Top Banner
STRUCTURE AND DESIGN OF SOFTWARE-DEFINED NETWORKS TEEMU KOPONEN NICIRA, VMWARE
47

Koponen Structure and Design of Software-Defined Networks

Dec 19, 2015

Download

Documents

itrejos

1. FALLACIES AND PROMISE OF SDN.
2. QUEST FOR STRUCTURES & ABSTRACTIONS IN NETWORKING.
3. PRACTICAL, EMERGING ABSTRACTIONS
4. POTENTIAL IMPLICATIONS FOR NETWORKING.

network design

control design

network policy

new control plane

topologydecoupling control

typical network talk

dont design protocols

simple policy

Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
Page 1: Koponen Structure and Design of Software-Defined Networks

STRUCTURE AND DESIGN OFSOFTWARE-DEFINED NETWORKS

TEEMU KOPONEN

NICIRA, VMWARE

Page 2: Koponen Structure and Design of Software-Defined Networks

WARNING: I DON’T DESIGN PROTOCOLS. I WRITE C++.

TRANSLATION: THIS IS NOT YOUR TYPICAL NETWORK TALK.

Page 3: Koponen Structure and Design of Software-Defined Networks

AGENDA: 5 YEARS OF SDN1. FALLACIES AND PROMISE OF SDN.

2. QUEST FOR STRUCTURES & ABSTRACTIONS IN NETWORKING.

3. PRACTICAL, EMERGING ABSTRACTIONS:

FABRIC AND

NETWORK VIRTUALIZATION.

4. POTENTIAL IMPLICATIONS FOR NETWORKING.

Page 4: Koponen Structure and Design of Software-Defined Networks

FALLACIES OF SDN

Page 5: Koponen Structure and Design of Software-Defined Networks

TRADITIONAL VIEW OF SDN

OPENFLOW

OPENFLOW

OPENFLOW

Page 6: Koponen Structure and Design of Software-Defined Networks

ANYTHING WRONG?

Page 7: Koponen Structure and Design of Software-Defined Networks

CENTRALIZATION

AVAILABILITY AND SCALING CALL FOR DISTRIBUTION.

Page 8: Koponen Structure and Design of Software-Defined Networks

FINE-GRAINED CONTROL

LOW-LEVEL FLOW MANAGEMENT IS HARD IN LARGE-SCALE.

OPENFLOW

OPENFLOW

OPENFLOWFIRST PKTFIRST PKT

FIRST PKT

Page 9: Koponen Structure and Design of Software-Defined Networks

UNIFIED HARDWARE PIPELINE

VENDORS PREFER DIFFERENTIATION AND DIE SURFACE MATTERS.

FULCRUMBROADCOM MARVEL

Page 10: Koponen Structure and Design of Software-Defined Networks

FAILURE DOMAINS

THERE WILL BE NETWORK PARTITIONS.

Page 11: Koponen Structure and Design of Software-Defined Networks

DID I LOSE MY FAITH IN SDN?

Page 12: Koponen Structure and Design of Software-Defined Networks

NO, EXACTLY THE OPPOSITE!

Page 13: Koponen Structure and Design of Software-Defined Networks

DISTRIBUTION IS A GOOD SERVANT...... BUT A BAD MASTER

DATA PLANE:

SPREADING STATE ACROSS THE NETWORK COMPLICATES THE DESIGN.

CONTROL PLANE IS THE WORST EXAMPLE:

DISTRIBUTED ALGORITHMS ARE COMPLEX.

ONLY INDIRECT MEANS FOR CONTROL.

Page 14: Koponen Structure and Design of Software-Defined Networks

FREEING OURSELVES FROM TOPOLOGY

DECOUPLING CONTROL FROM TOPOLOGY:

ALLOWS FOR SIMPLER OVERALL DESIGN.

ALLOWS FOR DISTRIBUTED SYSTEMS PRINCIPLES.

ALLOWS FOR RECONSIDERING THE NETWORK DESIGN.

PHYSICAL TOPOLOGY SHOULD NOT DRIVE THE CONTROL DESIGN.

Page 15: Koponen Structure and Design of Software-Defined Networks

QUEST FOR STRUCTURES & ABSTRACTIONS

IN NETWORKING

Page 16: Koponen Structure and Design of Software-Defined Networks

WHERE ARE WE TODAY?

Page 17: Koponen Structure and Design of Software-Defined Networks

HOW DID WE GET HERE?A GUARANTEED RECIPE FOR DISASTER:

1. INVENT A NEW DATA PLANE MECHANISM.

2. HACK A NEW CONTROL PLANE FOR IT.

3. JUMP BACK TO 1.

PHYSICAL TOPOLOGY DROVE THE CONTROL DESIGN!

Page 18: Koponen Structure and Design of Software-Defined Networks

THE MISSING PRINCIPLES OF MODULARITY

SEPARATION OF CONCERNS

CONTAIN A PROBLEM.

CONTAIN ITS SOLUTION.

MODULES GET DECOUPLED.

HIDING COMPLEXITY

ABSTRACTIONS HIDE DETAILS FROM THE REST.

HARMFUL DEPENDENCIES DON’T CREEP IN.

BUT...

Page 19: Koponen Structure and Design of Software-Defined Networks

DID SOMEONE SAY IT WOULD BE EASY?NO FIRM STRUCTURES FOR THE CONTROL PLANE AFTER PAST 30 YEARS OF NETWORKING.

ABSTRACTIONS AND STRUCTURES ARE TRIVIAL TO MISS.

YOU HAVE TO PRACTICALLY STUMBLE INTO THEM.

EXACTLY THAT HAPPENED TO US.

FOLLOWING IS NOT ABOUT PAPER DESIGNS!

Page 20: Koponen Structure and Design of Software-Defined Networks

STRUCTURE I : FABRIC

Page 21: Koponen Structure and Design of Software-Defined Networks

MPLS: ARGUMENT FOR EDGE/CORE SPLIT

NEIGHBOR DOMAIN

NEIGHBOR DOMAIN

MPLS EDGE

ROUTER ROUTER

DOMAIN INTERNAL

MPLS EDGE

SWITCH SWITCH

SIMPLE FORWARDINGROUTING ROUTING

Page 22: Koponen Structure and Design of Software-Defined Networks

HYPERVISORS ARE THE NEW EDGE

HYPERVISOR

HOST HOSTSWITCH SWITCH

DOMAIN INTERNAL

SIMPLE FORWARDING

HYPERVISOR

VM VM

Page 23: Koponen Structure and Design of Software-Defined Networks

BENEFITS: SEPARATION OF CONCERNS

EDGE

IMPLEMENTS THE NETWORK POLICY.

CORRECTNESS & FLEXIBILITY OF FUNCTION ESSENTIAL.

SPEED LESS.

FABRIC

MOVES THE PACKET ACROSS THE NETWORK.

SIMPLICITY OF FUNCTION.

RELIABILITY AND CAPACITY CRITICAL.

EDGE AND FABRIC CAN EVOLVE INDEPENDENTLY WITH DIFFERENT GOALS!

Page 24: Koponen Structure and Design of Software-Defined Networks

CLEAR DIVIDE BETWEEN HW & SWEDGE

CORRECTNESS & FLEXIBILITY OF FUNCTION ESSENTIAL.

SPEED LESS SO.

FABRIC

RELIABILITY AND CAPACITY CRITICAL.

SIMPLE & STABLE FUNC.

X86 SIMPLE ASICS

Page 25: Koponen Structure and Design of Software-Defined Networks

STRUCTURE 2 : NETWORK VIRTUALIZATION

Page 26: Koponen Structure and Design of Software-Defined Networks

HIDING COMPLEXITY

TODAY CONFIGURING A POLICY SPANS ALL ELEMENTS.

SIMPLE POLICY: A CAN’T TALK TO B.

WHY SHOULD ADMIN CONSIDER ANY DETAILS BETWEEN?

A B VIRTUAL SWITCH BASWITCH

SWITCH

SWITCH

Page 27: Koponen Structure and Design of Software-Defined Networks

NETWORK VIRTUALIZATION

SWITCH

SWITCH

SWITCH SWITCH

VIRTUAL SWITCH VIRTUAL ROUTER

VIRTUAL

PHYSICAL

SWITCH

SWITCH

SWITCH

Page 28: Koponen Structure and Design of Software-Defined Networks

GENERALIZATION: NESTED VIRTUALIZATION

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCH VIRTUAL SWITCHCONTROLLERCONTROLLER

TIER 4

TIER 3

TIER 2

TIER 1

Page 29: Koponen Structure and Design of Software-Defined Networks

IDENTIFYING THE SCOPE OF VIRTUAL SWITCH

LOCALITY OF CONNECTIVITY

FAILURE DOMAINS

SEPARATION OF POLICIES

VIRTUAL SWITCH SPANS AN AREA OF

GOOD CONNECTIVITY.

VIRTUAL SWITCH CORRESPONDS TO A SINGLE FAILURE DOMAIN

VIRTUAL SWITCH INTERFACE HIDES

LOWER LEVEL POLICIES FROM ABOVE.

Page 30: Koponen Structure and Design of Software-Defined Networks

FABRIC + VIRTUALIZATION

VIRTUAL

PHYSICAL

EDGE EDGEFABRIC

SWITCH

SWITCH

SWITCH SWITCH

SWITCH

SWITCH

SWITCH

VIRTUAL SWITCH VIRTUAL ROUTER

Page 31: Koponen Structure and Design of Software-Defined Networks

VIRTUAL SWITCHES, ROUTERS, SERVICES...

VIRTUAL

PHYSICAL

VIRTUAL SERVICE

EDGE EDGEFABRIC

SWITCH

SWITCH

SWITCH SWITCH

SWITCH

SWITCH

SWITCH

VIRTUAL ROUTERS VIRTUAL SWITCH

Page 32: Koponen Structure and Design of Software-Defined Networks

STRUCTURES SUMMARY

FABRIC

HARDWARE TO DELIVER PACKETS ACROSS NETWORK.

SOFTWARE EDGE IMPLEMENTS THE SEMANTIC INTELLIGENCE.

VIRTUALIZATION

VIRTUAL TOPOLOGIES SHIELD USER FROM LOW-LEVEL DETAILS.

ADMIN FOCUSES ON POLICIES.

IMPLEMENTED AT THE EDGE.

Page 33: Koponen Structure and Design of Software-Defined Networks

CONJECTURE: SOFTWARE WILL TAKE OVER

Page 34: Koponen Structure and Design of Software-Defined Networks

LONG TIME AGO...

DATA PLANE

CONTROL PLANESOFTWARE

SOFTWARE

Page 35: Koponen Structure and Design of Software-Defined Networks

MORE RECENTLY...

DATA PLANE

CONTROL PLANESOFTWARE

HARDWARE

Page 36: Koponen Structure and Design of Software-Defined Networks

TODAY IN VIRTUALIZED ENVIRONMENTS

FABRIC DATA PLANE

CONTROL PLANESOFTWARE

HARDWAREEDGE DATA PLANE

SOFTWARE

Page 37: Koponen Structure and Design of Software-Defined Networks

CLEAR DIVIDE OF ROLES

HARDWARE FABRIC SOFTWARE EDGE

HIGH AGGREGATE BANDWIDTH, RELIABILITY

HIGHLY FLEXIBLE PROVIDER FOR NETWORK SEMANTICS

A MODERN VERSION OF END-TO-END PRINCIPLE!

Page 38: Koponen Structure and Design of Software-Defined Networks

SOFTWARE FORWARDING NEVER WORKS...THIS TIME IT’S DIFFERENT:

HARDWARE REMAINS RESPONSIBLE FOR AGGREGATE BANDWIDTH.

SIMILARLY, HIGH FAN-OUT.

SOFTWARE FORWARDING IS A TAX FOR SERVERS.

USING A FEW PERCENT OF CPUS NOT REALLY AN ISSUE.

Page 39: Koponen Structure and Design of Software-Defined Networks

CHANGE OF DESIGN PRIORITIES

STRICT HW LIMITATIONS (MINIMIZE DIE SURFACE)

CONTROL PLANE DESIGN ADAPTS

SYSTEM COMPLEXITY

SIMPLE CONTROL PLANE DESIGN

SOFTWARE FORWARDING ADAPTS(FLEXIBLE MATCHING AND OPERATIONS)

SIMPLER SYSTEM

Page 40: Koponen Structure and Design of Software-Defined Networks

NETWORKS AS SYSTEMS

Page 41: Koponen Structure and Design of Software-Defined Networks

CLASSIC LAYERED CONTROL PLANES

ETHERNET STP TRILL

IS-IS OSPF

MPLS CARRIER ETHERNET

BGP

SUBNETS

SITES

REGIONS

WAN

Page 42: Koponen Structure and Design of Software-Defined Networks

LAYERED CONTROL PLANES IN SDN

SUBNETS

SITES

REGIONS

WAN

VIRTUAL SWITCHCONTROLLER

GLOBAL VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCHCONTROLLER

VIRTUAL SWITCH VIRTUAL SWITCHCONTROLLERCONTROLLER

Page 43: Koponen Structure and Design of Software-Defined Networks

FORGET THE PROTOCOLS

Page 44: Koponen Structure and Design of Software-Defined Networks

EMPEROR’S NEW CLOTHES

HACKING WITH NOX REQUIRES NO KNOWLEDGE ABOUT PROTOCOLS.

NETWORK CONTROL AT ANY SCALE IS NO DIFFERENT:

ANY DISTRIBUTED SYSTEMS DEVELOPER CAN ARRIVE WITH A DESIGN!

REMEMBER FAILURE DOMAINS, LOCALITY AND SEPARATION OF POLICIES...

WHAT SPECIAL IS LEFT IN NETWORKING AFTER THIS?

WE CAN REASON ABOUT NETWORKS AS PLAIN, STANDARD SYSTEMS, NOT AS A COLLECTION OF DISTRIBUTED PROTOCOLS!

Page 45: Koponen Structure and Design of Software-Defined Networks

TAKEAWAYS

Page 46: Koponen Structure and Design of Software-Defined Networks

SUMMARY

SDN IS AN OPPORTUNITY TO REVISIT THE NETWORK DESIGN.

FABRIC & NETWORK VIRTUALIZATION GOOD EXAMPLES.

CLASSIC ASSUMPTIONS ARE QUICKLY CHANGING:

SOFTWARE FORWARDING TAKES OVER HARDWARE AS THE PROVIDER OF NETWORK SEMANTICS.

DISTRIBUTED SYSTEMS REPLACE THE BAG OF CONTROL PROTOCOLS.

THIS IS EXACTLY WHAT “SOFTWARE” IN SDN MEANS!

Page 47: Koponen Structure and Design of Software-Defined Networks

QUESTIONS?


Related Documents
Software Defined Networks (SDN)

Software Defined Networks (SDN)

Category: Documents
Reasoning about Software Defined Networks

Reasoning about Software Defined Networks

Category: Documents
OpenFlow and Software Defined Networks

OpenFlow and Software Defined Networks

Category: Documents
Portfolio Kia Koponen 2015

Portfolio Kia Koponen 2015

Category: Documents
Software-Defined Networks: Audit & Compliance

Software-Defined Networks: Audit & Compliance

Category: Documents
Software-Defined Wireless Sensor Networks Approach

Software-Defined Wireless Sensor Networks Approach

Category: Documents
Software Defined Networks

Software Defined Networks

Category: Documents
Software-defined Networks October 2009

Software-defined Networks October 2009

Category: Documents
Software Defined VS Hardware Defined Networks for SCADA

Software Defined VS Hardware Defined Networks for SCADA

Category: Documents
Networks – Software Defined - Telekom

Networks – Software Defined - Telekom

Category: Documents
OpenFlow and Software Defined Networks. Outline o The history of OpenFlow o What is OpenFlow? o Slicing OpenFlow networks o Software Defined Networks.

OpenFlow and Software Defined Networks. Outline o The...

Category: Documents
Software Defined Networks - UKNOF routing, GMPLS/ASON, MPLS and MPLS-TP, ... Data Centers . ... Software Defined Networks (SDN)

Software Defined Networks - UKNOF routing, GMPLS/ASON, MPLS....

Category: Documents