13. fsl sdn openflow and cloud computing upd rob oshana

CONFIDENTIAL The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service marks licensed by Power.org.

Freescale and the Freescale logo are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service marks licensed by Power.org.

CELEBRATING 21 YEARS OF POWER ARCHITECTURE ANNIVERSARY

ASIA POWER ARCHITECTURE CONFERENCE SHANGHAI, CHINA OCTOBER 25, 2012

Networking Trends – Software Defined Networking, Network Virtualization and Cloud Orchestration

Rob Oshana, Director, Software R&D NMS Group, Freescale .

CONFIDENTIAL The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service marks licensed by Power.org.

Freescale and the Freescale logo are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. The Power Architecture and Power.org word marks and the Power and Power.org logos and related marks are trademarks and service marks licensed by Power.org.

INNOVATION COLLABORATION GROWTH

THINKPOWERCHOOSEPOWER

CELEBRATING 21 YEARS OF POWER ARCHITECTURE ANNIVERSARY

TM

Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, t he Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.

TM

Freescale, the Freescale logo, AltiVec, C-5, CodeTEST, CodeWarrior, ColdFire, C-Ware, the Energy Efficient Solutions logo, mobileGT, PowerQUICC, QorIQ, StarCore and Symphony are trademarks of Freescale Semiconductor, Inc., Reg. U.S. Pat. & Tm. Off. BeeKit, BeeStack, ColdFire+, CoreNet, Flexis, Kinetis, MXC, Platform in a Package, Processor Expert, QorIQ Qonverge, Qorivva, QUICC Engine, SMARTMOS, TurboLink, VortiQa and Xtrinsic are trademarks of Freescale Semiconductor, Inc. All other product or service names are the property of their respective owners. © 2011 Freescale Semiconductor, Inc.

4 Srinivasa Addepalli , October 2012

•  Networking Technology Trends −  Network Virtualization −  Software Defined Networking −  Cloud Orchestration

•  Freescale Software Solution (PSP) •  Freescale Layerscape Architecture

TM


5

•  Need – Similar to Compute & Storage virtualization −  On demand provisioning & Elasticity.

−  Faster provisioning of tenant/BU in minutes.

•  Current Technology −  VLAN (Every tenant that signs up to

CSP is assigned with set of VLANs)

−  Limitations are well known.

•  Trend : Overlay technologies −  Compute VM traffic (L2 traffic) sent over

any network including L3 by encapsulation

−  Broadcast domain extended to multiple data centers -> VM sprawl possible.

Physical to network slices

TM


6

•  Overlay Protocols: −  VxLAN (Virtual Extensible LAN) *

−  NVGRE (Network Virtualization using GRE)

−  STT (Stateless Transport Tunneling)

•  Benefits of extended broadcast domain across sites −  VM Migration (No network changes required)

−  Creation of experimental networks and isolated networks (for guests, for different BUs)

•  Issues/Challenges •  Additional Bandwidth Usage (50 bytes on

each packet)

•  IP Fragmentation & Reassembly due to addition of outer tunnel .

•  Securing the tunnel (Typically IPSec)

•  Expectations from NIC (and SoC Vendors)

•  No or minimal additional CPU cycles for doing VXLAN.

•  VxLAN implementation in HW.

•  Table Lookup (MAC Address versus remote VTEP)

•  Attach/Detach outer headers

•  IP Reassembly/IP fragmentation

•  IPSec on outer packets.

TM



Data path

•  SDN separates control plane from data plane in separate entities (devices).

•  SDN/OF not only a protocol between controllers and switches, but also defines generic methodology (Table centric processing)

•  No hardcoded logic in data paths. Personality of the data path is controlled by controller programs.

•  Benefits

•  Traffic Steering •  Reduce the interoperability problems associated with

multiple protocols in existing devices. •  Avoid capacity issues in existing network devices (CP

processors & Memory is limited to hold large amount of state data).

•  Virtual switches in NIC/Hypervisors would be first candidate implementation of SDN/OF (Example: OVS in Linux 3.x)

OpenFlow Switches

Data path

OpenFlow Protocol

OF Config Protocol

Hosts connected to switch

OpenFlow Controller

Switch

Data path

Data path

Switch

TM



•  Tables & Flows •  Multiple tables, each table holding large

number of flows created by controller(s). •  OF defines 40+ matching fields in flows.

Fields values can be scalar, masked values.

•  Each flow is defined with set of instructions & actions -> apply actions, next table to jump to or send the packet out on a given port.

Table 0 Table 1

Table N Logical Ports

Table 2

Ports Management

Table 0 Table 1

Table N

VXLAN NVGRE

Logical Ports

Table 2

Physical Ports

OpenFlow Datapath

Challenges (based on PoC)

Expectations from SoC vendors

Performance degradation of OF based data path from hardcoded data path can be up to 70%

Multiple types of accelerators Table Lookup Unit, Parsing, IP frag/reassembly, Action processing etc. .

Multiple types of searches -> (Hash Tables for EM, Radix tree/Patricia trie for LPM, RFC/DFCL for ACL tables)

Any table lookup accelerator should be able to use best algorithm based on table type (EM, LPM, ACL).

Major OF protocol/capability changes from one version to another

Should be possible to update to new versions without new hardware revision. -> Flexible programming.

TM



•  Main properties of cloud computing −  Elasticity & Agility : Allocate resources

on demand basis. Bring up resources very fast (matter of seconds).

−  Business continuity : Move resources across sites without lose of data.

•  Markets −  Started with service providers (CSPs)

−  Internal Clouds (private clouds) in Enterprises.

−  Enterprise core networks too.

•  Value Added Network Services (Security, WAF, WOC, ADC etc..) −  Physical appliances in non-cloud computing

world.

−  Virtual appliances : Works well with Elastic, agility and high availability features of cloud computing.

•  Challenges for Virtual appliance (VA) vendors is achieving performance. Expectation from SoCs include −  Hardware Accelerators – Partition of

accelerators : One for each VM.

−  Direct Access to hardware (Avoid hypervisor intervention between VA and Hardware)

−  Linux/Hypervisor enablement to work with Cloud Orchestration tools (eg. Openstack)

TM


TM


11 Srinivasa Addepalli , October 2012 VortiQa OpenFlow Switch

PSP Drivers

PSP Core Services

VXLAN VLAN NVGRE

EM, LPM, RFC, DCFL Processing

Interfaces (Logical)

OF Config Agent / Quantum Agent OF Flow Agent

API API

QorIQ Platform

VortiQa OpenFlow Controller

Third party

OpenFlow Controller

VortiQa PSP Controller Interface

VortiQa OpenFlow Controller

Firewall NAT

IKE IPSec

Routing Protocols

Vxlan CP L2 CP

Vort

iQa

PSP

•  PSP 2.0 summary (Existing package) •  Middleware software package to enable data plane and service plane application development in Linux user space. •  Gets near bare-metal performance. •  Supports Ipv4/Ipv6 •  Provides ASF (Application specific fast path) for NAT/FW/L4, IPsec and QoS.

•  PSP 3.x • Targeted for next generation OEM physical/virtual appliances based on SDN/OF. • Fully complaint with Openflow 1.3 • Proprietary actions (IPsec, FW validation checks etc..) • Multiple table lookup algorithms: Hash table, Trie, Radix tree, RFC and DFCL. • VXLAN, NVGRE overlay support • Quantum agent for Openstack integration

•  Target Date : Q2, 2013.

TM


12

OpenVSwitch (OVS) is Openflow DP implementation in Linux 3.x kernels. Freescale SDKs will support OVS. In addition Freescale provides production ready PSP.

OVS PSP Combination of Linux User and Kernel space implementation

Entirely user space application Takes advantage of SoC accelerations functions.

Maintains two copies of each flow (one in user space and one in kernel space)

Only one copy of flows (Better memory utilization)

Revalidation of flows seem to be expensive Revalidation of flows when controller CP state changes. Does not take too many CPU cycles.

Copyright – GPL for kernel space component

Proprietary license – Any feature additions by customers need not be made public.

Feature limitations (But it is matter of time) - Openflow 1.0, no Openflow 1.3 yet - No VxLAN support

Openflow 1.3, VXLAN/NVGRE support

ACL table lookup algorithm is not very efficient

RFC and DCFL algorithm support for ACL lookup

PSP is optimized for compute node platforms hosting network service virtual appliances, Network service hardware appliances & Intelligent NICs supporting virtual switches.

TM


13

•  SDN/OF & NV Challenges − Generic data path processing

(Personality can be changed by controllers), hence impact on performance

− Performance degradation over hardcoded data path is significant when done in GPP cores.

− Pure ASIC implementation is not an option today due to immaturity of standards & need for addition of new actions in future.

•  Technical Observations −  IP Fragmentation/Reassembly &

Ipsec are becoming part of infrastructure due to overlays.

−  Table Centric Processing

•  Hardware Options •  Powerful GPP cores •  NPU •  Freescale Layerscape

architecture.

TM


14

Freescale SoCs – Layerscape Architecture

Eth

►  Multi Layer Modular Architecture ► Express Packet IO Layer ► Accelerated Packet Processing

Layer ► General Purpose Processing Layer

►  APPL ► Accelerate packet processing :

Autonomous and semi-autonomous operations.

► Low-latency & fast accelerator interface.

► Multiple internal accelerators.

► APPL targeted Applications ► SDN/OF Data path ► NV – VxLAN & NVGRE. ►  eNB transport data path ►  Fast Path for ADC, IPSec etc..

►  APPL Programming Model ► C development environment.

►  Future version of PSP implements OF

1.3+ data path in APPL

DCE

PCD, TCAM, Policer

Switch

Power Core

EPIL

Flexible Programming Architecture

Power Cores

APPL

Core complex

SEC PME

Con

figur

able

Pr

ogra

mm

able

Pr

ogra

mm

able

TLU

Parser

Parser is programmable with new header templates.

Altivec

Modifier

TMAN

IP Frag/Reasm

GPPL

TM


13. fsl sdn openflow and cloud computing upd rob oshana

Documents