Defining SDN Overview of SDN Terminology & Concepts Presented by: Zach Seils, Cisco Services Panelists: Amit Singh, Joe Clarke, Jason Davis, Luc De Ghein, Ranganatha Raju, Salman Asadullah, Toru Okatsu August 2013 2013 Cisco and/or its affiliates. All rights reserved. 1
2013 Cisco and/or its affiliates. All rights reserved. 2
An open solution for VM mobility in the Data-Center A way to reduce the CAPEX of my network and leverage commodity switches A solution to build virtual topologies with optimum multicast forwarding behavior A way to optimize link utilization in my network enhanced, application driven routing A platform for developing new control planes A solution to automated network configuration and control A means to get assured quality of experience for my cloud service offerings An open solution for customized flow forwarding control in and between Data Centers A solution to build a very large scale layer-2 network Develop solutions at software speeds: I don t want to work with my network vendor or go through lengthy standardization. A means to do traffic engineering without MPLS A means to scale my fixed/mobile gateways and optimize their placement A way to optimize broadcast TV delivery by optimizing cache placement and cache selection A way to distribute policy/intent, e.g. for DDoS prevention, in the network A way to configure my entire network as a whole rather than individual devices A way to build my own security/encryption solution A solution to get a global view of the network topology and state A way to scale my firewalls and load balancers 2013 Cisco and/or its affiliates. All rights reserved. 3 3
In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications https://www.opennetworking.org/images/stories/downloads/white-papers/wp-sdn-newnorm.pdf open standard that enables researchers to run experimental protocols in campus networks. Provides standard hook for researchers to run experiments, without exposing internal working on vendor devices http://www.openflow.org/wp/learnmore/ 2013 Cisco and/or its affiliates. All rights reserved. 4
In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications https://www.opennetworking.org/images/stories/downloads/white-papers/wp-sdn-newnorm.pdf open standard that enables researchers to run experimental protocols in campus networks. Provides standard hook for researchers to run experiments, without exposing internal working on vendor devices http://www.openflow.org/wp/learnmore/ 2013 Cisco and/or its affiliates. All rights reserved. 5
Control plane and data plane components are typically* co-located on the same device Control Plane: Routing protocols (i.e. OSPF, IS-IS, BGP), Spanning Tree, SYSLOG, AAA (Authentication Authorization Accounting), CLI, SNMP Supervisor I/O Module (Line Card) Data Plane: L2/L3 switching, MPLS forwarding, VRF forwarding, QoS, Marking, Classification, Policing, ACLs I/O Module (Line Card) I/O Module (Line Card) * Plenty of exceptions exist 2013 Cisco and/or its affiliates. All rights reserved. 6
Intelligence & State (Controller) Control Plane: Routing protocols (i.e. OSPF, IS-IS, BGP), Spanning Tree, SYSLOG, AAA (Authentication Authorization Accounting), CLI, SNMP Supervisor I/O Module (Line Card) Data Plane: I/O Module (Line Card) L2/L3 switching, MPLS forwarding, VRF forwarding, I/O QoS, Module Marking, (Line Classification, Card) Policing, ACLs I/O Module (Line Card) Network Element I/O Module (Line Card) I/O Module (Line Card) I/O Module I/O (Line Module Card) (Line Card) I/O Module (Line Card) Network Element 2013 Cisco and/or its affiliates. All rights reserved. 7
Networking already leverages a number of different Controllers and Agents Controller/Agent pairs always serve a specific task (or set of tasks) in a specific domain System design tradeoff between Controller/Agent and fully distributed control Control loop requirements differ per function/service and deployment domain Session Border Control SIP-proxy/ SBC Wireless LAN Control WLC Path Computa8on PCE H.248 CAPWAP PCEP SBC SBC B2BUA B2BUA SBC B2BUA AP AP AP PCC PCC PCC 2013 Cisco and/or its affiliates. All rights reserved. 8
Look familiar? Networking already leverages a number of different Controllers and Agents Controller/Agent pairs always serve a specific task (or set of tasks) in a specific domain System design tradeoff between Controller/Agent and fully distributed control Control loop requirements differ per function/service and deployment domain Session Border Control SIP-proxy/ SBC Wireless LAN Control WLC Path Computa8on PCE H.248 CAPWAP PCEP SBC SBC B2BUA B2BUA SBC B2BUA AP AP AP PCC PCC PCC 2013 Cisco and/or its affiliates. All rights reserved. 9
Traditional SDN Applications Hybrid SDN Applications Vendorspecific APIs Controller Vendorspecific APIs Controller OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) Control Plane Data Plane Data Plane 2013 Cisco and/or its affiliates. All rights reserved. 10
APIs Some network delivered functionality benefits from logically centralized coordination across multiple network devices Agent APIs Controller Agent APIs Functionality typically domain, task or customer specific Typically multiple Controller/Agent pairs are combined for a network solution Agent APIs Agent APIs Controller Controller Process on a device interacting with a set of devices using a set of APIs or protocols Analyze Offer a control interface/api Gather Act Agent Process on a device that delivers a task/domain specific function Notify Observe Agent 2013 Cisco and/or its affiliates. All rights reserved. 11
OpenDaylight is an open source project under the Linux Foundation with the mutual goal of furthering the adoption and innovation of Software Defined Networking (SDN) through the creation of a common industry supported framework. For more information: www.opendaylight.org https://wiki.opendaylight.org/view/main_page 2013 Cisco and/or its affiliates. All rights reserved. 12
Application Frameworks, Management Systems, Controllers,... Protocols onepk OpenFlow I2RS PCEP BGP- LS Neutron* OMI Puppet Chef Management Orchestra;on Network Services Control Forwarding BGP Diameter Radius OpenFlow Agent I2RS Agent PCEP Agent BGP- LS Agent Neutron* Agent OMI Agent Puppet Agent Chef Agent Device onepk API & Agent Infrastructure Opera;ng Systems IOS / IOS XE / NX- OS / IOS XR *a.k.a. Quantum 2013 Cisco and/or its affiliates. All rights reserved. 13 1
Original Motivation Research community s desire to be able to experiment with new control paradigms Base Assumption Providing reasonable abstractions for control requires the control system topology to be decoupled from the physical network topology OpenFlow was designed to facilitate separation of control and data planes in a standardized way Current OpenFlow specification defines an abstract flow-based switch model (OpenFlow switch) and a standardized interface (OpenFlow protocol) OpenFlow switch: An abstraction of an Ethernet switch; currently focused on Forwarding abstraction OpenFlow protocol: A communication protocol that provides access to the forwarding plane of an OpenFlow switch 2013 Cisco and/or its affiliates. All rights reserved. 14
Applica;on SoRware Infrastructure SoRware Embedded SoRware Fully Distributed Control Plane: Optimized for reliability Hybrid Control plane: Distributed control combined with logically centralized control for optimized behavior (e.g. reliability and performance) 2013 Cisco and/or its affiliates. All rights reserved. 15
Physical Devices Applica;ons API Management Applica;ons, Control Programs API Controller Virtual Devices API Orchestra;on API Infrastructure Services Virtual and Physical Devices Peering Model Hierarchical Model (followed by traditional SDN) 2013 Cisco and/or its affiliates. All rights reserved. 16
Applica;ons (End- User and System Applica;ons) Resource Orchestra;on, Management Programma;c Interfaces Virtual and Physical Infrastructure 2013 Cisco and/or its affiliates. All rights reserved. 17
Applica;ons (End- User and System Applica;ons) Resource Controllers Orchestra;on, and Agents Management Programma;c Platform Interfaces APIs Virtual and Physical Infrastructure 2013 Cisco and/or its affiliates. All rights reserved. 18
Programmable APIs Applications Traditional SDN Applications Hybrid SDN Applications Vendorspecific APIs Vendorspecific APIs Controller Vendorspecific APIs Controller Vendor Specific (e.g. onepk) OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) Control Plane Data Plane Data Plane Control Plane Data Plane 2013 Cisco and/or its affiliates. All rights reserved. 19
DEVELOPER ENVIRONMENT Language of choice Programmatic interfaces Rich data delivery via APIs COMPREHENSIVE SERVICE SETS Better apps New services Monetization opportunity Python Java C REST Data Path Policy Element Route Discovery Utility Developer Others DEPLOY On a server blade On an external server Directly on the device CONSISTENT PLATFORM SUPPORT IOS NX-OS IOS XR IOS NX-OS IOS XR 2013 Cisco and/or its affiliates. All rights reserved. 20
Applica;ons (End- User and System Applica;ons) Resource Controllers Orchestra;on, and Agents Management Programma;c Platform Interfaces APIs Virtual Virtual/Overlay and Physical Networks Infrastructure 2013 Cisco and/or its affiliates. All rights reserved. 21
Network 2013 Cisco and/or its affiliates. All rights reserved. 22
NfV initiative announced at SDN and OpenFlow World Congress, October 2012 Industry Specification Group (ISG) with ETSI Leveraging cloud technology to support virtualizing specific network functions Nexus/Catalyst ASR/ISR/CRS Iden;ty/Policy - ISE Firewall - ASA vswitch (Nexus 1000v) vrouter (CSR1000v) vise vfw (ASA 1000v) WAAS Email Security - ESA Wireless LAN Controller Security Gateway vwaas vesa vwlc VSG Video Cache Web Security - WSA Network Analysis - NAM IOS/XR RR vvideocache vwsa vnam vroutereflector 2013 Cisco and/or its affiliates. All rights reserved. 23
Programmable APIs Traditional SDN Hybrid SDN Overlays Networks Applications Applications Applications Applications Vendorspecific APIs Vendorspecific APIs Controller Vendorspecific APIs Controller Vendorspecific APIs Virtual Switch Overlays Vendor Specific (e.g. onepk) OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) OpenFlow, PCEP, I2RS Vendor Specific (e.g. onepk) Overlay Protocols (e.g. VXLAN) Control Plane Control Plane Control Plane Data Plane Data Plane Data Plane Overlays Data Plane 2013 Cisco and/or its affiliates. All rights reserved. 24
You start with a Physical Switch Network Physical Devices and Physical Connections 2013 Cisco and/or its affiliates. All rights reserved. 25
Then you add an overlay Overlay provides base for logical network 2013 Cisco and/or its affiliates. All rights reserved. 26
Logical switch devices overlay the physical network They define their own topology Underlying physical network carries data traffic for overlay network 2013 Cisco and/or its affiliates. All rights reserved. 27
Multiple overlay networks can co-exist at the same time Overlays provides logical network constructs for different tenants (customers) 2013 Cisco and/or its affiliates. All rights reserved. 28
Virtual Overlays in the SDN context usually refers to host-based encapsulation and forwarding Extended L2 connectivity and scalability Secure Segmentation (Multi-tenant environments, etc.) Stateless Tunneling Mechanisms No static tunnel setup required Frame formats recognized by hosts and treated as tunneled frame Ethernet frames encapsulated in IP packet Physical network uses outer IP header to forward tunneled traffic 3 popular hypervisor-based overlay technologies: Virtual Extensible Local Area Network (VXLAN) Network Virtualization using Generic Routing Encapsulation (NVGRE) Stateless Transport Tunneling (STT) 2013 Cisco and/or its affiliates. All rights reserved. 29
2013 Cisco and/or its affiliates. All rights reserved. 30
Your Application Compute (Nova) Self-service provisioning of virtual machines through a software API Network Service (Quantum) For tenant created, virtual isolated networks and subnets, and services Object Storage (Swift) Massively scalable, distributed object store 2013 Cisco and/or its affiliates. All rights reserved. 31
Apps Apps Apps APIs Controller Other Agents Integrated Network Overlays Physical and Virtual Network OpenFlow Device Device w/ OpenFlow Device Network 2013 Cisco and/or its affiliates. All rights reserved. 32
Cisco Open Network Environments www.cisco.com/go/one/ Cisco Developer Network (CDN) developer.cisco.com/web/onepk-developer/ OpenDaylight www.opendaylight.org 2013 Cisco and/or its affiliates. All rights reserved. 33
Next Webinar: Thurs. Sep. 12th Topic Date Presenter Defining SDN Overview of SDN Terminology & Concepts Aug 29 th Zach Seils Hitchhiker's Guide to onepk Sep 12 th Shelly Cadora SDN Controllers & Agents Sep 26 th Phil Casini Introduction to Virtual Overlay Technologies Oct 10 th Ozden Karakok Security for the SDN, by the SDN Oct 24 th Ahmed Abro Keep checking the Cisco Learning Network site for new/changes in the sessions: https://learningnetwork.cisco.com/community/learning_center/sdn_live_seminars 2013 Cisco and/or its affiliates. All rights reserved. 34
Once you exit the session, your survey will open in your browser. How can we make these Webinars better? What topics do you want to see? 2013 Cisco and/or its affiliates. All rights reserved. 35
Thank you.