Software Defined Networking (SDN)

- “The Future of Networking”

Introduction

Milson Munakami– 5 years Developer Evangelist – No Cable guy– @milson

Agenda• What is SDN?• Hype and Confusion• Key Concept of SDN• OpenFlow• Future of SDN• Mininet At A Glance• Demo• Q & A

What is SDN?Introduce and demystify Software-Defined Networking

(SDN)

What is Networking?

end-hosts want to communicate?

What is Networking?

Ethernet switches connects them

What is Networking?

Which decide how packets should be forwarded

What is Networking?

And actually forward them

How is Networking evolving?• Plug-and-play• Mobility and wireless• Structured and optimized topologies• More complex servers – cloud• Routers and wifi • Inter-domain routers• Gateways – bridge• Middleboxes - NAT• Firewall – malicious traffic• Load balancing • Virtualizations

The Network is Being Pushed to Its Limits…

80% of Enterprise Apps are Deployed in

the Cloud

1.1 Billion Smartphones

Projected to Ship in 2014

2.5 billion Internet users in the world! Expect 5 billion by

2023!

Unending, exponential growth in the people, devices and servers connecting to the network requires a new approach

This is Where Software-Defined Networking (SDN) Comes In…

Need to Innovate in the Network

Revenues from Cloud Innovation Could

Reach $1.1 Trillion Per Year by 2015

15K New Applications Are

Added Every Week!

83% of Companies Believe Mobility Will Significantly Affect

Their Business

We’ve seen tons of innovation in applications, devices, computing and storage,

… yet the underlying network that connects everything has remained unchanged!

So what we need?

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

App

App

App

Specialized Packet Forwarding Hardware

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

OperatingSystem

App

App

App

Network Operating System

App App App

Closed SystemCustom hardwareFeatures - apps

App

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

Simple Packet Forwarding Hardware

App App

Simple Packet Forwarding Hardware Simple Packet

Forwarding Hardware

Network Operating System

1. Open interface to packet forwarding

3. Well-defined open API 2. At least one good operating systemExtensible, possibly open-source

Unified Data and Control

The world today

vs.

Add feature here?!?!

Control + Data Separation

Controller

DataControl

AppApp App

Today, new features are implemented as fully distributed algorithms at a protocol level rather than centralized applications. Spanning tree is a great example…

Hype and Confusion

Current Networking Scheme• Fully distributed protocols - hard to add a feature to a

network• Network is closed for research and innovation• Network administrators, Experts and Researchers can only configure devices• Increased Complexity and changes – error prone• Vendor Specific Solutions• Lots of Challenges and difficulties

Mitigation approach • Open Development environment for Networking • Isolation:

• regular production Network untouched

• Virtualized and Programmable networks

Software Defined Networking (SDN)

Scenario

App AppAppAppApp App

Network

Dynamic IT Environment

Static Provisioning

Static Network Model

Scalability

Web Speed

Flexibility

Dynamic Services Model

Key Concept of SDN

Windows

(OS)

Windows

(OS)

Linux

MacOS

x86(Computer)

Windows

(OS)

AppApp

Linux

Linux

MacOS

MacOS

Virtualization layer

App

Computer Industry

Controller 1

AppApp

Controller2

Virtualization or “Slicing”

App

OpenFlow

Controller 1

NOX(Network OS)

Controller2

Network OS

Network Industry

Vertically integratedClosed, proprietary

Slow innovationSmall industry

SpecializedOperatingSystem

SpecializedHardware

AppAppAppAppAppAppAppAppAppAppApp

SpecializedApplications

HorizontalOpen interfacesRapid innovation

Huge industry

Microprocessor

Open Interface

LinuxMacOS

Windows(OS) or or

Open Interface

Vertically integratedClosed, proprietary

Slow innovation

SpecializedOperatingSystem

SpecializedHardware

AppAppAppAppAppAppAppAppAppAppApp

SpecializedApplications

HorizontalOpen interfacesRapid innovation

Control

Plane

Control

Plane

ControlPlane or or

Open Interface

MerchantSwitching Chips

Open Interface

Core Concept of SDN• Separate Control(brains) plane and Data(muscle) plane entities

• Network intelligence and state are logically centralized• The underlying network infrastructure is abstracted from the

applications

• Execute or run Control plane software on general purpose hardware

• Decouple from specific networking hardware• Use commodity servers

• Have programmable data planes - APIs• Maintain, control and program data plane state from a central entity

• An architecture to control not just a networking device but an entire network – efficient orchestration and automation of network services

Key Abstraction

Network Operating System

Routing Traffic Engineering

Other Applications

Well-defined API

Forwarding

Forwarding

Forwarding

Forwarding

Network Virtualization

Network Map Abstraction

Separation of Data and Control Plane

1.<Match, Action>

2.<Match, Action>

3.<Match, Action>

4.<Match, Action>

5.<Match, Action>

6.…7.… OpenFlow –

OF Data Plane Abstraction

Key Benefits• Efficiency: optimize existing applications, services, and

infrastructure• Agility: enabling organizations to rapidly deploy applications,

services, and infrastructure to meet needs• Scale: automate and optimize new and existing applications

and services• Innovation: allowing organizations to create and deliver new

types of applications, services and business models • Centralized Control• Reduced Complexity through Automation• Increased Network Reliability and Security

OpenFlow

“OpenFlow is an open standardto deploy innovative protocols

in production networks”

openflow.org

OpenFlow Protocol (TCP/SSL)

Data Path (Hardware)

Control Path OpenFlowEthernet Switch

Network OS

Control Program A Control Program B

What is OpenFlow?• OpenFlow is similar to an x86 instruction set for the network to

program the forwarding behavior of the switch• Provide open interface to “black box” networking node

• (ie. Routers, L2/L3 switch) to enable visibility and openness in network

• OpenFlow is based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries

• Controller or control software uses OpenFlow protocol to provide programmable interface to switches & routers

Programming SDN with OpenFlow• The Good

– Network-wide visibility– Direct control over the

switches– Simple data-plane abstraction• The Bad– Low-level programming interface– Functionality tied to hardware– Explicit resource control

• The Ugly– Non-modular, non-compositional– Challenging distributed

programming

OF building blocks

ControllerNOX

SlicingSoftwareFlowVisor

FlowVisorConsole

ApplicationsLAVIENVI (GUI) Expedientn-Casting

NetFPGASoftware Ref. Switch

Broadcom Ref. Switch

OpenWRTPCEngine

WiFi AP

Commercial SwitchesStanford Provided

OpenFlowSwitches

ONIX

Stanford Provided

Monitoring/debugging toolsoflopsoftrace openseer

Open vSwitchHP, NEC, Pronto, Juniper..

and many more

Beacon Trema Maestro

OpenFlow Specification Basics• Open standard defined by the Open Networking

Foundation (ONF)• Consists at least three parts

• Flow Table – define how the switch will process each flow entries

• Secure Channel – to connect to controller• OpenFlow Protocol(API)

•Flow table are set up on switches•Controller talk to the switch via the OpenFlow protocol

Layered Architecture for SDNSouthbound API– includes OpenFlow but not limited to itSouthbound API offer L1/L2/L3 forwarding abstraction.

The Promise of SDN

Separation of forwarding and control planesOpen and vendor agnostic interface (e.g. OpenFlow)Well defined control plane abstractions to enable rapid innovation

Open Scalable Secure Agile Consistent

3rd partycomponents

Network OS

Apps Apps

Network OS

Apps Apps

OpenVendor Agnostic

Interfaces & Standards

Open Interfaces

Open Interfaces

SDN Controller LogicallyCentral

Separationof Control &Forwarding

Forwarding plane tier

Controller tier

Application tier

SDN Architecture

Components of OpenFlow Network• Controller

• OpenFlow protocol messages • Controlled channel

• OpenFlow switch• Secure Channel (SC)• Flow Table• Flow entry• Processing

• Pipeline Processing• Packet Matching• Instructions & Action Set

OpenFlow Controller

37

Name Lang Platform(s) License OriginalAuthor

Notes

OpenFlow Reference

C Linux OpenFlow License

Stanford/Nicira not designed for extensibility

NOX Python, C++

Linux GPL Nicira actively developed

Beacon Java Win, Mac, Linux, Android

GPL (core), FOSS Licenses for your code

David Erickson (Stanford)

runtime modular, web UI framework, regression test framework

Maestro Java Win, Mac, Linux

LGPL Zheng Cai (Rice) Focuses on achieving better performance using multithreading

Trema Ruby, C Linux GPL NEC includes emulator, regression test framework

Floodlight Java Linux Apache Big Switch Actively developed, open sourced

OpenDayLight Java Linux Apache Linux Foundation

Actively developed, open sourced

OpenFlow Switch

Components:Flow table & Group table- Perform packet lookups and forwarding

OpenFlow channel- Interface that connects a switch to a

controller

Pipeline process- Maintains sending of packets between flow tables by matching flow entries.

Two types

OpenFlow-Capable/ hybrid

OpenFlow-only/ pure

Secure Channel (SC)• SC is the interface that connects each OpenFlow switch to controller

• A controller configures and manages the switch via this interface.• Receives events from the switch • Send packets out the switch

• SC establishes and terminates the connection between OpenFlow Switch and the controller using the procedures

• Connection Setup • Connection Interrupt

• The SC connection is a TLS connection. Switch and controller mutually authenticate by exchanging certificates signed by a site-specific private key.

Flow Table• Flow table in switches, routers, and chipsets

Rule(exact & wildcard)

Action Statistics

Rule(exact & wildcard)

Action Statistics

Rule(exact & wildcard)

Action Statistics

Rule(exact & wildcard)

Default Action Statistics

Flow 1.

Flow 2.

Flow 3.

Flow N.

Flow table Entry• Flow table consists of set of entries to compare incoming

packets against• Each flow entry consist of match fields, counters, actions• Matching starts at the first flow table• Flow entries match in priority order• Match found

• Apply the instructions

• Match not found• forwarded to the controller over the OpenFlow channel,• dropped• may continue to the next flow table

Flow Entry• A flow entry consists of

In Port Src MAC

Dst MAC

Eth Type Vlan Id IP Tos IP

Proto IP Src IP DstTCP Src

Port

TCP Dst Port

1. Forward packet to port(s)2. Encapsulate and forward to controller3. Drop packet 4. Send to normal processing pipeline5. Vendor specific extensions

1. Packet2. Byte counters

•Per table•Per flow

Match Fields

1. Match fields -Match against packets

Action(s)

2. Action-Modify the action set or pipeline processing

Stats

3. Stats -Update the matching packets

Workflow

Encapsulates packets and sends to controller

Drops

Packet arrives at switch

Header fields compared to flow table entries

Forwarded to specified port

DroppedOR

Controller decides

Make new entry in flow table

OR

Match FoundMatch Not Found

OpenFlow Protocol Message Types• Controller-to-switch

• To directly manage or inspect the state of the switch• may or may not require a response from the switch• Operations/msg types: features, configuration, Ready-State, Modify-State,

barrier

• Asynchronous• To update the controller of network events and changes to the switch state.• sent without the controller soliciting them from a switch• To tell controller a packet arrival, switch state change, or error• Msg. types: Packet-in, Flow-Removed, Port-status, Error

• Symmetric • Hello message, Echo request/reply

Future of SDN

Future of SDN

Early Market Mature Market

Custom

Solutions

Tailored

Solutions

Packaged Software

SDN Today

SDN EcosystemMore Start-Ups and VC investment too!

Chip vendors Equipment vendors Software vendorsVendors

Growing CommunityVendors and start-ups Providers and business-unit

More... More...

Mininet At A Glance

Mininet At A Glance• CONVENIENT REALISTIC EMULATOR FOR SOFTWARE-DEFINED NETWORKS

• Mininet creates a realistic OpenFlow network, running real kernel, switch and application code, on a single machine (VM, cloud or native), in seconds, with a single command

• Network emulator• Designed for emulating SDN networks• Easy to use• High performance (100 nodes on a laptop)

What You Can Do?• Rapidly prototype, develop and test

• Interestingly-sized networks (16-100 nodes) start up in seconds

• No lengthy lab reconfiguration or rebooting required

• Always-accessible network resources, in any topology, at essentially no cost

• Designs that work on Mininet transfer seamlessly to hardware for full speed operation

• Runs your choice of software switch• Stanford’s reference OpenFlow switch• OpenVSwitch

Easily and inexpensively demonstrate

and share

Quickly get up and running

Repeatedly test, analyze, and predict network behavior

Demo

Experimental Setup

H1 S1

SDN Controller: NOX

H2S2 S3

S4

Resources1. OpenFlow Tutorials:

http://archive.openflow.org/wk/index.php/OpenFlow_Tutorial2. Open Networking Foundation (ONF) :ONF is a user-driven organization dedicated to the promotion and adoption of Software-Defined Networking (SDN) through open standards development.https://www.opennetworking.org/

ONF has taken on the responsibility to drive the standardization of the OpenFlow protocol and have many member companies.3. SDNCentral is the leading centralized source of news and resources for network virtualization and software-defined networking (SDN).  http://www.sdncentral.com/-The independent community & #1 resource for SDN and NFV4. Mininethttp://mininet.org/

Q&A

Thank you!