Open Source Network: Software-Defined Networking (SDN) and OpenFlow

Open Source Network: Software-Defined Networking (SDN) and OpenFlow Insop Song, Ericsson LinuxCon North America, Aug. 2012, San Diego CA

Objectives Overview of OpenFlow Overview of Software Defined Networking (SDN)

Disclaimer This presentation represents the view of the author and does not necessarily represent the view of Ericsson OpenFlow is an invention from network researchers Stanford and UCB

Overview of network equipment Network equipment Layer 2 Ethernet switches, IP routers Feature Feature... Feature Operating Features system Forwarding H/W: ASICs/FPGAs or Merchant silicon chips

Data plane Hardware packet forwarding path Line rate forward packets output ports Adding tags, Modifying packets Drop packets Forward packets to CPU Collect traffic statistics Programmed by control plane or manual configuration (management) Packet out Packets in Packet out L2 table (MAC + Vlan) L3 table (IP) ACL, QoS Switch/Router

Control plane Control plane Handling protocol packets at CPU Track topology changes Handles protocol and routes Updates hardware L2/L3 forwarding tables & ACL CPU Protocol S/W Control Packets in 1. Packet forward to CPU 2. Table config ASICs/FPGAs or Merchant silicon chips

Network configuration Distributed dynamic routing running on heterogeneous environment Protocol based distributed state management STP, OSPF, BGP Manual configuration Policies, SLA, VLAN feature OS Forwarding h/w switch Server Router Router switch Server Router switch Server

Network equipment Mastering complexity No well defined API for control packet handling No generalized API for data path state Tight vertical integration Complicated and lack of abstraction Distributed state management is hard Lack of global and consistent view of network, hard to manage overall network

Solutions Generalize data plane Flexible flow table management Decouple data and control planes API for handling control packets Decouple distributed model from physical topology Take out the control logic from the network equipment Flow table Generalized API Flow table Simple packet forwarding hardware Controller(s) Packet forwarding hardware Packet forwarding hardware Packet forwarding hardware

OpenFlow Started from academia as a way to test experimental protocol on a real network Identify flexible common set of functions for flow table Provides open protocol to program flow table through secure channel OpenFlow Network Controller Flow table OpenFlow protocol SSL/TCP Flow table Simple packet forwarding hardware

OpenFlow Logically centralized controller Generalized data plane API using Flow table Control program 1 Control program 2 Network OS If header == a, send to port 10 if header == b, modify header with c, and send to port 11 if header ==?, then send to controller Flow table(s) Packet forwarding hardware Packet forwarding hardware Flow table(s) Packet forwarding hardware Flow table(s)

OpenFlow Flow table(s) Match Action Status counter Pop/Push tags Decrement TTL Set fields Apply QoS Forward packets Port Dst Mac Src Mac Eth type Vlan Src IP Dst IP TCP src port TCP dst port

OpenFlow Example of Flow table Src MAC Dst MAC Src IP Dst IP TCP sport Action Count * 10:1f:* * * * * Port 2 100 * * * 1.2.3.4 * * Port 3 200 * * * * 22 drop 300 00:20:.. 00:1f:.. 1.2.3.4 5.6.7.8 1234 Port4 400 * * * * * * Controller 500

OpenFlow Specification Version Summary 1.0 Initial version 1.1 Multi-table pipeline processing, MPLS, QinQ 1.2 IPv6, Extensible Match (OXM) and additional extensibility 1.3 QoS and PBB additions

Decouple Data and Control planes Easier to implement new ideas Remove dependencies between vendor SDK Easier to test and maintain software Centralized programming and more abstraction Easier interoperability between vendors Using standard API (programing flow and receiving control packets) More powerful computing for control logic network management Network control could be off-loaded to servers

Software-Defined Networking Traditional network Closed box, closed API Distributed protocol SDN Open standard API Logically centralized Feature Feature Well-defined API Network OS OpenFlow feature feature OS Forwarding h/w OS Forwarding h/w feature OS Forwarding h/w Flow table(s) Packet forwarding hardware Packet forwarding hardware Flow table(s) Flow table(s) Packet forwarding hardware

Centralized controller Less system overhead on the network node Minimize protocol packets for distributed protocol Network topology Easier to have consistent global view of the network Management Easier to mange programmable network

SDN Use cases Data center SDN facilitates network virtualization Google, Dell, Yahoo, Facefook, Amazon Campus Enable IT to apply consistent policies in wired and wireless network Stanford and many other universities Cloud Allows flexible network allocation

Academia and industry Close collaboration between university and industry Open Networking Foundation (ONF) Standard body by 70+ (growing) Many companies participating From large companies to startups From chip vendors to service integrators Google, Cisco, HP, NEC, Ericsson, IBM, Juniper VMWare (Nicira), Big switch, and more

OpenFlow switches Current OpenFlow supporting switches Growing, so check with your vendors Juniper, HP, NEC, NetGear, Ciena, Pronto Many companies are prototyping OpenFlow switches Google made their own OpenFlow switches

OpenFlow network controllers OpenFlow reference Lang License Original author note C OpenFlow License Stanford/Nicira Reference design NOX C++ GPL Nicira Nox classic C++/Python POX Python GPL http://www.noxrepo. org Nox Python version Beacon Java GPL Stanford Run time modular, web UI Floodlight Java Apache Big switch Easy to build and set up Trema Ruby, C GPL NEC Including emulator, test framework RouteFlow C Apache CPqD, Brazil OpenFlow with Quagga stack

How to experiment Mininet Allows to create hundreds of nodes on a single PC OpenFlow tutorial is based on Mininet

Open source Open vswitch Software switch supports OpenFlow Upstream from 3.3 kernel Various network controller are open source Open API Openness is one of the key reasons for SDN/OpenFlow success

Questions? Scalability Is it scalable? Reliability High availability Security Security risk on the centralized controller(s) Interoperability Co-existing with existing equipment and neighboring domain

Summary OpenFlow Enabling generalized open API for configuring flow table Clean separation between data and forwarding planes SDN Allowing us to define the right abstractions Network virtualization Very successful so far, more real changes to come.. The future of networking?

References: 1. The Future of Networking, and the Past of Protocols : Scott Shenker 2. An attempt to motivate and clarify SDN : Scott Shenker 3. Making SDNs Work - Nick McKeown 4. Origins and Evolution of OpenFlow/SDN - Martin Casado 5. OpenFlow @ Google - Urs Hoelzle, Google 6. Opening Up Your Network to Cloud Innovation with SDN: Guido Appenzeller 7. Software Defined Networking is an Architecture Not a Protocol, David Meyer, Cisco 8. SDN and OpenFlow A Tutorial 9. OpenFlow Switch Specification 1.3 10. Software-Defined Networking: The New Norm for Networks: ONF White Paper

Thank you Question?