SDN Network Virtualization Practices Jiann-Liang Chen Department of Electrical Engineering, National Taiwan University of Science and Technology Date: 2015/08/28 The 5th International Symposium on Network Virtualization NV Symposium-Social impacts of softwarization and 5G networking
54
Embed
The 5th International Symposium on Network Virtualizationnv/nvs2015/nvs2015-3-chen.pdf · • LTE Small Cell SON- Test Case Development (sponsor: ITRI Taiwan) • SDN Test Case and
This document is posted to help you gain knowledge. Please leave a comment to let me know what you think about it! Share it to your friends and learn new things together.
Transcript
SDN Network Virtualization Practices
Jiann-Liang ChenDepartment of Electrical Engineering, National Taiwan University of Science and Technology
Date: 2015/08/28
The 5th International Symposium on
Network VirtualizationNV Symposium-Social impacts of softwarization and 5G networking
Materials... from Research Teams
Jiann-Liang Chen (National Taiwan University of Science & Technology, Taipei)
Tsung-Nan Lin (National Taiwan University, Taipei)
Chu-Sing Yang (National Cheng Kung University, Tainan)
2
Partial Results… On-Going Projects
• Study on Hybrid SDN Networking for Cloud Computing (sponsor: MOST Taiwan)
• SDN-enabled Internet-of-Things Cloud Platform (sponsor: MOST Taiwan)
• Cloud Data Center Networking Techniques (sponsor: MOST Taiwan; PI: CCU Ren-Hung Hwang)
• Research on Identification of Devices and Application for Improving Security in SDN enabled IoT/Cloud System (sponsor: MOST Taiwan & JST Japan; International Joint Project with Prof. Nakao)
• LTE Small Cell SON- Test Case Development (sponsor: ITRI Taiwan)
• SDNTest Case and Toolkit Development (sponsor: III Taiwan)
3
Outline
1. SDN Network Virtualization Techniques
2. Network Virtualization Applications
3. SDN Network Virtualization Practices
4. Summary
4
Software-Defined Networking
5
Control
planeData
plane
Agent
Control
planeData
plane
Agent
Control
planeData
plane
Agent
Control
planeData
plane
Agent
Smile!
Packet Flow in SDN Switch
1
1
2
3 4
4
5
5
5
3
2
Network Virtualization
7
Physical
Infrastructure
Virtualisation of resources
Management of virtual networks
Provisioning of virtual networks
Virtualised
Substrate
Virtual
Networks
Independent, isolated
VNs, running different
protocols, packet
formats, management
tools, etc.
Infrastructure made of
virtualizable network
resources
Collection of virtual
resources, aggregated to
build virtual networks
Source: “Network Virtualization: Opportunities and Challenges for Operators,” EURESCOM
8
Network Virtualization- FlowVisor Layer
• An experimental software-defined networking controller that enables network virtualization by slicing a physical network into multiple logical networks.
Virtual Tenant Network (VTN)
• An application that provides multi-tenant virtual network on
an SDN controller.
SDN virtualization technologies will be discussed…
Intrusion Detection with VN• Intrusion Detection service chain can be traversed parallel,
with one centralized DPI extract information and pass it to intrusion detection service chains.
19
Network Virtualization Application (1)
Malware Detection
1. User Downloads Repackaged
Application
2. Repackaged Application
Detected
3. Mark Traffic Originated
from the Application
(update FlowTable -> OF
Switch)
4. OF Switch Detects the
Marked Packets
(FlowTable …)
(Controller & NFV)
Network Virtualization Application (1)
End-to-end QoSGuaranteed
21
Traditional QoS Issues
Scalability Classification and Routing
Real-time adaptions
• The configuration must be replicatedinevery switching device (e.g.: DSCP filed)
• No standard protocol could directly configure the networking devices over current Internet today.
• Currently, very few tools exist in the network to differentiatetraffic flows and routethem through their appropriate paths
• Only checks the packet'sip address of source anddestination with the routing table.
• While existing networks can support differentiated QoS levels, the provisioning of those resources is typically done manually.
• Therefore, the network cannot dynamically adapt to changing traffic, application, and user demands.
Network Virtualization Applications (2)
SDN Key Capabilities
Scalability Classification and Routing
Real-time adaptions
• With the overall topology view, controllercouldperform and change the polices on every switch automatically and easily.
• Capability of parsingevery packet from layer1 to layer 4 and managing theforwarding policy.
• With programmablecontrol power, we could develop suitable mechanisms and adapt to the changing instantly.
End-to-end QoS Guaranteed
22
Network Virtualization Applications (2)
Provision QoSwith virtualization
The architecture needs specify the high level QoS requirements and automates the process of deriving individual per-device configuration specifications and then configuring the switches.
Network Virtualization Applications (2)
QoS APIs expose the most common existing hardware switch QoScapability, namely rate-limitersand priority queues, to the remote controller.
These dynamic mappings are more flexible than the conventional static priority tagging because the controller can decide the mappings based on the current workload at each switch.
Network Virtualization Applications (2)
Provision QoS with virtualization
QoS controller implements a flow aggregator that categorizesindividual flows into groups, and allocates resources based on the groupswhenever possible.
Flow Spec: represents a set of flows for each service in network.
Slice Spec: shows performance requirementfor a network slice such as maximum bandwidth, minimum delay, etc..
Categorize Slicing
Network Virtualization Applications (2)
Provision QoS with virtualization
Meter-based QoS Guaranteed
26
Limit non-guaranteed traffic
Reroute non-guaranteed traffic
QoS guaranteed provisioning
High priority flow
Medium priority flow
Network Virtualization Applications (2)
Meter-based QoSGuaranteed • After acquire all the QoS demands, along the protected path, we separate
different traffic into different slices.
• Using meter entry to limitthe max-rate of the slice of low priority flows(best-effort traffic) to guarantee the QoS of the high priority flows.
27
Slice 1Slice 2Slice 3
Reserved for high priority flow
Low priority flow
High priority flow
Medium priority flow
Network Virtualization Applications (2)
Meter-based QoSGuaranteed
28
Using Meter entry to achieve Per-flow QoScontrol (slices in slice)
Slice 1Slice 2Slice 3
Data Transfer
Video Streaming
Gaming Traffic
Slice 2
flows Slice 2-A
Slice 2-B
Network Virtualization Applications (2)
Outline
1. SDN Network Virtualization Techniques
2. Network Virtualization Applications
3. SDN Network Virtualization Practices
4. Summary
29
Case 1: Based on FlowVisor technique and
operations, an enterprise application called as
EnterpriseVisor is designed.
Case 2: Based on VTNtechnique, an application to
achieve thenetwork congestion controlis designed.
30
SDN Network Virtualization Practices
Users Requirements Limitation
3131
Slice 3
Slice 2
Slice 1
Assumptions:
• MaximalnetworkcapacityC=100M
40 Mbps
30 Mbps
30 Mbps
20 Mbps
20 Mbps
60 Mbps
10 Mbps
15 Mbps
20 Mbps
55 Mbps
Dynamically allocate bandwidth to different slices
Guarantee Quality-of-Service
32
Network Virtualization Platform
SDN Controller
SDN Networking
Virtualize the Network
Configure
MonitorFlowVisor EnterpriseVisor
Network Virtualization
Isolation
Slice 1Slice 1
Slice 2Slice 2
Slice NSlice N
Service 1
Service 2
Service N
…
Slice 1
Slice 2
…
Slice N
Communicate with FlowVisor
Configure enterprise networks
OFPMP_PORT_STATS_Request
OFPMP_PORT_DESCRIPTION_Request
OFPT_FEATURES_REQUEST
33
Network Virtualization Layer
OpenFlow Controller
Translation Unit
Forwarding Unit
Resource
Allocation
Policy
Network Virtualization Platform
EnterpriseVisor
Network Monitor
Deployment Analysis
Policy Agent
ConfigConfig
Database
FlowVisor
34
Slice 1
Slice 2
Slice 4
Slice 3
Designed Resource Scheduling:
Linear Programming Scheme
Controller:OpenDaylight Hydrogen Base 1.0
Mininet:Mininet 2.1.0, OpenvSwitch 2.1.2
The operation of each slice
Four states are defined here.
S2: Resource Requester ->
if (NU Low & SU High)
S3: Resource Provider ->
If(NU High & SU Low)
35
S4S1 S2 S3S3
� S1: Don't change.� S2: Request for the resource from other slice.� S3: Provide the resource to other slice.� S4: Don't change until.
SU_High:
>80%
SU_low
<60%
Resource
RequesterResource
Provider
Slice
Utilization
Network
Utilization
36
High Utilization
(Requester)Low Utilization
(Provider)
slice2
slice4
slice1
slice2,3
slice4
slice2
slice2,3
slice4
higher network utilization with only a minor sacrifice of control message latency (0.71ms).
37
Slice 3
Slice 2
Slice 1
Add-slice
Controller id
Slice name
Rate
Bandwidth control
FlowVisor API
38
Slice 3
Slice 2
Slice 1
Update-slice
Slice name
Rate
Update bandwidth rate
FlowVisor API
39
Network Virtualization Platform
SDN Controller
SDN Networking
Virtualize the Network
Configure
MonitorFlowVisor EnterpriseVisor
Network Virtualization
Isolation
Slice 1Slice 1
Slice 2Slice 2
Slice NSlice N
Service 1
Service 2
Service N
…
Slice 1
Slice 2
…
Slice N
Update-slice
Add-slice
40
Offer virtual node features
Provide End-to-end path control
VTN Manager
41
����
����
����
����
����
VTN1
VTN3 VTN4 VTN5
VTN2 VTN5VTN4VTN3
VTN2 VTN3 VTN4 VTN5
Routing Path
Planning
Resource
Scheduling
Path1 Path2 Path3
42
Physical Network
Virtual Tenant NetworkSDN Controller
Routing Manager
SLA information
collector
Network
Policy
Network
Monitor
Server User
Resource
Scheduler
Collect the SLA information of each VTNReroute according to the routing schedule (Path Mapping)