculate data plane state Identify data plane resources Desired State Realized State Management, Control and Data Planes
  • 28. Perimeter-centric network security has proven insufficient Internet Today’s security model focuses on perimeter defense IT Spend Security Spend Security Breaches But continued security breaches show this model is not enough Problem: Data Center Network Security
  • 29. App VLAN DMZ VLAN Services VLAN DB VLAN Perimeter firewall Inside firewall Finance Finance Finance HR HR HR IT IT IT AD NTP DHCP DNS CERT Microsegmentation and Zero Trust
  • 30.  Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them Visibility: changing the laws of physics
  • 31. • 90% of Fortune 100 have deployed network virtualization • Foundational to hyperscale data centers • Network configuration no longer the “long pole” • A key step towards better network security (but much work remains) • Increasingly important for microservices, kubernetes etc. • Commodifying effect on physical networking • Service Mesh can be viewed as a form of Network Virtualization Network Virtualization – Discussion
  • 32. SD-WAN Cloud Services Corporate Datacenter Branch SD-WAN Controller Main Office SD-WAN Edge Overlay Tunnel Network Policies
  • 34. Leaf Leaf Leaf Leaf Spine Spine Spine Datacenter Switching Fabric Leaf-Spine Topology • Leaf Switches = Top-of-Rack (ToR) • Optimized for East-West Traffic • Built-in Redundancy (not shown) • Scale with additional layers Well-Established in Commodity Clouds • Bare-Metal Switches • Control Plane running in the cloud Internet
  • 35. Leaf-Spine Switching Fabric Trellis Design • Intra-Rack: L2 Domain within L3 Subnet • Inter-Rack: L3 Routing between Subnets • Segment Routing across Fabric Trellis Features • VLANs / QinQ • End-to-End L2 Tunnels • IPv4 / IPv6 Routing • Multicast (with IGMP) • ARP (IPv4) / NDP (IPv6) • DHCPv4 / DHCPv6 • High Availability Leaf Leaf Leaf Leaf Spine Spine Spine
  • 36. S1 Add Switch ID, arrival time, departure, queue delay, etc. Log, analyze, replay, visualize Generate report with switch metadata Header Metadata S1 Payload Header Payload Header Payload Header Metadata S1 Payload Metadata S2 Metadata S1 Metadata S2 Metadata S5 S2 S3 S4 S5 Inband Network Telemetry (INT) Fine-Grain Telemetry • Flow Rule(s) that matched • Queuing delays of individual packets • Other flows being buffered • … Uses • Verify correct behavior • Identify micro-bursts • …
  • 37. • Scale • Stability & Correctness • Timeliness • Inter-domain SDN Challenges

Editor's Notes

  1. CP is important; OF is a detail
  2. Could mention MPLS as example of how hard innovation was pre SDN
  3. Non intuitive: you need a model of the data plane to be able to separate it from control
  4. Hyperv possible
  5. Show a logical topology getting mapped from top to bottom with animation
  6. All Apps on a VLAN can communicate freely Once one App is compromised, lateral movement cannot be restricted Micro-segmentation can granularly control apps even on shared VLAN
  7. Scale example – from NSX-mh to NSX-T (fewer hosts etc), API scale for NSX-T
  8. What do you think is next? – Fully automated networks? Does the innovation argument hold up? How does BGP play into this? Interdomain still seems broken. Architecture papers are the exception. Networking people love protocols.