openflow hands-on tutorial ofelia meeting feb 7, 2011 at berlin

69
OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin Srini Seetharaman, DT R&D Lab, USA With help from: Dan Levin, TU Berlin Nadi Sarrar, TU Berlin Andi Wundsam, TU Berlin 1

Upload: ashtyn

Post on 12-Jan-2016

30 views

Category:

Documents


0 download

DESCRIPTION

OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin. Srini Seetharaman, DT R&D Lab, USA With help from: Dan Levin, TU Berlin Nadi Sarrar, TU Berlin Andi Wundsam, TU Berlin. Welcome! Getting Started. Copy to your hard disk from Flash Drive/: - PowerPoint PPT Presentation

TRANSCRIPT

Page 1: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow Hands-on TutorialOFELIA Meeting

Feb 7, 2011 at Berlin

Srini Seetharaman, DT R&D Lab, USA

With help from:Dan Levin, TU BerlinNadi Sarrar, TU Berlin

Andi Wundsam, TU Berlin1

Page 2: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Welcome! Getting Started• Copy to your hard disk from Flash Drive/:

– Corresponding files (terminal, X server, Vmware) for your platform (Win/Mac/Linux)

– OpenFlowTutorial-20110131.vmwarevm.zip

• unzip OpenFlowTutorial-20110131.vmwarevm.zip• Instructions:

http://www.openflow.org/wk/index.php/OpenFlowTutorialOFELIA2011

• VMWare Key (if needed):– 4J09J-3U2E5-58C32-08AK0-8DH42

• Online attendees: Download file from:• http://www.net.t-labs.tu-berlin.de/research/routerlab/oftutori

al.zip 2

Page 3: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Introductions

3

Page 4: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Agenda

Time Description

10:00-11:00 Introduction: How OpenFlow works, Potential, Limitations, Current vendors, SDN/OPEN

11:00-12:15 Begin Hands-on Portion (learn tools, self-exploration)

Lunch break

13:00-14:00 Intro to Slicing, Details about GENI deployments

14:00-14:30 Continue Hands-on Portion (Slice using FlowVisor, use Expedient)

Coffee break

15:00-15:45 Vision and long-term directions of OpenFlow(Nick McKeown)

15:45-16:30 Q&A; Discussions

4

Page 5: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Goals of this Tutorial• By the end, everyone should know:

– what OpenFlow is– how it’s used and how you can use it– where it’s going– how OpenFlow compares to other platforms– how OpenFlow fits in the Software-Defined

Networking (SDN) spectrum• Present a useful mix of hands-on and lecture-

based content• Have fun

5

Page 6: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Why OpenFlow?

6

Page 7: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Million of linesof source code

5400 RFCs Barrier to entry

Billions of gates Bloated Power Hungry

Many complex functions baked into the infrastructureOSPF, BGP, multicast, differentiated services,Traffic Engineering, NAT, firewalls, MPLS, redundant layers, …

An industry with a “mainframe-mentality”, reluctant to change

The Ossified Network

Specialized Packet Forwarding Hardware

OperatingSystem

Feature Feature

Routing, management, mobility management, access control, VPNs, …

7

Page 8: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Research Stagnation• Lots of deployed innovation in other areas

– OS: filesystems, schedulers, virtualization– DS: DHTs, CDNs, MapReduce– Compilers: JITs, vectorization

• Networks are largely the same as years ago– Ethernet, IP, WiFi

• Rate of change of the network seems slower in comparison– Need better tools and abstractions to demonstrate

and deploy

8

Page 9: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Closed Systems (Vendor Hardware)

• Stuck with interfaces (CLI, SNMP, etc)• Hard to meaningfully collaborate• Vendors starting to open up, but not usefully• Need a fully open system – a Linux equivalent

9

Page 10: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Open Systems

Performance Fidelity

Scale Real User Traffic?

Complexity Open

Simulation medium medium no medium yes

Emulation medium low no medium yes

Software Switches

poor low yes medium yes

NetFPGA high low yes high yes

Network Processors

high medium yes high yes

Vendor Switches

high high yes low no

gap in the tool spacenone have all the desired attributes!

10

Page 11: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow: a pragmatic compromise

• + Speed, scale, fidelity of vendor hardware• + Flexibility and control of software and

simulation• Vendors don’t need to expose

implementation• Leverages hardware inside most switches

today (ACL tables)

12

Page 12: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

How does OpenFlow work?

13

Page 13: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Ethernet SwitchEthernet Switch

14

Page 14: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Data Path (Hardware)Data Path (Hardware)

Control PathControl PathControl Path (Software)Control Path (Software)

15

Page 15: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Data Path (Hardware)Data Path (Hardware)

Control PathControl Path OpenFlowOpenFlow

OpenFlow ControllerOpenFlow Controller

OpenFlow Protocol (SSL/TCP)

16

Page 16: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Controller

PC

HardwareLayer

SoftwareLayer

Flow Table

MACsrc

MACdst

IPSrc

IPDst

TCPsport

TCPdport Action

OpenFlow Client

**5.6.7.8*** port 1

port 4port 3port 2port 1

1.2.3.45.6.7.8

OpenFlow Example

17

Page 17: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow Basics Flow Table Entries

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

L4sport

L4dport

Rule Action Stats

1. Forward packet to zero or more ports2. Encapsulate and forward to controller3. Send to normal processing pipeline4. Modify Fields5. Any extensions you add!

+ mask what fields to match

Packet + byte counters

18

VLANpcp

IPToS

Page 18: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

ExamplesSwitching

*

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport Action

* 00:1f:.. * * * * * * * port6

Flow Switching

port3

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport

Action

00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6

Firewall

*

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport Action

* * * * * * * * 22 drop

19

Page 19: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

ExamplesRouting

*

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport Action

* * * * * 5.6.7.8 * * * port6

VLAN Switching

*

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport

Action

* * vlan1 * * * * *

port6, port7,port9

00:1f..

20

Page 20: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Centralized vs Distributed ControlBoth models are possible with OpenFlow

Centralized Control

OpenFlow Switch

OpenFlow Switch

OpenFlow Switch

Controller

Distributed Control

OpenFlow Switch

OpenFlow Switch

OpenFlow Switch

Controller

Controller

Controller

21

Page 21: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Flow Routing vs. AggregationBoth models are possible with OpenFlow

Flow-Based

• Every flow is individually set up by controller

• Exact-match flow entries• Flow table contains one

entry per flow• Good for fine grain

control, e.g. campus networks

Aggregated

•One flow entry covers large groups of flows•Wildcard flow entries•Flow table contains one entry per category of flows•Good for large number of flows, e.g. backbone

22

Page 22: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Reactive vs. Proactive (pre-populated)Both models are possible with OpenFlow

Reactive

• First packet of flow triggers controller to insert flow entries

• Efficient use of flow table• Every flow incurs small

additional flow setup time• If control connection lost,

switch has limited utility

Proactive

•Controller pre-populates flow table in switch•Zero additional flow setup time•Loss of control connection does not disrupt traffic•Essentially requires aggregated (wildcard) rules

23

Page 23: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Usage examples

• Alice’s code:– Simple learning switch – Per Flow switching– Network access

control/firewall– Static “VLANs”– Her own new routing protocol:

unicast, multicast, multipath– Home network manager– Packet processor (in

controller)– IPvAlice

– VM migration– Server Load balancing– Mobility manager– Power management– Network monitoring

and visualization– Network debugging– Network slicing

… and much more you can create!

Page 24: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Quiz Time• How do I provide control connectivity? Is it really clean slate?

• Why aren’t users complaining about time to setup flows over OpenFlow? (Hint: What is the predominant traffic today?)

• Considering switch CPU is the major limit, how can one take down an OpenFlow network?

• How to perform topology discovery over OpenFlow-enabled switches?

• What happens when you have a non-OpenFlow switch inbetween?

• What if there are two islands connected to same controller?

• How scalable is OpenFlow? How does one scale deployments?

25

Page 25: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

What can you not do with OpenFlow ver1.0

• Non-flow-based (per-packet) networking– ex. Per-packet next-hop selection (in wireless mesh)– yes, this is a fundamental limitation– BUT OpenFlow can provide the plumbing to connect these

systems

• Use all tables on switch chips– yes, a major limitation (cross-product issue)– BUT an upcoming OF version will expose these

26

Page 26: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

What can you not do with OpenFlow ver1.0

• New forwarding primitives– BUT provides a nice way to integrate them through

extensions

• New packet formats/field definitions – BUT a generalized OpenFlow (2.0) is on the horizon

• Optical Circuits– BUT efforts underway to apply OpenFlow model to circuits

• Low-setup-time individual flows– BUT can push down flows proactively to avoid delays

Page 27: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Where it’s going

• OF v1.1: Extensions for WAN, spring 2011– multiple tables: leverage additional tables– tags and tunnels– multipath forwarding

• OF v2+– generalized matching and actions: an “instruction

set” for networking

28

Page 28: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow Implementations(Switch and Controller)

29

Page 29: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow building blocks

ControllerNOXNOX

SlicingSoftwareFlowVisorFlowVisor

FlowVisorConsole

30

ApplicationsLAVILAVIENVI (GUI)ENVI (GUI) ExpedientExpedientn-Castingn-Casting

NetFPGANetFPGASoftware Ref. SwitchSoftware

Ref. SwitchBroadcom Ref. SwitchBroadcom Ref. Switch

OpenWRTOpenWRT PCEngine WiFi AP

PCEngine WiFi AP

Commercial Switches Stanford Provided

OpenFlowSwitches

SNACSNAC

Stanford Provided

Monitoring/debugging toolsoflopsoflopsoftraceoftrace openseeropenseer

OpenVSwitchOpenVSwitch

HP, NEC, Pronto, Juniper.. and many more

HP, NEC, Pronto, Juniper.. and many more

BeaconBeacon HeliosHelios MaestroMaestro

Page 30: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Ciena Coredirector

NEC IP8800

Current SDN hardware

More coming soon...

Juniper MX-series

HP Procurve 5400

Pronto 3240/3290

WiMax (NEC)

PC EnginesNetgear 7324

31

Page 31: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Commercial Switch VendorsModel Virtualize Notes

HP Procurve 5400zl or 6600

1 OF instance per VLAN

-LACP, VLAN and STP processing before OpenFlow-Wildcard rules or non-IP pkts processed in s/w-Header rewriting in s/w-CPU protects mgmt during loop

NEC IP8800 1 OF instance per VLAN

-OpenFlow takes precedence-Most actions processed in hardware-MAC header rewriting in h/w

Pronto 3240 or 3290 with Pica8 or Indigo firmware

1 OF instance per switch

-No legacy protocols (like VLAN and STP)-Most actions processed in hardware-MAC header rewriting in h/w 32

Page 32: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Controller VendorsVendor Notes

Nicira’s NOX

•Open-source GPL•C++ and Python•Researcher friendly

Nicira’s ONIX

•Closed-source•Datacenter networks

SNAC •Open-source GPL•Code based on NOX0.4•Enterprise network•C++, Python and Javascript•Currently used by campuses

Vendor Notes

Stanford’s Beacon

•Open-source•Researcher friendly•Java-based

BigSwitch controller

•Closed source•Based on Beacon•Enterprise network

Maestro (from Rice Univ)

•Open-source•Based on Java

NEC’s Helios •Open-source•Written in C

33

Page 33: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Growing CommunityVendors and start-ups Providers and business-unit

More... More...

34Note: Level of interest variesNote: Level of interest varies

Page 34: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Software-Defined Networking (SDN)

35

Page 35: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

App

App

App

36

Current Internet Closed to Innovations in the Infrastructure

Closed

Page 36: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

App

App

App

Network Operating System

App App App

“Software Defined Networking” approachto open it

37

Page 37: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

App

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

App App

Simple Packet Forwarding Hardware Simple Packet

Forwarding Hardware

Network Operating System

1. Open interface to hardware

3. Well-defined open API2. At least one good operating system

Extensible, possibly open-source

The “Software-defined Network”

38

Page 38: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Hands-on Session Flow

39

setup VM,play with mininet,

use tools

setup VM,play with mininet,

use tools

Run hub, turn hub into

an Ethernetswitch

Run hub, turn hub into

an Ethernetswitch

add multipleswitch

support

Slicing the network

with FlowVisor and Expedient

Slicing the network

with FlowVisor and Expedient

modify switch to handle IP

forwarding

Resume lectureResume lectureResume talkResume talk

On your ownOn your own

Page 39: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Stuff you’ll use• NOX• Reference Controller/Switch• OpenvSwitch• Mininet• cbench• flowvisor

• iperf• tcpdump• Wireshark

40

Page 40: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Tutorial Setup

Controllerport6633Controllerport6633 c0

OpenFlow SwitchOpenFlow Switchs1 dpctl

(user space process)

dpctl(user space

process)

h410.0.0.4

h410.0.0.4

h310.0.0.3

h310.0.0.3

h210.0.0.2h2

10.0.0.2

virtual hosts

OpenFlow Tutorial3hosts-1switchtopology

loopback(127.0.0.1:6633)

loopback(127.0.0.1:6634)

s1-eth0 s1-eth1 s1-eth2

h1-eth0 h3-eth0 h4-eth0

41

Page 41: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Hands-on TutorialNext presentation starts at 13:00www.openflow.org/wk/index.php/OpenFlowTutorialOFELIA2011

42

•Hope you got the files from the DVD or USB keys

•VMWare Key (if needed):–4J09J-3U2E5-58C32-08AK0-8DH42

•Hope you got the files from the DVD or USB keys

•VMWare Key (if needed):–4J09J-3U2E5-58C32-08AK0-8DH42

Page 42: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Virtualizing OpenFlow

43

Page 43: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Windows(OS)

Windows(OS)

Linux MacOS

x86(Computer)

Windows(OS)

AppApp

LinuxLinuxMacOS

MacOS

Virtualization layer

App

Controller 1

AppApp

Controller2

Virtualization or “Slicing”

App

OpenFlow

Controller 1NOX(Network OS)

Controller2Network OS

Trend

Computer Industry Network Industry

Page 44: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Simple Packet Forwarding Hardware

Network Operating System 1

Open interface to hardware

Virtualization or “Slicing” Layer

Network Operating System 2

Network Operating System 3

Network Operating System 4

App App App App App App App App

Many operating systems, orMany versions

Open interface to hardware

Isolated “slices”

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

45

Page 45: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Switch Based VirtualizationExists for NEC, HP switches but not flexible enough

Normal L2/L3 Processing

Flow Table

Production VLANs

Research VLAN 1

Controller

Research VLAN 2

Flow Table

Controller

46

Page 46: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

FlowVisor-based Virtualization

OpenFlow Switch

OpenFlowProtocolOpenFlowProtocol

OpenFlow FlowVisor & Policy Control

Craig’sController

Heidi’sControllerAaron’s

Controller

OpenFlowProtocolOpenFlowProtocol

OpenFlow Switch

OpenFlow Switch

47

Topology discovery is

per slice

Topology discovery is

per slice

Page 47: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlowProtocol

OpenFlowFlowVisor & Policy Control

BroadcastMulticast

OpenFlowProtocol

httpLoad-balancer

FlowVisor-based Virtualization

OpenFlow Switch

OpenFlow Switch

OpenFlow Switch

48

Separation not onlyby VLANs, but any

L1-L4 pattern

Separation not onlyby VLANs, but any

L1-L4 pattern

dl_dst=FFFFFFFFFFFFdl_dst=FFFFFFFFFFFF tp_src=80, ortp_dst=80tp_src=80, ortp_dst=80

Page 48: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

FlowSpace: Maps Packets to Slices

Page 49: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

FlowVisor Message Handling

OpenFlowFirmware

Data Path

AliceController

BobController

CathyController

FlowVisor

OpenFlow

OpenFlow

Packet

Exception

Policy Check:Is this rule allowed?

Policy Check:Who controls this packet?

Full Line RateForwarding

Rule

Packet

Page 50: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Use Case: New CDN - Turbo Coral ++Basic Idea: Build a CDN where you control the entire network– All traffic to or from Coral IP space controlled by Experimenter– All other traffic controlled by default routing– Topology is entire network– End hosts are automatically added (no opt-in)

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport

* * * * * 84.65.* * * * *

* * * * * * 84.65.* * * *

* * * * * * * * * *

51

Page 51: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Use Case: Aaron’s IP• A new layer 3 protocol• Replaces IP• Defined by a new Ether Type

SwitchPort

MACsrc

MACdst

Ethtype

VLANID

IPSrc

IPDst

IPProt

TCPsport

TCPdport

* * * AaIP * * * * * *

* * * !AaIP * * * * * *

52

Page 52: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow/GENI Deployments

53

Page 53: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

OpenFlow Deployment at Stanford

54

Switches (23)APs (50)WiMax (1)

Page 54: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Live Stanford Deployment Statistics

http://yuba.stanford.edu/ofhallway/wide-ofv1.html

55

Page 55: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

How did we get there?Staged Deployment of OpenFlow

1. Add experimental VLAN2. Enable OpenFlow for Exptl VLAN3. Configure Controller for new network

4. Add new Production subnetwork5. Gradually add/move users to new subnet

6. Enable OpenFlow for new subnet7. Slice the network

Verify correctness and performance

Verify reachability

Page 56: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Kansas StateKansas State

GENI OpenFlow deployment (2010)10 institutions and 2 National Research Backbones

57

Page 57: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

National Lambda

Rail

GENI Network Evolution

Page 58: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

FlowVisor APIFlowVisor API

GENI Integration• FlowVisor

– Slicing control

• Expedient– Experimenter’s portal

for slice management

• Opt-in Manager– Network admins’ portal

to approve/ deny expt requests for traffic

FlowVisor1 FlowVisor2

Substrate1

Substrate 2

OpenFlow OpenFlow

Opt-in Mgr1 Opt-in Mgr2

Expedient1 Expedient2

API X API X

Expedient3

GENI API

API X

Page 59: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Mistakes we made• OpenFlow over Q-in-Q

– OpenFlow routing is unaware and sends traffic with same MAC address in both direction, causing perpetual learning and CPU inflation

• Moving uplinks for 1 switch, while being pointed to the same controller (causing two islands)– Causes controller learning to oscillate between the 2 uplinks

• Bad interaction with legacy protocols – LLDP and STP are treated differently with different switches

• Loop in OpenFlow network being exposed to non-OF side– Miscommunication between the aggregate operator and the

experimenter during testing phase

• Loop across backbones– Same campus connected over NLR and Internet2

Page 60: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Next steps for GENI• Remove duct-tape

– Fix any issues that we learned about during demos

• Be better prepared– Higher stability and better isolation– Test bandwidth slicing

• Grow topology– Add more switches and hosts

• Wean off– Each campus takes charge of control framework

Page 61: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Tutorial Setup so far

Controllerport6633Controllerport6633 c0

OpenFlow SwitchOpenFlow Switchs1 dpctl

(user space process)

dpctl(user space

process)

h410.0.0.4

h410.0.0.4

h310.0.0.3

h310.0.0.3

h210.0.0.2h2

10.0.0.2

virtual hosts

OpenFlow Tutorial3hosts-1switchtopology

loopback(127.0.0.1:6633)

loopback(127.0.0.1:6634)

s1-eth0 s1-eth1 s1-eth2

h1-eth0 h3-eth0 h4-eth0

62

Page 62: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Virtualized Network SetupControllerport 7000Controllerport 7000

c0

OpenFlow SwitchOpenFlow Switchs1 dpctl

(user space process)

dpctl(user space

process)

h410.0.0.4

h410.0.0.4

h310.0.0.3

h310.0.0.3

h210.0.0.2h2

10.0.0.2

virtual hosts

OpenFlow Tutorial3hosts-1switchtopology

loopback(127.0.0.1:7000)

loopback(127.0.0.1:6634)

s1-eth0 s1-eth1 s1-eth2

h1-eth0 h3-eth0 h4-eth0

FlowVisorport 6633FlowVisorport 6633 loopback

(127.0.0.1:6634)

63

Page 63: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

FlowVisor Usage

• <flowvisor dir>/script/fvctl.sh• listDevices

– list of all OpenFlow switches’ datapath ID• getLinks

– list of all links (port # and datapath ID of both end switches)• createSlice

– creating slice (specifying controller’s URL and slice name)• listSlices• addFlowSpace

– add flow space to slices• listFlowSpace

– show current flow space64

Page 64: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Concluding Remarks

65

Page 65: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Highlights of Deployments• Stanford deployment

– McKeown group for 1.5 years: production and experiments – To scale later this year to entire building (~500 users)

• Nation-wide trials and deployments– 7 other universities and BBN deploying now– GEC9 in Nov, 2010 showcased nation-wide OF– Internet 2 and NLR starting to serve as the GENI Backbone

• Global trials– Over 60 organizations experimenting

2011 likely to be a big year for OpenFlow66

Page 66: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Current Trials• 68 trials/deployments spanning 13 countries

67

Page 67: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Get involved!

• Ask and answer questions on mailing lists: – openflow-discuss– openflow-spec

• Share and update wiki content• Submit bug-reports and/or patches to OF

reference implementation• Release open-source applications• Write a controller!

68

Page 68: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

Are you innovating in your network?

69

Page 69: OpenFlow Hands-on Tutorial OFELIA Meeting Feb 7, 2011 at Berlin

SDN Team at Stanford