• No results found

network virtualization

N/A
N/A
Info
Download
Protected

Academic year: 2021

Share "network virtualization"

Copied!
28
0
0

Loading.... (view fulltext now)

Download now ( 28 Page )

Full text

(1)

network virtualization

and

openflow

t

christos kolias

network architecture, orange silicon valley

(2)

What is Network Virtualization

Why Network Virtualization

Virtual Networks

OpenFlow/SDN

Agenda

OpenFlow/SDN

FlowVisor

Network Auctioning and Net Apps Store

“VirtualCast” net app @ Orange SV

Disclaimer: the following constitute my own opinions, thoughts and views

(3)

Orange, a worldwide presence

Orange Silicon Valley (OSV)

, a wholly

owned subsidiary of the

Orange-France Telecom Group, is the Silicon

Valley presence of

Orange

Internet, Fixed, Mobile, TV

provider

Orange

is one of the major telcos, in

5

continents,

32

countries,

226million

customers,

6 million business

customers

180,000

employees and

45.3 bn €

(4)

What is network virtualization

• Optimize efficient use/sharing of resources, e.g., CPU, capacity, spectrum,

buffering, memory, storage, routing table, NE ports, topology, in a (seemingly) dedicated fashion

• Allocate resources dynamically

• Multiple architectures, protocols, systems, providers

Allows multiple, heterogeneous virtual networks (VNs) to operate

Network Virtualization

Allows multiple, heterogeneous virtual networks (VNs) to operate over the same physical substrate

• A VN for VoIP, another for IPTV

• I can run IPv4 on one virtual network and IPv6 on another • Use different policies, QoS, security, etc

A VN is more than a mere collection of virtual nodes & links

• VLANs, VPNs and MPLS/tunnels, VRF, VOQ in switching

(5)

In effect, infrastructure can be sliced/partitioned network-wide Enforce (traffic) isolation and (resources) independence

But resources are finite !

So, how can I get one of these slices, on-the-fly ?

• network embedding/mapping (hard)

― online mapping: requests arrive dynamically ― lots of constraints CPU BW memory storage slice A B C D

no more layering (please!)

Advanced topics:

• can I dice my slice? • can I splice my slices?

• can I treat a number of slices as an aggregate (class)

Different networks may require different virtualization techniques (as to address different problems)

storage FIB topology

(6)

Enables dynamic environment

• Handle on-demand requests, provisioning (temporal) • Workload distribution – Load Balancing (spatial)

• Can bind separate physical switches into one virtual switch

Multi-tenancy, domain isolation. Scaleability.

Decouple network services/functionality from underlying hardware and operating system

Why Network Virtualization

and operating system

• Hardware independence • Programmatic platform

Hides network complexity. Flattens network

Server virtualization ultimately needs network virtualization

Live Migration of VMs across network boundaries Virtualization –aware networks

What about running multiple network OS on same hardware? Cloud services (almost) necessitate network virtualization

(7)

Issues • architecture/design • instantiation • efficiency/flexibility • scalability • granularity • volatility Solutions • customization • programmability • layering • brokering/monitoring • (self) morphing (dynamic configurability) • volatility • security • compatibility • manageability • billing • regulatory/legal • centralization

(8)

Virtual nodes (virtual switches/routers) and links +software + management tools

End-to-end virtualization of the network.

Hundreds/thousands of VNs – should be able to create/deploy them dynamically

Topology/network complexity places lots of constraints

Virtual Networks

Topology/network complexity places lots of constraints Evolution (or extinction) of VPNs, VLANs, MPLS ?

Net A Net B Net C

VN 1 VN 2 VN 3

Net A Net B Net C

VN1 VN2 VN2

(9)

Network Virtualization

[source: The 4WARD Project]

logical view

(10)

VXLAN (Virtual eXtensible LAN): uses 24-bit identifier to scale up to 16M i/f’s; beyond L2 domain

DCB (Data Center Bridging): extends L2 switching with (some) performance guarantees: b/w allocation, QoS treatment

• DCE (Data Center Ethernet)

• CEE (Convergence Enhanced Ethernet) • VEPA (Virtual Ethernet Port Aggregation) • EVB (Ethernet Virtual Bridging)

• VEB (Virtual Ethernet Bridge) • VEB (Virtual Ethernet Bridge) • SPB (Shortest Path Bridging) • VN-Tag, 802.1BR

• VN-GRE

vSwitch (Virtual Switch): software switch to run in a VMWare environment, Cisco Nexus 1000V virtual switch, IBM 5000V DVS OpenFlow/SDN

Open vSwitch: open source multilayer virtual switch, open to programmatic extension & control using OpenFlow (Nicira)

(11)

Operating System Network Network Network Network OS OS OS OS Feature Feature Feature Feature

Network Today

Network of the Future

Can Network Virtualization enable a Network OS?

Feature Feature Packet Forwarding Hardware Operating System Operating System Operating System Operating System Feature Feature Feature Feature Feature Feature switch/router Packet Forwarding Hardware Packet Forwarding Hardware Packet Forwarding Hardware Packet Forwarding Hardware Specialized Specialized Specialized Specialized Specialized Simple Simple Simple Simple Simple

(12)

“Users can define (their) traffic flows and

decide how these

are treated in the network”

Software-Defined Networking (SDN)

“People want to control their own network”

“People want to control their own network”

“Installing small piece of firmware, users get

direct access to the hardware”

(13)

OpenFlow: an implementation of the clear decoupling of the slow path (control plane) and fast path (data plane)

the abstraction of the control plane creates a logical map of the network OpenFlow provides for

communication path between controller and data plane • network programmability

• intelligent flow management

OpenFlow/SDN

ROUTING TE SECURITY BALANCINGLOAD

CONTROL PLANE

• intelligent flow management

It is all about empowering the user/administrator/ operator giving them more control

OpenFlow/SDN supports

customer’s definition of virtual networks; define your own rules/policies

e.g., OpenFlow

Open interface to hardware

SIMPLEPACKET FORWARDING SIMPLEPACKET FORWARDING SIMPLEPACKET FORWARDING SIMPLEPACKET FORWARDING SIMPLEPACKET FORWARDING

ROUTING TE SECURITY BALANCING

DATA PLANE

software-defined network

SDN (control, programmability, management, network virtualization)

(14)

• Ability to run and provision new, end-to-end tailored services & apps on top of hardware

• Programmable platform brings elasticity/dynamicity into network

• Couples the intelligence/agility of software with the speed of

The Power of OpenFlow/SDN

If pkt_src_ip_addr = 5.6.7.8

send packet to port 2 (my iPad)

else

send packet to port 7 (my TV)

If packet destined to IPv6 rewrite its IPv4 header

software with the speed of hardware

• Unified method for traffic engineering, network

management. Open API

• Build Your Own Router, FW, LB, DPI

• It can change the way we design systems & networks

If pkt_dst_ip_addr = 1.2.3.4, calculate flow_rate if flow_rate > 100 kbps

send packet to port 3 (WiFi)

else

if pkt_tos = premium

send packet to port 7 (4G) else

send packet to port 8 (3G)

(15)

Due to its network programmability aspect, OpenFlow is a great candidate for implementing network virtualization

FlowVisor: a network virtualization layer

• allows for implementing multiple

controllers

• acts as proxy between switches

and controllers

Mobile Voice IPTV

App App App App App App

Network Virtualization and OpenFlow/SDN: FlowVisor

and controllers

• ensures slice and traffic isolation

• intercepts packets and decides where

forward, eg. controller, switch port

FlowVisor architecture not inherently tied to OpenFlow

What happens if there are different “flowvisors” and controllers?

Network Virtualization (eg. FlowVisor)

OpenFlow (Controllers)

(16)

switch

controllerA

Network Slicing & OpenFlow/SDN

A slice can span across several switches (ports) Each slice is controlled by a single controller

Switch’s ports on that slice appear as a (single) whole switch to controller

Creates a virtual topology

slice B slice C slice A

Creates a virtual topology

Slicing policy has to be extensible, flexible and modular

• allocates resources to slices Nested implementation:

multiple flowvisors

(17)

n

e

tw

o

rk

v

ir

tu

a

li

za

ti

o

n

SDN

Virtualization or “Slicing” Layer (eg. FlowVisor)

isolated “slices” Network Operating System 1 Network Operating System 2 Network Operating System 3 Network Operating System 4 Feature Feature Feature Feature Feature Feature Feature Feature

Controller 1 Controller 2 Controller 3 Controller 4

Mobile IPTV Voice

OpenFlow (Controller)

n

e

tw

o

rk

v

ir

tu

a

li

za

ti

o

n

Open interface to hardware

Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element Simple Packet Forwarding Element

Virtualization or “Slicing” Layer (eg. FlowVisor)

(18)

the network

as a sliceable/virtualizeable substrate

Set-Top Box IMS WiFi offload SIP 4G/LTE Backhaul WiMax Home Gateway Mobile NetVisor DSL NetVisor OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch IPTV NetVisor VoIP NetVisor Network Administrator NetVisor

(19)

Virtual Data Centers (VDCs): using virtualization technologies (i.e., VMware) and cloud solutions to emulate your racks in a highly efficient, optimized environment

Make physically dispersed DCs operate logically as one

Infrastructure services: virtual servers, virtual storage, virtual networking

Infrastructure-as-a-service (IaaS)

Virtual Data Centers

Infrastructure-as-a-service (IaaS)

Multi-tenancy

Issues • Availability • Scalability • Containment • Security/Trust

• Bandwidth, power (energy)

(20)

Virtualized Data Centers

Virtualized DCs (VdDCs): virtualization of

resources/functionality

Dynamic resource virtualization & management

Can an application to be deployed be virtualized?

(21)

Network programmability and network virtualization can not only enable but also propel cloud networking & services

Allocate on-demand networking & computing resources

Individualized, customizable network/service slices

Flexible, dynamic deployment of services

Ease of management

Cloud Networking & Services

Ease of management

SLAs are very important

HyperCloud: cloud services based on network virtualization

Pay as you go, pay as you grow

(22)

Further integration/coordination with control plane? • administration • security • provisioning • monitoring Out-of-band or in-band?

What would be the role of Network Management

Out-of-band or in-band? Run across full stack? Support for network

virtualization M an ag em en t P la ne Physical Plane Data Plane

Network Virtualization Plane Net Apps

(23)

How can I get a slice (that meets my needs/requirements e.g., performance/security- SLAs, capacity) for broadcasting the

Oscars/SuperBowl Sunday evening ? Go to eCloudaY !

A market (actually, bazaar) for cloud networks

• Customizeable, ephemeral slices

Net Apps Store

Network Auctioning

• Customizeable, ephemeral slices

• Private Virtual Networks (PVNs)

• Auction network resources and/or services

• Peering

SDN can play a huge role

(24)

Create a market for network applications & services

• an app for WiFi offload

• an app for bandwidth control • an app for policy control

• an app for video/content distribution

Revenue sharing model (provider-3rd parties)

Net Apps Store

Revenue sharing model (provider-3rd parties)

• Open APIs – network plug-ins

• Service-as-a-Service: instantiate/deliver services (on- the-fly) • NaaS: deliver network (slice)-as-a-service (not just a dumb bit

pipe), need to rethink about OSS/BSS Different apps for different NOS

(25)

slice A

slice B

openflow f l o w v i s Server 1 Server 2 Server 3

“VirtualCast” Net App

Client 2 Client 1 Client 3 239.255.10.10:5004 239.255.10.10:5004 239.255.10.10:5004

same multicast address

slice B

s

o r

Server 3

All slices share same multicast address but traffic is isolated

Resources (eg servers) can be easily, seamlessly moved to another slice, CLI cmd Automation: process can be scheduled/timed

We could have not done this without OpenFlow/FlowVisor ! Video Server 1, 2 and 3 each streams into the network (same

multicast address)

One server per slice, clients assigned to a slice

Clients constantly listen to that multicast address. Client A receives stream 2 and Client B receives stream 1 (as

controlled by switch)

CLI command for rotate channels (slices), e.g., every 10 sec Open Source NOX controller. Wrote a program to perform this.

(26)

c:\> virtualcast.sh 10.10.1.2 10.10.1.3 10.10.1.4 15

(27)

• Start-ups: Nicira (2007), Big Switch Networks (2010), Embrane (2010), ConteXtream (2007), Xsigo, +...

• Cisco, Juniper, Arista, IBM, NEC, Dell, Brocade, Avaya, etc

• SDN is all about s/w for programming (and re-) the network

• Market/Exchange for virtual network instances + net apps

• SDN and Network Virtualization bring (real) intelligence into your

Market Today & Conclusion

• SDN and Network Virtualization bring (real) intelligence into your network

• Make smart choices with your smart devices => make your network smarter. Smart devices need smart networks!

• Consumerization of networking

• SDN can breed innovation in your network! OpenFlow a building block.

(28)

thank you

!

References

Download now ( PDF - 28 Page - 1.33 MB )

Related documents

SUSTAINABILITY REPORT 2014

 Continue to reduce energy usage through continued re-lamping efforts, purchase and installation of energy efficient equipment, and through the installation/retro fit

Kale (Brassica oleracea var. acephala) as a superfood: review of the scientific evidence behind the statement

Characterization of phenolics, glucosinolates and antioxidant activity of beverages based on apple juice with addition of frozen and freeze- dried curly kale leaves (Brassica

High Performance Sequences of Operation for HVAC Systems

5.18.6.2 Outdoor Air Damper Control for Units without an Outdoor Airflow Measurement Station This section describes minimum outdoor air control logic for a unit with a single common

The Difficult Process of Identifying Processes

Most important, an organization’s business processes are really just portions of larger streams of activity, the main ones of which constitute an infinite loop

Organochlorine pesticides, polychlorinated biphenyls and trace elements in wild European sea bass (Dicentrarchus labrax) off European estuaries

Lipid proportion, mean contamination levels of the 27 measured PCBs, the 7 ICES PCBs, the sum of DDTs ( pp ′ - DDT, pp ′ - DDE, pp ′ - DDD), the sum of HCHs and the sum of aldrin

I am trying to get more clients from my website. I am talking to an SEO. consultant and he asked me whether people actually fine lawyers by looking

Online is increasing as a source of good clients, and I think it is very important to get some basic site up; I don't think I every have and don't imagine I ever would choose to

Primordial features from linear to nonlinear scales

We develop a feature search for large-scale structure, apply it to the final data release of the Baryon Oscillation Spectroscopic Survey and find new bounds on oscillatory features

Climate change is becoming the main shallenge for the public forestry service in the field of silviculture and forest protection

Climate Change is Becoming the Main Challenge for the Public Forestry Service in the Field of Silviculture and Forest Protection Andrej BREZNIKAR1 Izvleček: Breznikar, A.: