L IN P3 M a n a g e r Physical Resources (Router, Switch, Hosts, etc.) Virtual Networks Various Services LINP1 LINP2 L IN P2 M a n a g e r Vi rt u a l R e s o u rc e s M a n a g e r L IN P1 M a n a g e r LINP3 Physical NW 1 Physical NW 2 Physical NW 3 Physical NW 4 P h ysi ca l N W 4 M a n a g e r P h ysi ca l N W 3 M a n a g e r P h ysi ca l N W 2 M a n a g e r P h ysi ca l N W 1 M a n a g e r Virtual Resources
OPEX: 60-70%
CAPEX: 30-40%
Software Control Router Hardware Datapath HELLO OSPF-TE RSVP-TE HELLO HELLO Firewall IPSec
Tänane mudel
Applications …built on…
Reliable (or unreliable) transport …built on…
Best-effort global packet delivery …built on…
Best-effort local packet delivery …built on…
Local physical transfer of bits
Juniper router
Routing Engine (RE)
Packet Forwarding Engine (PFE)
Control plane
Forwarding plane
Switch Control Board (SCB)
Mul ti -Serv ic es Modul e (MS -PIC) Mul ti -Serv ic es Modul e (MS -PIC) • RE – x86 PC running JUNOS • PFE
– ASIC hardware and microcode
• MS-PIC
– MIPS64-based XLR network processor – Each runs separate JUNOS
• JUNOS
Million of lines
of source code 7488 RFCs Barrier to entry
500M gates 10Gbytes RAM
Power Hungry
Tänane… interneti protokollid
Specialized Packet Forwarding Hardware
Operating System
App App App
Routing, management, mobility
Vajadus S D N järele (1)
Networks are hard to manage
• Computation and storage have been virtualized • Creating a more flexible and manageable
infrastructure
• Networks are still notoriously hard to manage • Network administrators large share of
Vajadus S D N järele (2)
Networks are hard to evolve
• Ongoing innovation in systems software • New languages, operating systems, etc. • Networks are stuck in the past
• Routing algorithms change very slowly
Vajadus S D N järele (3)
Networks design not based on formal principles
• OS courses teach fundamental principles
• Mutual exclusion and other synchronization primitives
• Files, file systems, threads, and other building blocks
• Networking courses teach a big bag of protocols
• No formal principles, just general design guidelines
Digitaalne andmeedastus
Data plane:
Packet streaming
Forward, filter, buffer, mark, rate-limit, and measure packets
Track topology changes, compute routes, install forwarding rules
Control plane:
Collect measurements and configure the equipment
Management plane:
Control plane
Control plane must compute forwarding
state. To accomplish its task, the control
plane must:
• Figure out what network looks like (topology) • Figure out how to accomplish goal on given
topology
• Tell the swtiches what to do (configure forwarding state)
And we require each new protocol to solve all three
Windows (OS) Windows (OS) Linux Mac OS x86 (Computer) Windows (OS) App App Linux Linux Mac OS Mac OS Virtualization layer App Controller 1 App App Controller 2 Virtualization or “Slicing” App OpenFlow Controller 1 NOX (Network OS) Controller 2 Network OS
Areng
Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Ap p Ap p Ap p Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System Ap p Ap p Ap p
Network Operating System
Control Program 1
Network OS
1. Open interface to packet forwarding
Consistent, up-to-date global network view At least one Network OS
probably many.
Open- and closed-source
Software Defined Network (SDN)
Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Control Program 2 17
OpenFlow Protocol
Data Path (Hardware)
Control Path OpenFlow
Ethernet Switch
Network OS
Control Program A Control Program B
OpenFlow Basics
API to the data plane (e.g., OpenFlow) Logically-centralized control Switches Smart, slow Dumb, fast
Data Path (Hardware)
Control Path
OpenFlow
OpenFlow Controller
OpenFlowSwitch.org Controller OpenFlow Switch PC OpenFlow Usage
Dedicated OpenFlow Network
OpenFlow Switch OpenFlow Switch OpenFlow Protocol
Rule Action Statistics
Rule Action Statistics
OpenFlow
Voo juhtimine
Switch
Port MACsrc MACdst
Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport
Rule Action Stats
1. Forward packet to port(s)
2. Encapsulate and forward to controller 3. Drop packet
4. Send to normal processing pipeline 5. Modify Fields
+ mask what fields to match
Controller PC Hardware Layer Software Layer Flow Table MAC src MAC dst IP Src IP Dst TCP sport TCP dport Action OpenFlow Firmware * * 5.6.7.8 * * * port 1 port 4 port 3 port 2 port 1 1.2.3.4 5.6.7.8
Dynamic Access Control
• Inspect first packet of a connection • Consult the access control policy • Install rules to block or route traffic
Seamless Mobility/Migration
• See host send traffic at new location • Modify rules to reroute the traffic
Server Load Balancing
• Pre-install load-balancing policy • Split traffic based on source IP
27
src=0*
Controller Delay and Overhead
• Controller is much slower the the switch
• Processing packets leads to delay and overhead • Need to keep most packets in the “fast path”
28
A Short History of SDN
~2004: Research on new management paradigmsRCP, 4D [Princeton, CMU,….]
SANE, Ethane [Stanford/Berkeley]
2008: Software-Defined Networking (SDN)
NOX Network Operating System [Nicira] OpenFlow switch interface [Stanford/Nicira]
2011: Open Networking Foundation (~69 members)
Board: Google, Yahoo, Verizon, DT, Microsoft, Facebook, NTT Members: Cisco, Juniper, HP, Dell, Broadcom, IBM,…..
2013: Open Networking Summit
1600 attendees, Google: SDN used for their WAN
2 9
Lingid
http://opennetsummit.org/archives/apr12/hoelzl e-tue-openflow.pdf
http://scholar.colorado.edu/cgi/viewcontent.cgi? article=1000&context=tlen_gradetds