opendaylight...

© 2014 Open Networking Foundation Open SDN India Technology Symposium, January 18-19, 2015, Bangalore

OpenDaylight Service Func4on Chaining Vinayak Joshi Principal Engineer – Ericsson & OpenDaylight Contributor https://wiki.opendaylight.org/view/Service_Function_Chaining:Main

2

Agenda

2

•  Service Function Chaining Problem Description •  Service Function Chaining in OpenDaylight (ODL SFC) •  SFC ODL Use Cases (Helium release) •  SFC in Future Releases (Lithium release and Beyond)

3

Service Function Chaining (SFC) •  SFC provides the ability to set

up an ordered list of a Service Functions (e.g. firewall, DPI, etc.) for a set of packets

•  SFC Deployment Challenges

–  Topological dependencies •  Transport

–  Configuration complexity •  Generic Data model •  Programmability

–  Packet classification –  Elastic service delivery –  Consistent ordering of

service function enforcement

3

DPI NAT

Transport

Tran

spor

t

NAT

Transport

Tran

spor

t

DPI DPI Balanced Load

4

SFC in ODL

4

•  Rationale –  Service Chaining is a classical SDN application –  SDN simplifies service chain provisioning & management –  Controller has a centralized view of the network

•  Easier to stitch end-to-end chains across different network nodes

•  Service Chaining Implemented in ODL –  Follows IETF Draft based SFC data models. –  SFC application receives information about chain and/or path to be

constructed via northbound API (RESTCONF) –  Programs service chains on network nodes using southbound protocols –  Contributors from Cisco, Ericsson, Red Hat, Contextream, Brocade,

IBM, Citrix, etc.

5 5

SFC ODL Software Components

6

Data Model (Yang) for SFC •  SFC data model is

defined in Yang files

•  Yang files are fed into the MD-SAL at compile time

•  RESTCONF APIs and southbound hooks created from Yang

6

Network Service Header

IETF Draft P.Quinn et. Al.

SFC Architecture

IETF Draft P.Quinn & J.Halpern

(Now J.Halpern & C.Pignataro)

Yang Model for SFC

IETF Draft P.Quinn & R.Penno

Yang Model files for SFC

(Model the data structures for SFC)

Packet Classification

Yangs

Yangs for ACL

7 7

SFC Data Model and Network Nodes

Classifier SFF1 SFF2 (Terminating)

SF1

SF2 (NSH Unaware)

Outer Transport Pkt Data

Outer Transport Pkt Data SFC Encap

(NSH)


(NSH)


Proxy



(NSH)

Example Service Function Path

•  Service Function Forwarder (SFF): Switch •  Service Function(SF): Appliance •  Service Function Path (SFP): Packet path in a Service Chain

8

SFC Encap/Metadata: Network Service Header (NSH)

8

•  Provides –  Service Path Information (used for forwarding along SFP) –  Location within Service Path –  Opaque application metadata –  “Classify once” model

›  Inserted after initial classification at service plane entry –  May be inserted after L2 Header (new EthType requested) –  Expandable header

›  Lifetime only within SFC domain

Mandatory: Base Header (flags, next protocol) -4 bytes

Mandatory: Service Path Header (service plane forwarding info i.e. SFP ID, service index) – 4 bytes

Mandatory: Context Headers (four headers, 4 bytes each)

Optional: Variable length Opaque context headers

9 9

Use Case 1: NSH with OVS (Based on SFC ODL Mailing List Example)

Network Cloud

OVSDB 1

vnic1 vnic2 SFF1 (OVS Bridge 1)

vnic1 SFF2 (OVS Bridge 2)

SF1 (VM) eth0

SF2 (VM) eth0

SF3 (VM) eth0

OVSDB 2

SF4 (VM) eth0

SF5 (VM) eth0

vnic1 SFF3 (OVS Bridge 3)

vnic1 vnic2 SFF4 (OVS Bridge 4)

eth0 eth1 eth0 eth1

VxLAN Tunnel:

VTEPs programmed

outside SFC

Classify and stamp NSH.

Remove NSH

10

•  Need for a non-NSH Service Plane –  Not all SFFs are NSH compliant –  NSH support in OpenFlow is not standardized yet –  NSH unaware SFs mandate proxies –  NSH implementation in h/w SFFs is even more challenging –  NSH EthType may not be recognized by some network elements

•  No-NSH Service Plane in Helium

–  OpenFlow 1.3.1 based implementation –  L2 reachability between SFs and SFFs –  Does not preclude various transports (VxLAN, GRE)

•  Programmed outside SFC with/without OpenFlow –  Packet re-classification at every hop

USE CASE 2: OpenFlow-No SFC Encap (Ericsson’s Contribution)

10

11 11

NO SFC Encap with L2 Reachability: Example Service Function Path

SFF1 SFF2

SF1 SF2

Pkt Data

Outer Transport

Pkt Data with

DMAC = SF1 MAC

SMAC = SFF1 MAC

Outer Transport

Pkt Data with

DMAC = SFF2 MAC

SMAC = SF1 MAC

Outer Transport

Pkt Data with

DMAC = SF3 (dummy SF to

exit service plane) MAC

SMAC = SFF2 MAC

1)  Classify to determine SFP

2)  Determine current hop (H1) from SMAC

1)  Classify again to determine SFP

2)  Determine current hop (H2) from SMAC and send to SFF2

Pkt Data with

DMAC = SFF2 MAC

SMAC = SFF1 MAC

1)  Classify again to determine SFP

2)  Determine current hop (H2)

Outer Transport

Pkt Data with

DMAC = SF2 MAC

SMAC = SFF2 MAC

Outer Transport

Pkt Data with

DMAC = SF2 MAC

SMAC = SFF2 MAC

1)  Classify to determine SFP

2)  Packet has to exit

service plane

12

•  Load Balancing & Fast Failover across SFs –  Keep alives for monitoring of SFs (input to fast failover & load

balancing).

•  Enforcement of policy

–  In Helium – simple ACL based classification –  Possible integration with Group Based Policy

•  Transport & Discovery to be programmed outside SFC –  Outside SDN, separate OF flows etc. –  Possible integration of other ODL discovery projects such as

Source Tracker

Some Helium SFC GAPS

12

13

•  Planned main features for Lithium –  Load Balancing & Failover –  OpenStack integration –  Misc.: Interface, test, packaging enhancements

•  Future releases –  Netconf integration –  LISP?

•  SFC in OPNFV –  ODL is used in OPNFV. –  Integration of SFC into OPNFV environment.

OFL SFC – Lithium and Beyond

13

14

•  Detailed ODL SFC Presentation (where this presentation is derived from). https://wiki.opendaylight.org/images/8/89/Ericsson-Kumbhare_Joshi-OpenDaylight_Service_Function_Chaining.pdf

•  ODL SFC Wiki Page https://wiki.opendaylight.org/view/Service_Function_Chaining:Main

•  Service Function Chaining Architecture IETF Draft: https://datatracker.ietf.org/doc/draft-ietf-sfc-architecture/

•  Yang Model for Service Function Chaining IETF Draft https://datatracker.ietf.org/doc/draft-penno-sfc-yang/?include_text=1

•  SFC IETF Working Group https://datatracker.ietf.org/wg/sfc/charter/

References

14

15 15

Thank you !

opendaylight...

Documents