9. How is Networking evolving?
• Plug-and-play
• Mobility and wireless
• Structured and optimized topologies
• More complex servers – cloud
• Routers and wifi
• Inter-domain routers
• Gateways – bridge
• Middleboxes - NAT
• Firewall – malicious traffic
• Load balancing
• Virtualizations
10. The Network is Being Pushed to Its Limits…
80% of Enterprise Apps
are Deployed in the Cloud
1.1 Billion Smartphones
Projected to Ship in 2014
2.5 billion Internet
users in the world!
Expect 5 billion by
2023!
Unending, exponential growth in the people, devices and servers
connecting to the network requires a new approach
This is Where Software-Defined Networking (SDN) Comes In…
11. Need to Innovate in the Network
Revenues from Cloud
Innovation Could Reach
$1.1 Trillion Per Year by
2015
15K New Applications
Are Added Every
Week!
83% of Companies
Believe Mobility Will
Significantly Affect Their
Business
We’ve seen tons of innovation in applications, devices, computing and storage,
… yet the underlying network that connects everything has remained unchanged!
13. Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
Ap
p
Ap
p
Ap
p
Network Operating System
App App App
Closed System
Custom hardware
Features - apps
14. App
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
App App
Simple Packet
Forwarding
Hardware Simple Packet
Forwarding
Hardware
Network Operating System
1. Open interface to packet forwarding
3. Well-defined open API 2. At least one good operating system
Extensible, possibly open-source
15. Unified Data and Control
The world today
vs.
Add feature
here?!?!
Control + Data Separation
Controller
Data
Control
AppApp App
Today, new features are implemented as fully distributed algorithms at a
protocol level rather than centralized applications. Spanning tree is a great
example…
18. Current Networking Scheme
• Fully distributed protocols - hard to add a feature to a network
• Network is closed for research and innovation
• Network administrators, Experts and Researchers
can only configure devices
• Increased Complexity and changes – error prone
• Vendor Specific Solutions
• Lots of Challenges and difficulties
19. Mitigation approach
• Open Development environment for Networking
• Isolation:
• regular production Network untouched
• Virtualized and Programmable networks
Software Defined Networking (SDN)
23. Vertically integrated
Closed, proprietary
Slow innovation
Small industry
Specialized
Operating
System
Specialized
Hardware
AppAppAppAppAppAppAppAppAppAppApp
Specialized
Applications
Horizontal
Open interfaces
Rapid innovation
Huge industry
Microprocessor
Open Interface
Linux
Mac
OS
Windows
(OS)
or or
Open Interface
24. Vertically integrated
Closed, proprietary
Slow innovation
Specialized
Operating
System
Specialized
Hardware
AppAppAppAppAppAppAppAppAppAppApp
Specialized
Applications
Horizontal
Open interfaces
Rapid innovation
Control
Plane
Control
Plane
Control
Plane
or or
Open Interface
Merchant
Switching Chips
Open Interface
25. Core Concept of SDN
• Separate Control(brains) plane and Data(muscle) plane entities
• Network intelligence and state are logically centralized
• The underlying network infrastructure is abstracted from the applications
• Execute or run Control plane software on general purpose hardware
• Decouple from specific networking hardware
• Use commodity servers
• Have programmable data planes - APIs
• Maintain, control and program data plane state from a central entity
• An architecture to control not just a networking device but an entire
network – efficient orchestration and automation of network services
26. Key Abstraction
Network Operating System
Routing Traffic
Engineering
Other
Applications
Well-defined API
Forwarding
Forwarding
Forwarding
Forwarding
Network
Virtualization
Network Map
Abstraction
Separation of Data
and Control Plane
1. <Match, Action>
2. <Match, Action>
3. <Match, Action>
4.<Match, Action>
5. <Match, Action>
6. …
7. …
OpenFlow –
OF Data Plane Abstraction
27. Key Benefits
• Efficiency: optimize existing applications, services, and infrastructure
• Agility: enabling organizations to rapidly deploy applications,
services, and infrastructure to meet needs
• Scale: automate and optimize new and existing applications and
services
• Innovation: allowing organizations to create and deliver new types
of applications, services and business models
• Centralized Control
• Reduced Complexity through Automation
• Increased Network Reliability and Security
28. OpenFlow
“OpenFlow is an open standard
to deploy innovative protocols
in production networks”
openflow.org
30. What is OpenFlow?
• OpenFlow is similar to an x86 instruction set for the network to program the
forwarding behavior of the switch
• Provide open interface to “black box” networking node
• (ie. Routers, L2/L3 switch) to enable visibility and openness in network
• OpenFlow is based on an Ethernet switch, with an internal flow-table, and a
standardized interface to add and remove flow entries
• Controller or control software uses OpenFlow protocol to provide
programmable interface to switches & routers
31. Programming SDN with OpenFlow
• The Good
– Network-wide visibility
– Direct control over the switches
– Simple data-plane abstraction
• The Bad
– Low-level programming interface
– Functionality tied to hardware
– Explicit resource control
• The Ugly
– Non-modular, non-compositional
– Challenging distributed programming
32. OF building blocks
ControllerNOX
Slicing
SoftwareFlowVisor
FlowVisor
Console
ApplicationsLAVIENVI (GUI) Expedientn-Casting
NetFPGA
Software
Ref. Switch
Broadcom
Ref. Switch
OpenWRT
PCEngine
WiFi AP
Commercial Switches
Stanford Provided
OpenFlow
Switches
ONIX
Stanford Provided
Monitoring/
debugging tools
oflopsoftrace openseer
Open vSwitch
HP, NEC, Pronto, Juniper..
and many more
Beacon Trema Maestro
33. OpenFlow Specification Basics
• Open standard defined by the Open Networking Foundation (ONF)
• Consists at least three parts
• Flow Table – define how the switch will process each flow entries
• Secure Channel – to connect to controller
• OpenFlow Protocol(API)
•Flow table are set up on
switches
•Controller talk to the
switch via the OpenFlow
protocol
34. Layered Architecture for SDN
Southbound API– includes OpenFlow but not limited to it
Southbound API offer L1/L2/L3 forwarding abstraction.
The Promise of SDN
Separation of forwarding
and control planes
Open and vendor agnostic
interface (e.g. OpenFlow)
Well defined control plane
abstractions to enable
rapid innovation
Open Scalable Secure Agile Consistent
35. 3rd party
components
Network OS
Apps Apps
Network OS
Apps Apps
Open
Vendor Agnostic
Interfaces &
Standards
Open Interfaces
Open Interfaces
SDN Controller
Logically
Central
Separation
of Control &
Forwarding
Forwarding plane tier
Controller tier
Application tier
SDN Architecture
37. OpenFlow Controller
37
Name Lang Platform(s) License Original
Author
Notes
OpenFlow
Reference
C Linux OpenFlow
License
Stanford/Nicira not designed for extensibility
NOX Python,
C++
Linux GPL Nicira actively developed
Beacon Java Win, Mac,
Linux,
Android
GPL (core), FOSS
Licenses for
your code
David Erickson
(Stanford)
runtime modular, web UI framework,
regression test framework
Maestro Java Win, Mac,
Linux
LGPL Zheng Cai (Rice) Focuses on achieving better performance
using multithreading
Trema Ruby, C Linux GPL NEC includes emulator, regression test
framework
Floodlight Java Linux Apache Big Switch Actively developed, open sourced
OpenDayLight Java Linux Apache Linux
Foundation
Actively developed, open sourced
38. OpenFlow Switch
Components:
Flow table & Group table
- Perform packet lookups and forwarding
OpenFlow channel
- Interface that connects a switch to a controller
Pipeline process
- Maintains sending of packets between flow tables
by matching flow entries.
Two types
OpenFlow-
Capable/ hybrid
OpenFlow-
only/ pure
39. Secure Channel (SC)
• SC is the interface that connects each OpenFlow switch to controller
• A controller configures and manages the switch via this interface.
• Receives events from the switch
• Send packets out the switch
• SC establishes and terminates the connection between OpenFlow Switch and the
controller using the procedures
• Connection Setup
• Connection Interrupt
• The SC connection is a TLS connection. Switch and controller mutually authenticate
by exchanging certificates signed by a site-specific private key.
41. Flow table Entry
• Flow table consists of set of entries to compare incoming packets against
• Each flow entry consist of match fields, counters, actions
• Matching starts at the first flow table
• Flow entries match in priority order
• Match found
• Apply the instructions
• Match not found
• forwarded to the controller over the OpenFlow channel,
• dropped
• may continue to the next flow table
42. Flow Entry
• A flow entry consists of
In Port
Src
MAC
Dst
MAC
Eth
Type
Vlan
Id
IP Tos
IP
Proto
IP Src IP Dst
TCP
Src
Port
TCP Dst
Port
1. Forward packet to port(s)
2. Encapsulate and forward to controller
3. Drop packet
4. Send to normal processing pipeline
5. Vendor specific extensions
1. Packet
2. Byte counters
•Per table
•Per flow
Match
Fields
1. Match fields
-Match against packets
Action(s)
2. Action
-Modify the action set or pipeline processing
Stats
3. Stats
-Update the matching packets
43. Workflow
Encapsulates packets and
sends to controller
Drops
Packet arrives at switch
Header fields compared to flow
table entries
Forwarded to
specified port
DroppedOR
Controller decides
Make new entry in flow
table
OR
Match FoundMatch Not Found
44. OpenFlow Protocol Message Types
• Controller-to-switch
• To directly manage or inspect the state of the switch
• may or may not require a response from the switch
• Operations/msg types: features, configuration, Ready-State, Modify-State, barrier
• Asynchronous
• To update the controller of network events and changes to the switch state.
• sent without the controller soliciting them from a switch
• To tell controller a packet arrival, switch state change, or error
• Msg. types: Packet-in, Flow-Removed, Port-status, Error
• Symmetric
• Hello message, Echo request/reply
50. Mininet At A Glance
• CONVENIENT REALISTIC EMULATOR FOR SOFTWARE-DEFINED
NETWORKS
• Mininet creates a realistic OpenFlow network, running real kernel,
switch and application code, on a single machine (VM, cloud or
native), in seconds, with a single command
• Network emulator
• Designed for emulating SDN networks
• Easy to use
• High performance (100 nodes on a laptop)
51. What You Can Do?
• Rapidly prototype, develop and test
• Interestingly-sized networks (16-100 nodes) start up in seconds
• No lengthy lab reconfiguration or rebooting required
• Always-accessible network resources, in any topology, at essentially no
cost
• Designs that work on Mininet transfer seamlessly to hardware for full
speed operation
• Runs your choice of software switch
• Stanford’s reference OpenFlow switch
• OpenVSwitch
Easily and
inexpensively
demonstrate and
share
Quickly get up
and running
Repeatedly test, analyze,
and predict network
behavior
54. Resources
1. OpenFlow Tutorials:
http://archive.openflow.org/wk/index.php/OpenFlow_Tutorial
2. Open Networking Foundation (ONF) :
ONF is a user-driven organization dedicated to the promotion and adoption of Software-Defined
Networking (SDN) through open standards development.
https://www.opennetworking.org/
ONF has taken on the responsibility to drive the standardization of the OpenFlow
protocol and have many member companies.
3. SDNCentral is the leading centralized source of news and resources for network
virtualization and software-defined networking (SDN).
http://www.sdncentral.com/
-The independent community & #1 resource for SDN and NFV
4. Mininet
http://mininet.org/