SDN refers to separating the network control plane from the forwarding plane. There are two main architectural approaches for SDN: overlay models which use tunneling/encapsulation, and underlay models which manipulate flows and use a centralized controller. Open vSwitch is commonly used as the software switch in OpenStack and supports SDN protocols like OpenFlow. OpenStack's Neutron project provides APIs for SDN controllers to integrate with and configure virtual networks. OpenDaylight is an open source SDN controller that can be used with OpenStack for features like L3 routing, LBaaS, and direct integration between Nova and Open vSwitch.

1. OpenStack and SDN
OpenStack Hungary Meetup Group
OpenStack's 5th Birthday Party Budapest

2. 2
What is SDN?
OpenFlow Inventor Martin Casado on SDN:
"I actually don't know what SDN means anymore, to be honest."
https://www.youtube.com/watch?v=Z11Uw_9f20M

3. 3
SDN - Architectural Approaches
Overlay Model
•Hypervisor
•Tunneling
•Encapsulation
Underlay Model
•Flow manipulation
•Decoupling the data plane from the control plane
•Centralized network controller
SDN via APIs
Group Based Policy and Service Chaining

4. 4
Open vSwitch Architecture
https://tools.ietf.org/html/rfc7047

5. 5
Open vSwitch General Features
• OpenFlow 1.0/1.3 support
• OVSDB management (local or remote)
• Controller (in-band, openvswitch controller, remote controller)
• Flow matching capabilities
(MAC, VLAN, IPv4/IPv6, TCP/UDP etc.)
• Supports overlay (VXLAN, GRE, STT)
• LACP and other bonding modes
• Flow export (sFlow, NetFlow, IPFIX)

6. 6
OpenStack Official Neutron Architecture
https://www.rdoproject.org/Networking_in_too_much_detail

7. 7
https://wiki.opendaylight.org/view/OVSDB:User_Guide

8. 8
OpenDaylight networking-odl
https://github.com/openstack/networking-odl
Consolidates port security functionality into the OVS forwarding pipeline
rather than the IP Tables Linux daemon.
ODL Neutron directly patches Nova host to Open vSwitch:
<interface type='bridge'>
<mac address='fa:16:3e:26:80:38'/>
<source bridge='br-int'/>
<virtualport type='openvswitch'>
<parameters interfaceid='2d9424db-07f4-4484-beab-16eff90ee008'/>
</virtualport>
<target dev='tap2d9424db-07'/>
<model type='virtio'/>
<driver name='qemu'/>
<alias name='net0'/>
<address type='pci' domain='0x0000' bus='0x00' slot='0x03' function='0x0'/>
</interface>

9. 9
OpenDaylight networking-odl
Tunnel ports and links created on br-int:
Compute-node# ovs-vsctl show
4575bb26-b73b-4e0a-a62a-9b3ff06e19af
Manager "tcp:192.168.57.1:6640"
is_connected: true
Bridge br-int
Controller "tcp:192.168.57.1:6633"
is_connected: true
fail_mode: secure
Port br-int
Interface br-int
Port "vxlan-192.168.201.128"
Interface "vxlan-192.168.201.128"
type: vxlan
options: {key=flow, local_ip="192.168.201.129",remote_ip="192.168.201.128"}
Port "tap860039e7-9b"
Interface "tap860039e7-9b"
ovs_version: "2.0.2"

10. 10
OpenDaylight OpenStack - Devstack
enable_plugin networking-odl http://git.openstack.org/openstack/networking-odl
ENABLE_TENANT_TUNNELS=True
ODL_MODE=[allinone,compute,externalodl,manual]
OpenDaylight L3
disable_service q-l3
Q_L3_ENABLED=True
ODL_L3=True
[[post-config|$NEUTRON_CONF]]
[DEFAULT]
service_plugins = networking_odl.l3.l3_odl.OpenDaylightL3RouterPlugin
OpenDaylight LBaaS v2
enable_plugin neutron-lbaas http://git.openstack.org/openstack/neutron-lbaas
enable_service q-lbaasv2
NEUTRON_LBAAS_SERVICE_PROVIDERV2="LOADBALANCERV2:opendaylight:networking_odl.lbaas.dri
ver_v2.OpenDaylightLbaasDriverV2:default"

11. 11
OpenDaylight OpenStack - Manually
ODL Server Pre-Requisites
•Disable openvswitch controller
•Make sure ODL ports are not used (8080 swift proxy or vnc server etc.)
•Allow remote OVSDB administration (e.g. disable selinux, ufw)
Install OpenDaylight
•feature:install odl-ovsdb-openstack (manual)
•Ansible, Puppet https://github.com/dfarrell07/
Clean up existing networks
Download networking-odl from gitub
•Install requirements
•Install ODL plug-in
Configure OpenStack
•Reconfigure and restart openvswitch (update controller, manager)
•Reconfigure nova firewall driver
•Configure ml2_conf.ini
•Disable neturon-openvswitch-agent
•Restart services

12. 12
Neutron ofagent / Ryu Controller
DevStack Integration
enable_plugin networking-ofagent https://github.com/openstack/networking-ofagent
Q_AGENT=ofagent
Q_ML2_PLUGIN_MECHANISM_DRIVERS=ofagent,l2population
Ryu Framework
http://osrg.github.io/ryu/
•Fully Open-source
•Python based
•Uses Openflow 1.3
•Reference libraries (LBaaS, FWaaS, QoS etc.)
•GUI Application (e.g. topology viewer)
SDN Hub – Pre-built VMware images:
http://sdnhub.org/tutorials/sdn-tutorial-vm/

13. 13
OpenStack SDN integration challenges
• Neutron reference implementation split (targeted for liberty)
• Vendor integrations (physical switches, vendor plug-ins)
• Overlay approach seems to be leading
• SDN on containers
• IPv6 adoption
• SDN/NFV use cases
• Data Plane Development Kit (DPDK) accelerated NICs

14. 14