ryu sdn framework
TRANSCRIPT
Copyright©2015 NTT corp. All Rights Reserved.
Ryu SDN Framework
FUJITA TomonoriNTT Software Innovation CenterRyu Project Lead
2Copyright©2015 NTT corp. All Rights Reserved.
• What’s Ryu?
• Use cases
• #1 Cloud and MPLS VPN automation
• Whitebox switch
• #2 BMP Server
• #3 SDN IX DoS mitigation
• Future Plans
Agenda
3Copyright©2015 NTT corp. All Rights Reserved.
• OSS SDN Framework founded by NTT
• Python library for SDN
• Apache v2 license
• More than 400 mailing list subscribers
• Features
• OpenFlow
• Version 1.0, 1.2, 1.3, 1.4, 1.5 (in progress)
• Parsing and building various protocols packets
• IP, TCP, UDP, MPLS, OSFP, PBB, etc
• BGP, VRRP, BFD, BMP
• BGP speaker supports BGP4 and MPBGP (v6 and MPLS/VPN)
What’s RYU?
4Copyright©2015 NTT corp. All Rights Reserved.
Who uses?
and more…
5Copyright©2015 NTT corp. All Rights Reserved.
Use case #1: Cloud and MPLS VPN
MPLS L3 VPNOFSwitch
Software inside the switch
OFController
BGPSpeaker
eBGP
Tenant
Network
vRouter
Direction VLAN Prefix VPN Label
DC -> VPN Match & Pop Push
VPN <- DC Push Match & Pop
Info from Cloud system
Info from BGP
Cloud
Orchestration
System
Used in production as of 2014/10
PE
Customers can manage cloud and network settings via the cloud portal and the change are reflected immediately to the gateway switch
6Copyright©2015 NTT corp. All Rights Reserved.
Use case #1: lessons learned
Ryu (OpenFlow + BGP) + OpenFlowWhitebox Switch
=Router fully easily integrated with
the existing infrastructure
• OpenFlow is not a must (one of southbound protocols)• Whitebox Switch + Linux OS enables this SDN
7Copyright©2015 NTT corp. All Rights Reserved.
• Merchant silicon + Linux OS
• Commodity hardware switch from ODMs in Taiwan
• Whatever software you can install
• Routing (BGP, etc)
• Monitoring
• Automation
Whitebox Switch
• Vendor provides BGP new feature timely?• You still like to monitor via SNMP?• You can automate switch configuration with the existing
systems?
Facebook developed their original switch (Accton manufactured)
8Copyright©2015 NTT corp. All Rights Reserved.
• BGP Monitoring Protocol
• Monitoring Adj-RIBs-In changes
Use case #2 BMP Server
BGPPeer
BGPPeer
Adj-RIBs-In
Adj-RIBs-In
Local RIB
Filter
Filter
BGP router
Ryu BMP server
You could modify Ryu BMP server to send notification via email, tweet, etc when something (strange received route, etc) happens
9Copyright©2015 NTT corp. All Rights Reserved.
• Blocking traffic at Internet Exchange
• Demo at Interop 2014 by Internet Multifeed
Use case #3 SDN-IX DoS mitigation
AS1
IX
AS2OF
SW
Configure the blocking policy via web portal
RyuOF controller
10Copyright©2015 NTT corp. All Rights Reserved.
Linux kernel
• OpenFlow
• New specification (1.5 for now)
• Software for Whitebox switch
• APIs for silicon in Linux
• Protocol stack (mainly BGP)
• Whatever necessary
Future Plans
HW
Kernel driver
SDK
OF
Agent
Use
Netlink, etc
Use
OpenFlow
Use
Vendor
Silicon
SDK API
Whitebox swtich API example
11Copyright©2015 NTT corp. All Rights Reserved.
• Use case: high performance
• IX route server
• Multi threads
• Thread to send keepalive messages per peer
• Thread for routing per rib
• Thread for reading bgp messages from socket per peer
• Modern management interface
• JSON REST API
• CLI is implemented in Python by wrapping REST API (easy modify for your preferable output format)
New Ryu BGP speaker implementation
Parsing 70K BGP updates; each includes 8 routesOld: 5.584 secs v.s. New: 0.205 secs
https://github.com/osrg/gobgp
12Copyright©2015 NTT corp. All Rights Reserved.
Thanks!
Questions?
13Copyright©2015 NTT corp. All Rights Reserved.
• What’s OpenStack?
• OSS for building IaaS
• You can run lots of VMs
• Many SDN solutions are supported
• How Ryu is used?
• Tenant network separation (virtual L2 network on the top of L3 network)
• BGP support (chosen as the default BGP implementation)
Use case #4 OpenStack integration