This document discusses OpenStack Neutron and software defined networking. It provides an overview of Neutron and how it allows network as a service capabilities. It describes the packet flow for virtual machines accessing the external network or communicating between virtual machines on the same network. It explains how Neutron integrates with Open vSwitch on the compute nodes to provide networking and discusses the various Neutron agents.

1. Copyright Cloud Enabled Ltd, All rights Reserved.
OpenStack Neutron : Behind the Scenes
Speaker,
Anil Bidari
Founder and CEO, Cloud Enabled
What am doing these days : “Breathing OpenStack these Days”
Anil.bidari@thecloudenabled.com
Website : thecloudenabled.com

2. Disclaimer :The content published in this presentation is Intellectual property of Cloud
Enabled .This content may not be reproduced, downloaded, disseminated, published, or
transferred in any form or by any means, except with the prior written permission of Cloud
Enabled ,Bangalore. All product and company names,logos used in this presentation are
trademarks™ or registered® trademarks of their respective holders.
Copyright Cloud Enabled Ltd, All rights Reserved.

3. Learning Objectives
Software Defined networking - An overview
OpenStack Neutron Overview
Packet flow to external network
2
1
3
Agenda
Copyright Cloud Enabled Ltd, All rights Reserved.
4
Packet flow from VM to VM
OpenVswitch - Overview
Neutron-VXLAN-GRE-OVS : behind the scenes
5
6

4. Copyright Cloud Enabled Ltd, All rights Reserved.
SDN

5. Copyright Cloud Enabled Ltd, All rights Reserved.
Definition of SDN ?
SDN is a Separation of a control plane with data plane.
Where a single control plane can manage multiple
data planes ( both hardware based and software based)
--------Anil Bidari, Founder and CEO, Cloud Enabled

6. Copyright Cloud Enabled Ltd, All rights Reserved.
SDN Architecture
SDN Controller
Hardware based Openflow supported switch Software based switch (Ex : OpenvSwitch )
Note : Openflow is not the only protocol in SDN, it is mostly widely used. we will focus on SDN from openflow perspective for this deck

7. Copyright Cloud Enabled Ltd, All rights Reserved.
Characteristics of SDN ?
Unified/
centralized
network
services
management
SDN controller
runs on
commodity
hardware or
virtual
machine
No vendor
lock in
Less
Expensive
On demand
provisioning

8. Copyright Cloud Enabled Ltd, All rights Reserved.Copyright Cloud Enabled Ltd, All rights Reserved.
Why SDN ?
Emergence of Cloud services era :
Users expect on-demand networks in cloud and flexibility to create their own
• network ( create L2 software based networks )
• routes ( create l3 software based routers )
• ACL ( Allow/Deny rules as required on demand)

9. Copyright Cloud Enabled Ltd, All rights Reserved.
OpenFlow Switch –components
Copyright Cloud Enabled Ltd, All rights Reserved.
An OpenFlow switch can be broken into two components: the switch-agent and the data plane.
• The switch-agent speaks the OpenFlow protocol to one or more controllers.
• The switch-agent will translate commands from the controller to the data plane performs all packet
forwarding and manipulation.
• data plane of a switch is composed of only a few things: ports, flow tables, flows, classifiers, and
actions.
Data
plane
Switch-
agent

10. Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron and OVS

11. Neutron – Overview ( Networking Project of OpenStack foundation)
Physical Infrastructure
(Physical Server, Network Switches, Storage, SAN Fabric)
Virtual Infrastructure
(Hypervisor, VM’s, vLAN, vSAN , vSwitch)
Cloud Management Stack
(Self service Portal, Service catalogue ,Metering , Automation )
Network-aaS
ESXi
NATVPNaaS
Neutron
Neutron allows you to provide Network-As-A-Service (IaaS) for your consumers of private or
public cloud
Copyright Cloud Enabled 2014 , www.cloudenabled.in All product and company names are trademarks™ or registered® trademarks of their respective holders.
FWaaS Virtual Router LBaaS

12. Copyright Cloud Enabled Ltd, All rights Reserved.
Networking agents
These agents interact with the main neutron process through RabbitMQ or Qpid
Neutron
Agents
OVS-
agent
Dhcp-
agent
L3
agent
Helps neutron
to talk to
OpenvSwitch
Allocates IP
for user
created VM
facilitates
external
connectivity to
user created vm

13. Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron behind the scenes

14. Compute Node -01
NFS storage
Controller Node Neutron Node
100.100.100.51 100.100.100.61
Compute Node -02
100.100.100.71 100.100.100.81
Setup details

15. Copyright Cloud Enabled Ltd, All rights Reserved.
Neutron node and compute
node : Peering & integration

16. 100.100.100.81 – Compute Node-02
OpenStack Multi Node How are they connected
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-int

17. Copyright Cloud Enabled Ltd, All rights Reserved.
Packet flow to external network /internet

18. 100.100.100.81 – Compute Node-02
VM internet access flow
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvo689bd406-ed
"
Port "qg-24aa68e7-15

19. Copyright Cloud Enabled Ltd, All rights Reserved.
Packet flow to VM to VM (same network)

20. 100.100.100.81 – Compute Node-02
Intra vm communication across hosts
br-int br-int
br-ex
100.100.100.61 : Neutron Node
100.100.100.71 : Compute Node-01
Port eth1Port phy-br-ex
Port int-br-ex
Port "gre-6464643d
Port patch-int
Port patch-tun
Port "gre-64646447"
Port "gre-64646451" Port "gre-64646447"
Port "gre-6464643d"
Port "gre-64646451"
Port patch-int
Port patch-tun
Port patch-int
Port patch-tun
Port br-intPort br-int
Port br-ex
Internet
Port br-intPort tap7c1593a0-ea
qvoc6e94c39-7c
qvo689bd406-ed

21. Copyright Cloud Enabled Ltd, All rights Reserved.
Queries
anil.bidari@thecloudenabled.com
http://www.slideshare.net/AnilBidari1Slides available @