The document describes an OpenFlow controller called Floodlight that is open source and written in Java, discusses how it works and some of its main components, and provides an overview of using OpenFlow and the Floodlight controller to build software-defined networks through examples of real world use cases.
Floodlight is an Apache licensed Java-based openflow controller. Forked from the Beacon controller, Floodlight offers a flexible Apache license and simple Java platform (no OSGI knowledge required). Floodlight is part of a commercial controller offered by Big Switch Networks so the platform has been tested and hardened in real OpenFlow environments.
By Nir Solomon, Yoav Francis and Liahav Eitan
Abstract:
One of greatest applicative benefits of SDN is enhancement of network security by making the network react to threats in real-time using data from all the switches in the network. For example, the OpenFlow Controller (OFC) can identify a DDoS attack on the network and divert or block traffic in an adaptive manner.
Unfortunately, OpenFlow also introduces a new threat to network security – attacks on the OFC itself, the “soft-belly” in regards to network security in SDN. The controller, by being responsible for multiple switches, is a `high-valued` target (a single point-of-failure), and we aim to understand better its vulnerability to DDoS attacks.
DDoS on the OFC can affect the entire network in several ways, depending on the OpenFlow Applications in the network and the level of dependency of the OF Switches on the OFC:
1. The entire network might be slowed down and suffer from packet-loss.
2. Some packets might be handled normally while others are mishandled by switches in the network, depending on the OpenFlow Applications that apply to these packets and whether they require communication with the OFC.
3. The entire network might stop functioning.
All of the above share a unique property that does not apply in ordinary DDoS attacks: even if only one or two switches are being flooded, the entire network can be affected.
Floodlight is an Apache licensed Java-based openflow controller. Forked from the Beacon controller, Floodlight offers a flexible Apache license and simple Java platform (no OSGI knowledge required). Floodlight is part of a commercial controller offered by Big Switch Networks so the platform has been tested and hardened in real OpenFlow environments.
By Nir Solomon, Yoav Francis and Liahav Eitan
Abstract:
One of greatest applicative benefits of SDN is enhancement of network security by making the network react to threats in real-time using data from all the switches in the network. For example, the OpenFlow Controller (OFC) can identify a DDoS attack on the network and divert or block traffic in an adaptive manner.
Unfortunately, OpenFlow also introduces a new threat to network security – attacks on the OFC itself, the “soft-belly” in regards to network security in SDN. The controller, by being responsible for multiple switches, is a `high-valued` target (a single point-of-failure), and we aim to understand better its vulnerability to DDoS attacks.
DDoS on the OFC can affect the entire network in several ways, depending on the OpenFlow Applications in the network and the level of dependency of the OF Switches on the OFC:
1. The entire network might be slowed down and suffer from packet-loss.
2. Some packets might be handled normally while others are mishandled by switches in the network, depending on the OpenFlow Applications that apply to these packets and whether they require communication with the OFC.
3. The entire network might stop functioning.
All of the above share a unique property that does not apply in ordinary DDoS attacks: even if only one or two switches are being flooded, the entire network can be affected.
Class lecture by Prof. Raj Jain on Introduction to OpenFlow. The talk covers Planes of Networking, Data vs. Control Logic, OpenFlow: Key Ideas, History of OpenFlow, Separation of Control and Data Plane, OpenFlow V1.0, Matching, Counters, Actions, Hardware OpenFlow Switches, Software OpenFlow Switches, Open vSwitch, Open vSwitch Features, OVSDB, OpenFlow V1.1, OpenFlow Hardware Implementation, OpenFlow V1.2, OpenFlow 1.3, OpenFlow V1.4, Implementation Issues, Current Limitations of OpenFlow, OpenFlow Current Activities, Introduction to OpenFlow, Planes of Networking, Data vs. Control Logic, OpenFlow: Key Ideas, History of OpenFlow, Separation of Control and Data Plane, OpenFlow V1.0, Matching, Counters, Actions, Hardware OpenFlow Switches, Software OpenFlow Switches, Open vSwitch, Open vSwitch Features, OVSDB, OpenFlow V1.1, OpenFlow Hardware Implementation, OpenFlow V1.2, OpenFlow 1.3, OpenFlow V1.4, Implementation Issues, Current Limitations of OpenFlow, OpenFlow Current Activities. Video recording available in YouTube.
Guido Appenzeller
CEO
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Presentation from October 2012 RTI Technical Road Show.
Agenda Highlights:
How the DDS standard fosters information sharing and interoperability across systems of systems while driving down development, integration, maintenance, upgrade and acquisition costs
The latest 5.0 release of RTI's DDS solution and future roadmap, including enhanced security, support for integration patterns common in C2 systems, FAA DO-178C Level A certification, and DDS standardization initiatives
RTI's new Open Community Source license, which provides free-of-charge access to RTI DDS and allows it to be freely shared across projects and organizations
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkOpen Networking Summits
Jun Bi
Professor & Director
Tsinghua University
Outline
• Intra-AS (campus level) IPv6 source address validation using OpenFlow (with extension)
– Good for introducing new IP services to network
• Planning next step if we run SDN as a common infrastructure for new services and architectures
– Some personal viewpoints and thoughts on design challenges
– Forwarding abstraction for Post-IP architectures
– Control abstraction for scalable NOS and programmable/manageable virtualization platform
– Inter-AS policies negotiation abstraction
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
A presentation on Software Defined Networking, its concepts and application in cloud computing. I gave this presentation at OSCON 2013 in Portland: http://www.oscon.com/oscon2013/public/schedule/detail/31391. It starts with an introduction about SDN and some key concepts from the whitepaper at the Open Networking Foundation (ONF), I explain how OpenFlow and SDN differ, openflow being a standard protocol to control network devices. I then go on to review the many controllers out there and introduce a few key ones like floodlight, opendaylight, nicira. I give an overview of SDN integration in cloudplatform; opennebula, openstack and cloudstack and then gave a quick demo of the OpenDayLight controller.
Class lecture by Prof. Raj Jain on Introduction to OpenFlow. The talk covers Planes of Networking, Data vs. Control Logic, OpenFlow: Key Ideas, History of OpenFlow, Separation of Control and Data Plane, OpenFlow V1.0, Matching, Counters, Actions, Hardware OpenFlow Switches, Software OpenFlow Switches, Open vSwitch, Open vSwitch Features, OVSDB, OpenFlow V1.1, OpenFlow Hardware Implementation, OpenFlow V1.2, OpenFlow 1.3, OpenFlow V1.4, Implementation Issues, Current Limitations of OpenFlow, OpenFlow Current Activities, Introduction to OpenFlow, Planes of Networking, Data vs. Control Logic, OpenFlow: Key Ideas, History of OpenFlow, Separation of Control and Data Plane, OpenFlow V1.0, Matching, Counters, Actions, Hardware OpenFlow Switches, Software OpenFlow Switches, Open vSwitch, Open vSwitch Features, OVSDB, OpenFlow V1.1, OpenFlow Hardware Implementation, OpenFlow V1.2, OpenFlow 1.3, OpenFlow V1.4, Implementation Issues, Current Limitations of OpenFlow, OpenFlow Current Activities. Video recording available in YouTube.
Guido Appenzeller
CEO
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Presentation from October 2012 RTI Technical Road Show.
Agenda Highlights:
How the DDS standard fosters information sharing and interoperability across systems of systems while driving down development, integration, maintenance, upgrade and acquisition costs
The latest 5.0 release of RTI's DDS solution and future roadmap, including enhanced security, support for integration patterns common in C2 systems, FAA DO-178C Level A certification, and DDS standardization initiatives
RTI's new Open Community Source license, which provides free-of-charge access to RTI DDS and allows it to be freely shared across projects and organizations
The Challenges of SDN/OpenFlow in an Operational and Large-scale NetworkOpen Networking Summits
Jun Bi
Professor & Director
Tsinghua University
Outline
• Intra-AS (campus level) IPv6 source address validation using OpenFlow (with extension)
– Good for introducing new IP services to network
• Planning next step if we run SDN as a common infrastructure for new services and architectures
– Some personal viewpoints and thoughts on design challenges
– Forwarding abstraction for Post-IP architectures
– Control abstraction for scalable NOS and programmable/manageable virtualization platform
– Inter-AS policies negotiation abstraction
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
A presentation on Software Defined Networking, its concepts and application in cloud computing. I gave this presentation at OSCON 2013 in Portland: http://www.oscon.com/oscon2013/public/schedule/detail/31391. It starts with an introduction about SDN and some key concepts from the whitepaper at the Open Networking Foundation (ONF), I explain how OpenFlow and SDN differ, openflow being a standard protocol to control network devices. I then go on to review the many controllers out there and introduce a few key ones like floodlight, opendaylight, nicira. I give an overview of SDN integration in cloudplatform; opennebula, openstack and cloudstack and then gave a quick demo of the OpenDayLight controller.
"Tissue Engineering": Competition Experience ReportFatima A
A brief report regarding our poster presentation, given to faculty and peers at a professional development conference in the college after the IADSR event.
North American Green fabrica una línea completa de productos enrollados de control de erosión que satisfacen las necesidades específicas de control de erosión y /o de refuerzo de vegetación de cualquier aplicación. Distribuido por EMIN Sistemas Geotecnicos.
This talk explains what RestKit is and how it can help you build applications that sync with REST services. The code for this talk is available at https://github.com/peterfriese/RestKitFromzeroToHero
SDN and Photonics for Dynamic Cloud Connectivity ADVA
Check out Achim Autenrieth's slide set from his OFC workshop entitled "SDN and Photonics for Dynamic Cloud Connectivity. This is all about SDN, Cloud Connectivity and the optical network Hypervisor.
SDN Performance evaluation for floodlight controller and OVS controller using adaptive approaches (i.e. statistical approach and genetic algorithm approach).
Jacob Rapp
HP
Application Driven SDN
Technology Track Session
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Jorg-Peter Elbers delivers presentation at IP Expo 2012 in London about how expanding OpenFlow SDN protocol beyond the data centre will lead to more efficient cloud networking environments and business innovation.
Cloud computing and Software defined networkingsaigandham1
This is my Graduate defense presentation. I have interest in various topics like cloud computing and software defined networking. This slides includes the research of various researchers on cloud computing and SDN, presented their work as my comprehensive exam.
Software Defined Network introduces a new breed of computer network that exists only as software so that you can control it independently of the physical switches and routers running beneath it. With the network being virtualized, it now becomes possible to deliver a data center that can be delivered as a service. The control and management of the data center can by automated by software. In this presentation we discuss the current developments in software defined data centers, what users can achieve today and identify challenges that they may face.
PLNOG14: The benefits of "OPEN" in networking for operators - Joerg Ammon, Br...PROIDEA
Joerg Ammon - Brocade
Language - English
Many of the recent trends in networking, more precisely software defined networking, are centered around OPEN - Openflow, OpenStack, OpenDaylight to name only a few. What is the state of those projects? What is ready to be deployed? Where is the industry moving? How do network operators and end users benefit from those trends? How do open interfaces and joint community effort speed up development of real world networking applications that are truly new and useful for today's infrastructures?
Register for the next edition of PLNOG conference today: http://plnog.pl
Technology Primer: Software-Defined Networking and Its Impact on Infrastructu...CA Technologies
Software Defined Networking (SDN) and Network Function Virtualization (NFV) represent a major shift in the way networks will be designed, deployed and managed—requiring changes in infrastructure management tools and practices. This presentation illustrates our vision with use cases under consideration for CA Performance Management, which is designed for managing complex, highly-scaled networks and could be applied in the future to managing Software Defined Networks and integrating with SDN controllers and NFV elements.
For more information on DevOps solutions from CA Technologies, please visit: http://bit.ly/1wbjjqX
Stuart Elby
VP, Network Architecture & Technology
Verizon
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Similar to Floodlight tutorial - Clemson / Georgia Tech (20)
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
LF Energy Webinar: Electrical Grid Modelling and Simulation Through PowSyBl -...DanBrown980551
Do you want to learn how to model and simulate an electrical network from scratch in under an hour?
Then welcome to this PowSyBl workshop, hosted by Rte, the French Transmission System Operator (TSO)!
During the webinar, you will discover the PowSyBl ecosystem as well as handle and study an electrical network through an interactive Python notebook.
PowSyBl is an open source project hosted by LF Energy, which offers a comprehensive set of features for electrical grid modelling and simulation. Among other advanced features, PowSyBl provides:
- A fully editable and extendable library for grid component modelling;
- Visualization tools to display your network;
- Grid simulation tools, such as power flows, security analyses (with or without remedial actions) and sensitivity analyses;
The framework is mostly written in Java, with a Python binding so that Python developers can access PowSyBl functionalities as well.
What you will learn during the webinar:
- For beginners: discover PowSyBl's functionalities through a quick general presentation and the notebook, without needing any expert coding skills;
- For advanced developers: master the skills to efficiently apply PowSyBl functionalities to your real-world scenarios.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
Connector Corner: Automate dynamic content and events by pushing a buttonDianaGray10
Here is something new! In our next Connector Corner webinar, we will demonstrate how you can use a single workflow to:
Create a campaign using Mailchimp with merge tags/fields
Send an interactive Slack channel message (using buttons)
Have the message received by managers and peers along with a test email for review
But there’s more:
In a second workflow supporting the same use case, you’ll see:
Your campaign sent to target colleagues for approval
If the “Approve” button is clicked, a Jira/Zendesk ticket is created for the marketing design team
But—if the “Reject” button is pushed, colleagues will be alerted via Slack message
Join us to learn more about this new, human-in-the-loop capability, brought to you by Integration Service connectors.
And...
Speakers:
Akshay Agnihotri, Product Manager
Charlie Greenberg, Host
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Builder.ai Founder Sachin Dev Duggal's Strategic Approach to Create an Innova...Ramesh Iyer
In today's fast-changing business world, Companies that adapt and embrace new ideas often need help to keep up with the competition. However, fostering a culture of innovation takes much work. It takes vision, leadership and willingness to take risks in the right proportion. Sachin Dev Duggal, co-founder of Builder.ai, has perfected the art of this balance, creating a company culture where creativity and growth are nurtured at each stage.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
40. IFloodlightModule Interface
1. getModuleDependencies()
Function Description
What services does this moduleWhat services does this
getModuleDependencies()
require?
module require?
2. getModuleServices(), getServiceImpls()
Services does this module provide and how?
getModuleServices() Services does this module
provide and how?
3. init(FloodlightModuleContext context)
Internal, before dependencies have init()’d
init(FloodlightModuleContext context) Internal, before dependencies
have init()’ed
4. startup(FloodlightModuleContext context)
External, with dependencies initialization
startup(FloodlightModuleContext context) External, with dependencies
initialization
Much of traditional networking was designed in the 1970’s. The protocols and standards have evolved and proved amazingly resilient – but they are non-ideal for the challenges of modern datacenters. First, they are based on merged hw and software solutions.Second, they are based on fully distributed protocols. This made tons of sense in the early days of the internet but in a world where a datacenter admin knows every piece of hw and how its connected, distributed protocols are less helpful.
SDN separates networking into 3 tiersA data plane tier responsible for fowarding packets.A controller thatmanagesconections to each forwarding element and acts as a network os.Applications which input control logic.
People often conflate SDN and openflow. They are very different. OpenFlow is a protocol for switches commnicating with a controller. Its often a piece of an sdn architecture but techically isn’t required. In fact, there is also work being done on northbound api as well.
Network virtualization is one of the most interesting examples of SDN in the real world. In involves slicing a physical network into multiple logical networks and offering isolation between. In the server world, this has shown huge operational efficiency gains and it offers similar promise in networking.Network services - Example – instead of inserting and configuring a firewall, you could just tell your controller to automatically provision rulesVM mobility and management – Virtual machines have greatly increased the complexity in the network. They get spun up and down and even can be moved around while running. SDN offers the flexibility to have the network respond quickly to changes in vm state and offers a lot of operational efficiency. CLOS – SDN and Openflow offer very flexible forwarding paradigms. One of the thing is allows is the creation of relatively low cost non-blocking clos networks for high performance environments. Data analysis – OpenFlow also makes it possible, in fact easy, to get lots of real time information about a running network. The switches and controller maintain a rich set of stats but also make it possible to direct traffic to montioring devices much the way tap or span ports would.Networkvirtualiztion - huge operational benefits - puts all policy in one place. Great for audit. - also manages p and v togetherVirtual machine management - makes it eaier to tie polcies to a vm because you can track a mac trhoughout the network - IP address is stored in the vm. Can’t change it. SDN makes it easier to alter the network around this.Vlans – still require administration
Lets look a little more deeply at the OpenFlow protocol. It has 3 main componentsA controller, which we’ll talk a lot more about in detail. The controller handles all the control logic for the network.A potentially encrypted control channel to a switch.An openflow client running on a switch. This handles controlling the openflowdatapath.
Many people ask us why OpenFlow is used so heavily in SDN. Essentially,OpenFlow is one of the simplest lowest level abstractions available. It allows very fine grained control over forwarding and separates control and data.
OpenFlow 1.0 was the initial openflow spec. Its largely what is supported today in hardware and vswitches. OpenFlow 1.1 introduced a new concept of multipe tables that could be processed sequentially. This solved some of the space explosion problems the intial spec had but introduced new problems in hw.1.2 – ipv6. Generalized match – TLV based
How of works with non oF?Think through control network and data path. Have a separate network for controlUse vlans to separate control and data.Switches supported today:Stanford: - HP, nec,ibm, prontoWifi – meraki, othersWhat openflow provides that non-OF provides- Visibility- Managebility – scripts running along with OF controller to monitor packetin rates, flow mods, flow table size. Cpu usage, datapath throughput. Can monitor who is connected and how many users in network. With meraki, can know what type of devices in network, throughputHow reseasrchers can benefit?Primary reason for stanford. Enable sdn-based research. Link to internet2/geni. Migration process? Strategy?Understand traffic pattern first. Current hw has limitations on throughput (esp true of hp) on the control plane side. Flow set up rate, etc. HP offers only IP matching only in hw. Deploy from edge to core. We support switchclusters. Do it floor by floor essentially. Stanford runs two networks in parallelVoip and other key services is non-OF at least. Start with non-ciritcal traffic. Security?Highlight new visibility capabilitiesDenial of service on controller, etc.Encrypted control channels – no one does this todayInteropability of openflow and wifi? - mesh networks and host mobility create tricky situations.
Our topology, device manager know about host attachment points and make it possible to deal with integrating openflow and non openflow networks.