SDN Introduction - Teknik Komputer UI

Transcript

1. Software Defined Networking Special Topic in Computer Engineering Computer Engineering

   Study Program Universitas Indonesia Ardiansyah, M.Eng Netlab-EEUI
2. None

3. Outline • What and Why SDN? • SDN Approach •

   SDN-OpenFlow – Overview – Deployment

4. What is SDN?

5. WHY DO WE NEED SDN? WHAT VALUE DOES IT PROVIDE?

6. Software Control Router Hardware Datapath HELLO OSPF-TE RSVP-TE HELLO HELLO

   Firewall IPSec Many complex functions baked into the infrastructure OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, MPLS, redundant layers, … An industry with a “mainframe-mentality”
7. None

8. Deployment Idea Standardize Wait 10 years Glacial process of innovation

   made worse by captive standards process • Driven by vendors • Consumers largely locked out • Glacial innovation

9. With SDN… • enable innovation through network programmability • write

   our own control/management applications on a common platform

10. Specialized Packet Forwarding Hardware Ap p Ap p Ap p

    Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System Ap p Ap p Ap p Network Operating System App App App Change is happening in non-traditional markets

11. App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple

    Packet Forwarding Hardware App App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source The “Software-defined Network”

12. SDN Approach Standardize OpenFlow and promote SDN ~100 Members from

    all parts of the industry provides objective definitions, metrics and background research with the goal of providing this information as input to protocol, network, and service design to SDOs Build strong intellectual foundation Bring open source SDN tools/platforms to community SDN Academy Bring best SDN training to companies to accelerate SDN development and adoption

13. SDN Approach (Southbound) Common standards: • OpenFlow  https://www.opennetworking.org/ •

    I2RS  http://datatracker.ietf.org/wg/i2rs/charter/

14. OpenFlow Short Story: OpenFlow is an API • Control how

    packets are forwarded • Make deployed networks programmable – not just configurable

15. Ethernet Switch/Router How Does OpenFlow Work?

16. Data Path (Hardware) Control Path Control Path (Software) How Does

    OpenFlow Work?

17. Data Path (Hardware) Control Path OpenFlow OpenFlow Controller OpenFlow Protocol

    (SSL/TCP)

18. Controller PC Hardware Layer Software Layer Flow Table MAC src

    MAC dst IP Src IP Dst TCP sport TCP dport Action OpenFlow Firmware * * 5.6.7.8 * * * port 1 port 4 port 3 port 2 port 1 1.2.3.4 5.6.7.8 OpenFlow Flow Table Abstraction

19. OpenFlow Basics Flow Table Entries Switch Port MAC src MAC

    dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Rule Action Stats 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline 5. Modify Fields + mask what fields to match Packet + byte counters

20. Examples Switching * Switch Port MAC src MAC dst Eth

    type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * 00:1f:.. * * * * * * * port6 Flow Switching port3 Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action 00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6 Firewall * Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Forward * * * * * * * * 22 drop

21. Examples Routing * Switch Port MAC src MAC dst Eth

    type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * * * * * 5.6.7.8 * * * port6 VLAN Switching * Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * * vlan1 * * * * * port6, port7, port9 00:1f..

22. OpenFlowSwitch.org Controller OpenFlow Switch PC OpenFlow Usage Dedicated OpenFlow Network

    OpenFlow Switch OpenFlow Switch OpenFlow Protocol Aaron’s code Rule Action Statistics Rule Action Statistics Rule Action Statistics

23. Network Design Decisions Forwarding logic (of course) Centralized vs. distributed

    control Fine vs. coarse grained rules Reactive vs. Proactive rule creation

24. Centralized vs Distributed Control Centralized Control OpenFlow Switch OpenFlow Switch

    OpenFlow Switch Controller Distributed Control OpenFlow Switch OpenFlow Switch OpenFlow Switch Controller Controller Controller

25. Flow Routing vs. Aggregation Both models are possible with OpenFlow

    Flow-Based Every flow is individually set up by controller Exact-match flow entries Flow table contains one entry per flow Good for fine grain control, e.g. campus networks Aggregated One flow entry covers large groups of flows Wildcard flow entries Flow table contains one entry per category of flows Good for large number of flows, e.g. backbone

26. Reactive vs. Proactive Both models are possible with OpenFlow Reactive

    First packet of flow triggers controller to insert flow entries Efficient use of flow table Every flow incurs small additional flow setup time If control connection lost, switch has limited utility Proactive Controller pre-populates flow table in switch Zero additional flow setup time Loss of control connection does not disrupt traffic Essentially requires aggregated (wildcard) rules

27. SDN-OPENFLOW DEPLOYMENT

28. Dell T3500 Changwon Jeju - Gwangju Daejeon VLAN1 KREONE T

    VLAN1 OF-HOST OF-SW OF-HOST OF-SW OF-HOST OF-SW GW GW GW NOX-Controller (Server) Pronto 3290 Control Data VLAN3 VLAN3 VLAN2 VLAN2 KREONE T OpenFlow-based Elastic and Non-Elastic Network Traffic Management

29. DJ-7609 Cisco 7609 Cisco 3500 G8/7 [VLAN811] MERS8610 1850TSS-100 MESU1850

    1850TSS-100 1850TSS-100 Changwon Cisco 7609 Jeju-Router Cisco 7609 STM2 STM2 MESU1850 OF-Host OF-Host OF-Host Jeju Changwon Daejeon VLAN2 VLAN3 VLAN1 VLAN3 VLAN1 VLAN2 [VLAN 2, 3] VLAN3 VLAN2 STM2 1850TSS-320 155M b 155M b 155M b NOX-Controller (Server) KREONET IP Production Service 1 Gigabit Ethernet DEFINE_Testbed@KREONET Gwangju

30. Open Mobile SDN Feasibility Test

31. Open Mobile SDN Feasibility Test

32. How to Deploy OpenFlow - Component  OpenFlow Controller 

    NOX (C base)  POX (Phyton base)  Floodlight (Java base)  OpenDayLight (Java base)  OpenFlow Switch  Pronto Switch (real hardware)  Openvswitch (linux base)  NetFPGA  Mininet (emulator)  OpenFlow IP Routing  Quagga  RouteFlow (simulator)

33. OpenFlow Vendor Hardware more to follow... NEC IP8800 HP ProCurve

    5400 and others Juniper MX-series (prototype) Cisco Catalyst 6k (prototype) Core Router Enterprise Campus Data Center Circuit Switch Wireless Pronto Prototype Product Ciena CoreDirector WiMAX (NEC) Cisco Catalyst 3750 (prototype) Arista 7100 series (Q4 2010) 33

34. OpenFlow WireShark Plugin Ships with OpenFlow reference controller

35. Mininet • Machine-local virtual network – great dev/testing tool •

    Uses linux virtual network features – Cheaper than VMs • Arbitrary topologies, nodes • Scriptable • http://mininet.org

36. Mininet with Miniedit

37. Future Reference • http://ardisragen.net/referensi-belajar- sdn.html • Asia Pacific Network Operation

    and Management Symposium (APNOMS)

38. Next… Network Functions Virtualization  SDN-based Virtual Service Platform Model

39. Q&A? Stay Hungry Stay Foolish – Steve Jobs