Software Defined Networking (SDN) Ranjith Kumar N Principal Software Engineer, EMC 1
Welcome message from author
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
1
Software Defined Networking(SDN)
Ranjith Kumar NPrincipal Software Engineer, EMC
2
SDN-Definition
SDN is a network architecture that decouples the control and data planes, moving the control plane (network intelligence and policy making) to an application called a controller.
This migration of control, formerly tightly bound in individual network devices, into accessible computing devices enables the underlying infrastructure to be abstracted for applications and network services, which can treat the network as a logical or virtual entity
3
Today’s Networks are Defined by the “Box”
• Hardware, Operating System, and Applications Built Into a “Box”.
• Too many RFC’s (above 6000rfc’s) • Mainframe Mentality• Operating a network is expensive– More than half the cost of a network– Yet, operator error causes most outages
4
Why SDN
• Compute, storage and server technology is virtualized• Abstraction• It make network more responsive to dynamic
business condition• Centralized control• It allows easy in developing new protocol and test it• SDN allows you to specify “virtual topology” to cloud • SDN’s ability to virtualize the network
5
Key drivers/use cases– Network Abstraction and Operator control– Automated provisioning of network bandwidth to
accommodate scheduled data transfers– Load balancing– Software based innovation– Better utilization of network path– Central configuration and intelligence provides – faster
convergence in case of failure
– Cloud computation -- Network Virtualization -- SDN
6
Software Defined Networking (SDN)
API to the data plane(e.g., OpenFlow)
Logically-centralized control
Switches
Smart,slow
Dumb,fast
7
WindowsWindows
x86
Virtualization
WindowsWindowsWindowsLinux
WindowsWindowsFreeBSD
Apps Apps Apps
Computer Industry
WindowsWindows
Virtualization
NetworkOS
WindowsWindowsNOXWindowsWindowsBeacon
Apps Apps Apps
Network Industry
Openflow
8
Packet-Forwarding Hardware
Openflow Firmware
Packet-Forwarding Hardware
Openflow Firmware
Packet-Forwarding Hardware
Openflow Firmware
Packet-Forwarding Hardware
Openflow Firmware
Network Operating System
App App App App
Open Interfaceto Hardware(OpenFlow)
Open API
The “Software-Defined Network”
Two Key Definitions
• Data Plane: processing and delivery of packets– Based on state in routers and endpoints– E.g., IP, TCP, Ethernet, etc.– Fwding state + packet header forwarding decision
• Control Plane: establishing the state in routers– Determines how and where packets are forwarded– Routing, traffic engineering, firewall state, …– Centralized computation and configuration
9
10
Control Plane in details
• Control plane need to address operator goal• Convey the configuration to network elements• Control plane must compute forwarding state:
-Consistent with particular low-level hardware/software -Based on entire network topology
• Control plane is implemented by controller– Controller can be software running on general purpose
hardware– Example Cisco One controller, Huawei SOX controller,
SNAC
Controller: Programmability
11
Network OS
Controller Application
Events from switchesTopology changes,Traffic statistics,Arriving packets
Commands to switches(Un)install rules,Query statistics,Send packets
12
Network Operating system
• The device operating system handles device operations like Boot, Flash, Memory management, OpenFlow Protocol handler, SNMP etc.
• Minimal source code, less resource and less cost• Collects information for global Network view• Conveys configuration from controller to
switches
13
Packet Forwarder
Network OS
Global Network View
Abstract Network Model
Control Program
Network Virtualization
Software Defined Network - virtualizationSpecifies behavior
Compiles to topology
Transmits to switches
Packet Forwarder
Packet Forwarder
Packet Forwarder
Packet Forwarder
14
Network Virtualization
– Introduces new abstraction layer for virtual topology
– Can have many virtual Networks – Solves VLAN limitation
– allows operator to express requirements and policies Via a set of logical switches and their configuration without binding to physical network
– Translates requirements into network elements
15
Openflow• OpenFlow is designed to support policy-based flow
management within a network.• IP routers and Ethernet switches does initial forwarding lookup
using the devices CPU. After the initial lookup, the forwarding information is cached, and every subsequent packet utilizes the flow-cache for forwarding.
• OpenFlow makes a minor modification to above model by simply moving the initial lookup to a central server; every subsequent packet continues to use the local flow-cache for forwarding, just like networking devices have always worked.
16
Traditional forwarding /Openflow forwarding
17
RIB and FIB
• Routing Table at control Plane has many route to destination
• Forwarding table at Data Plane has best /valid route
• Open flow client at device level update FIB with help of firmware
• Table population- RIB FIB, Open Flow FIB
18
Data-Plane: Simple Packet Handling
• Simple packet-handling rules– Pattern: match packet header bits– Actions: drop, forward, modify, send to controller – Counters: #bytes and #packets
1. src=1.2.*.*, dest=3.4.5.* drop 2. src = *.*.*.*, dest=3.4.*.* forward(2)3. src=10.1.2.3, dest=*.*.*.* send to controller
19
SDN and Flow Table
20
Networking Becomes Software-Oriented
• All complicated forwarding decision done in software • And control plane is a program (on a server)… , not a
protocol • We are programming the network, not designing it • Focus on modularity and abstractions• Innovation at software, not hardware, speeds • Software lends itself to clean abstractions
21
Virtual Networks in IT infrastructure
22
Network Virtualization Platform • Network Virtualization Platform (NVP) is software that operates
at the edge of any existing IP network and faithfully reproduces the entire networking environment in the virtual space.
• NVP transforms a physical network into a generalized pool of network capacity
• Virtual networks decouple from underlying network hardware• NVP creates an intelligent network edge managed by a control
cluster that transforms existing physical network into an IP backplane and enables the programmatic creation of 10s of thousands of agile virtual networks to connect workloads anywhere in your cloud
23
Overview of Network Virtualization
24
• Network virtualization enables Layer 2 to Layer 7 networking services in software
• NSX network virtualization programmatically creates, snapshots, deletes, and restores software-based virtual networks.
25
Components of VMware NSX
26
Data Plane• The NSX Data plane consists of the NSX
vSwitch. The vSwitch in NSX for vSphere is based on the vSphere Distributed Switch (VDS) (or Open vSwitch for non-ESXi hypervisors)
• The NSX vSwitch (VDS or OVS-based) abstracts the physical network
27
Control Plane • The NSX control plane runs in the NSX
controller. In multihypervisor environment the controller nodes program the vSwitch forwarding plane.
28
Management Plane • The NSX management plane is built by the NSX manager. • The NSX manager provides the single point of
configuration and the REST API entry-points in a vSphere environment for NSX
• Configure logical switches and connect virtual machines to these logical switches.
• It also provides API interface, which helps automate deployment and management of these switches through a Cloud management platform.
29
Consumption Platform• The consumption of NSX can be driven directly via the
NSX manager UI. • The end-users tie in network virtualization to their
cloud management platform for deploying applications.
• NSX provides a rich set of integration into virtually any CMP via the REST API. Out of the box integration is also available through VMware vCloud Automation Center, vCloud Director and OpenStack.
30
Virtual Network Services
31
• Virtual Networks enables network services to be programmatically provisioned and accounted for on a per-port, per-hour basis.
• This allows network services to be dynamically provisioned on demand, and charged for on a pay-as-you-go basis.
• These layer4-7 services is used as building blocks for cloud service
Network Virtualization Platform
32
33
Controller cluster
• The NVP Controller is a highly available clustered controller running on servers that manages all virtualized network components and connections.
• The controller cluster exposes the web services API and defines virtual networks.
• Capable of controlling and managing thousands of OVS edge devices(switching and routing modules)
34
Logical switching
• Open vSwitch (OVS) is the core component on the intelligent edge.
• Each logical switch created is a separate L2 broadcast domain that can be associated with a separate subnet using a private IP space or public IP space(depending on logical networks).
35
Logical Router
36
• Logical routing supports both distributed and centralized routing
• In case of distributed router the NSX manager deploys the logical router control VM and pushes the Logical Interface configurations to each host through the controller cluster
• In the case of centralized routing, NSX manager just deploys the NSX Edge services router VM.
• Logical Router Control VM supports dynamic routing(OSPF/BGP) and pushes the learned routes to the Hypervisors through the controller cluster
37
Q&A
38
39
SDN final notes
• Express intent independent of implementation -Hardware (e.g., ASIC structure and capabilities) -Software (e.g., vendor-independent)
•OpenFlow is current proposal for forwarding -Standardized interface to switch -Configuration in terms of flow entries: <header, action>
•Design details concern exact nature of: -Header matching -Allowed actions
40
Control Program
Software Defined Network -Basic
Packet forwarder
Packet forwarder
Packet forwarder
Packet forwarder
Packet forwarder
Network OS
Global Network View
Distributed algorithm running between neighbors
e.g. routing, access control