INTRODUCTION OPEN
NETWORKING AND
SDN
HUNG-WEI CHIU
LINKER NETWORKS.INC
Slide 2
Slide 2 text
WHO AM I
• Hung-Wei Chiu (邱宏瑋)
• [email protected]
• hwchiu.com
• Experience
• Software Engineer at Linker Netowrks
• Software Engineer at Synology (2014~2017)
• Co-Found of SDNDS-TW
• Open Source experience
• SDN related projects (mininet, ONOS, Floodlight, awesome-sdn)
Slide 3
Slide 3 text
OUTLINE
• Before SDN
• Open Source Networking
• Open Compute Project
• What is SDN and ONF
• Experiment
• ONOS
• OVS
• Mininet
Slide 4
Slide 4 text
4
Slide 5
Slide 5 text
5
Slide 6
Slide 6 text
No content
Slide 7
Slide 7 text
OPEN COMPUTER PROJECT
• OCP
• Founded 2011
• Global community for Open IT hardware
Network
Storage
Telco
Data Center Server
Open Rack
Hardware
Management
Slide 8
Slide 8 text
No content
Slide 9
Slide 9 text
OCP, NETWORKING (SCOPE)
• Fully disaggregated and open networking HW & SW
• Operating System – Linux based operating system & developer tools, and ReST API’s
• Fully automated configuration management & bare metal provisioning
• Universal & Multi-Form Factor Switch motherboard hardware
• Fully open integration & connectivity
• Energy efficient power & cooling designs
• Software Defined Networking (SDN)
Slide 10
Slide 10 text
SUB PROJECTS
• Subprojects of OCP Networking
• Open Network Install Environment (ONIE)
• Open Network Linux (ONL)
Slide 11
Slide 11 text
EXAMPLE: WEDGE 100
Facebook Design
CPU intel/AMD/…
ASIC Broadcom/Mellanox/…
Hardware Software
NOS: Open Network Linux
Forwarding Agent: FBOSS
BMC: OpenBMC
Switch as a Server
Slide 12
Slide 12 text
OCP NETWORKING SOFTWARE
• Switch Abstraction Interface – SAI
• Define API to provide a vendor-independent way of controlling forwarding elements, such as a switching ASIC,
and NPU or a software switch in a uniform manner.
• Open Network Linux – ONL
• Linux distribution (Debian) with added driver and configuration for running bare metal switches.
• Open Optical Monitoring – OOM
• Contents of optical module EEEROM accessible to python programmers.
• Open Network Install Environment – ONIE
• Open install environment for bare metal network switch
• ONIE enable a bare metal network switch ecosystem where end users have a choice among different network
operation systems
Slide 13
Slide 13 text
BUILDING ON BARE METAL
Bare metal
switch
Bare metal
switch
U-Boot & ONIE
Bare metal
switch
U-Boot & ONIE
Network OS
Bare metal
switch
U-Boot & ONIE
Network OS
Application
Bare metal
switch
Bare metal
server
U-Boot & PXE
Bare metal
server
U-Boot & PXE
Linux,Windows, etc
Bare metal
server
U-Boot & PXE
Linux,Windows, etc
Application
Server
Switch
Slide 14
Slide 14 text
ONIE
Slide 15
Slide 15 text
No content
Slide 16
Slide 16 text
No content
Slide 17
Slide 17 text
• White Box = Hardware + ONIE
• Open Networking = Apps + NOS +White Box
Slide 18
Slide 18 text
ONIE
Slide 19
Slide 19 text
WHITE BOX SWITCH MODEL
Switch
Data Plane
Control Plane
Applications
Switch
Data Plane
Switch
Data Plane
Linux OS
Applications
Switch
Control Plane
Applications
Control
Protocol
Traditional Switch
SDN-based System
Open Networking Switch
Slide 20
Slide 20 text
SDN
• Software-Defined Networking (SDN)
• The physical separation of the network control plane from the forwarding plane, and
where a control plane controls several devices.
Slide 21
Slide 21 text
THE SDN ARCHITECTURE
• DIRECTLY PROGRAMMABLE
• AGILE
• CENTRALLY MANAGED
• PROGRAMMATICALLY CONFIGURED
• OPEN STANDARDS-BASED AND
VENDOR-NEUTRAL
Slide 22
Slide 22 text
BASIC MODEL OF SDN
• Service Customer
• Manage-control network services via
SDN controller
• Send/receive data using network
resources.
• Network/Service Provider
Slide 23
Slide 23 text
BASIC MODEL OF SDN
Slide 24
Slide 24 text
ONF
• Open Networking Foundation
• Non-profit organization
• Led consortium driving transformation of network infrastructure.
• Serves as the umbrella for a number of projects building solutions
• Leveraging network disaggregation
• White box economics
• Open source software
• Software defined standards
Slide 25
Slide 25 text
No content
Slide 26
Slide 26 text
No content
Slide 27
Slide 27 text
27
Slide 28
Slide 28 text
No content
Slide 29
Slide 29 text
THE ECOSYSTEM
• 200+ Members Strong
Vibrant Operator Led Consortium Positioned for Success
• PARTNER
• COLLABORATING INNOVATOR
• INNOVATOR
• COLLABORATOR
Slide 30
Slide 30 text
THE ECOSYSTEM
Partner
Innovator 110+
Volunteer
Volunteers
Collaborator
Operators (7) Vendors (10)
70+
100s
ONF (& Stanford) Guru Parulkar
Network Operators
AT&T Andre Fuetsch – CTO
Google Urs Hölzle – SVP
NTT Comm Dai Kashiwa – Director
Comcast Rob Howald– VP
Verizon Srini Kalapala – VP
China Unicom Shao Guanglu - SVP
Research & Vendor Community
Nick McKeown Stanford
Fabian Schneider NEC
New ONF Board
Including 14 Operators:
Argela/Turk Telecom Microsoft
China Mobile Swisscom
SK Telecom Telecom Italia
ECI Telecom Telefonica
Facebook TELUS
Globe Telecom Vodafone
Goldman Sachs Yahoo
Slide 31
Slide 31 text
ONF’S SCOPE
Disaggregated boxes:
Packet switch, ROADM, eNodeB, OLT, RAN …
Programmable
Forwarding
Plane
Open Source:
ONAP, Open-O,
Open Source MANO
Global
Orchestrators
New ONF
Scope of Focus
Control
Plane ONOS
Control
(OpenFlow, P4)
Config
(NetConf/Yang, OpenConfig)
Alternative Controllers
(e.g. ODL)
Solutions
Platforms
M-
CORD
R-
CORD
E-CORD
CORD
VNFs
Alternative
VNF Frameworks
(e.g. OPNFV)
Service APIs: TOSCA, RESTful
Network Intent-Based APIs
Standards
&
Interworking
APIs
Slide 32
Slide 32 text
32
Slide 33
Slide 33 text
THE REAL SOFTWARE ABOUT SDN
• SDN Controller
• ONOS
• The Switch
• Software switch: Open vSwitch
• Testing
• Network emulator: mininet
Slide 34
Slide 34 text
ONOS
CARRIER-GRADE OPEN NETWORKING OPERATING SYSTEM
34
Slide 35
Slide 35 text
WHAT IS ONOS?
• Open Network Operating System (ONOS)
• An open source SDN network operation system
• SDN controller
ARCHITECTURAL TENETS
• High-availability, scalability and performance
• Strong abstractions and simplicity to develops apps and solutions
• Protocol and device behavior independence
• Separation of concerns and modularity
Slide 39
Slide 39 text
WHAT IS OPENFLOW
Slide 40
Slide 40 text
OPENFLOW
• Appear in 2008
• The most famous northbound API in SDN
• OpenFlow not equal SDN
• Just a communication protocol in SDN.
• Defined how control plan talk to forward plan.
Slide 41
Slide 41 text
No content
Slide 42
Slide 42 text
OPENFLOW RULE
L2 headers L3 headers L4 headers
Switch port
● Forward/Flood
● Drop
● Modify header
● Local
● Forward to Controller
Packer bytes/counts
Match Action Statistics
Slide 43
Slide 43 text
L2 FORWARDING
src_MAC L3 headers L4 headers
Switch port dst_MAC Action
* * 00:11:32:aa:bb:cc * * Forward port 6
src_MAC L3 headers L4 headers
Switch port dst_MAC Action
* * * * * Normal
Slide 44
Slide 44 text
L3 FORWARDING
L2 headers dst_ip L4 headers
Switch port src_ip Action
1 * 140.113.123.234 140.114.123.234 *
Forward port
4
Slide 45
Slide 45 text
FIREWALL
L2 headers src_tcp_port dst_tcp_port
Switch port L3 headers Action
1 * * * 22 Drop
Slide 46
Slide 46 text
OPENVSWITCH
• So,What is Open vSwith and Why we need it ?
Slide 47
Slide 47 text
HISTORY
• 2008
• First paper about OpenFlow (SDN)
• OpenFlow: enabling innovation in campus networks
• Nick McKeown setup a Nicira company
• Open vSwitch + OpenFlow = NVP (NetworkVirtualization Platform)
Slide 48
Slide 48 text
HISTORY
• 2012
• VMWare buy Nicira
• NVP become the NSX
Slide 49
Slide 49 text
INTRODUCTION
• Hypervisors need to bridge traffic.
• We can use Linux bridge do it.
• So,Why do we need Open vSwitch
• Targeted multi-server virtualization.
• Responding to network dynamics
• Maintenance of logical tags
• Hardware integration
COMPARE
• Open vSwitchV.S Linux Bridge
• Architecture
• Featues
Slide 52
Slide 52 text
SYSTEM VIEW
User Space
Kernel
Space
ovs-vsctl
ovs-
dpctl
ovs-
ofctl
OpenvSwitch
eth0 eth1
L2 forwarding
L3 routing
ACL/Firewall
NAT/Port
forwarding
Slide 53
Slide 53 text
ALL IN ONE
• Iptables/ebtables won’t work anymore
• Packet won’t pass netfilter now.
• Use Openflow to control packets.
• Also support some complicated operation in native port (without openflow)
• VLAN
• Bonding
• Overlay network
Slide 54
Slide 54 text
HOW OPEN VSWITCH WORKS.
• Control Packets by OpenFlow
• Support different port types
• Bonding
• Overlay netwokrs
• VLAN/MPLS
• Some features support by linux kernel
• Traffic Control (Queue)
• Conntrack
• NAT
Slide 55
Slide 55 text
WHO CONTROL RULES
• For OpenvSwitch, you can use following approaches
• Command line tool
• ovs-ofctl add-flows
• Openflow controller
• Push openflow rules via tcp
Slide 56
Slide 56 text
COMMAND LINE
• ovs-ofctl add-flow br1 “xxxxxxxxxxxxxxxxxxxxxxxx”
• ovs-ofctl add-flows br1 filename
• You can put all flows in a file and inert them at once.
• ovs-ofctl del-flows br1 “xxxxxxx”
Slide 57
Slide 57 text
SDN CONTROLLER
• SDN Brain
• Centralized control all SDN network devices.
• Communicate with network devices via northbound API
• OpenFlow/SNMP/OVSDB/NetConf/gRPC
• OpenFlow != SDN again.
Slide 58
Slide 58 text
Rules
Data Plane
Network Devices
(OVS)
Controller (ONOS)
NAT Routing
Firewall
Rules
Data Plane
Network Devices
(OVS)
Rules
Data Plane
Network Devices
(OVS)
Control Plane
Slide 59
Slide 59 text
OPEN VSWITCH
• Support connection mode
• Standalone
• Without Controller, OVS has a default rules.
• Controller
• Need to setup controller’s IP:Port
Slide 60
Slide 60 text
STANDALONE MODE
• Default rules is
• Match: any
• Do: action:Normal
• Normal means L2 forwarding.
• Open vSwitch will be same as the Linux Bridge if it’s in standalone mode.
Slide 61
Slide 61 text
HOW TO USE OPEN VSWITCH
• Create ovs bridge (we call it datapath)
• ovs-vsctl add-br br0
• Attach existing port to OVS
• ovs-vsctl add-port br0 eth0
• Dump flows
• ovs-ofctl dump-flows br0
Slide 62
Slide 62 text
MININET
• What
• Why
Slide 63
Slide 63 text
WHAT
• Mininet is a network emulator
• Mininiet create a realistic virtul network, running real kernel, switch and application code,
on a single machine (VM, cloud or natvie)
MININET
switch switch switch
switch switch switch switch
Linux Host
Slide 67
Slide 67 text
WHY
• For Developer
• Testing controller
• Testing applications
• Testing before deploy
• Compare to real environment
• Flexible
• Scalable
Slide 68
Slide 68 text
HOW IT WORKS
• Run many OpenvSwitch in your host.
• Also run many hosts in your host (network namespace)
• Connect all of them
• Network topology.
Slide 69
Slide 69 text
EXPERIMENT
• Combine the Mininet + ONOS in oneVM
Slide 70
Slide 70 text
RESET
• Reset your environment and start the ONOS controller
• Click ONOS GUI
Slide 71
Slide 71 text
MININET
• Click the miniet icon to simulate a network topology and connect all switches to ONOS
controller.
• Switch to the ONOS GUI and you can see six switches there.
• Use ‘l’ to show the switch id.
• In the mininet terminal, type h11 ping h41
• In the ONOS Gui, type ‘h’ to show host.
Slide 72
Slide 72 text
ONOS
• Click the ONOS terminal icon to start ONOS CLI
• Type “apps –a –s “ to see all activated applications.
• Type “app activate org.onospro\ject.fwd” to enable forwarding function for ONOS.
• Back to miniet prompt and you can see the ping works now.
• You can also see second hosts on ONOS GUI.
Slide 73
Slide 73 text
MININT
• Useful command
• links
• link s2 s11 down (down the link and you can see that change it ONOS GUI)
• nodes
• node name + ${common command}
• h11 ifconfig
• iperf h11 h4
• Use iperf to generate traffic.
Slide 74
Slide 74 text
ONOS
• Commands
• Show devices
• devices
• Show links
• links
• Show know hosts
• hosts
• Show flow rules
• flows
• Show shortest paths between each node
• Paths {node1} {node2}
Slide 75
Slide 75 text
OVS
• You can also create new tab and type following command to see ovs status.
• sudo ovs-vsctl show
• sudo ovs-ofctl dump-flows s11
Slide 76
Slide 76 text
SDNDS + CLOUD NATIVE USER GROUP
• Do you have interested in
• SDN
• Ceph
• OpenStack
• Kubernetes
• Join this meetup to learn more about.
• https://www.meetup.com/Cloud-Native-User-Group-Taiwan/events/245495423/