ClosedFlow: OpenFlow-like Control over Proprietary Devices

Slides:



Advertisements
Similar presentations
Logically Centralized Control Class 2. Types of Networks ISP Networks – Entity only owns the switches – Throughput: 100GB-10TB – Heterogeneous devices:
Advertisements

CloudWatcher: Network Security Monitoring Using OpenFlow in Dynamic Cloud Networks or: How to Provide Security Monitoring as a Service in Clouds? Seungwon.
Chapter 9: Access Control Lists
A SOFT Way for OpenFlow Interoperability Testing Maciej Kuźniar, Peter Perešini, Marco Canini†, Daniele Venzano, Dejan Kostić‡ EPFL †TU Berlin/T-Labs ‡IMDEA.
© 2009 Cisco Systems, Inc. All rights reserved. SWITCH v1.0—4-1 Implementing Inter-VLAN Routing Deploying Multilayer Switching with Cisco Express Forwarding.
An Overview of Software-Defined Network Presenter: Xitao Wen.
ClosedFlow: OpenFlow-like Control over Proprietary Devices
Software-Defined Networking, OpenFlow, and how SPARC applies it to the telecommunications domain Pontus Sköldström - Wolfgang John – Elisa Bellagamba November.
OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA Presented.
SDN in Openstack - A real-life implementation Leo Wong.
Scalable Network Virtualization in Software-Defined Networks
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
Policy Based Routing using ACL & Route Map By Group 7 Nischal ( ) Pranali ( )
An Overview of Software-Defined Network
Data Plane Verification. Background: What are network policies Alice can talk to Bob Skype traffic must go through a VoIP transcoder All traffic must.
Class 3: SDN Stack Theophilus Benson. Outline Background – Routing in ISP – Cloud Computing SDN application stack revisited Evolution of SDN – The end.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
An Overview of Software-Defined Network Presenter: Xitao Wen.
Interior Gateway Routing Protocol (IGRP) is a distance vector interior routing protocol (IGP) invented by Cisco. It is used by routers to exchange routing.
Formal checkings in networks James Hongyi Zeng with Peyman Kazemian, George Varghese, Nick McKeown.
Software-Defined Networks Jennifer Rexford Princeton University.
TCP/SYN Attack – use ACL to allow traffic from TCP connections that were established from the internal network and block packets from an external network.
Software Defined-Networking. Network Policies Access control: reachability – Alice can not send packets to Bob Application classification – Place video.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Cisco S2 C4 Router Components. Configure a Router You can configure a router from –from the console terminal (a computer connected to the router –through.
Programmable Networks: Active Networks + SDN. How to Introduce new services Overlays: user can introduce what-ever – Ignores physical network  perf overhead.
Access Control Lists (ACLs)
Chapter 6 – Connectivity Devices
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Access Control Lists Accessing the WAN – Chapter 5.
IPSec ● IP Security ● Layer 3 security architecture ● Enables VPN ● Delivers authentication, integrity and secrecy ● Implemented in Linux, Cisco, Windows.
Routing and Routing Protocols
Aaron Gember, Theophilus Benson, Aditya Akella University of Wisconsin-Madison.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Basic Switch Configurations.
Access Control Lists (ACL). Access-List Overview 4 A Filter through which all traffic must pass 4 Used to Permit or Deny Access to Network 4 Provides.
Chapter 4 Version 1 Virtual LANs. Introduction By default, switches forward broadcasts, this means that all segments connected to a switch are in one.
OSI Model Topology Patch cable Flow control Common layer 2 device Best path Purpose of Layer 2 devices.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
OpenFlow MPLS and the Open Source Label Switched Router Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
Copyright Introduction to Computer Networking Learning About Other Devices.
3.6 Software-Defined Networks and OpenFlow
Why Fabric? 1 Complicated technology/vendor/device specific provisioning for networks, especially heterogeneous network DC Network – STP, TRILL, SPB, VXLAN,
Software Defined Networking and OpenFlow Geddings Barrineau Ryan Izard.
Network Virtualization Ben Pfaff Nicira Networks, Inc.
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
Instructor Materials Chapter 7: Network Evolution
SDN challenges Deployment challenges
SDN Network Updates Minimum updates within a single switch
Multi-layer software defined networking in GÉANT
Instructor Materials Chapter 7: Access Control Lists
ETHANE: TAKING CONTROL OF THE ENTERPRISE
NOX: Towards an Operating System for Networks
Network Data Plane Part 2
April 28, 2017 SUMIT MAHESHWARI INES UGALDE
6.829 Lecture 13: Software Defined Networking
SDN Overview for UCAR IT meeting 19-March-2014
Software Defined Networking (SDN)
Cisco Real Exam Dumps IT-Dumps
ONOS Drake Release September 2015.
The Stanford Clean Slate Program
Chapter 4: Access Control Lists
Software Defined Networking (SDN)
Software Defined Networking
Adaptive Flow Control using OpenFlow
Implementing an OpenFlow Switch on the NetFPGA platform
Programmable Networks
Chabot College ELEC Access Control Lists - Introduction.
CS434/534: Topics in Network Systems High-Level Programming for Programmable Networks Yang (Richard) Yang Computer Science Department Yale University.
Control-Data Plane Separation
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

ClosedFlow: OpenFlow-like Control over Proprietary Devices Ryan Hand, Eric Keller University of Colorado at Boulder 8 / 22 / 2014

Problem: Abrupt Transition to Using SDN

Goal: Smooth Transition to SDN

Just Remote/Central Configuration? User interface, and integrations into, e.g., OpenStack Some Product Configuration interface (Cisco, Juniper, etc.)

Or Switch Programming Interfaces? User interface(s), and APIs to integrate into, e.g., OpenStack Layers of abstractions, and applications … Programming interface (e.g., OpenFlow)

ClosedFlow Allow layers on top of OpenFlow But use network devices which don’t have OpenFlow support Learn about OpenFlow in the process Layers of abstractions, and applications … ClosedFlow Programming interface (OpenFlow) Configuration interface (Cisco)

Four Basic Parts of OpenFlow Controller to switch channel Topology discovery Flow abstraction (matching / actions) Packet In

(1, 2) Channel and Topology Controller to Switch channel Bootstrap path with OSPF, use SSH Topology Switch log adjacencies to controller, or controller participate in OSPF

(3) Flow abstraction Match: src_ip=1.2.3.4, dest_ip=2.3.4.5, action:OUT_PORT_2 Switch1#show access-lists Extended IP access-list 101 10 permit ip host 1.2.3.4 host 2.3.4.5 Switch1#show route-map route-map SW1_OUTBOUND, permit, sequence 10 Match clauses: ip address (access-lists): 101 Set clauses: ip next-hop 2.0.0.1 Switch1#show run interface vlan 1 interface Vlan1 ip address 1.2.3.1 255.255.255.0 ip policy route-map SW1_OUTBOUND Specifies: matches permit/deny Specifies: ACLs to apply Forwarding behavior Specifies: Inbound interface to apply Route maps (VLAN used for mult)

Challenge: (4) Packet In Can forward packets out specific ports, or (remote) Log headers and drop packets Can’t buffer packets and remote log header (metadata, P.hdr) (flow table entry, release P) P (P.hdr, P.payload) (buffer P)

Challenge: Table Transparency Rule compression – overlapping rules get combined into less TCAM entries

OpenFlow Extensions Extensions to reduce switch-controller interactions AvantGuard – security DevoFlow – monitoring OF Extensions

OpenFlow Extensions Extensions to reduce switch-controller interactions AvantGuard – security DevoFlow – monitoring Embedded Event Manager Several event detectors, Add TCL scripts for actions => Could seemingly implement intent of AvantGuard and DevoFlow Cisco EEM

Conclusions ClosedFlow is layer providing OpenFlow like programmability to legacy network configs. Giving some insight into commonalities/differences A point in the “Transition to SDN” space Panopticon (partial deploy), Fabric (edge), others.

Questions?

Challenge: Table Transparency (2) Overflowing table – uses slow memory, or SW

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com Inc. All rights reserved.