SlideShare a Scribd company logo

bruce-sdn.pptx

Download as PPTX, PDF
Sameer Ali
Sameer Ali

act

Software
1 of 38
Bruce Davie Systems Approach, LLC Software-Defined Networks A Systems Approach
• There’s a simple answer: • SDN (software-defined networking) is the separation of control and data planes • The separation allows control topology to be independent of physical network topology • The more interesting question is: • Why would anyone want to do this? • That question has a lot of answers… Logically centralized control plane Data Plane e.g. OpenFlow What is SDN?
• History of SDN • Challenges faced by IP networks • SDN architecture • Case Studies: • Network Virtualization • Traffic Engineering • SD-WAN • Bare metal switching Outline
A Revolution in Networking
• 4D, Greenberg et al. – part of a broader set of “Clean Slate” initiatives • Ipsilon General Switch Management Protocol – RFC 2297 (1996) • IETF Forces WG (2001-2015!!) • Ethane (2007) Foundations of SDN
• Lack of abstractions • Inability to express intent • Unpredictable outcome from complex distributed algorithms • Interactions among protocols (e.g. IGP & EGP) • Can’t manage a device unless it’s properly configured • bootstrap issue – control & management plane dependent on correct data plane • Fragility, risk of change • Glacial pace of innovation Challenges with IP networks
Terminal Protocol: Telnet Terminal Protocol: SSH 1996 2016 Evolution of network provisioning: 1996-2016
• Centralizing the control plane enables more powerful abstractions • E.g. X and Y should be able to communicate • Express intent network-wide • Distributed systems techniques to make central control scalable and fault tolerant • Central control means a single API for the network, rather than an API per box • Networks provisioned by software, not humans • Disaggregation → innovation • Network-wide intent → better security Key SDN Insights
Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Linux Mac OS Windows or or Open Interface Microprocessors Disaggregation of computing Industry
Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Open Interface Merchant Silicon Switching Chips Network OS or or Network OS Network OS Disaggregation of networking Industry
• Just because an idea has been tried before without success doesn’t mean it’s a bad idea Random side observation
SDN Architecture
Routing Table (RIB) Forwarding Table (FIB) Data Plane Control Plane Traditional Control and Data Planes Control Plane • Protocols: BGP, OSPF, RIP • RIB: Collection of Link/Path Attributes • Northbound Configuration Interface − e.g., Cisco CLI Data Plane • Protocols: IP • FIB: Optimized for Fast Lookup • Northbound Control Interface − Historically Private/Internal
Control App . . . Control Plane Data Plane Flow Rules Control App Control App Control App Network OS Global Network Map SDN Control and Data Planes
OpenFlow Switch Table 0 Table 1 Table n Execute Action Set . . . Packet In Packet Out Action Set = {} Action Set Packet + Metadata Action Set Packet OpenFlow-style data plane (MAC) (VLAN) (IP) MAC Header … Payload … IP Header TCP/UDP Header Src Addr Dst Addr Type Src Addr Dst Addr Proto … … … Src Port Dst Port … VLAN ID Ctl Type Optional 802.1Q VLAN Tag
Programmable Parser Programmable Deparser Programmable Match-Action Pipeline Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU Memory Memory Memory Memory Memory Memory ALU ALU ALU ALU ALU ALU PISA: Protocol Independent Switching Architecture
Programmable Switch API Merchant Silicon Stratum + ONL gNMI + gNOI + P4Runtime/OpenFlow Tofino (Barefoot), Tomahawk (Broadcom) forward.p4 arch.p4 P4 Compiler Control App Control App Control App gRPC Trellis Network Operating System gRPC API Switch OS ONOS gNMI + gNOI + FlowObjectives SDN Software Stack
Scaling the Central Control Plane Controller Controller Controller Controller Controller Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster
Summary Definition of SDN A network in which the control plane is physically separate from the forwarding plane, and a single control plane controls several forwarding devices. – Nick McKeown (2013) Dimensions • Disaggregated Control and Data planes • Centralized vs Decentralized Control Plane • Fixed-Function vs Programmable Data Plane Phases of SDN • Phase 1: Network operators took ownership of the control plane. • Phase 1a: Non-traditional entrants to the networking business (via disaggregation) • Phase 2: Network operators are taking ownership of the data plane.
• Network Virtualization • SD-WAN • Traffic Engineering • Bare Metal Switching • Inband Network Telemetry Use Cases
Physical Compute & Memory Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled Network Virtualization – An Analogy
2009 22
2012 23
Network, storage, compute Virtualization layer Virtual Machines to Virtual Networks
Network, storage, compute Virtualization layer “Network hypervisor” Virtual Data Centers Virtual Machines to Virtual Networks
Cloud Consumption Manager Controller Data Plane • Self Service Portal • OpenStack, Kubernetes, etc • High–Performance Data Plane • Scale-out Distributed Forwarding Model • Single configuration portal • REST API entry-point • Manages Logical networks • Run-time state • Scale out, HA • Separation of Control and Data Plane Distributed Services • Logical Switch • Distributed Logical Router • Firewall • Load Balancer Virtual Edge 26 Network Virtualization Components
MANAGEMENT PLANE CONTROL PLANE DATA PLANE Translated State Discovered State Network topology request Request stored and acknowledged Calculate data plane state Identify data plane resources Desired State Realized State Management, Control and Data Planes
Perimeter-centric network security has proven insufficient Internet Today’s security model focuses on perimeter defense IT Spend Security Spend Security Breaches But continued security breaches show this model is not enough Problem: Data Center Network Security
App VLAN DMZ VLAN Services VLAN DB VLAN Perimeter firewall Inside firewall Finance Finance Finance HR HR HR IT IT IT AD NTP DHCP DNS CERT Microsegmentation and Zero Trust
 Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them Visibility: changing the laws of physics
• 90% of Fortune 100 have deployed network virtualization • Foundational to hyperscale data centers • Network configuration no longer the “long pole” • A key step towards better network security (but much work remains) • Increasingly important for microservices, kubernetes etc. • Commodifying effect on physical networking • Service Mesh can be viewed as a form of Network Virtualization Network Virtualization – Discussion
SD-WAN Cloud Services Corporate Datacenter Branch SD-WAN Controller Main Office SD-WAN Edge Overlay Tunnel Network Policies
Datacenter Datacenter Datacenter Traffic Engineering Controller Network Policies
Leaf Leaf Leaf Leaf Spine Spine Spine Datacenter Switching Fabric Leaf-Spine Topology • Leaf Switches = Top-of-Rack (ToR) • Optimized for East-West Traffic • Built-in Redundancy (not shown) • Scale with additional layers Well-Established in Commodity Clouds • Bare-Metal Switches • Control Plane running in the cloud Internet
Leaf-Spine Switching Fabric Trellis Design • Intra-Rack: L2 Domain within L3 Subnet • Inter-Rack: L3 Routing between Subnets • Segment Routing across Fabric Trellis Features • VLANs / QinQ • End-to-End L2 Tunnels • IPv4 / IPv6 Routing • Multicast (with IGMP) • ARP (IPv4) / NDP (IPv6) • DHCPv4 / DHCPv6 • High Availability Leaf Leaf Leaf Leaf Spine Spine Spine
S1 Add Switch ID, arrival time, departure, queue delay, etc. Log, analyze, replay, visualize Generate report with switch metadata Header Metadata S1 Payload Header Payload Header Payload Header Metadata S1 Payload Metadata S2 Metadata S1 Metadata S2 Metadata S5 S2 S3 S4 S5 Inband Network Telemetry (INT) Fine-Grain Telemetry • Flow Rule(s) that matched • Queuing delays of individual packets • Other flows being buffered • … Uses • Verify correct behavior • Identify micro-bursts • …
• Scale • Stability & Correctness • Timeliness • Inter-domain SDN Challenges
Discussion

Recommended

Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisDave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisWorld Wide Technology
 
Software Defined Networking: Primer
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer Bangladesh Network Operators Group
 
Introductionto SDN
Introductionto SDN Introductionto SDN
Introductionto SDN Md. Shariful Islam Robin
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
LinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterLinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterShawn Zandi
 
Distributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingDistributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingUS-Ignite
 
4_SDN.pdf
4_SDN.pdf4_SDN.pdf
4_SDN.pdfssuser054b31
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNMuhammad Moinur Rahman
 

Recommended

Dave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisDave Chandler Presents SDN at World Wide Technology's TECday - St. Louis
Dave Chandler Presents SDN at World Wide Technology's TECday - St. LouisWorld Wide Technology
 
Software Defined Networking: Primer
Software Defined Networking: Primer Software Defined Networking: Primer
Software Defined Networking: Primer Bangladesh Network Operators Group
 
Introductionto SDN
Introductionto SDN Introductionto SDN
Introductionto SDN Md. Shariful Islam Robin
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
LinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterLinkedIn's Approach to Programmable Data Center
LinkedIn's Approach to Programmable Data CenterShawn Zandi
 
Distributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingDistributed Clouds and Software Defined Networking
Distributed Clouds and Software Defined NetworkingUS-Ignite
 
4_SDN.pdf
4_SDN.pdf4_SDN.pdf
4_SDN.pdfssuser054b31
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNMuhammad Moinur Rahman
 
RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPsnvirters
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys Corporation
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud MigrationJolyne Marie
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentationAbdullah Salama
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFVCoreStack
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networkinginovex GmbH
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsCisco Service Provider
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Deborah Porchivina
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptxHadeeb
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)Milson Munakami
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
Raga_SDN_NSX_1
Raga_SDN_NSX_1Raga_SDN_NSX_1
Raga_SDN_NSX_1Ranjith Kumar
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNNetCraftsmen
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptitrups7778
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...APNIC
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Bangladesh Network Operators Group
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3Wen-Pai Lu
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingAPNIC
 
Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxSameer Ali
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.pptSameer Ali
 

More Related Content

Similar to bruce-sdn.pptx

RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPsnvirters
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys Corporation
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentationAbdullah Salama
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFVCoreStack
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networkinginovex GmbH
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsCisco Service Provider
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Deborah Porchivina
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyFilip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptxHadeeb
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)Milson Munakami
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloudcentralohioissa
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'OpenStack Korea Community
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDNNetCraftsmen
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptitrups7778
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...APNIC
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3Wen-Pai Lu
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingAPNIC
 

Similar to bruce-sdn.pptx (20)

RouteFlow & IXPs
RouteFlow & IXPsRouteFlow & IXPs
RouteFlow & IXPs
 
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
Radisys/Wind River: The Telcom Cloud - Deployment Strategies: SDN/NFV and Vir...
 
Cloud Migration
Cloud MigrationCloud Migration
Cloud Migration
 
Software-Defined Networking Layers presentation
Software-Defined Networking Layers presentationSoftware-Defined Networking Layers presentation
Software-Defined Networking Layers presentation
 
Introduction to SDN and NFV
Introduction to SDN and NFVIntroduction to SDN and NFV
Introduction to SDN and NFV
 
Software-defined networking
Software-defined networkingSoftware-defined networking
Software-defined networking
 
SDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox CommunicationsSDN and NFV Value in Business Services - A Presentation By Cox Communications
SDN and NFV Value in Business Services - A Presentation By Cox Communications
 
Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015Light Reading BTE_SDNtoolbox_June_2015
Light Reading BTE_SDNtoolbox_June_2015
 
VMUGbe 21 Filip Verloy
VMUGbe 21 Filip VerloyVMUGbe 21 Filip Verloy
VMUGbe 21 Filip Verloy
 
Lecture 11 Final.pptx
Lecture 11 Final.pptxLecture 11 Final.pptx
Lecture 11 Final.pptx
 
Software Defined networking (SDN)
Software Defined networking (SDN)Software Defined networking (SDN)
Software Defined networking (SDN)
 
Lisa Guess - Embracing the Cloud
Lisa Guess - Embracing the CloudLisa Guess - Embracing the Cloud
Lisa Guess - Embracing the Cloud
 
Raga_SDN_NSX_1
Raga_SDN_NSX_1Raga_SDN_NSX_1
Raga_SDN_NSX_1
 
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
[OpenStack Day in Korea 2015] Track 2-3 - 오픈스택 클라우드에 최적화된 네트워크 가상화 '누아지(Nuage)'
 
Introduction to SDN
Introduction to SDNIntroduction to SDN
Introduction to SDN
 
Software Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_truptiSoftware Defined Networking(SDN) and practical implementation_trupti
Software Defined Networking(SDN) and practical implementation_trupti
 
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
Introduction to Software Defined Networking (SDN) presentation by Warren Finc...
 
Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)Introduction to Software Defined Networking (SDN)
Introduction to Software Defined Networking (SDN)
 
SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3SDN Security Talk - (ISC)2_3
SDN Security Talk - (ISC)2_3
 
btNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined NetworkingbtNOG 9 presentation Introduction to Software Defined Networking
btNOG 9 presentation Introduction to Software Defined Networking
 

More from Sameer Ali

Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxSameer Ali
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.pptSameer Ali
 
secure_mobile.ppt
secure_mobile.pptsecure_mobile.ppt
secure_mobile.pptSameer Ali
 
F14_Class1.pptx
F14_Class1.pptxF14_Class1.pptx
F14_Class1.pptxSameer Ali
 
SINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSameer Ali
 

More from Sameer Ali (8)

Lecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptxLecture 1 - Introduction to Course & Course outline.pptx
Lecture 1 - Introduction to Course & Course outline.pptx
 
cloud-complete.ppt
cloud-complete.pptcloud-complete.ppt
cloud-complete.ppt
 
Intro (1).ppt
Intro (1).pptIntro (1).ppt
Intro (1).ppt
 
secure_mobile.ppt
secure_mobile.pptsecure_mobile.ppt
secure_mobile.ppt
 
CDP_2(1).pptx
CDP_2(1).pptxCDP_2(1).pptx
CDP_2(1).pptx
 
hel1 (1).ppt
hel1 (1).ppthel1 (1).ppt
hel1 (1).ppt
 
F14_Class1.pptx
F14_Class1.pptxF14_Class1.pptx
F14_Class1.pptx
 
SINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdfSINDH SALES TAX ON SERVICES ACT 2011.pdf
SINDH SALES TAX ON SERVICES ACT 2011.pdf
 

Recently uploaded

WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnAmarnathKambale
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Steffen Staab
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech studentsHimanshiGarg82
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is insideshinachiaurasa2
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...Shane Coughlan
 
tonesoftg
tonesoftgtonesoftg
tonesoftglanshi9
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...Jittipong Loespradit
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...masabamasaba
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...masabamasaba
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Bert Jan Schrijver
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastPapp Krisztián
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyviewmasabamasaba
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsJhone kinadey
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...masabamasaba
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️Delhi Call girls
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in sowetomasabamasaba
 

Recently uploaded (20)

WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With SimplicityWSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
WSO2Con2024 - Enabling Transactional System's Exponential Growth With Simplicity
 
VTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learnVTU technical seminar 8Th Sem on Scikit-learn
VTU technical seminar 8Th Sem on Scikit-learn
 
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
Shapes for Sharing between Graph Data Spaces - and Epistemic Querying of RDF-...
 
8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students8257 interfacing 2 in microprocessor for btech students
8257 interfacing 2 in microprocessor for btech students
 
The title is not connected to what is inside
The title is not connected to what is insideThe title is not connected to what is inside
The title is not connected to what is inside
 
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
OpenChain - The Ramifications of ISO/IEC 5230 and ISO/IEC 18974 for Legal Pro...
 
tonesoftg
tonesoftgtonesoftg
tonesoftg
 
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
MarTech Trend 2024 Book : Marketing Technology Trends (2024 Edition) How Data...
 
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
%+27788225528 love spells in Boston Psychic Readings, Attraction spells,Bring...
 
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
%+27788225528 love spells in Colorado Springs Psychic Readings, Attraction sp...
 
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
Devoxx UK 2024 - Going serverless with Quarkus, GraalVM native images and AWS...
 
Architecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the pastArchitecture decision records - How not to get lost in the past
Architecture decision records - How not to get lost in the past
 
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
%in Hazyview+277-882-255-28 abortion pills for sale in Hazyview
 
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
WSO2Con2024 - From Code To Cloud: Fast Track Your Cloud Native Journey with C...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
Right Money Management App For Your Financial Goals
Right Money Management App For Your Financial GoalsRight Money Management App For Your Financial Goals
Right Money Management App For Your Financial Goals
 
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
%+27788225528 love spells in Knoxville Psychic Readings, Attraction spells,Br...
 
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
WSO2CON 2024 - Cloud Native Middleware: Domain-Driven Design, Cell-Based Arch...
 
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
call girls in Vaishali (Ghaziabad) 🔝 >༒8448380779 🔝 genuine Escort Service 🔝✔️✔️
 
%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto%in Soweto+277-882-255-28 abortion pills for sale in soweto
%in Soweto+277-882-255-28 abortion pills for sale in soweto
 

bruce-sdn.pptx

  • 1. Bruce Davie Systems Approach, LLC Software-Defined Networks A Systems Approach
  • 2. • There’s a simple answer: • SDN (software-defined networking) is the separation of control and data planes • The separation allows control topology to be independent of physical network topology • The more interesting question is: • Why would anyone want to do this? • That question has a lot of answers… Logically centralized control plane Data Plane e.g. OpenFlow What is SDN?
  • 3. • History of SDN • Challenges faced by IP networks • SDN architecture • Case Studies: • Network Virtualization • Traffic Engineering • SD-WAN • Bare metal switching Outline
  • 4. A Revolution in Networking
  • 5. • 4D, Greenberg et al. – part of a broader set of “Clean Slate” initiatives • Ipsilon General Switch Management Protocol – RFC 2297 (1996) • IETF Forces WG (2001-2015!!) • Ethane (2007) Foundations of SDN
  • 6. • Lack of abstractions • Inability to express intent • Unpredictable outcome from complex distributed algorithms • Interactions among protocols (e.g. IGP & EGP) • Can’t manage a device unless it’s properly configured • bootstrap issue – control & management plane dependent on correct data plane • Fragility, risk of change • Glacial pace of innovation Challenges with IP networks
  • 7. Terminal Protocol: Telnet Terminal Protocol: SSH 1996 2016 Evolution of network provisioning: 1996-2016
  • 8. • Centralizing the control plane enables more powerful abstractions • E.g. X and Y should be able to communicate • Express intent network-wide • Distributed systems techniques to make central control scalable and fault tolerant • Central control means a single API for the network, rather than an API per box • Networks provisioned by software, not humans • Disaggregation → innovation • Network-wide intent → better security Key SDN Insights
  • 10. Specialized OS Specialized Hardware App App App App App App Specialized Applications Open Interface Open Interface Merchant Silicon Switching Chips Network OS or or Network OS Network OS Disaggregation of networking Industry
  • 11. • Just because an idea has been tried before without success doesn’t mean it’s a bad idea Random side observation
  • 13. Routing Table (RIB) Forwarding Table (FIB) Data Plane Control Plane Traditional Control and Data Planes Control Plane • Protocols: BGP, OSPF, RIP • RIB: Collection of Link/Path Attributes • Northbound Configuration Interface − e.g., Cisco CLI Data Plane • Protocols: IP • FIB: Optimized for Fast Lookup • Northbound Control Interface − Historically Private/Internal
  • 14. Control App . . . Control Plane Data Plane Flow Rules Control App Control App Control App Network OS Global Network Map SDN Control and Data Planes
  • 15. OpenFlow Switch Table 0 Table 1 Table n Execute Action Set . . . Packet In Packet Out Action Set = {} Action Set Packet + Metadata Action Set Packet OpenFlow-style data plane (MAC) (VLAN) (IP) MAC Header … Payload … IP Header TCP/UDP Header Src Addr Dst Addr Type Src Addr Dst Addr Proto … … … Src Port Dst Port … VLAN ID Ctl Type Optional 802.1Q VLAN Tag
  • 17. Programmable Switch API Merchant Silicon Stratum + ONL gNMI + gNOI + P4Runtime/OpenFlow Tofino (Barefoot), Tomahawk (Broadcom) forward.p4 arch.p4 P4 Compiler Control App Control App Control App gRPC Trellis Network Operating System gRPC API Switch OS ONOS gNMI + gNOI + FlowObjectives SDN Software Stack
  • 18. Scaling the Central Control Plane Controller Controller Controller Controller Controller Node 5 Node 4 WebService API Persistent Storage Logical Network Transport Network Node 1 Node 2 Node 3 Controller Cluster
  • 19. Summary Definition of SDN A network in which the control plane is physically separate from the forwarding plane, and a single control plane controls several forwarding devices. – Nick McKeown (2013) Dimensions • Disaggregated Control and Data planes • Centralized vs Decentralized Control Plane • Fixed-Function vs Programmable Data Plane Phases of SDN • Phase 1: Network operators took ownership of the control plane. • Phase 1a: Non-traditional entrants to the networking business (via disaggregation) • Phase 2: Network operators are taking ownership of the data plane.
  • 20. • Network Virtualization • SD-WAN • Traffic Engineering • Bare Metal Switching • Inband Network Telemetry Use Cases
  • 21. Physical Compute & Memory Hypervisor Requirement: x86 Virtual Machine Virtual Machine Virtual Machine Application Application Application x86 Environment Physical Network Network Virtualization Platform Requirement: IP Transport Virtual Network Virtual Network Virtual Network Workload Workload Workload L2, L3, L4-7 Network Services Decoupled Network Virtualization – An Analogy
  • 24. Network, storage, compute Virtualization layer Virtual Machines to Virtual Networks
  • 25. Network, storage, compute Virtualization layer “Network hypervisor” Virtual Data Centers Virtual Machines to Virtual Networks
  • 26. Cloud Consumption Manager Controller Data Plane • Self Service Portal • OpenStack, Kubernetes, etc • High–Performance Data Plane • Scale-out Distributed Forwarding Model • Single configuration portal • REST API entry-point • Manages Logical networks • Run-time state • Scale out, HA • Separation of Control and Data Plane Distributed Services • Logical Switch • Distributed Logical Router • Firewall • Load Balancer Virtual Edge 26 Network Virtualization Components
  • 27. MANAGEMENT PLANE CONTROL PLANE DATA PLANE Translated State Discovered State Network topology request Request stored and acknowledged Calculate data plane state Identify data plane resources Desired State Realized State Management, Control and Data Planes
  • 28. Perimeter-centric network security has proven insufficient Internet Today’s security model focuses on perimeter defense IT Spend Security Spend Security Breaches But continued security breaches show this model is not enough Problem: Data Center Network Security
  • 29. App VLAN DMZ VLAN Services VLAN DB VLAN Perimeter firewall Inside firewall Finance Finance Finance HR HR HR IT IT IT AD NTP DHCP DNS CERT Microsegmentation and Zero Trust
  • 30.  Historically challenging to troubleshoot connectivity between VMs • Is the problem in vswitch or physical network? • What’s the path through the physical network? • Is there a (misconfigured) middlebox in the path?  Network virtualization gives us tools to handle this: • Decomposition: separate the physical from the virtual • Global view: see all the logical network state (port stats, drops, etc.) and tunnel health from the controller API • Synthetic traffic: insert packets at vswitch as if the VM generated them Visibility: changing the laws of physics
  • 31. • 90% of Fortune 100 have deployed network virtualization • Foundational to hyperscale data centers • Network configuration no longer the “long pole” • A key step towards better network security (but much work remains) • Increasingly important for microservices, kubernetes etc. • Commodifying effect on physical networking • Service Mesh can be viewed as a form of Network Virtualization Network Virtualization – Discussion
  • 32. SD-WAN Cloud Services Corporate Datacenter Branch SD-WAN Controller Main Office SD-WAN Edge Overlay Tunnel Network Policies
  • 34. Leaf Leaf Leaf Leaf Spine Spine Spine Datacenter Switching Fabric Leaf-Spine Topology • Leaf Switches = Top-of-Rack (ToR) • Optimized for East-West Traffic • Built-in Redundancy (not shown) • Scale with additional layers Well-Established in Commodity Clouds • Bare-Metal Switches • Control Plane running in the cloud Internet
  • 35. Leaf-Spine Switching Fabric Trellis Design • Intra-Rack: L2 Domain within L3 Subnet • Inter-Rack: L3 Routing between Subnets • Segment Routing across Fabric Trellis Features • VLANs / QinQ • End-to-End L2 Tunnels • IPv4 / IPv6 Routing • Multicast (with IGMP) • ARP (IPv4) / NDP (IPv6) • DHCPv4 / DHCPv6 • High Availability Leaf Leaf Leaf Leaf Spine Spine Spine
  • 36. S1 Add Switch ID, arrival time, departure, queue delay, etc. Log, analyze, replay, visualize Generate report with switch metadata Header Metadata S1 Payload Header Payload Header Payload Header Metadata S1 Payload Metadata S2 Metadata S1 Metadata S2 Metadata S5 S2 S3 S4 S5 Inband Network Telemetry (INT) Fine-Grain Telemetry • Flow Rule(s) that matched • Queuing delays of individual packets • Other flows being buffered • … Uses • Verify correct behavior • Identify micro-bursts • …
  • 37. • Scale • Stability & Correctness • Timeliness • Inter-domain SDN Challenges

Editor's Notes

  1. CP is important; OF is a detail
  2. Could mention MPLS as example of how hard innovation was pre SDN
  3. Non intuitive: you need a model of the data plane to be able to separate it from control
  4. Hyperv possible
  5. Show a logical topology getting mapped from top to bottom with animation
  6. All Apps on a VLAN can communicate freely Once one App is compromised, lateral movement cannot be restricted Micro-segmentation can granularly control apps even on shared VLAN
  7. Scale example – from NSX-mh to NSX-T (fewer hosts etc), API scale for NSX-T
  8. What do you think is next? – Fully automated networks? Does the innovation argument hold up? How does BGP play into this? Interdomain still seems broken. Architecture papers are the exception. Networking people love protocols.