SDN Controller - Programming Challenges


Published in: Technology, Business
  1. 1. Sriram NatarajanSDN Controller – ProgrammingChallengesJune 13, 2013
  2. 2. 2Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Software Defined Networking (SDN)PacketForwardingPacketForwardingPacketForwardingPacketForwardingNetwork OSOpenFlow API Network OS vs. Controller (or is it just OF Driver?) Can controller ensure correct programming behavior? Are there any missing pieces?Controller
  3. 3. 3Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.OpenFlow Protocol – Quick OverviewPacketForwardingPacketForwardingPacketForwardingPacketForwardingNetwork OSOpenFlow APIConnection: Logically Centralized? # of Switches/Controllers Setup (TCP/TLS) / Interruption Inband/Out-of-bandMessage Types: Controller-to-switch Asynchronous SymmetricMessage Handling: Delivery Processing OrderingController
  4. 4. 4Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Programming Challenges Consistency Correctness Optimization Performance HeterogeneousPacketForwardingPacketForwardingPacketForwardingPacketForwardingNetwork OSOpenFlow APIControllerMatch Fields Attributes Instructions* priority = 0 Drop10.0.0.1 priority = 100 Output:2
  5. 5. 5Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Consistency Fail secure mode:– Packets to controller -DROPPED Fail standalone mode:– Switch acts as a legacyEthernet switch or router PacketForwardingPacketForwardingPacketForwardingPacketForwardingNetwork OSOpenFlow APIController✕ Retain existing flows– Does not break forwarding– Might be Inconsistent– Query entire flow state Delete all flows– Breaks forwarding– Can restore to consistent state– Re-compute logic or maintain localcopy?ReconnectionInterruption
  6. 6. 6Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Correctness Violations (e.g., conflictingactions) (FortNOX) Misconfigurations(e.g., incorrect flow attributes)ControllerPacketForwardingPacketForwardingPacketForwardingPacketForwardingOpenFlow APISecurity App 2 App 3Match Fields Attributes Instructions* priority DROPconflicting flow updates• If controller acts just like an OF-Driver, will applications talk OpenFlow? What is the rightabstraction?• How to verify correct programming updates?
  7. 7. 7Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Optimization Size– Flow duration (idle/hard timeouts): Reducing timeouts  reduce flowtable size (DevoFlow)– Single Flow Table: Cartesian Explosion Issue (Can be solved by Multi-table) Aggregation– One flow entry covers large groups of flows, can be one entry percategory of flows– Wildcard flow entries– Key: How to optimize flow updates from controller as well as retaincorrect logic?
  8. 8. 8Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Performance Proactive programming when possible– Controller pre-populates flow table in switch– Zero additional flow setup time Leverage hardware features– Number of Connections (OF auxiliary channels)ControllerPacketForwarding(1) Flow Lookup Miss(2)(3) ProcessingTime Flow Setup Time: Flow Lookup Miss +OF Channel RTT +Controller Processing Time +Flow Table Update time(5) Flow TableUpdate Time(4)
  9. 9. 9Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Heterogeneous Switch capabilities– Software switches More features, lowerperformance– Hardware switches Less features, betterperformance Does controller and Appswrite customized code foreach switch? Another Issue:– Different OF VersionsOVSVendor XVendor XSoftswitchNetwork OSOpenFlow 1.0Controller• Need for portable API that can abstract low-level heterogeneityOpenFlow 1.3
  10. 10. 10Copyrights 2013 NTT Innovation Institute, Inc. All rights reserved.Possible Missing PiecesPacketForwardingPacketForwardingPacketForwardingPacketForwardingOpenFlow APIControllerPortable API Run-time systemAbstraction LayerCorrectnessHeterogeneous ConsistencyOptimization
  11. 11. Thanks!