Sameer Ali, profile picture
Uploaded bySameer Ali
PPTX, PDF13 views

F14_Class1.pptx

This document provides an overview of a course on Software Defined Networking (SDN). It discusses: 1. The course format which includes assignments on using SDN environments and writing controller applications, as well as a course project. 2. An introduction to SDN which describes how SDN decouples the network control and forwarding planes using a southbound API. This allows for a global view of the network and programmatic control. 3. Some of the key sections that will be covered in the course, including OpenFlow, network virtualization use cases, and SDN challenges related to controller availability.

Embed presentation

Download to read offline
CPS 590: Software Defined Networking Theophilus Benson
Welcome!
Administrative Details • Course Format – Student Engagement (30%) • Class Participation (20%) • Paper Reviews (10%) – Course Assignments (20%) • Learning to use SDN environments • Writing Controller Applications – Course Project (60%) • Deep dive into an SDN topic
Outline • Section 1: SDN Ecosystem – SDN Motivation – SDN Primer – Dimensions of SDN Environments – Dimensions of SDN Applications • Section 2: OpenFlow Primer • Section 3: Demo/Use-cases – Network Virtualization • Section 4: SDN Challenges – SDN Challenges
Section 1
Network Today… • Vertical integrated stacks – Similar to PC in 1980s IBM’s Mainframe Cisco Routers D.B. O.S CPU COBOL Apps. VLANS Switch O.S. ASIC L3 Routing
Implications of Networking… • Restricted to ill defined vendor CLI – Provisioning is slow…. • VM provisioning: 1min • Virtual network provisioning: 1-3 weeks
Software Defined Networking • Southbound API: decouples the switch hardware from control function – Data plane from control plane • Switch Operating System: exposes switch hardware primitives Network O.S. Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware Network O.S. ASIC Applications Applications Current Switch Vertical stack SDN Switch Decoupled stack
Implications Of SDN Controller (N. O.S.) Applications Applications Applications Southbound API Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Global View Programmatic Control Current Networking SDN Enabled Environment Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications
Implications Of SDN Current Networking SDN Enabled Environment Controller (N. O.S.) Applications Applications Applications Southbound API Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW • Distributed protocols • Each switch has a brain • Hard to achieve optimal solution • Network configured indirectly • Configure protocols • Hope protocols converge • Global view of the network • Applications can achieve optimal • Southbound API gives fine grained control over switch • Network configured directly • Allows automation • Allows definition of new interfaces Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications
How SDN Works Controller (N. O.S.) Applications Applications Applications Southbound API Switch H.W Switch O.S Switch H.W Switch O.S
How to Pick an SDN Environment Network O.S. Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware What is the Southbound AP!? Is the switch hardware and OS closed? Is the switch virtual or physical? How easy is it to develop on for the Controller platform?
Dimensions of SDN Environments: Vendor Devices Vertical Stacks • Vendor bundles switch and switch OS – Restricted to vendor OS and vendor interface • Low operational overhead – One stop shop Whitebox Networking • Vendor provides hardware with no switch OS • Switch OS provided by third party – Flexibility in picking OS • High operational overhead – Must deal with multiple vendors
Dimensions of SDN Environments: Switch Hardware Virtual: Overlay • Pure software implementation – Assumes programmable virtual switches – Run in Hypervisor or in the OS – Larger Flow Table entries (more memory and CPU) • Backward compatible – Physical switches run traditional protocols • Traffic sent in tunnels – Lack of visibility into physical network Physical: Underlay • Fine grained control and visibility into network • Assumes specialized hardware – Limited Flow Table entries
Dimensions of SDN Environments: Southbound Interface OpenFlow • Flexible matching – L2, L3, VLAN, MPLS • Flexible actions – Encapsulation: IP-in-IP – Address rewriting: • IP address • Mac address BGP/XMPP/IS-IS/NetConf • Limited matching – IS-IS: L3 – BGP+MPLS: L3+MPLS • Limited actions – L3/l2 forwarding – Encapsulation
Dimensions of SDN Environments: Controller Types Modular Controllers • Application code manipulates forwarding rules – E.g. OpenDaylight, Floodlight • Written in imperative languages – Java, C++, Python • Dominant controller style High Level Controllers • Application code specifies declarative policies – E.g. Frenetic, McNettle • Application code is verifiable – Amendable to formal verification • Written in functional languages – Nettle, OCamal
BigSwitch • Controller Type • Modular: Floodlight • Southbound API: OpenFlow • OpenFlow 1.3 • SDN Device: Whitebox • (indigo) • SDN Flavor • Underlay+Overlay
Juniper Contrail • Controller Type • Modular: OpenContrail • Southbound API: XMPP/NetConf • BGP+MPLS • SDN Device: Vertical Stack • Propriety Junos • SDN Flavor • Overlay
SDN EcoSystem Arista OF + proprietary Underlay Vertical Stack Broadcom OF + proprietary Underlay Vertical Stack HP OF Underlay Vertical Stack Cisco OF + proprietary Underlay+Overlay Vertical Stack FloodLight OF Underlay+Overlay Whitebox Dell OF Underlay Vertical Stack HP OF Underlay Vertical Stack Alcatel BGP Overlay Vertical Stack Juniper BGP+NetConf Overlay Vertical Stack
SDN Stack • Southbound API: decouples the switch hardware from control function – Data plane from control plane • Switch Operating System: exposes switch hardware primitives Controller (Network O.S.) Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware
23 Section2: Southbound API: OpenFlow
OpenFlow • Developed in Stanford – Standardized by Open Networking Foundation (ONF) – Current Version 1.4 • Version implemented by switch vendors: 1.3 • Allows control of underlay + overlay – Overlay switches: OpenVSwitch/Indigo-light PC
How SDN Works: OpenFlow Controller (N. O.S.) Applications Applications Applications Southbound API Switch H.W Switch O.S Switch H.W Switch O.S OpenFlow OpenFlow
OpenFlow: Anatomy of a Flow Table Entry Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Match Action Counter 1. Forward packet to zero or more ports 2. Encapsulate and forward to controller 3. Send to normal processing pipeline 4. Modify Fields When to delete the entry VLAN pcp IP ToS Priority Time-out What order to process the rule # of Packet/Bytes processed by the rule
OpenFlow: Types of Messages  Asynchronous (Controller-to-Switch)  Send-packet: to send packet out of a specific port on a switch  Flow-mod: to add/delete/modify flows in the flow table  Asynchronous (initiated by the switch)  Read-state: to collect statistics about flow table, ports and individual flows  Features: sent by controller when a switch connects to find out the features supported by a switch  Configuration: to set and query configuration parameters in the switch  Asynchronous (initiated by the switch)  Packet-in: for all packets that do not have a matching rule, this event is sent to controller  Flow-removed: whenever a flow rule expires, the controller is sent a flow-removed message  Port-status: whenever a port configuration or state changes, a message is sent to controller  Error: error messages  Symmetric (can be sent in either direction without solicitation)  Hello: at connection startup  Echo: to indicate latency, bandwidth or liveliness of a controller-switch connection  Vendor: for extensions (that can be included in later OpenFlow versions)
Dimension of SDN Applications: Rule installation Proactive Rules Reactive Rules Controller (N. O.S.) Applications Applications Applications Switch H.W O.S Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
Dimension of SDN Applications: Rule installation Proactive Rules • Controller pre-installs flow table entries – Zero flow setup time • Requires installation of rules for all possible traffic patterns – Requires use of aggregate rules (Wildcards) – Require foreknowledge of traffic patterns – Waste flow table entries Reactive Rules • First packet of each flow triggers rule insertion by the controller – Each flow incurs flow setup time – Controller is bottleneck – Efficient use of flow tables
Dimensions of SDN Applications: Granularity of Rules Microflow WildCards (aggregated rules) Controller (N. O.S.) Applications Applications Applications Switch H.W O.S Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
Dimensions of SDN Applications: Granularity of Rules Microflow • One flow table matches one flow • Uses CAM/hash-table – 10-20K per physical switch • Allows precisions – Monitoring: gives counters for individual flows – Access-Control: allow/deny individual flows WildCards (aggregated rules) • One flow table entry matches a group of flow • Uses TCAM – 5000~4K per physical switch • Allows scale – Minimizes overhead by grouping flows
Dimensions of SDN Applications: Granularity of Rules Distributed Controller Centralized Controller Controller (N. O.S.) Applications Applications Applications Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Controller (N. O.S.) Applications Applications Applications Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications
Google’ B4 Application • Rule installation • Proactive • Rule Granularity • Aggregate • Distributed • Multiple instances
Section 2: SDN Challenges
Controller Availability 45 Controller (N. O.S.) Applications Applications Applications
Controller Availability 46 Controller (N. O.S.) Applications Applications Applications
Controller Availability “control a large force like a small force: divide and conquer” --Sun Tzu, Art of war 47 • How many controllers? • How do you assign switches to controllers? • More importantly: which assignment reduces processing time • How to ensure consistency between controllers Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications
SDN Reliability/Fault Tolerance 48 Controller (N. O.S.) Applications Applications Applications Controller: Single point of control • Bug in controller takes the whole network down Existing network survives failures or bugs in code for any one devices
SDN Reliability/Fault Tolerance 49 Controller (N. O.S.) Applications Applications Applications Controller: Single point of control • Bug in controller takes the whole network down • Single point of failure Existing network survives failures or bugs in code for any one devices
SDN Security 50 Controller (N. O.S.) Applications Applications Applications Controller: Single point of control • Compromise controller If one device in the current networks are compromised the network may still be safe
SDN Security 51 Controller (N. O.S.) Applications Applications Applications Controller: Single point of control • Compromise controller • Denial of Service attack the control channel
Data-Plane Limitations • Limited Number of TCAM entries – Currently only 1K • Networks have more than 1K flows – How to fit network in limited entries? • Limited control channel capacity – All switches use same controller interface – Need to rate limit control messages • Prioritize certain messages • Limited switch CPU – Less power than a smartphone  – Limit control messages and actions that use CPU Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
Debugging SDNs • Problems can occur anywhere in the SDN stack – How do you diagnose each type of problem? Network O.S. Applications Applications Applications Switch Operating System Switch Hardware Buggy App Buggy NOS Switch Operating System Switch Hardware Buggy Switc h H/W Buggy Switc h
Section 2: SDN – A Systems Approach to SDN
Conclusion • An overview of SDN technologies • Introduction to OpenFlow • Developing Applications on OpenFlow

More Related Content

PDF
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
PPTX
Sdn ppt
byPallavi Chhikara
 
PDF
Introduction to SDN
byMuhammad Moinur Rahman
 
PPTX
Software Defined networking (SDN)
byMilson Munakami
 
PPTX
Software Defined Networking(SDN) and practical implementation_trupti
bytrups7778
 
PDF
Introductionto SDN
byMd. Shariful Islam Robin
 
PPTX
Software Defined Networking: Primer
byBangladesh Network Operators Group
 
PPTX
sdnppt-140325015756-phpapp01.pptx
byAamirMaqsood8
 
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
Sdn ppt
byPallavi Chhikara
 
Introduction to SDN
byMuhammad Moinur Rahman
 
Software Defined networking (SDN)
byMilson Munakami
 
Software Defined Networking(SDN) and practical implementation_trupti
bytrups7778
 
Introductionto SDN
byMd. Shariful Islam Robin
 
Software Defined Networking: Primer
byBangladesh Network Operators Group
 
sdnppt-140325015756-phpapp01.pptx
byAamirMaqsood8
 

Similar to F14_Class1.pptx

PPTX
SDN Architecture & Ecosystem
byKingston Smiler
 
PPTX
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
PPTX
Software Defined Networking, Concepts and Practical Implementations
byBangladesh Network Operators Group
 
PPTX
Software-Defined Networking (SDN) is a transformative networking paradigm
byeticket4403
 
PPTX
22IT508 - Full Stack Development with Node and React.pptx
byPandiya Rajan
 
PPTX
Software Defined Networks
byShreeya Shah
 
PPTX
08-Software Defined Networking Southern Carolina
bycustcharanhp2309
 
PDF
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
byAPNIC
 
PPT
Software defined networking
byGoogle
 
PPTX
Open Flow Protocol
byVishal S M B
 
PPTX
Software-Defined Networking(SDN):A New Approach to Networking
byAnju Ann
 
PPTX
SDN - a new security paradigm?
bySophos Benelux
 
PPTX
Software_Defined_Networking.pptx
byAsfawGedamu
 
PPTX
Performance Evaluation for Software Defined Networking (SDN) Based on Adaptiv...
byUniversity of Technology - Iraq
 
PPTX
SDN Multi-Controller Domain.pptx
bySandeep Maurya
 
PPTX
Software Define Network, a new security paradigm ?
byJean-Marc ANDRE
 
PPTX
API Management for Software Defined Network (SDN)
byApigee | Google Cloud
 
PDF
Web-Based User Interface for the Floodlight SDN Controller
byEswar Publications
 
PDF
SDN (Software Defined Networking) Controller
byVipin Gupta
 
PDF
DesignofSDNmanageableswitch.pdf
byFernando Velez Varela
 
SDN Architecture & Ecosystem
byKingston Smiler
 
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
Software Defined Networking, Concepts and Practical Implementations
byBangladesh Network Operators Group
 
Software-Defined Networking (SDN) is a transformative networking paradigm
byeticket4403
 
22IT508 - Full Stack Development with Node and React.pptx
byPandiya Rajan
 
Software Defined Networks
byShreeya Shah
 
08-Software Defined Networking Southern Carolina
bycustcharanhp2309
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
byAPNIC
 
Software defined networking
byGoogle
 
Open Flow Protocol
byVishal S M B
 
Software-Defined Networking(SDN):A New Approach to Networking
byAnju Ann
 
SDN - a new security paradigm?
bySophos Benelux
 
Software_Defined_Networking.pptx
byAsfawGedamu
 
Performance Evaluation for Software Defined Networking (SDN) Based on Adaptiv...
byUniversity of Technology - Iraq
 
SDN Multi-Controller Domain.pptx
bySandeep Maurya
 
Software Define Network, a new security paradigm ?
byJean-Marc ANDRE
 
API Management for Software Defined Network (SDN)
byApigee | Google Cloud
 
Web-Based User Interface for the Floodlight SDN Controller
byEswar Publications
 
SDN (Software Defined Networking) Controller
byVipin Gupta
 
DesignofSDNmanageableswitch.pdf
byFernando Velez Varela
 

More from Sameer Ali

PPTX
CDP_2(1).pptx
bySameer Ali
 
PPT
Intro (1).ppt
bySameer Ali
 
PPTX
Lecture 1 - Introduction to Course & Course outline.pptx
bySameer Ali
 
PPTX
bruce-sdn.pptx
bySameer Ali
 
PDF
SINDH SALES TAX ON SERVICES ACT 2011.pdf
bySameer Ali
 
PPT
cloud-complete.ppt
bySameer Ali
 
PPT
secure_mobile.ppt
bySameer Ali
 
PPT
555_Spring12CryptoCryptoCrypto_topic23.ppt
bySameer Ali
 
PPT
hel1 (1).ppt
bySameer Ali
 
CDP_2(1).pptx
bySameer Ali
 
Intro (1).ppt
bySameer Ali
 
Lecture 1 - Introduction to Course & Course outline.pptx
bySameer Ali
 
bruce-sdn.pptx
bySameer Ali
 
SINDH SALES TAX ON SERVICES ACT 2011.pdf
bySameer Ali
 
cloud-complete.ppt
bySameer Ali
 
secure_mobile.ppt
bySameer Ali
 
555_Spring12CryptoCryptoCrypto_topic23.ppt
bySameer Ali
 
hel1 (1).ppt
bySameer Ali
 

Recently uploaded

PDF
Lion One Corporate Presentation November 2025 Revised
byAdnet Communications
 
PDF
HIROSHI BRYAN VO - A Bilingual Voice Actor
byHIROSHI BRYAN VO
 
PDF
Joseph Heiman New Jersey - Passionate About Finance
byJoseph Heiman New Jersey
 
PDF
The Most Recommended Commerce Colleges of the Year in 2025.pdf
byEducationView
 
PPTX
CertificateCertificateCertificateCertificate
bykrcheah
 
PPTX
Precautionary Landing Presentation Slide
bysamueledolce1997
 
PDF
NeoBank Innovation Hackathon. On-Demand Events in San Francisco.
byTatianaSF.com
 
DOCX
7 Surprising Ways Metaverse Development Solutions Are Transforming Online Bus...
byRyan Wilson
 
PDF
Getting ready for MTD – obligations, process and software
byFelixPerez547899
 
PPTX
ActARion - The Future of Work with AI and Augmented Reality
byOrtwin Verreck
 
PDF
Cyber Awareness Presentation - April 2024.pdf
byyopil91791
 
PDF
TikTok Shop Seller Center _ Manage Products, Orders ... (1).pdf
bydubivgplc4wloha4rxsm
 
PDF
Best Strategies to Buy Verified OnlyFans Creator Account ....pdf
bymyrandachanl3sk9
 
PDF
How to Buy, verified Apple pay Account.......pdf
bya32sop3orzibld4x34e4
 
PDF
nterpolation Simple & DV01 CaLC Type Constant
byirhcs
 
PDF
Strategic Thinking in Action: A conversation with Steven Haines
byCambridge Product Management Network
 
PPTX
How Does a Security Guards Company in Los Angeles County Screen Its Security ...
byRogerLee424684
 
PDF
Artificial Grass: A Modern, Sustainable, and Versatile Surface Solution
byVerdigrass Inc
 
PDF
Benefits of Buying Old GitHub Accounts for Your Projects
byhttps://usashopcity.com/
 
PDF
Pre- 97 proposition to the parliamentary member
byHenry Tapper
 
Lion One Corporate Presentation November 2025 Revised
byAdnet Communications
 
HIROSHI BRYAN VO - A Bilingual Voice Actor
byHIROSHI BRYAN VO
 
Joseph Heiman New Jersey - Passionate About Finance
byJoseph Heiman New Jersey
 
The Most Recommended Commerce Colleges of the Year in 2025.pdf
byEducationView
 
CertificateCertificateCertificateCertificate
bykrcheah
 
Precautionary Landing Presentation Slide
bysamueledolce1997
 
NeoBank Innovation Hackathon. On-Demand Events in San Francisco.
byTatianaSF.com
 
7 Surprising Ways Metaverse Development Solutions Are Transforming Online Bus...
byRyan Wilson
 
Getting ready for MTD – obligations, process and software
byFelixPerez547899
 
ActARion - The Future of Work with AI and Augmented Reality
byOrtwin Verreck
 
Cyber Awareness Presentation - April 2024.pdf
byyopil91791
 
TikTok Shop Seller Center _ Manage Products, Orders ... (1).pdf
bydubivgplc4wloha4rxsm
 
Best Strategies to Buy Verified OnlyFans Creator Account ....pdf
bymyrandachanl3sk9
 
How to Buy, verified Apple pay Account.......pdf
bya32sop3orzibld4x34e4
 
nterpolation Simple & DV01 CaLC Type Constant
byirhcs
 
Strategic Thinking in Action: A conversation with Steven Haines
byCambridge Product Management Network
 
How Does a Security Guards Company in Los Angeles County Screen Its Security ...
byRogerLee424684
 
Artificial Grass: A Modern, Sustainable, and Versatile Surface Solution
byVerdigrass Inc
 
Benefits of Buying Old GitHub Accounts for Your Projects
byhttps://usashopcity.com/
 
Pre- 97 proposition to the parliamentary member
byHenry Tapper
 

F14_Class1.pptx

  • 1.
    CPS 590: SoftwareDefined Networking Theophilus Benson
  • 2.
  • 3.
    Administrative Details • CourseFormat – Student Engagement (30%) • Class Participation (20%) • Paper Reviews (10%) – Course Assignments (20%) • Learning to use SDN environments • Writing Controller Applications – Course Project (60%) • Deep dive into an SDN topic
  • 4.
    Outline • Section 1:SDN Ecosystem – SDN Motivation – SDN Primer – Dimensions of SDN Environments – Dimensions of SDN Applications • Section 2: OpenFlow Primer • Section 3: Demo/Use-cases – Network Virtualization • Section 4: SDN Challenges – SDN Challenges
  • 5.
  • 6.
    Network Today… • Verticalintegrated stacks – Similar to PC in 1980s IBM’s Mainframe Cisco Routers D.B. O.S CPU COBOL Apps. VLANS Switch O.S. ASIC L3 Routing
  • 7.
    Implications of Networking… •Restricted to ill defined vendor CLI – Provisioning is slow…. • VM provisioning: 1min • Virtual network provisioning: 1-3 weeks
  • 8.
    Software Defined Networking •Southbound API: decouples the switch hardware from control function – Data plane from control plane • Switch Operating System: exposes switch hardware primitives Network O.S. Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware Network O.S. ASIC Applications Applications Current Switch Vertical stack SDN Switch Decoupled stack
  • 9.
    Implications Of SDN Controller(N. O.S.) Applications Applications Applications Southbound API Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Global View Programmatic Control Current Networking SDN Enabled Environment Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications
  • 10.
    Implications Of SDN CurrentNetworking SDN Enabled Environment Controller (N. O.S.) Applications Applications Applications Southbound API Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW • Distributed protocols • Each switch has a brain • Hard to achieve optimal solution • Network configured indirectly • Configure protocols • Hope protocols converge • Global view of the network • Applications can achieve optimal • Southbound API gives fine grained control over switch • Network configured directly • Allows automation • Allows definition of new interfaces Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications Network O.S. ASIC Applications Applications
  • 11.
    How SDN Works Controller(N. O.S.) Applications Applications Applications Southbound API Switch H.W Switch O.S Switch H.W Switch O.S
  • 12.
    How to Pickan SDN Environment Network O.S. Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware What is the Southbound AP!? Is the switch hardware and OS closed? Is the switch virtual or physical? How easy is it to develop on for the Controller platform?
  • 13.
    Dimensions of SDNEnvironments: Vendor Devices Vertical Stacks • Vendor bundles switch and switch OS – Restricted to vendor OS and vendor interface • Low operational overhead – One stop shop Whitebox Networking • Vendor provides hardware with no switch OS • Switch OS provided by third party – Flexibility in picking OS • High operational overhead – Must deal with multiple vendors
  • 14.
    Dimensions of SDNEnvironments: Switch Hardware Virtual: Overlay • Pure software implementation – Assumes programmable virtual switches – Run in Hypervisor or in the OS – Larger Flow Table entries (more memory and CPU) • Backward compatible – Physical switches run traditional protocols • Traffic sent in tunnels – Lack of visibility into physical network Physical: Underlay • Fine grained control and visibility into network • Assumes specialized hardware – Limited Flow Table entries
  • 15.
    Dimensions of SDNEnvironments: Southbound Interface OpenFlow • Flexible matching – L2, L3, VLAN, MPLS • Flexible actions – Encapsulation: IP-in-IP – Address rewriting: • IP address • Mac address BGP/XMPP/IS-IS/NetConf • Limited matching – IS-IS: L3 – BGP+MPLS: L3+MPLS • Limited actions – L3/l2 forwarding – Encapsulation
  • 16.
    Dimensions of SDNEnvironments: Controller Types Modular Controllers • Application code manipulates forwarding rules – E.g. OpenDaylight, Floodlight • Written in imperative languages – Java, C++, Python • Dominant controller style High Level Controllers • Application code specifies declarative policies – E.g. Frenetic, McNettle • Application code is verifiable – Amendable to formal verification • Written in functional languages – Nettle, OCamal
  • 17.
    BigSwitch • Controller Type •Modular: Floodlight • Southbound API: OpenFlow • OpenFlow 1.3 • SDN Device: Whitebox • (indigo) • SDN Flavor • Underlay+Overlay
  • 18.
    Juniper Contrail • ControllerType • Modular: OpenContrail • Southbound API: XMPP/NetConf • BGP+MPLS • SDN Device: Vertical Stack • Propriety Junos • SDN Flavor • Overlay
  • 19.
    SDN EcoSystem Arista OF +proprietary Underlay Vertical Stack Broadcom OF + proprietary Underlay Vertical Stack HP OF Underlay Vertical Stack Cisco OF + proprietary Underlay+Overlay Vertical Stack FloodLight OF Underlay+Overlay Whitebox Dell OF Underlay Vertical Stack HP OF Underlay Vertical Stack Alcatel BGP Overlay Vertical Stack Juniper BGP+NetConf Overlay Vertical Stack
  • 20.
    SDN Stack • SouthboundAPI: decouples the switch hardware from control function – Data plane from control plane • Switch Operating System: exposes switch hardware primitives Controller (Network O.S.) Applications Applications Applications Southbound API SDN Switch Operating System Switch Hardware
  • 21.
  • 22.
    OpenFlow • Developed inStanford – Standardized by Open Networking Foundation (ONF) – Current Version 1.4 • Version implemented by switch vendors: 1.3 • Allows control of underlay + overlay – Overlay switches: OpenVSwitch/Indigo-light PC
  • 23.
    How SDN Works:OpenFlow Controller (N. O.S.) Applications Applications Applications Southbound API Switch H.W Switch O.S Switch H.W Switch O.S OpenFlow OpenFlow
  • 24.
    OpenFlow: Anatomy ofa Flow Table Entry Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Match Action Counter 1. Forward packet to zero or more ports 2. Encapsulate and forward to controller 3. Send to normal processing pipeline 4. Modify Fields When to delete the entry VLAN pcp IP ToS Priority Time-out What order to process the rule # of Packet/Bytes processed by the rule
  • 25.
    OpenFlow: Types ofMessages  Asynchronous (Controller-to-Switch)  Send-packet: to send packet out of a specific port on a switch  Flow-mod: to add/delete/modify flows in the flow table  Asynchronous (initiated by the switch)  Read-state: to collect statistics about flow table, ports and individual flows  Features: sent by controller when a switch connects to find out the features supported by a switch  Configuration: to set and query configuration parameters in the switch  Asynchronous (initiated by the switch)  Packet-in: for all packets that do not have a matching rule, this event is sent to controller  Flow-removed: whenever a flow rule expires, the controller is sent a flow-removed message  Port-status: whenever a port configuration or state changes, a message is sent to controller  Error: error messages  Symmetric (can be sent in either direction without solicitation)  Hello: at connection startup  Echo: to indicate latency, bandwidth or liveliness of a controller-switch connection  Vendor: for extensions (that can be included in later OpenFlow versions)
  • 26.
    Dimension of SDNApplications: Rule installation Proactive Rules Reactive Rules Controller (N. O.S.) Applications Applications Applications Switch H.W O.S Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
  • 27.
    Dimension of SDNApplications: Rule installation Proactive Rules • Controller pre-installs flow table entries – Zero flow setup time • Requires installation of rules for all possible traffic patterns – Requires use of aggregate rules (Wildcards) – Require foreknowledge of traffic patterns – Waste flow table entries Reactive Rules • First packet of each flow triggers rule insertion by the controller – Each flow incurs flow setup time – Controller is bottleneck – Efficient use of flow tables
  • 28.
    Dimensions of SDNApplications: Granularity of Rules Microflow WildCards (aggregated rules) Controller (N. O.S.) Applications Applications Applications Switch H.W O.S Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
  • 29.
    Dimensions of SDNApplications: Granularity of Rules Microflow • One flow table matches one flow • Uses CAM/hash-table – 10-20K per physical switch • Allows precisions – Monitoring: gives counters for individual flows – Access-Control: allow/deny individual flows WildCards (aggregated rules) • One flow table entry matches a group of flow • Uses TCAM – 5000~4K per physical switch • Allows scale – Minimizes overhead by grouping flows
  • 30.
    Dimensions of SDNApplications: Granularity of Rules Distributed Controller Centralized Controller Controller (N. O.S.) Applications Applications Applications Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Controller (N. O.S.) Applications Applications Applications Switch O.S Switch HW Switch O.S Switch HW Switch O.S Switch HW Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications
  • 31.
    Google’ B4 Application •Rule installation • Proactive • Rule Granularity • Aggregate • Distributed • Multiple instances
  • 32.
    Section 2: SDNChallenges
  • 33.
    Controller Availability 45 Controller (N.O.S.) Applications Applications Applications
  • 34.
    Controller Availability 46 Controller (N.O.S.) Applications Applications Applications
  • 35.
    Controller Availability “control alarge force like a small force: divide and conquer” --Sun Tzu, Art of war 47 • How many controllers? • How do you assign switches to controllers? • More importantly: which assignment reduces processing time • How to ensure consistency between controllers Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications Controller (N. O.S.) Applications Applications Applications
  • 36.
    SDN Reliability/Fault Tolerance 48 Controller(N. O.S.) Applications Applications Applications Controller: Single point of control • Bug in controller takes the whole network down Existing network survives failures or bugs in code for any one devices
  • 37.
    SDN Reliability/Fault Tolerance 49 Controller(N. O.S.) Applications Applications Applications Controller: Single point of control • Bug in controller takes the whole network down • Single point of failure Existing network survives failures or bugs in code for any one devices
  • 38.
    SDN Security 50 Controller (N.O.S.) Applications Applications Applications Controller: Single point of control • Compromise controller If one device in the current networks are compromised the network may still be safe
  • 39.
    SDN Security 51 Controller (N.O.S.) Applications Applications Applications Controller: Single point of control • Compromise controller • Denial of Service attack the control channel
  • 40.
    Data-Plane Limitations • LimitedNumber of TCAM entries – Currently only 1K • Networks have more than 1K flows – How to fit network in limited entries? • Limited control channel capacity – All switches use same controller interface – Need to rate limit control messages • Prioritize certain messages • Limited switch CPU – Less power than a smartphone  – Limit control messages and actions that use CPU Controller (N. O.S.) Applications Applications Applications Switch H.W O.S
  • 41.
    Debugging SDNs • Problemscan occur anywhere in the SDN stack – How do you diagnose each type of problem? Network O.S. Applications Applications Applications Switch Operating System Switch Hardware Buggy App Buggy NOS Switch Operating System Switch Hardware Buggy Switc h H/W Buggy Switc h
  • 42.
    Section 2: SDN– A Systems Approach to SDN
  • 43.
    Conclusion • An overviewof SDN technologies • Introduction to OpenFlow • Developing Applications on OpenFlow