Presentation on theme: "Mobile Communication and Internet Technologies"— Presentation transcript:
1 Mobile Communication and Internet Technologies Software Defined Networks and OpenFlowMobile Communication and Internet TechnologiesCourtesy of:AT&T Tech Talks
2 Module OverviewMotivationWhat is OpenFlowDeploymentsConclusion
3 Specialized Packet Forwarding Hardware We have lost our wayRouting, management, mobility management, access control, VPNs, …AppAppAppMillion of lines of source code5400 RFCsBarrier to entryOperatingSystemSpecialized Packet Forwarding Hardware500M gates10Gbytes RAMBloatedPower Hungry
4 An industry with a “mainframe-mentality” iBGP, eBGPIPSecAuthentication, Security, Access ControlMulti layer multi regionSoftwareControlRouterHardwareDatapathFirewallL3 VPNanycastIPV6NATmulticastMobile IPHELLOOSPF-TEHELLOL2 VPNRSVP-TEVLANMPLSHELLOMany complex functions packed into the infrastructureOSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, MPLS, redundant layers, …An industry with a “mainframe-mentality”
5 Process of innovation made worse by captive standards process DeploymentIdeaStandardizeWait 10 yearsDriven by vendorsConsumers largely locked outLayer by layer innovation
6 New Generation Providers already Buying into It In a nutshellDriven by cost and controlStarted in data centers….What New Generation Providers have been Doing Within the DatacentersBuy bare metal switches/routersWrite their own control/management applications on a common platform66
8 The “Software-defined Network” 2. At least one good operating systemExtensible, possibly open-source3. Well-defined open APIAppAppAppNetwork Operating System1. Open interface to hardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding Hardware
9 Trend Virtualization or “Slicing” Virtualization layer Controller 1AppController2Virtualization or “Slicing”OpenFlowNOX(Network OS)Network OSAppAppAppWindows(OS)LinuxMacOSWindows(OS)LinuxMacOSWindows(OS)LinuxMacOSVirtualization layerx86(Computer)Computer IndustryNetwork IndustrySimple common stable hardware substrate below+ programmability + strong isolation model + competition above = Result : faster innovation9
11 Short Story: OpenFlow is an API Control how packets are forwardedImplementable on COTS hardwareMake deployed networks programmablenot just configurableMakes innovation easierResult:Increased control: custom forwardingReduced cost: API increased competition
16 OpenFlow Basics Flow Table Entries RuleActionStatsPacket + byte countersForward packet to port(s)Encapsulate and forward to controllerDrop packetSend to normal processing pipelineModify FieldsNow I’ll describe the API that tries to meet these goals.SwitchPortVLANIDMACsrcMACdstEthtypeIPSrcIPDstIPProtTCPsportTCPdport+ mask what fields to match16
17 Examples Switching Flow Switching Firewall Switch Port MAC src dst Eth typeVLANIDIPSrcDstProtTCPsportdportAction**00:1f:..*******port6Flow SwitchingSwitchPortMACsrcdstEthtypeVLANIDIPSrcDstProtTCPsportdportActionport300:20..00:1f..0800vlan141726480port6FirewallSwitchPortMACsrcdstEthtypeVLANIDIPSrcDstProtTCPsportdportForward*********22drop
18 Examples Routing VLAN Switching Switch Port MAC src dst Eth type VLAN IDIPSrcDstProtTCPsportdportAction*********port6VLAN SwitchingSwitchPortMACsrcdstEthtypeVLANIDIPSrcDstProtTCPsportdportActionport6,port7,port9**00:1f..*vlan1*****
20 Network Design Decisions Forwarding logic (of course)Centralized vs. distributed controlFine vs. coarse grained rulesReactive vs. Proactive rule creationLikely more: open research area
21 Centralized vs Distributed Control Centralized ControlDistributed ControlControllerControllerOpenFlowSwitchOpenFlowSwitchControllerOpenFlowSwitchOpenFlowSwitchControllerOpenFlowSwitchOpenFlowSwitch
22 Flow Routing vs. Aggregation Both models are possible with OpenFlow Flow-BasedEvery flow is individually set up by controllerExact-match flow entriesFlow table contains one entry per flowGood for fine grain control, e.g. campus networksAggregatedOne flow entry covers large groups of flowsWildcard flow entriesFlow table contains one entry per category of flowsGood for large number of flows, e.g. backbone
23 Reactive vs. Proactive Both models are possible with OpenFlow First packet of flow triggers controller to insert flow entriesEfficient use of flow tableEvery flow incurs small additional flow setup timeIf control connection lost, switch has limited utilityProactiveController pre-populates flow table in switchZero additional flow setup timeLoss of control connection does not disrupt trafficEssentially requires aggregated (wildcard) rules
24 OpenFlow Application: Network Slicing Divide the production network into logical sliceseach slice/service controls its own packet forwardingusers pick which slice controls their traffic: opt-inexisting production services run in their own slicee.g., Spanning tree, OSPF/BGPEnforce strong isolation between slicesactions in one slice do not affect anotherAllows the (logical) testbed to mirror the production networkreal hardware, performance, topologies, scale, usersPrototype implementation: FlowVisorvery text heavy; think about a picture (what!?)"systems solution to a networking problem (this is why it's at OSDI)"
25 Add a Slicing Layer Between Planes Slice 2ControllerSlice 3ControllerSlice 1ControllerSlicePolicies"Each slice runs its own, custom control plane process and generates its own rules"Control/DataProtocolRulesExceptsDataPlane
26 Network Slicing Architecture A network slice is a collection of sliced switches/routersData plane is unmodifiedPackets forwarded with no performance penaltySlicing with existing ASICTransparent slicing layereach slice believes it owns the data pathenforces isolation between slicesi.e., rewrites, drops rules to adhere to slice policeforwards exceptions to correct slice(s)
27 Slicing Policies The policy specifies resource limits for each slice: Link bandwidthMaximum number of forwarding rulesTopologyFraction of switch/router CPUFlowSpace: which packets does the slice control?
28 FlowSpace: Maps Packets to Slices "flowspace is a way of thinking about classes of packets""each slice has forwarding control of a specific set of packets, as specified by packet header fields""that is, all packets in a given flow are controlled by the same slice""each flow is controlled by exactly one slice" (ignoring monitoring slices for the purpose of the talk)"in practice, flow spaces are described using ordered ACL-like rules"
29 Real User Traffic: Opt-In Allow users to Opt-In to services in real-timeUsers can delegate control of individual flows to SlicesAdd new FlowSpace to each slice's policyExample:"Slice 1 will handle my HTTP traffic""Slice 2 will handle my VoIP traffic""Slice 3 will handle everything else"Creates incentives for building high-quality services
30 FlowVisor Implemented on OpenFlow ServerServersCustomControlPlaneSwitch/RouterOpenFlowFirmwareData PathControllerFlowVisorOpenFlowControllerNetworkOpenFlowProtocolStubControlPlaneOpenFlowFirmwareDataPlaneData PathSwitch/RouterSwitch/Router
31 FlowVisor Message Handling OpenFlowFirmwareData PathAliceControllerBobCathyFlowVisorRulePolicy Check:Is this rule allowed?Policy Check:Who controls this packet?Full Line RateForwardingExceptionPacketPacket
33 OpenFlow has been prototyped on…. Ethernet switchesHP, Cisco, NEC, Quanta, + more underwayIP routersCisco, Juniper, NECSwitching chipsBroadcom, MarvellTransport switchesCiena, FujitsuWiFi APs and WiMAX BasestationsMost (all?) hardware switches now based on Open vSwitch…
34 Deployment: Stanford Our real, production network 15 switches, 35 APs 25+ users1+ year of useSame physical network hosts 7 different Stanford demos
36 (Public) Industry Interest Google has been a main proponent of new OpenFlow 1.1 WAN featuresECMP, MPLS-label matchingMPLS LDP-OpenFlow speaking router: NANOG50NEC has announced commercial productsInitially for datacenters, talking to providersEricsson“MPLS Openflow and the Split Router Architecture: A Research Approach“ at MPLS2010
37 Conclusions Current networks are complicated OpenFlow is an API Interesting apps include network slicingOpenFlow has potential for Service ProvidersCustom control for Traffic EngineeringCombined Packet/Circuit switched networks
Your consent to our cookies if you continue to use this website.