20131010 90分で理解するSDNの基礎

90෼Ͱཧղ͢ΔSDNͷجૅ 2013೥10݄10೔ ϛυΫϥδϟύϯגࣜձࣾ

Copyright ©2013 Midokura All rights reserved ຊ೔ͷΞδΣϯμ u ಋೖฤ Ø ࿩ऀ঺հ
Ø What’s SDN ? Ø “SDN” Λ෼ྨͯ͠ΈΑ͏ u ٕज़঺հฤ Ø ༷ʑͳߏ੒ٕज़ Ø OpenFlow Deep-dive Ø Server-side Edge overlay Deep-dive

ಋೖฤ Photo Credit:stevendepolo via Compfight cc

Copyright ©2013 Midokura All rights reserved ࿩ऀ঺հ ΩϟϦΞͰͷωοτϫʔΫઃܭɾӡ༻ɺ.JP DNS
ͷج൫ઃܭɾӡ༻ɺػثϕϯμSEΛܦͯݱ৬

Copyright ©2013 Midokura All rights reserved ຊ೔ͷ໨త Ø  “SDN”
ͱ͍͏ݴ༿Λฉ͍ͨࣄ͸ ͋Δ͕ϐϯͱ͜ͳ͍ํ ର৅ऀ Ø  ʮ“SDN”ͱݺ͹Ε͍ͯΔ΋ͷʯ ͷର৅Λ੔ཧ͢Δ Ø  ʮ”SDN”ͱݺ͹Ε͍ͯΔ΋ͷʯ ͷ୅දతͳ΋ͷͷٕज़తͳ֓؍ Λཧղ͢Δ ૂ͍ Photo Credit: Marco Bellucci via Compfight cc

What’s “SDN”? Photo Credit: Micky Aldridge via flickr cc

Copyright ©2013 Midokura All rights reserved 2012Λڥʹ஫໨ΛूΊ͍ͯΔ “SDN” A.
OpenFlow B. Software Defined Networking C. Software Defined Network From: Google Trends A B C

Copyright ©2013 Midokura All rights reserved What’s “SDN” ?
Software Defined Networking ιϑτ΢ΣΞͰωοτϫʔΫΛఆٛ͢Δ???

Copyright ©2013 Midokura All rights reserved Web ্ͰݟΔ༷ʑͳ “SDN” ͷఆٛ
SDN is a new approach to networking in which network control is decoupled from the data forwarding function and is directly programmable. From: https://www.opennetworking.org/about/onf-overview ωοτϫʔΫͷߏ੒ɺػೳɺੑೳͳͲΛιϑτ΢ΣΞ ͷૢ࡞͚ͩͰಈతʹઃఆɺมߋͰ͖ΔωοτϫʔΫɺ ͋Δ͍͸ͦͷͨΊͷίϯηϓτΛࢦ͢ From: http://www.atmarkit.co.jp/ait/articles/1304/08/news098.html

Copyright ©2013 Midokura All rights reserved Web ্ͰݟΔ༷ʑͳ “SDN”
ͷఆٛ cont. SDNͱ͸ɺωοτϫʔΫΛιϑτ΢ΣΞͰಈతʹ ʙதུʙ ͦ͜ͰɺैདྷɺݸʑͷωοτϫʔΫػث͕1୆ͣͭͰߦ͖ͬͯͨωοτϫʔΫ ੍ޚͱσʔλసૹॲཧΛ෼཭͠ɺ൚༻αʔόଆͷιϑτ΢ΣΞͰσʔλసૹॲ ཧͷΈΛߦ͏ػثΛಈతʹ੍ޚ͢Δ͜ͱͰɺ௨৴Λॊೈʹޮ཰Α͘ɺ҆શʹߦ ͑ΔΑ͏ʹ͢Δ͜ͱΛ໨ࢦͯ͠ߟ͑ΒΕͨͷ͕SDNͰ͢ɻ From: http://jpn.nec.com/sdn/about_sdn.html? ιϑτ΢ΣΞʹΑͬͯԾ૝తͳωοτϫʔΫΛ࡞Γ্͛Δٕज़શൠ Λݴ͍·͢ɻSDNΛ༻͍Δͱɺ෺ཧతʹ઀ଓ͞ΕͨωοτϫʔΫ ্Ͱɺผ్Ծ૝తͳωοτϫʔΫΛߏங͢Δͱ͍ͬͨΑ͏ͳ͜ͱ ͕ՄೳʹͳΓ·͢ɻ From: https://www.nic.ad.jp/ja/basics/terms/sdn.html

cont. ڞ௨߲ ü  “ιϑτ΢ΣΞͰ” ü  “ಈతʹมߋ” ͦͷଞͷΩʔϫʔυ ü  ίϯτϩʔϧϓϨʔϯɺσʔλϓϨʔϯ෼཭ ü  ࣗಈԽ ü  ػೳͷ௥Ճ ü  Ծ૝Խ ü  ൚༻ϋʔυ΢ΣΞ

cont. ü  “SDN” ͱ͍͏ݻ༗໊ࢺͷඪ४ٕज़͸ଘࡏ͠ͳ͍ ü  ιϑτ΢ΣΞͰωοτϫʔΫʹରͯ͠ಈత੍ޚ Λߦ͏࢓૊ΈΛͳ΂ͯ “SDN” ͱݺΜͰ͍Δ Photo Credit: @Doug88888 via Compfight cc ϙΠϯτ

“SDN”Λ෼ྨͯ͠ΈΑ͏ Photo Credit: 5letterdesign via Compfight cc

Copyright ©2013 Midokura All rights reserved ෼ྨI. “ద༻ྖҬ”ͱ”෺ཧvsԾ૝” σʔληϯλ
෺ཧ Ծ૝ WAN Ϋϥ΢υωοτϫʔΫελοΫ Ծ૝ɾ෺ཧεΠονͷ࿈ܞ ෺ཧεΠονͷ੍ޚ αʔόɺDCωοτϫʔΫɺWANͷ౷߹੍ޚ ఻ૹϨΠϠͷ੍ޚ

Copyright ©2013 Midokura All rights reserved ෼ྨII. “৽ڵvsطଘ”ͱ “HardwareͱSoftware”
ιϑτ΢ΣΞ طଘ ৽ڵ ϋʔυ΢ΣΞ ৽ڵιϑτ΢ΣΞϕϯμ Ծ૝Խ No.1ࣄۀऀͷิڧ طଘωοτϫʔΫػثϝʔΧ ൚༻FPGAɺ൚༻OSʹΑΔODMձࣾ طଘ఻ૹػثϝʔΧ طଘαʔόػثϝʔΧ

Copyright ©2013 Midokura All rights reserved ෼ྨIII. “ར༻ٕज़” (ԿΒ͔ͷ)API
Hop By Hop Edge overlay OpenFlow ఻ૹύεઃఆͷࣗಈԽ ෺ཧL2/L3ઃఆͷࣗಈԽɾػೳ௥Ճ Ϋϥ΢υͷࣗಈԽɾεέʔϧڧԽ શ෦ೖΓ Ծ૝ɾ෺ཧεΠονͷ౷߹ Ϋϥ΢υɾDCؒͷ࿈ܞ

ٕज़঺հฤ Photo Credit: [martin] via Compfight cc

༷ʑͳߏ੒ٕज़ Photo Credit: See-ming Lee 李思明 SML via
Compfight cc

Copyright ©2013 Midokura All rights reserved Ծ૝εΠον Ծ૝εΠονͱ͸ ü 
ιϑτ΢ΣΞͰಈ࡞͢ΔεΠον ü  Ծ૝ԽͷϗετOSͰಈ࡞͠ɺVMͱ֎෦ωο τϫʔΫΛ઀ଓ͢Δ༻్͕ଟ͍ ü  ୯७ͳεΠονϯάҎ֎ʹ΋τϯωϧԽɺ VLAN ͷ௥Ճ࡟আ౳ͷϔομૢ࡞΋αϙʔτ Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Physical Network

Copyright ©2013 Midokura All rights reserved Ծ૝εΠον ୅දతͳ࣮૷ྫ ü 
VMWare ESXi/Infrastracture ্Ͱಈ࡞ ü  ୯७ͳεΠονػೳ͕ϝΠϯ vswitch, vDS Nexus 1000v ü  ESXi, Linux ্Ͱಈ࡞ ü  جຊతʹ͸ Cisco UCS ্Ͱͷಈ࡞Λ૝ఆ ( IAαʔόͳΒಈ࡞͸Մೳ…ͳഺ ) ü  Linux ্Ͱಈ࡞ ü  Data path ͱͳΔ kernel module ͱɺControl plane ͱͳΔ application ͔Βߏ੒ ü  OpenFlow Λ࢖͏͜ͱ΋ɺ௚઀Data pathΛϓϩάϥϛϯά ͢Δࣄ΋Մೳ Open vSwitch

Copyright ©2013 Midokura All rights reserved Open vSwitch ü  Linux
্Ͱಈ࡞͠ɺOpen source Ͱ։ൃ͞Ε ͍ͯΔҝɺ঎༻ར༻΁ͷԠ༻΋੝ΜͰɺ ”SDN ੡඼” ʹ΋͠͹͠͹ར༻͞ΕΔ Ծ૝εΠον ü  KVM ౳ͷ Linux ΛϗετOSͱ͍ͯ͠Δ΋ͷ͸ɺͦͷ·· ಈ࡞Մೳ ü  OpenFlow Ҏ֎ʹ΋ɺNETLINK ܦ༝Ͱ௚઀ϓϩάϥϛϯ ά͢ΔࣄʹΑΓɺΑΓॊೈͳ֦ு͕Մೳ Ϋϥ΢υ ωοτϫʔΫ ελοΫ ൚༻FPGAΛ ༻͍ͨ৽ڵػث ϝʔΧ ü  εΠονͷϕʔεOSʹ Linux Λ࠾༻͓ͯ͠Γɺσʔλύε ϓϩάϥϛϯάʹ Open vSwitch ͕ར༻Մೳ ü  OVS ͷػೳʹΑΓ࠷৽ͷ OpenFlow ΍ଞͷτϯωϧϓϩτ ίϧ౳ʹҰૣ͘ରԠՄೳ Ԡ༻ྫ

Copyright ©2013 Midokura All rights reserved Hop-by-hop ͱ Overlay
Hop-by-hop ü  ܦ༝͢ΔػثΛશͯઃఆ Overlay ü  ௨৴ݩͱѼઌΛऩ༰͢Δ૷ஔͷΈ Λઃఆ ü  ૷ஔؒ͸ԿΒ͔ͷτϯωϧϓϩτ ίϧͰ઀ଓ͠ɺैདྷͷϧʔςΟϯ ά౳ʹΑΓ౸ୡੑΛ֬อ τϯωϧ ¡  ͖Ίࡉ͔ͳ੍ޚ͕Մೳ º  ઃఆྔ͕๲େ º  τϯωϧ۠ؒ͸ෳࡶͳ੍ޚ͸ࠔ೉ º  L2 Λ্ҐͰಈ࡞ͤ͞Δ৔߹͸ෳ ࡶͳ੍ޚ͕ඞཁ ¡  ઃఆྔ͕ݱ࣮తͳྔͰೲ·Δ

Copyright ©2013 Midokura All rights reserved Hop-by-hop ͱ Overlay
ซ༻ τϯωϧ Hop-by-hop Overlay Hop-by-hop ü  ੍ޚ͢ΔΠϯλϑΣʔεͱͯ͠τϯωϧΠϯλϑΣʔε౳ΛࢦఆͰ͖Ε͹ɺ Hop-by-hop ͱ Overlay ͷࠩ͸ѻ͏ΠϯλϑΣʔεͷछผͷҧ͍Ͱ͋Γɺซ ༻͸Մೳ ü  ୠ͠ɺ੍ޚ͸ͦΕ͚ͩෳࡶʹ…

Copyright ©2013 Midokura All rights reserved Overlay Ͱ༻͍ΒΕΔτϯωϧٕज़ ü 
L2 ϑϨʔϜΛ UDP Ͱ௨͢τϯωϦϯά ü  24bits ͷςφϯτࣝผࢠΛ࣋ͪɺVLANۭؒ12btisΑΓ޿େ ¡  UDP ϔομʹΑΓɺܦ༝ϊʔυͰࡉ͔ͳ੍ޚ͕Մೳ º  MACֶशʹඪ४Ͱ͸ IP Multicast Λ࢖͏ҝɺ࣮૷͕ࠔ೉˞ VXLAN NVGRE ü  L2 ϑϨʔϜΛ GRE Ͱ௨͢ҝͷ֦ுɺGRE Tunnel ID Λ෼ׂ ü  24bitsͷTenant ID Λ࣋ͪɺVLANۭؒ12bitsΑΓ޿େ ¡  GREʹݟ͑ΔҝɺطଘͷϑϨʔϜϫʔΫͷվม͕ෆཁ º  Multicast/Broadcast ͕ Tenant IDͱϦϯΫ͍ͯ͠ͳ͍ GRE ü  ॴҦ GRE τϯωϦϯά ¡  ރΕ͓ͯΓ࣮૷΋ଟ͍ º  L2 ͷߟྀ͸্ҐΞϓϦέʔγϣϯͰߟྀ͢Δඞཁ͕͋Δ ˞VMWare NSX Ͱ͸IP Multicast ʹΑΔಈతֶशͰ͸ͳ͘ ಠࣗػߏʹΑΓίϯτϩʔϥ͔Β഑৴͞ΕΔ

Copyright ©2013 Midokura All rights reserved OpenStack ͱ Neutron
ü  Open Source ͳΫϥ΢υϚωδϝϯτγςϜ ü  ଟ਺ͷίϯϙʔωϯτͷ API ʹΑΔૄ݁߹ʹΑΓ࣮૷ ü  Network ͸ Neutron ͱ͍͏ίϯϙʔωϯτ܈ʹΑ੍ͬͯޚ ͞ΕɺAPI ΋ެ։͞Ε͍ͯΔ OpenStack

Copyright ©2013 Midokura All rights reserved ü  L2/L3ͱ͍ͬͨجຊతͳػೳ͚ͩͰ͸ͳ͘ɺߴϨΠϠͷαʔϏεʹ΋֦ு OpenStack ͱ
Neutron ü  OpenStack ʹ४ڌ͢Δҝɺଟ͘ͷϝʔΧɺϕϯμ͕ Neutron API ͱࣗࣾ API Λม׵͢Δ Plugin Λ࣮૷ ü  σʔληϯλɾΫϥ΢υ޲͚ Network API ͷ σϑΝΫτελϯμʔυͷީิͱͯ͠஫໨͞Ε͍ͯΔ ੍ޚର৅ L2 separation L3 separation FWaaS LBaaS VPNaaS QoS Service Insertion Security Group Etc, Etc … Neutron API

Copyright ©2013 Midokura All rights reserved ü  ௨৴ࣄۀऀͷඪ४ԽஂମͰ͋Δ ETSI (European
Telecommunications Standards Institute) ʹΑΓɺن֨ԽΛݕ౼ ü  2013೥10݄4೔ݱࡏ͸·ͩެ։͞Εͨن֨͸ແ͠ 2013೥10݄14೔ʹॳ൛ͷ࢓༷͕ެ։ NFV = Network Function Virtualization ü  LBaaS, VPNaaS, FWaaS ౳ɺैདྷઐ༻ػث͕ػೳΛఏڙ͍ͯͨ͠ωοτ ϫʔΫαʔϏεΛ൚༻αʔό্Ͱ࣮ݱ͢ΔࣄΛݺͿ޿ٛͷ NFV ͱɺඪ४ ن֨ͱͯ͠ͷڱٛͷ NFV ͕ଘࡏ͢Δ ඪ४ن֨ͱͯ͠ͷNFV ༻ޠͱͯ͠ͷNFV http://www.etsi.org/technologies-clusters/technologies/nfv

Copyright ©2013 Midokura All rights reserved ETSI NFV ͷಛ௃
From: http://portal.etsi.org/NFV/NFV_White_Paper.pdf ΩϟϦΞݻ༗ͷػೳ͕ଟؚ͘·ΕΔ

Copyright ©2013 Midokura All rights reserved ETSI NFV ͷಛ௃ cont.
ONFͱڠௐͯ͠SDNͱ͸ิ׬తͳؔ܎Λ໨ࢦ͢ From: http://portal.etsi.org/NFV/NFV_White_Paper.pdf

http://ja.wikipedia.org/wiki/%E3%83%95%E3%82%A1%E3%82%A4%E3%83%AB:Onsen_Macaque.JPG

Copyright ©2013 Midokura All rights reserved What’s OpenFlow ?
OpenFlow = ֎෦͔ΒύέοτॲཧϧʔϧΛϓϩάϥϛϯά͢Δ࢓૊Έ ωοτϫʔΫ ίϯτϩʔϥ ΞϓϦέʔγϣϯ API ωοτϫʔΫ ػث܈ ͜ͷ෦෼: APIͱ௨৴ํࣜΛ نఆ͢ΔͷΈ ୯ͳΔϓϩτίϧͰ͋Γɺ ϑϨʔϜϫʔΫΛඪ४Խ

Copyright ©2013 Midokura All rights reserved ϑϩʔΤϯτϦͱΞΫγϣϯͷجຊ •  సૹ͢Δ
•  ϔομΛॻ͖׵͑Δ •  ഇغ͢Δ •  ίϯτϩʔϥʹసૹ͢Δ ϑϩʔຖͷτϥϑΟοΫͷ౷ܭ৘ใ OpenFlow-Enabled εΠον OpenFlow Client Control Plane Data Plane Flow Table Matching Fields Action Stats ϑϩʔΤϯτϦ OpenFlow ίϯτϩʔϥ OpenFlow ϓϩτίϧ Ingress Port MAC DA MAC SA EtherType VLAN ID IP Src IP Dst IP Protocol TCP/UDP src port TCP/UDP dst port P-bits IP DSCP ϨΠϠ2 ϨΠϠ3 ϨΠϠ4 ϑϩʔΛࣝผ

Copyright ©2013 Midokura All rights reserved ONFʹΑΔඪ४Խ https://www.opennetworking.org/membership/members 100ࣾҎ্(*)ͷϝϯόʹΑΓߏ੒
Working Group Ͱٞ࿦ ϘʔυϝϯόͰ࢓༷ࡦఆ શͯͷϝϯόͷঝೝΛ ܦͯɺ࢓༷͕ඪ४Խ ONFͷඪ४Խϓϩηε Ϙʔυϝϯό(*) (*) 2013೥10݄ݱࡏ

Copyright ©2013 Midokura All rights reserved OpenFlow ࢓༷֓ཁ (1/3)
ü ϨΠϠ2ɺϨΠϠ3 (IPv4) Ϛονϯάɺॻସ ü VLANͷ௥Ճɺ࡟আɺॻସ ü γϯάϧϑϩʔςʔϒϧ OpenFlow 1.0 (2010-03) ü MPLSϥϕϧɺEXP bitϚονϯάɺॻସ ü Ϛϧνϑϩʔςʔϒϧ ü άϧʔϓςʔϒϧ(LAG) OpenFlow 1.1 (2011-02) ü ϨΠϠ3 (IPv4) Ϛονϯάɺॻସ ü Extensible Expression ΁ͷରԠ (IPv6 TLV ͷελοΩϯά΁ͷରԠ) OpenFlow 1.2 (2011-12)

Copyright ©2013 Midokura All rights reserved ü ίϯτϩʔϥʙεΠον઀ଓͷվળɾ֦ு •  CapabilityωΰγΤʔγϣϯͷվળ
•  Auxiliary Connection ͷαϙʔτ ü Tunnel ID ͷαϙʔτ ü IPv6 ֦ுϔομͷαϙʔτ ü PBB (IEEE802.1ah) ͷαϙʔτ ü ౷ܭऔಘͷ֦ு ü Per-flow meter ( rate-limit ౳ʹར༻) ü etc … OpenFlow 1.3 (2012-05) OpenFlow ࢓༷֓ཁ (2/3)

Copyright ©2013 Midokura All rights reserved OpenFlow ࢓༷֓ཁ (3/3)
ü मਖ਼ͱվળɺେ෯ͳ৽نػೳ௥Ճ͸ແ͠ OpenFlow 1.3.2 (2013-04) OpenFlow 1.3.1 (2012-09) ü Extensible Expression ͷ֦ு ü Packet-in ͷ֦ு ü Bundle ϝΧχζϜͷಋೖ ü ྫ֎ॲཧͷ֦ு ü Τϥʔίʔυͷ֦ு OpenFlow 1.4 (2013-10ݱࡏϨϏϡʔத) https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow/openflow-spec-v1.4.0.pdf

Copyright ©2013 Midokura All rights reserved OpenFlow ͷपลن֨ OpenFlow
ͷ໰୊఺ Ø  ݩʑ OpenFlow ͸“ύέοτͷॲཧϧʔϧ” ͷΈΛنఆ Ø  Լهͷػೳ͕ͳ͘ɺOpenFlow ͚ͩͰ͸׬݁͠ͳ͍ ü  ϢʔβɺίϯϑΟά؅ཧ ü  ΠϯλϑΣʔεͷ؅ཧ ü  OAM (؂ࢹɾ؅ཧ) ػೳ Ұ෦Λิ׬͢Δن֨OF-CONFIGΛنఆ

Copyright ©2013 Midokura All rights reserved OF-CONFIG OF-CONFIG ֓ཁ
Ø  OpenFlow ͸ “Data path” Λઃఆ͢Δͷʹର͠ɺ OF-CONFIG ͸ “OpenFlow capable (ͳ෺ཧతͳ) Switch” Λઃఆ From: https://www.opennetworking.org/images/stories/downloads/sdn-resources/onf-specifications/openflow-config/of- config-1-1-1.pdf

Copyright ©2013 Midokura All rights reserved OF-CONFIG OF-CONFIG ͷ؅ཧ಺༰
ü  OpenFlow ίϯτϩʔϥͱͷ઀ଓपΓ ü  ΠϯλϑΣʔεɺΩϡʔͷઃఆ ü  ΠϯλϑΣʔεͷ Up, Down ౳ ü  OpenFlow Data path ͷ Capability Negotiation Ø  Ϣʔβ؅ཧ౳ɺOpenFlow ʹ௚઀ؔ܎͠ͳ͍εΠο νͷ؅ཧʹ͍ͭͯ͸ґવͱͯ͠ผͷํ๏Ͱ؅ཧ͢Δ ඞཁ͕͋Δࣄʹ஫ҙ

https://commons.wikimedia.org/wiki/File:Plastic_tubing.jpg

Copyright ©2013 Midokura All rights reserved What’s Edge Overlay ?
Edge overlay Ø  Τϯυऩ༰૷ஔ (Edge) ͕τϯωϧΛுΔ Overlay ü  Ծ૝ԽϗετOS্ͷԾ૝εΠον͕ԿΒ͔ͷτϯωϧΛ ுΓɺVM-to-VM ͷ௨৴Λ Overlay ͱͯ͠ఏڙ ( Server-side Edge Overlay ) Ϋϥ΢υ ωοτϫʔΫ ελοΫ VPLS ü  ճઢऩ༰૷ஔ͕ MPLS LSP ΛுΓɺސ٬ͷ L2 ճઢΛ Overlay ͱͯ͠ఏڙ Ԡ༻ྫ

Copyright ©2013 Midokura All rights reserved Server-side Edge overlay
֓೦ਤ Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Virtual Switch VM VM VM Physical Network Ø  GRE, NVGRE, VXLAN ౳ɺIP based ͳτϯωϦϯάϓϩτί ϧΛར༻ Ø  ͦͷҝɺUndelay ͱͳΔ Physical Network ͸ IP Reachability ͑͋͞Ε͹ྑ͍

Copyright ©2013 Midokura All rights reserved Why Server-side Edge overlay
in Cloud ? ü  CPUɾϝϞϦ͸Ծ૝ԽɺࣗಈԽ͞Ε͍ͯΔ͕ ωοτϫʔΫ͸ࣗಈԽ͞Ε͍ͯͳ͍ Automation ü  East-to-West τϥϑΟοΫͷരൃ ü  ϘτϧωοΫͱͳΔԾ૝ϧʔλVM ü  ωοτϫʔΫऩ༰਺ → VLAN 4,096 ͷน ü  VMऩ༰਺ → MAC ςʔϒϧͷ૿େ ü  L2ωοτϫʔΫ → STP ͷݶք Performance Scalability

Copyright ©2013 Midokura All rights reserved ࣮૷ྫ: MidoNet ͷ৔߹
VM Upstream ISP vPort vPort vPort vPort VM VM vPort vPort VM VM vPort Tenant A Router Tenant A Bridge 1 Tenant A Bridge 2 Tenant B Bridge 1 Tenant B Router The Internet Logical Topology (Overlay) BGP uplink Provider Router Upstream ISP The Internet VM MidoNet Compute Node VM MidoNet Compute Node VM MidoNet Compute Node MidoNet Gateway Node MidoNet Gateway Node Back-end Network Network State Node NW State DB NW State DB NW State DB Physical Topology (Underlay) BGP uplink API Node Cloud Mgmt System Only requirement is an IP reachability! ݸʑͷNWػثͰ͸ͳ ͘ɺ࿦ཧτϙϩδશମ ΛΤϛϡϨʔτ

Copyright ©2013 Midokura All rights reserved ϓϩάϥϜΠϯλϑΣʔε
Upstream ISP The Internet VM MidoNet Compute Node VM MidoNet Compute Node VM MidoNet Compute Node MidoNet Gateway Node MidoNet Gateway Nodef Back-end Network Network State Node NW State DB NW State DB NW State DB BGP uplink API Node Cloud Mgmt System MidoNet ͷ৔߹ Cloud Management System ͱ࿈ܞ͠ɺ ࣗಈԽΛαϙʔτ Point! Restful API ܦ༝ͷ੍ޚɺ౷ܭ ৘ใऔಘʹରԠ͠ɺಠࣗ CMS ͱͷ࿈ܞʹ΋ରԠՄೳ Point! OVS kernel module Λ Data Path ͱͯ͠ར༻͠ɺAgent ͔ ΒϓϩάϥϜ Point!

Copyright ©2013 Midokura All rights reserved East-West τϥϑΟοΫͷരൃ MidoNet
ͷ৔߹ ैདྷͷVirtual Router Upstream ISP Upstream ISP Back-end Network Upstream ISP Upstream ISP Back-end Network NetworkػثΛVMͱͯ͠ΤϛϡϨʔγϣϯ Network TopologyશମΛΤϛϡϨʔγϣϯ MidoNet Drop Drop Drop Drop IngressͰͷτϙϩδΤϛϡϨʔτʹΑΓɺ໨త஍ͱͳΔϗετ ʹ௚઀సૹ͢Δҝɺ”ߦͬͯདྷ͍” ͕ൃੜ͠ͳ͍ Point!

Copyright ©2013 Midokura All rights reserved ϘτϧωοΫͱͳΔϧʔλVM MidoNet ͷ৔߹
Upstream ISP Upstream ISP Back-end Network τϙϩδΤϛϡϨʔγϣϯʹΑΓΤοδͰ ෼ࢄॲཧ͢ΔҝɺϧʔλVM͕ଘࡏ͠ͳ͍ Point! ֤MidoNet Agent ͕ IP-MACରԠ දΛ࣋ͪɺಉҰϗετ಺VM͔ ΒͷARPʹ୅ཧԠ౴ Point! VMͰ͸ͳ͘ɺϗετOSͰͷϑΥϫʔσΟϯάॲཧ Point!

Copyright ©2013 Midokura All rights reserved ωοτϫʔΫऩ༰਺ MidoNetͷ৔߹
Upstream ISP VM MidoNet Compute Node VM MidoNet Compute Node VM MidoNet Compute Node MidoNet Gateway Node MidoNet Gateway Node Back-end Network Network State Node NW State DB NW State DB NW State DB BGP uplink Cloud Mgmt System API Node VLANΛར༻͠ͳ͍τϙϩδΤϛϡϨ ʔγϣϯͷҝɺ4,096 ͷนʹ੍ݶ͞Ε ͣεέʔϧΞ΢τ͕Մೳ Point!

Copyright ©2013 Midokura All rights reserved VMऩ༰਺ MidoNetͷ৔߹
Upstream ISP VM MidoNet Compute Node VM MidoNet Compute Node VM MidoNet Compute Node MidoNet Gateway Node MidoNet Gateway Node Back-end Network Network State Node NW State DB NW State DB NW State DB BGP uplink Cloud Mgmt System API Node MACֶश݁Ռ͸ΫϥελDB্ͷ֨ೲ ͞ΕΔҝɺεέʔϧΞ΢τՄೳɻ େن໛ͳMACΤϯτϦ਺ʹରԠ Point! ෺ཧαʔόͷσʔλύε্ʹϓϩάϥ ϛϯά͞ΕΔ΋ͷ͸࣮ࡍʹऩ༰͢Δ VMͷ௨৴͕ൃੜͨ͠΋ͷͷΈ Point!

Copyright ©2013 Midokura All rights reserved L2 ωοτϫʔΫͷεέʔϥϏϦςΟ MidoNet
ͷ৔߹ Upstream ISP VM MidoNet Compute Node VM MidoNet Compute Node VM MidoNet Compute Node MidoNet Gateway Node MidoNet Gateway Node Back-end Network Network State Node NW State DB NW State DB NW State DB BGP uplink Cloud Mgmt System API Node ֤ MidoNet Agent ؒ௨৴͸ GRE Ͱ ΧϓηϧԽ ˠ IP Reachability ͑͋͞Ε͹Α͍ ˠ IGP Λ༻͍ͨ L3 εέʔϧΞ΢τ ͕ར༻Մೳ Point!

Copyright ©2013 Midokura All rights reserved ·ͱΊ ü ࠓ೔ଘࡏ͢ΔΞϓϦέʔγϣϯͱͯ͠͸ Ø ౷߹؅ཧγεςϜʹΑΔ෺ཧɾԾ૝؀ڥͷ౷߹੍ޚ
Ø OpenFlow / Open vSwitch Λ༻͍ͨωοτϫʔΫػث Ø Server-side Edge Overlay Λ༻͍ͨΫϥ΢υωοτϫʔΫε λοΫ Λ “SDN” “SDN ରԠ” ͱݺͿέʔε͕ଟ͍Ͱ͢ ü “SDN” ͱ͍͏ݻ༗໊ࢺͷٕज़͸ଘࡏ͠·ͤΜ

Thank you!

20131010 90分で理解するSDNの基礎

20131010 90分で理解するSDNの基礎

More Decks by Ryuichi Takashima

Other Decks in Technology

Featured

Transcript