This document introduces programmable virtual networks and discusses their advantages over traditional network slicing. It describes FlowVisor, an early network slicing tool, and its limitations in providing full network virtualization. The document then introduces OpenVirteX, a new system that aims to provide complete programmable virtual networks through topology, address, and policy virtualization. OpenVirteX maps virtual and physical network elements and allows independent control of virtual networks. While still in development, OpenVirteX has the potential to enable more flexible and innovative virtualized networks than previous solutions.
SD-WAN is a hot technology that is moving from the drawing board to production. It has changed the WAN equation forever and resulted in enterprises looking at the Connectively and Carrier Services quite differently.
It is an SDN use case to connect enterprise locations over large distances. It promises to reduce enterprises’ IT expenses by using broadband connections and running managed services in the cloud.
It simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism. Panel will discuss details of use cases that standards and Operators are deploying e.g. including major multi-operator MEF reference implementation of Orchestrated L3VPN.
This presentation is an overview of OpenFlow and why it is relevant in creating programmable networks. Included are details on the protocol and examples of how applications and services can benefit from this.
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
SDN is the next big thing in networking. It focuses on separating the intelligence from the hardware. OpenFlow is one of the ways (currently the open standard followed by all Datacenters) to implement SDN.
SD-WAN is a hot technology that is moving from the drawing board to production. It has changed the WAN equation forever and resulted in enterprises looking at the Connectively and Carrier Services quite differently.
It is an SDN use case to connect enterprise locations over large distances. It promises to reduce enterprises’ IT expenses by using broadband connections and running managed services in the cloud.
It simplifies the management and operation of a WAN by decoupling the networking hardware from its control mechanism. Panel will discuss details of use cases that standards and Operators are deploying e.g. including major multi-operator MEF reference implementation of Orchestrated L3VPN.
This presentation is an overview of OpenFlow and why it is relevant in creating programmable networks. Included are details on the protocol and examples of how applications and services can benefit from this.
Introduction to SDN: Software Defined NetworkingAnkita Mahajan
SDN is the next big thing in networking. It focuses on separating the intelligence from the hardware. OpenFlow is one of the ways (currently the open standard followed by all Datacenters) to implement SDN.
Disaggregated Networking - The Drivers, the Software & The High AvailabilityOpen Networking Summit
Dis-agregration is real… This trend started with SDN and the separation of Data plane and Control plane. The scope has expanded to include separate of hardware and software and created a whole new industry of white boxes, general purpose X86 commodity hardware. All three markets - Cloud, Enterprise and Carriers are now engaged in various solutions inside the Data Center. The disaggregation is impacted all parts of the network including Access and Edge layers.
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
Sameh Zaghloul
Technology Manager @ IBM
+2 0100 6066012
zaghloul@eg.ibm.com
SDN: Technology that enables data center team to use software to efficiently control network resources
SDN Overview
SDN Standards
NFV – Network Function Virtualization
SDN Scenarios and Use Cases
SDN Sample Research Projects
SDN Technology Survey
SDN Case Study
SDN Online Courses
SDN Lab SW Tools
- OpenStack Framework
- OpenDayLighyt – SDN Controller
- FloodLight – SDN Controller
- Open vSwitch – Virtual Switch
- MiniNet – Virtual Network: OpenFlow Switches, SDN Controllers, and Servers/Hosts
- OMNet++ Network Simulator
- Avior – Sample FloodLight Java Application
- netem - Network Emulation
- NOX/POX - C++/ Python OpenFlow API for building network control applications
- Pyretic = Python + Frenetic - Enables network programmers and operators to write modular network applications by providing powerful abstractions
- Resonance - Event-Driven Control for Software-Defined Networks (written in Pyretic)
SDN Project
Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundChef Software, Inc.
IT organizations around the world are transforming data center operations and economics by virtualizing their networks. Much like server virtualization decoupled VMs from the underlying X86 server hardware transforming the operational model of compute, network virtualization decouples software-based virtual networks from the underlying network hardware to enable a new operational model for networking. Deployed non-disruptively on any existing network without change, network virtualization transforms the physical network into a pool of capacity that can be consumed and repurposed on demand.
You will learn how, today, companies like AT&T, NTT, eBay and Rackspace have transformed their operational model and reduced network provisioning time from days/weeks to seconds. You will learn how network virtualization, OpenStack cloud management and Chef automation can be leveraged together and examine the architectural decisions you should be considering now to prepare for this transformation
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...nvirters
OpenStack is HOT! No doubt about it. A recent survey by The New Stack and The Linux Foundation shows OpenStack as the most popular open source project ahead of other hot projects like Docker and KVM. OpenStack is now taking its rightful place as the open source cloud solution for enterprises and service providers.
To date OpenStack networking has not yet achieved the performance, scalability and reliability that many large enterprises demand. CPLANE NETWORKS solves that problem by delivering secure multi-tenant virtual networking that overcomes the limitations of the standard Neutron networking service. By making all networking services local to the compute node and achieving near line-rate throughput, CPLANE NETWORKS Dynamic Virtual Networks (DVN) delivers mega-scale networking for the most demanding application environments.
In this session John Casey will cover the basics of DVN and explain how CPLANE NETWORKS achieves "at scale" network performance within and across data centers.
About John Casey
John Casey has over 20 years of deep technology leadership. His proven success with a variety of technical leadership roles in Telecom, Enterprise and Government and in software design and development provide the foundation for the system architecture and engineering team.
Previously John led worldwide deployment teams for both IBM’s Software Group and Narus, Inc. His work in large scale, high performance system design at Transarc Labs and Walker Interactive Systems brings leadership to the CPLANE NETWORKS product suite.
Bruce Davie
Principal Engineer
VMware
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Guido Appenzeller
CEO & Co-founder
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben Rodriguez
@Iben Rodriguez from @Spirent talks at the SDN World Congress about the importance of and issues with NFV VNF and SDN Testing in the cloud.
#Layer123 Dusseldorf Germany 20141016
Disaggregated Networking - The Drivers, the Software & The High AvailabilityOpen Networking Summit
Dis-agregration is real… This trend started with SDN and the separation of Data plane and Control plane. The scope has expanded to include separate of hardware and software and created a whole new industry of white boxes, general purpose X86 commodity hardware. All three markets - Cloud, Enterprise and Carriers are now engaged in various solutions inside the Data Center. The disaggregation is impacted all parts of the network including Access and Edge layers.
SDN 101: Software Defined Networking Course - Sameh Zaghloul/IBM - 2014SAMeh Zaghloul
Sameh Zaghloul
Technology Manager @ IBM
+2 0100 6066012
zaghloul@eg.ibm.com
SDN: Technology that enables data center team to use software to efficiently control network resources
SDN Overview
SDN Standards
NFV – Network Function Virtualization
SDN Scenarios and Use Cases
SDN Sample Research Projects
SDN Technology Survey
SDN Case Study
SDN Online Courses
SDN Lab SW Tools
- OpenStack Framework
- OpenDayLighyt – SDN Controller
- FloodLight – SDN Controller
- Open vSwitch – Virtual Switch
- MiniNet – Virtual Network: OpenFlow Switches, SDN Controllers, and Servers/Hosts
- OMNet++ Network Simulator
- Avior – Sample FloodLight Java Application
- netem - Network Emulation
- NOX/POX - C++/ Python OpenFlow API for building network control applications
- Pyretic = Python + Frenetic - Enables network programmers and operators to write modular network applications by providing powerful abstractions
- Resonance - Event-Driven Control for Software-Defined Networks (written in Pyretic)
SDN Project
Presentation detailed about SDN (Software Defined Network) overview . It covers from basics like different controllers and touches upon some technical details.
Covers Terminologies used, OpenFlow, Controllers, Open Day light, Cisco ONE, Google B4, NFV,etc
SDN, Network Virtualization and the Software Defined Data Center – Brad HedlundChef Software, Inc.
IT organizations around the world are transforming data center operations and economics by virtualizing their networks. Much like server virtualization decoupled VMs from the underlying X86 server hardware transforming the operational model of compute, network virtualization decouples software-based virtual networks from the underlying network hardware to enable a new operational model for networking. Deployed non-disruptively on any existing network without change, network virtualization transforms the physical network into a pool of capacity that can be consumed and repurposed on demand.
You will learn how, today, companies like AT&T, NTT, eBay and Rackspace have transformed their operational model and reduced network provisioning time from days/weeks to seconds. You will learn how network virtualization, OpenStack cloud management and Chef automation can be leveraged together and examine the architectural decisions you should be considering now to prepare for this transformation
Tech Talk by John Casey (CTO) CPLANE_NETWORKS : High Performance OpenStack Ne...nvirters
OpenStack is HOT! No doubt about it. A recent survey by The New Stack and The Linux Foundation shows OpenStack as the most popular open source project ahead of other hot projects like Docker and KVM. OpenStack is now taking its rightful place as the open source cloud solution for enterprises and service providers.
To date OpenStack networking has not yet achieved the performance, scalability and reliability that many large enterprises demand. CPLANE NETWORKS solves that problem by delivering secure multi-tenant virtual networking that overcomes the limitations of the standard Neutron networking service. By making all networking services local to the compute node and achieving near line-rate throughput, CPLANE NETWORKS Dynamic Virtual Networks (DVN) delivers mega-scale networking for the most demanding application environments.
In this session John Casey will cover the basics of DVN and explain how CPLANE NETWORKS achieves "at scale" network performance within and across data centers.
About John Casey
John Casey has over 20 years of deep technology leadership. His proven success with a variety of technical leadership roles in Telecom, Enterprise and Government and in software design and development provide the foundation for the system architecture and engineering team.
Previously John led worldwide deployment teams for both IBM’s Software Group and Narus, Inc. His work in large scale, high performance system design at Transarc Labs and Walker Interactive Systems brings leadership to the CPLANE NETWORKS product suite.
Bruce Davie
Principal Engineer
VMware
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Guido Appenzeller
CEO & Co-founder
Big Switch Networks
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Iben from Spirent talks at the SDN World Congress about the importance of and...Iben Rodriguez
@Iben Rodriguez from @Spirent talks at the SDN World Congress about the importance of and issues with NFV VNF and SDN Testing in the cloud.
#Layer123 Dusseldorf Germany 20141016
Platforms for Accelerating the Software Defined and Virtual Infrastructure6WIND
As network infrastructures evolve and selected elements shift from physical systems to virtual functions a new class of network appliance is required that provides high performance processing, balanced I/O and hardware or software acceleration. Such a platform must combine standard server technology and modular systems that can be configured to support line rate performance with network interfaces up to 100Gbit/s.
This webinar will discuss a class of network appliance that offers performance levels previously requiring more complex and costly architectures while integrating seamlessly with standard software frameworks such as Linux, Open vSwitch (OVS) and Intel® Data Plane Development Kit (DPDK).
Open stack networking_101_update_2014-os-meetupsyfauser
This is the latest Update to my OpenStack Networking / Neutron 101 Slides with some more Information and caveats on the new DVR and Gateway HA Features
Designed for IT professionals looking to expand their OpenStack Networking knowledge, “Navigating OpenStack Networking” is a comprehensive and fast-paced session which provides an overview of OpenStack Networking, its history, its predecessor (Nova Networks), its components and then dives deep into the architecture, its features and plugin model and its role in building an OpenStack Cloud.
Enterprise Datacenter Virtualization und Cloud Computing stellen neue Anforderungen an das Netzwerk. Traditionsgemäss wurden virtuelle Workloads über als Bridge fungierende virtuelle Switches mit VLANs auf dem physischen Netzwerk verbunden. Mit dem Wachstum der Anfordungen an Skalierung und Automatisierung stossen diese Modelle an Grenzen.
Thomas Graf bot an diesem OpenTuesday einen Einblick in Protokolle und Technologien wie OpenFlow, VXLAN, OpenStack Neutron und Open vSwitch, die eingesetzt werden, um neue automatisierte Netzwerkkonzepte der nächsten Generation, wie Software Defined Networking oder Network Function Virtualization, umzusetzen.
Overview of OpenStack nova-networking evolution towards Neutron. Architecture overview of OVS plugin, ML2, and MidoNet Overlay product. Overview and example of Heat templates, along with automation of physical switches using Cumulus
Samrat Ganguly
NEC
ONS2015: http://bit.ly/ons2015sd
ONS Inspire! Webinars: http://bit.ly/oiw-sd
Watch the talk (video) on ONS Content Archives: http://bit.ly/ons-archives-sd
Understanding and deploying Network VirtualizationSDN Hub
Analogous to server virtualization, Network Virtualization decouples and isolates virtual networks (i.e. tenant) from the underlying network hardware. One of the key value propositions of Software-Defined Networking (SDN) is to enable the provisioning and operation of virtual networks. This tutorial motivates the need for network virtualization, describes the high-level requirements, provides an overview of all architectural approaches, and gives you a clear picture of the vendor landscape.
Previously presented at ONUG Fall 2013 and Spring 2014.
OpenStack and OpenContrail for FreeBSD platform by Michał Dubieleurobsdcon
Abstract
OpenStack and OpenContrail network virtualization solution form a complete suite able to successfully handle orchestration of resources and services of a contemporary cloud installations. These projects, however, have been only available for Linux hosted platforms by now. This talk is about a work underway that brings them into the FreeBSD world.
It explains in greater details an architecture of an OpenStack system and shows how support for the FreeBSD bhyve hypervisor was brought up using the libvirt library. Details of the OpenContrail network virtualization solution is also provided, with special emphasis on the lower level system entities like a vRouter kernel module, which required most of the work while developing the FreeBSD version.
Speaker bio
Michal Dubiel, M.Sc. Eng., born 17th of September 1983 in Kraków, Poland. He graduated in 2009 from the faculty of Electrical Engineering, Automatics, Computer Science and Electronics of AGH University of Science and Technology in Kraków. Throughout his career he worked for ACK Cyfronet AGH on hardware-accelerated data mining systems and later for Motorola Electronics on DSP software for LTE base stations. Currently he is working for Semihalf on various software projects ranging from low level kernel development to Software Defined Networking systems. He is mainly interested in the computer science, especially the operating systems, programming languages, networks, and digital signal processing.
Tech Talk by Gal Sagie: Kuryr - Connecting containers networking to OpenStack...nvirters
These are slides from the Tech Talk at http://www.meetup.com/openvswitch/events/226518209/
Synopsis
Kuryr is a new project under Neutron's big tent that makes Neutron networking available to Docker containers by means of a Docker plugin.
In this session Gal will introduce Kuryr and show how it provides networking for containers in plain Docker environments and in mixed Docker, OpenStack environments. He will also present Kuryr's roadmap and integration with networking models in other orchestration engines like Kubernetes and Docker
About Gal Sagie
Gal Sagie is an open source software architect at Huawei European Research Centre, focusing work on OpenStack networking and containers networking. Working on various projects in the community like Dragonflow, OVN, Kuryr, and Multisite/Hybrid clouds in OpenStack. Blogging for anything SDN/NFV/OpenStack related at http://galsagie.github.io
Tech Talk by Peng Li: Open Mobile Networks with NFVnvirters
Synopsis
Applications are moving to mobile. This talk is about upcoming future of the mobile networks, key technology enabler and how to build your application and service on top of next generation mobile networks. Peng will describe the mobile network trend and why openness will play a critical role going forward. He will also present example of the NFV enabled mobile network architecture, its building blocks and use cases, and introduce Huawei's Open Mobile Foundry platform as a real world example to share some of our valuable experiences in this field with all. This talk will cover both flavors of open source projects (OPNFV, OpenStack, ONOS and ODL) as well as commercial products (Huawei's cloudEdge solution).
About Peng Li
Peng Li is a Network Architect and Ecosystem Partnership Manager for Huawei's wireless BU. He has extensive experience on SDN, NFV, network architecture and network protocols. He has spent all his professional career so far on computer networking, mainly with Amber/Nokia networks and Foundry/Brocade before joining Huawei. He co-implemented the industry first full redundancy BGP protocol, and had many years of experience in network protocol development and engineering management for flagship data center routers. Peng has Master's in Computer Engineering from USC, and Bachelor's in EE from Tsinghua University, China.
Tech Talk by Louis Fourie: SFC: technology, trend and implementationnvirters
Synopsis
In this Tech Talk, Louis Fourie will do deep dive into one of the key technology enablers -- service function chaining and describe extensions to OpenStack networking (Neutron) for service chaining, including use cases, architecture and implementation.
About Louis Fourie
Louis Fourie is currently a senior staff engineer working on network virtualization, cloud services, and SDN technologies at Huawei Technology, USA. Louis is an active contributor to the service chaining work in several organizations including OpenStack, ONF, ETSI NFV, IETF, and OPNFV. Louis previously worked at Cisco on several computer networking, voice and data communications products, and is the holder of several patents.
Tech Talk: ONOS- A Distributed SDN Network Operating Systemnvirters
This event takes us to the cusp of Distributed Software Development and SDN Controllers. We will be hosting Madan and Brian who have been involved in the architecture and development of ONOS (Open Network Operating System).
Synopsis
ONOS is a distributed SDN network operating system architected to provide performance, scale-out, resiliency, and well-defined northbound and southbound abstractions. Madan and Brian, both from ON.Lab, will start the talk with a deep-dive into ONOS architecture, including the key technical challenges that were solved to build this platform. They will also walk us through a live demo of building a SDN application on ONOS.
Details:
ONOS Architecture
ONOS Abstractions and Modularity
ONOS Distributed architecture
ONOS APIs and their usage
Live demo- Building a SDN app on ONOS
Speaker Bios
Madan Jampani, Distributed Systems Architect, ONOS
Madan is Distributed Systems Architect at ON.Lab focusing on the core distributed systems problems for ONOS. Prior to joining ON.Lab in Sep 2014, Madan worked at Amazon for around 10 years. At Amazon, Madan was instrumental in building several key technologies ranging from Amazon retail ordering systems, distributed data stores and shared compute clusters for running large-scale data processing and machine learning workloads.
Brian O’Connor, Lead Developer, ONOS
Brian is the ONOS Application Intent Framework lead and a core developer at ON.Lab, working on ONOS and Mininet. Brian O’Connor received Bachelor’s and Master’s degrees in Computer Science from Stanford University. At Stanford, he helped develop “An Introduction to Computer Networking,” one of Stanford’s first MOOCs (Massively Open Online Courses).
ABOUT ON.LAB and ONOS
Open Networking Lab (ON.Lab) is a non-profit organization founded by SDN inventors and leaders from Stanford University and UC Berkeley to foster an open source community for developing tools and platforms to realize the full potential of SDN. ON.Lab brings innovative ideas from leading edge research and delivers high quality open source platforms on which members of its ecosystem and the industry can build real products and solutions.
ONOS, a SDN network operating system for service provider and mission critical networks, was open sourced on Dec 5th, 2014. ONOS delivers a highly available, scalable SDN control plane featuring northbound and southbound abstractions and interfaces for a diversity of management, control, service applications and network devices. ONOS ecosystem comprises of ON.Lab, organizations who are funding and contributing to the ONOS initiative including AT&T, NTT Communications, SK Telecom, Ciena, Cisco, Ericsson, Fujitsu, Huawei, Intel, NEC; members who are collaborating and contributing to ONOS include ONF, Infoblox, SRI, Internet2, Happiest Minds, CNIT, Black Duck, Create-Net and the broader ONOS community. Learn how you can get involved with ONOS at onosproject.org.
Tech Tutorial by Vikram Dham: Let's build MPLS router using SDNnvirters
Synopsis
We will start with MPLS 101 and then look into MPLS related OpenFlow actions. In the second half we will delve into RouteFlow architecture and extend it to enable Label Distribution Protocol (LDP) and MPLS routing. We will conclude with a mini-net based test bed switching traffic using MPLS labels instead of IP addresses.
This will be a hands on workshop. VM Images for Virtual Box will be provided. Attendees are expected to bring their laptops loaded with Virtual Box.
About Vikram Dham
Vikram is the CTO and co-founder of Kamboi Technologies, LLC where he advises networking companies, switch vendors and early adopters on SDN technology and distributed software development. Also, he is the founder of Bay Area Network Virtualization (BANV) meet-up group, that brings together technologists in the SDN/NFV/NV domain for technical talks, workshops and creates a truly "open" platform for sharing knowledge.
He has used SDN technologies for building software related to traffic engineering, security and routing. In the past, he was the Principal Engineer at Slingbox where he architected & built the distributed networking software for peer to peer connectivity of millions of end points. He holds MS degree in EE with a specialization in Computer Networks from Virginia Tech and has worked on research projects with companies like ECI Telecom, Raytheon and Avaya Research Labs.
This hands on workshop for OpenContrail will be led by Sreelakshmi Sarva & Aniket Daptari.
This is a labs session so we will have hard RSVP limits. Please RSVP only if you are confident that you will be able to attend.
About Sreelakshmi Sarva
Sree is currently working as part of solution engineering team at Juniper’s Contrail team. She is responsible for delivering & managing SDN solutions & partnerships relating to Contrail. She has been with Juniper for the last 13 years working on various Routing, Switching, Network programmability & virtualization platforms. Prior to Juniper, She worked at Nortel networks in the Systems Engineering group. Sree received her Masters in Computer Science from University of Texas at Dallas and Bachelor’s in Computer Science from India.
About Aniket Daptari
Aniket is currently working as part of Juniper Networks' Contrail Cloud Solutions team. He is responsible for delivering SDN solutions and technology partnerships related to Contrail. He has been with Juniper for the last 3 years working on various Network programmability & virtualization platforms. Prior to Juniper, he worked at Cisco Systems in the Internet Systems Business Unit (Catalyst 6500). Aniket received his Masters in Computer Science from University of Southern California and a graduate certificate in Management Science and Engineering from Stanford University.
Course Abstract
This session will be the first of a series of OpenContrail hands-on tutorials for developers who want to get deep into OpenContrail code.
This “Basic OpenContrail Programming” Hands-on Session will focus on making developers proficient in writing and contributing code for our OpenContrail Project.
Session will cover the following areas
1) Contrail Overview
· Use Cases
· Architecture recap
2) Contrail Hands on
· Demo + Hands on - Configuration , VN, VM, Network Policies etc
· DevStack introduction
RouteFlow & IXPs
This talk will discuss the architecture of RouteFlow which is a leading OpenFlow based virtual router. It will focus on the new projects based upon RouteFlow which are finding traction in Internet eXchange Points (IXPs) - Cardigan being one of the most popular one. Some common aspects of IXPS will be shown. The talk will conclude with a list of future projects and vision of SDN routing.
About Raphael Vincent Rosa
Raphael is a Communications Network Engineer. He finished his MS in Computer Science working with intra datacenter routing, contributing to open source SDN projects such as Ryu network controller and RouteFlow platform. Currently he is pursuing PhD research under the guidance of Dr. Christian Esteve Rothenburg with main interests in SDN and Distributed-NFV topics.
Tech Talk by Tim Van Herck: SDN & NFV for WANnvirters
Extending SDN & NFV to WAN
This session will walk through the evolution in branch networking and how SDN & NFV principles can be applied to the enterprise WAN to achieve increased reliability and flexibility. It will also cover how to lower the associated operational expense of running a classic enterprise WAN and what industry trends are pressuring changes on the design of such networks.When applying SDN & NFV principles to the WAN, there will be a natural reduction in complexity of managing services and guaranteeing uptime of network connectivity.
About Tim Van Herck
Tim is the Director of Technology and founding member at VeloCloud Networks.He is responsible for building out a global network of Points of Presence to deliver virtual last mile service to enterprise branches. Prior to joining VeloCloud, Tim was a founding member of Aryaka Networks, which offers WAN Optimization as a service. Tim has been passionately following the leading edge of network virtualization and security solutions for the past 15 years. He holds a master's degree in Industrial Engineering from the University of Antwerp, and is based in VeloCloud's headquarters in Los Altos, CA
More info @ http://meetup.com/openvswitch
Follow us on twitter @nvirters
Tech Talk by Ben Pfaff: Open vSwitch - Part 2nvirters
Open vSwitch - Part 2
A previous presentation in March 2013 at Bay Area Network Virtualization meetup covered the past, present, and predicted future of Open vSwitch. This talk picks up where that one left off, covering improvements made in Open vSwitch since then, new directions for the coming year, and some related work of interest in the industry.
About Ben Pfaff (twitter: @Ben_Pfaff)
Ben joined Nicira as one of its first employees in 2007 after finishing his PhD at Stanford. Since then he has been working on what became OpenFlow and Open vSwitch. He also made some early contributions to the NOX controller. He has been involved with free software since about 1996, when he started work on GNU PSPP and joined the Debian project.
More info @ http://meetup.com/openvswitch
Follow us on twitter @nvirters
OpenFlow Data Center - A case Study by Pica8nvirters
White box switches are emerging as a viable alternative for network architects deploying software defined networks, but SDN deployments will require OpenFlow support. In this presentation, David will explain the experience of taking an OpenFlow white box switch to production in 3 data centers. The presentation will cover the following topics:
- How to work through limited TCAM in commercial silicon and maximize the TCAM usage for production
- How to scale an OpenFlow-based data center network under constraints
- How commercial silicon supports the OpenFlow 1.3 specification
- Additional features of the OpenFlow specification that will drive commercial silicon development
- Interworking L2/L3 and an OpenFlow network on the same switch
Pyretic - A new programmer friendly language for SDNnvirters
Managing a network requires support for multiple concurrent tasks, from routing and traffic monitoring, to access control and server load balancing. Software-Defined Networking (SDN) allows applications to realize these tasks directly, by installing packet-processing rules on switches. However, today's SDN platforms provide limited support for creating modular applications.
Join Bay Area Network Virtualization as Dr. Joshua Reich, Postdoctoral Research Scientist and Computing Innovation Fellow at Princeton University presents Pyretic - a new programmer-friendly domain-specific language embedded in Python that enables modular programming for SDN applications. Pyretic is part of the Frenetic Network Programming Language initiative sponsored by Princeton University and Cornell University, with support from the National Science Foundation, the Office of Naval Research, Google, Intel and Dell.
Software Delivery At the Speed of AI: Inflectra Invests In AI-Powered QualityInflectra
In this insightful webinar, Inflectra explores how artificial intelligence (AI) is transforming software development and testing. Discover how AI-powered tools are revolutionizing every stage of the software development lifecycle (SDLC), from design and prototyping to testing, deployment, and monitoring.
Learn about:
• The Future of Testing: How AI is shifting testing towards verification, analysis, and higher-level skills, while reducing repetitive tasks.
• Test Automation: How AI-powered test case generation, optimization, and self-healing tests are making testing more efficient and effective.
• Visual Testing: Explore the emerging capabilities of AI in visual testing and how it's set to revolutionize UI verification.
• Inflectra's AI Solutions: See demonstrations of Inflectra's cutting-edge AI tools like the ChatGPT plugin and Azure Open AI platform, designed to streamline your testing process.
Whether you're a developer, tester, or QA professional, this webinar will give you valuable insights into how AI is shaping the future of software delivery.
Kubernetes & AI - Beauty and the Beast !?! @KCD Istanbul 2024Tobias Schneck
As AI technology is pushing into IT I was wondering myself, as an “infrastructure container kubernetes guy”, how get this fancy AI technology get managed from an infrastructure operational view? Is it possible to apply our lovely cloud native principals as well? What benefit’s both technologies could bring to each other?
Let me take this questions and provide you a short journey through existing deployment models and use cases for AI software. On practical examples, we discuss what cloud/on-premise strategy we may need for applying it to our own infrastructure to get it to work from an enterprise perspective. I want to give an overview about infrastructure requirements and technologies, what could be beneficial or limiting your AI use cases in an enterprise environment. An interactive Demo will give you some insides, what approaches I got already working for real.
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Elevating Tactical DDD Patterns Through Object CalisthenicsDorra BARTAGUIZ
After immersing yourself in the blue book and its red counterpart, attending DDD-focused conferences, and applying tactical patterns, you're left with a crucial question: How do I ensure my design is effective? Tactical patterns within Domain-Driven Design (DDD) serve as guiding principles for creating clear and manageable domain models. However, achieving success with these patterns requires additional guidance. Interestingly, we've observed that a set of constraints initially designed for training purposes remarkably aligns with effective pattern implementation, offering a more ‘mechanical’ approach. Let's explore together how Object Calisthenics can elevate the design of your tactical DDD patterns, offering concrete help for those venturing into DDD for the first time!
State of ICS and IoT Cyber Threat Landscape Report 2024 previewPrayukth K V
The IoT and OT threat landscape report has been prepared by the Threat Research Team at Sectrio using data from Sectrio, cyber threat intelligence farming facilities spread across over 85 cities around the world. In addition, Sectrio also runs AI-based advanced threat and payload engagement facilities that serve as sinks to attract and engage sophisticated threat actors, and newer malware including new variants and latent threats that are at an earlier stage of development.
The latest edition of the OT/ICS and IoT security Threat Landscape Report 2024 also covers:
State of global ICS asset and network exposure
Sectoral targets and attacks as well as the cost of ransom
Global APT activity, AI usage, actor and tactic profiles, and implications
Rise in volumes of AI-powered cyberattacks
Major cyber events in 2024
Malware and malicious payload trends
Cyberattack types and targets
Vulnerability exploit attempts on CVEs
Attacks on counties – USA
Expansion of bot farms – how, where, and why
In-depth analysis of the cyber threat landscape across North America, South America, Europe, APAC, and the Middle East
Why are attacks on smart factories rising?
Cyber risk predictions
Axis of attacks – Europe
Systemic attacks in the Middle East
Download the full report from here:
https://sectrio.com/resources/ot-threat-landscape-reports/sectrio-releases-ot-ics-and-iot-security-threat-landscape-report-2024/
Essentials of Automations: Optimizing FME Workflows with ParametersSafe Software
Are you looking to streamline your workflows and boost your projects’ efficiency? Do you find yourself searching for ways to add flexibility and control over your FME workflows? If so, you’re in the right place.
Join us for an insightful dive into the world of FME parameters, a critical element in optimizing workflow efficiency. This webinar marks the beginning of our three-part “Essentials of Automation” series. This first webinar is designed to equip you with the knowledge and skills to utilize parameters effectively: enhancing the flexibility, maintainability, and user control of your FME projects.
Here’s what you’ll gain:
- Essentials of FME Parameters: Understand the pivotal role of parameters, including Reader/Writer, Transformer, User, and FME Flow categories. Discover how they are the key to unlocking automation and optimization within your workflows.
- Practical Applications in FME Form: Delve into key user parameter types including choice, connections, and file URLs. Allow users to control how a workflow runs, making your workflows more reusable. Learn to import values and deliver the best user experience for your workflows while enhancing accuracy.
- Optimization Strategies in FME Flow: Explore the creation and strategic deployment of parameters in FME Flow, including the use of deployment and geometry parameters, to maximize workflow efficiency.
- Pro Tips for Success: Gain insights on parameterizing connections and leveraging new features like Conditional Visibility for clarity and simplicity.
We’ll wrap up with a glimpse into future webinars, followed by a Q&A session to address your specific questions surrounding this topic.
Don’t miss this opportunity to elevate your FME expertise and drive your projects to new heights of efficiency.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
2. Outline
• Define FlowVisor
– It’s design goal
– It’s success
– It’s limitation
• Describe and define Network Virtualization
• Introduce the OpenVirteX (formerly known as
NetVisor), which provides programmable
virtual networks
3. Why FlowVisor?
Good ideas rarely get deployed
Also require access to real world traffic
New services may require changes to switch software
Experimenters want to control the behaviour of their network
Evaluating new network services is hard
5. Current Virtualization
à la FlowVisor
• Network Slice = Collection of
sliced switches, links, and
traffic or header space
• Each slice associated to a
controller
• Transparent slicing, i.e., every
slice believes it has full and
sole control of datapath
FV enforces traffic and
slice isolation
Not a generalized virtualization
6. Great! What about real traffic?
• FlowVisor allows users to opt-in to services in
real-time
– Individual flows can be delegated to a slice by a
user
– Admins can add policy to slice dynamically
FlowVisor
Web Slice
VoIP Slice
Video
Slice
All the rest
7. Sprinkle some resource limits
• Slicing resources includes:
– Specifying the link bandwidth
– Maximum number of forwarding rules
– Fraction of switch CPU
FlowSpace: Which slice controls which packet?
9. FlowVisor
Where does it live?
• Sits between switches
and controllers
• Speaks OpenFlow up
and down.
• Acts like a proxy to
switches and
controllers
• Datapaths and
controllers run
unmodified
10. What kind of magic is this?
PacketIn from
datapath
Who
controls
this
packet?
It this
action
allowed?
11. Message Handling - PacketIn
PacketIn
Drop if controller
is not connected.
Is
LLDP?
Send to
appropriate
slice.
Yes
Extract
match
structure
and match
FlowSpace
No
Done
Insert a drop
rule.
No
Yes
Drop if controller
is not connected.
Yes
Send to slice.
Are
actions
allowed?
Log
exception.
Nomatch
Has
packet
been send
to a slice?
No match
12. Message Handling - FlowMod
FlowMod
Slicing
permitted?
Slice Actions
Send Error.
Log
exception
No
Extract
match struct
and intersect
FlowSpace
Yes
For each
intersection, rewrite
original flowmod
with flowspace info.
Has slice
permissions?
Intersections
No Intersections
Zero
rewrites?
Log
exception
Done
Yes
No
13. FlowVisor Highlights
• Demonstrations:
– Open Networking Summit ’12 and ’13
– GENI GEC 9
– Best demo at SIGCOMM ’09
• Deployments :
– GENI
– OFELIA
– Stanford Production Network
– In use at NEC and Ericsson labs, as well as other vendors
• 3 releases in the past year
– 1.0 release downloaded over 70 times in one day
14. FlowVisor Downloaders
Release 1.0
UniversityResearch
Georgia Tech
Rutgers
KSU
U of Wisconsin
U of Utah
Clemson
R&ENetworks
APNIC
BBN
NYSERNet
CENIC
CommercialNetworkOps
AT&T
Comcast
EarthLink
PSINet
RCN
Vendors
Goldman
Sachs
Cisco
Aruba
NEC
Ericsson
15. FlowVisor Summary
• FlowVisor introduces the concept of a network
slice
• Not a complete virtualization solution.
• Originally designed to test new network
services on production taffic
• But, it’s really only a Network Slicer!
FlowVisor provides network slicing but not a
complete network virtualization.
16. What should Network Virtualization
be?
• Conceptually introduces virtual network
which is decoupled from physical network
• Should not change the abstractions we know
and love of physical networks
• Should provide some new one: Instantiation,
deletion, service deployment, migration, etc.
At least what I think ;)
17. MPLS
VRF
Overlays
TRILL
VLAN
VPN
What is Network Virtualization?
None of these give you a virtual network
They merely virtualize one aspect of a
network
Topology Virtualization
• Virtual links
• Virtual nodes
• Decoupled from
physical network
Address Virtualization
• Virtual Addressing
• Maintain current
abstractions
• Add some new ones
Policy Virtualization
• Who controls what?
• What guarantees are
enforced?
18. Network Virtualization
vs.
Network Slicing
Slicing
• Sorry, you can’t.
• You need to discriminate traffic
of two networks with
something other than the
existing header bits
• Thus no address or complex
topology virtualization
Network virtualization
• Virtual nets are completely
independent
• Virtual nets are distinguished
by the tenant id
• Complete address and
topology virtualization
19. Virtualization
State of the Art
• Functionality implemented at the
edge
• Use of tunneling techniques, such as
STT, VXLAN, GRE
• Network core is not available for
innovation
• Closed source controller controls the
behaviour of the network
• Provides address and topology
virtualization, but limited policy
virtualization.
• Moreover, the topology looks like
only one big switch
20. Big Switch Abstraction
E6
E2
E5
E1
E3 E4
SWITCH 1E1
E3
E2
E5
SWITCH 2
E4
E6
• A single switch greatly limits the flexibility of the
network controller
• Cannot specify your own routing policy.
• What if you want a tree topology?
21. Current Virtualization
vs
OpenVirteX
Current Virtualization Solutions
• Networks are not programmable
• Functionality implemented at the
edge
• Network core is not available for
innovation
• Must provision tunnels to provide
virtual topology
• Address virtualization provided by
encapsulation
OpenVirteX
• Each virtual network is handed to a
controller for programming.
• Edge & core available for innovation
• Entire physical topology may/can be
exposed to the downstream
controller.
• Address virtualization provided by
remapping/rewriting header fields
• Both dataplanes and controllers can
be used unmodified.
22. OpenVirteX
All problems in computer science can be solved by another level of indirection.
- David Wheeler
OpenVirtex
25. Topology Virtualization - Abstractions
• Expose physical topology to tenants
• Virtual link: collapse multi-hop path into one-hop link
• Approach is also valid for proactive rules
OpenVirtex
26. Abstractions (contd.)
• Virtual switch: collapse
ports dispersed over
network into a switch
• Big switch is virtual
switch with all edge
ports
• Use separate controller
for each virtual switch
– Allow OpenVirteX admin
to control routing within
virtual switch
virtual
physical
...
...
virtual switch
edge ports
core ports
VM
28. OpenVirteX API
Mapping to Quantum
OpenStack Management System
Nova Quantum
Other
Components
virtual switch
vSwitch
VM1 VM2 VM3
Nova
plugin
Quantum
plugin
Quantum
plugin
OpenVirteX
Quantum
plugin
OpenFlo
w
Physical
Network
29. OpenVirteX API
Mapping to Quantum
Create Network API
OpenVirteX Quantum
✔
Attach Port API ✔
Create vRouter API ✔
Configure Topology API
Via the Router
extension
30. High Level Features
• Support for more generalized network virtualization as
opposed to slicing
– Address virtualization: use extra bits or clever use of tenant id in
header
– Topology virtualization: on demand topology
• Integrate with cloud using OpenStack
– Via the Quantum plugin
• Support any OF 1.x version, simultaneously
• Support for scale, HA and security-features.
– Incorporate right building blocks from other OSS
Just finised implementing a prototype
31. Current Status
• Quick and dirty prototype implemented
• Provides Address space virtualisation/isolation
• Two topology abstractions:
– Virtual Link
– Virtual Switch
• Current implementation not intended to scale
or provide any significant performance
– It’s a proof of concept
32. Future Challenges
• Traffic engineering, e.g., load balancing
• Reliability, e.g., disjoint paths
• The above needs special attention when offering
topology abstractions
– They may even be severely impacted.
• Physical topology changes
• Tenant may ask for reconfiguration of virtual
network
• Extremely challenging to get right
33. Conclusion
• FlowVisor 1.0 will remain to be supported
• OpenVirteX is still in the design phase
– But our clear goal is to deliver programmable virtual
networks.
• An initial proof of concept may be available in Q3 2013.
• Contributions to FlowVisor and OpenVirteX are greatly
appreciated and welcomed.
Hi! Ia am Ali Al-Shabibi and I work at the ON.Lab. I am going to tell you about FlowVisor. Who here know FlowVisor? Who has used FlowVisor? Well you should be!!!
Evaluating network sevices is diffcult and that for a variety of reasons. For one, users need control over the semantics of their network which could mean that they need to change the switches firmware. To top it off and to be credible you need access to real user traffic. So needless to say new ideas rarely get deployed.
Alright, why is this hard? Well let’s contrast a real networks and test beds. Real Networks have the port density you want backed by relatively power networking devices. Then, they have the scale that you would can only hope to have. Finally, they have real users. Test beds on the other hand, usually have a low port density because they are usually composed of linux boxes. Then, their scale is limited by the amount of money you have and worse , they only have fake users, which really isn’t credible.
So let’s look at the FlowVisor’s current virtualization. FlowVisor defines a slice as a collection of sliced switches, links and traffic. By traffic, we mean the header space that distinguishes this traffic, this is also know as flowspace. Then, each slice is associated to a controller. This controller now has control over the slice while thinking that it is the sole user of the datapath. FlowVisor is therefore responsible for enforcing isolation amongst the collection of slices that exist. Notice here that controllers and switches do not need to be modified to work with flowvisor.
So now you know how flowvisor defines a slice, but what about adding real user traffic? The idea is to run network services as part of a slice and allow users to opt-in to the services. Users opt-in by delegating flows to slices which are themselves controlled by a specific controller. Moreover, an admin can add a service to the network by dynamically adding policy at the FlowVisor.
Furthermore,FlowVisor allows you to define resource limits which are made available to every slice. You can specify dataplane link bandwidth as well as the number of available tcam entries available to a slice. You can also slice the CPU of the switch on a per slice basis, based on the amount of control traffic a particular slice controller can generate.OK but how are packet classified onto a slice, by this I mean which controller contols which packet. This is achieved by the notion of flowspace.
FlowSpace is basically the set of all possible header values defined by the OpenFlow tuple. For example, Slice 3 is defined as the traffic that ranges all IP and MAC addresses that are on a particular TCP port minus the set of Ips and macs that are in slice 1. Slice 1 ranges all TCP ports. Slice 2, overlaps with Slice 3 which is a problem because in the overlapping regions we cannot distinguish that control traffic and therefore FlowVisor does not know which controller to forward the control packets to. FlowVisor avoids this problem by assigning a priority to each flowspace definition, and therefore this means that only one controller can ever control a particular flowspace.
So now you know quite a bit about how flowvisor functions but sadly you do not know where it lives. Let’s fix that. FlowVisor lives between the switches and controllers and speaks openflow up to the controller and down to the switches. It basically acts like a glorified OpenFlow NAT for control traffic. Again, the controllers and datapaths can run unmodified.
So how does this work….
I’d like to define what network virtualization is… at least from my point of view. Network Virtualization should introduce the concept of a virtual network which is completely decoupled from the physical network.It should not change the abstraction that we know and love. But should provide some new ones, like instantiation, migration, snapshotting, etc.
There are a bunch of virtualization techniques such as VRFs, VLANs, Overlays, etc. but unfortunately none of these deliver a decoupling of your virtual net from your physical infrastructure. They basically virtualize a certain aspect of your network. In my mind, there are three main flavors of network virtualization. Topology Virtualization, Address Virtualization, and policy virtualization. Topology Virtualization is the ability to have virtual nodes and/or links. These must be logically decoupled from your physical network.Address Virtualization – Essentially this is the ability to give the illusion to the user that he has the entire addressable space. But while we do this, we should take care of maintaining the current assumption, no one will like me if I destroy TCP/IP to give you a virtual net. Policy Virtualization – This is essentially what flowvisor currently does. We want to know who can control what and what guarantees do we give.
Ok sowhats really the difference between slicing and virtualization. Say you want to have two networks with exactly the same properties? …
So there already exist solution which will provide you with virtual networks. Most of these solutions use some sort of tunneling technique such as VXLAN or GRE tunnels. They basically treat the core network as a fabric of pipes that just shovel packet for one end of the network to the other. All the intelligence is implemented at the edge of the network which means that you cannot define the semantics of your network simply because that is not available to you but rather a closed source controller defines the nominal behaviour of your network. These solutions have been mostly catered to DCs and they do provide nice address and topology virtualization but unfortunately they provide limited policy virtualizaion. On top of this your topology looks like one big switch which I argue is rather limiting.
The current state of the art in network virtualization revolves around mainly the big switch abstraction and and some tunneling technology (whether it’s VXLAN, STT, or something else is largely irrelevant). Currently we instantiate virtual networks by assigning endpoints to our virtual network and interconnecting them via this big switch abstraction. The issue is that this abstraction hides away an aspect of the network that we would like to control. Actually in current solution you have very limited choice type of network you would like to instantiate. We would like to change that.
So just to summarize the differences between what exists and what we are building.
By including a quantum plugin either directly in FlowVisor or possibly in FOAM we are able to spawn virtual networks which are then paired up with a controller. Each virtual network is given strict performance guarantees which therefore allow each tenant to operate his network unhindered by other tenants. Moreover, flowvisor will support any version of openflow and you will be able to use them simultaneously.As I told you earlier we achieve address and topology virtualization by rewriting control packets, basically all problems in computer science can be solved by another level of indiection.
Ok so let’s see how this can work. For simplicity we are going to stick to a reactive modelFirst a end host sends a packet and in openflow style a control packet is shipped by the switch to the controller which happens to be FlowVisor in this case. FlowVisor `sees the packet and forwards it to the appropriate controller, the controller does something to the control packet and sends it back to the datapath which is also FlowVisorFlowVisor rewrites this packet and appends some actions to it to case it to tag the dataplane packet. At this point the dataplane packet continues to the next hop. Which triggers another control packet. This packet arrives at FV and is rewritten by FV to match what the controller would expect (ie. It removes the tag) and ships it off to the controller. The controller does its thing and sends it back, FV rewrites the packet to maintain the tag on the dataplane.The data packet continues on its way until it reaches its last hop, at this point yet another control plane packet is shot off to FV which again rewrites it to allow the controller to understand it, sends it to the controller and the controller sends it back. But this time FV appends actions to the control packet that cause the tag to be stripped from the data packet and forwarded to the destination.