OpenDaylight Network Virtualization and its Future Direction

OpenDaylight Network Virtualization and its Future Direction May 20, 2014 Masashi Kudo NEC Corporation

Table of Contents SDN Market Overview OpenDaylight Topics Network Virtualization Virtual Tenant Network (VTN) Open DOVE Future of Virtualization Page 2

Acknowledgement We would like to extend our sincere thanks to Anees Shaikh @Google for his inputs on virtualization in OpenDaylight project and Open DOVE documents.

Page 4 SDN Market Overview

SDN market SDN market estimation in Japan, 2012-2017 Note: Sum total of data center, enterprise network and carrier SDN Source: IDC Japan, 4/2014 5

SDN/OpenFlow Commercial Deployments Vertical Industry Commercial Deployment network isolation network selfmgmt. CAPEX, OPEX Hospital Kanazawa University Hospital Yes Yes Logistics Nippon Express Yes Yes Manufacturing Toyo Seikan Group Holdings Yes Yes NEC Software Factory Yes Carrier Customer A Yes Yes SIer Minaminihon Information Processing Center Customer B Yes Yes Yes Nippon Jimuki Yes Yes 6

SDN market status Sales Innovator Early adopter Chasm Main stream Push type One to Many strategy 2013 2015~ Product life

Expectations on OpenDaylight Applications Vendor A Vendor B SDN Controller Vendor X OpenDaylight code (+Vendor C) SDN Hardware Vendor D Vendor E OpenDaylight focuses on OSS based controller development Allows industry wide focus on application services where SDN has competitive advantages Overcome the chasm by accelerating SDN deployment. 8

Page 9 OpenDaylight Topics

Topics OpenDaylight Hydrogen accomplished(feb 4, 2014) OpenDaylight Summit (2/4-5 Santa Clara) First ever public event held by OpenDaylight About 600 participants Hydrogen won Grand Prix at Interop Las Vegas 2014 Best of Interop Grand Award and SDN Category Winner 10

OpenDaylight Sponsors Participating Organizations: 36 companies (as of May 12, 2014) Steady increase from the eighteen sponsors at the beginning Platinum Gold Silver Nine Two Twenty-five 11

Virtualization Edition 12

Page 13 Network Virtualization

System Virtualization Traditional Virtualized System Server virtualization Appliance virtualization Storage virtualization VM VM VM LB LB FW Storage Storage Storage Storage Storage Virtual Switch Virtual Switch SV SV SV SV SV SV Hypervisor Hypervisor Virtualization SV SV Engine OpenFlow L2 Switch Switch LB L2 Switch FW Router LB LB LB FW FW L2 Switch Appliance pooling FW 14

Technology that underpins network virtualization Node-level Virtualization Virtual appliance LB LB FW Virtual Switch Hypervisor V M Path-level Virtualization VM connectivity V M Domain-level Virtualization Tenant connectivity Hypervisor/vSwitch HW offload (EVB) Mobility management Tunnel technology Hop by hop packet fwd. Policy management Switch cluster Network modeling VM associated to the same tenant Physical network control (Topology detection, isolation of tenants, Traffic control ) Overlay network Hop by hop network Policy management 15

Network virtualization to hide network variations Provide single network interfaces to upper layer applications or operators by hiding varied physical networks. Network Control Applications Create tenant Add appliance. High-Value Added Applications OpenFlow Overlay (VXLAN,..) Network Abstraction Layer Decouple Network Service Layer VLAN Other protocol.. OpenFlow Fabric Overlay network Traditional IP network Other network 16

Page 17 Virtual Tenant Network (VTN)

VTN Project at OpenDaylight NEC contributed components at Hydrogen release. VTN Coordinator Virtual network model and API VTN Manager Reactive control over OpenFlow network as underlay control. (PACKET_IN, PACKET_OUT, FLOW_MODE) Based on NEC ProgrammableFlow GA product SDN Application REST API VTN Coordinator REST API VTN Manager OpenDaylight Controller REST API VTN Manager OpenDaylight Controller Switch Switch Switch Switch 18

VTN summary Network orchestration for: Multi data center Multi controller Multi network technology (Data plane independent) OpenFlow Overlay Etc VTN (Virtual Tenant Network) based NB-API for: OpenStack SDN Applications 19

VTN virtual network model Completely isolated virtual network with virtual abstractions vbridge vbridge vbridge vtunnel vbridge vrouter VTN1 vtep vbypass vtep VTN2 Virtual node (vnode) Components vbridge vrouter vtep vtunnel vbypass Description logical representation of L2 switch function. logical representation of L3 router function + DHCP relay agent. logical representation of Tunnel End Point - TEP. logical representation of Tunnel. logical representation not coordinated by UNC. Virtual interface interface representation of end point on the virtual node. Virtual Link vlink logical representation of connectivity between virtual interfaces. vbridge vbypass vbridge interface vrouter interface vrouter vtunnel vtep vlink 20

VTN Manager software configuration Implemented as OSGI bundle of Controller using AD-SAL Manages OpenFlow switches OpenFlow 1.0 VTN Manager Switch Manager Topology Manager Routing Forwarding Rules Manager NetworkConfig. Neutron MD-SAL App. AD-SAL (API-Driven Service Abstraction Layer) MD-SAL (Model-Driven Service Abstraction Layer) OpenFlow plugin OpenDaylight Controller OpenFlow Switch (OpenFlow 1.0) 21

Multi-tenancy VTN (Virtual Tenant Network) Virtual network environment Each VTN network is isolated with each other vbridge (Virtual Bridge) Virtual L2 switch in VTN Construct virtual broadcast domain by associating the physical network with vbridge Associating virtual and physical networks vbridge vbridge VTN vbridge VTN vbridge Virtual Network VTN Manager OpenDaylight Controller Physical Network 22

Physical topology detection Routing Link status change notification Topology Manager Link status change notification AD-SAL OpenFlow plugin OpenDaylight Controller 5. Shortest path graph between switches is updated 4. Link information between physical switches is updated PACKET_OUT LLDP PACKET_IN LLDP 3. LLDP packet received by each physical switch is notified to controller 1. OpenFlow plugin instructs each physical switch to transmit LLDP packets from the specified ports LLDP LLDP OpenFlow Switch 2. Transmits LLDP packets from each port LLDP packets that are not transmitted to switch are dropped. LLDP Host 23

Packet forwarding 4. Searches MAC address table to determine the output destination 3. Determines the vbridge to which the packet is mapped 2. Notifies unicast packet to VTN Manager 1. Transmits unicast packets MAC Address Table MAC Addr Port VLAN VTN Manager PACKET_IN To: MAC-2 Switch-A To: MAC-2 MAC-1 MAC-2 Switch-A Port-1 Switch-B Port-1 vbridge Untagged Untagged Search path Routing PACKET_OUT transmission Flow Entry settings Forwarding Rules Manager AD-SAL PACKET_IN notification FLOW_MOD 6. Flow entry settings are instructed Port-1 MAC-1 7. Packets are transmitted and flow entry is set 5. Packet forwarding is instructed to AD-SAL if physical network path is present OpenFlow plugin OpenDaylight Controller FLOW_MOD PACKET_OUT To: MAC-2 Port-1 Switch-B To: MAC-2 MAC-2 24

OpenStack (Neutron) integration Create network Neutron API VTN Manager Create vbridge Configure VLAN mapping provider.network_type=vlan provider.segmentation_id=1 Network Modular Layer 2 ML2 Driver for OpenDaylight Notify network Notify network creation VLAN Mapping vbridge NetworConfng.Neutron creation VLAN: 1 VTN OpenStack Neutron OpenDaylight Controller OpenFlow Switch 25

Page 26 Open DOVE

Open DOVE Summary System Networking Open DOVE is an overlay network virtualization platform for the data center logically isolated multi-tenant networks with layer-2 or layer-3 connectivity runs on any IP network in a virtualized data center based on IBM SDN-VE GA product and DOVE technology from IBM Research Open DOVE features full-function, ready for real deployments, incl. HA control plane implementation, incl. address, policy, and mobility management management interfaces for programmatic configuration, including OpenStack enablement open data plane implementation for Linux/KVM and VxLAN encapsulation software gateway for connecting to non-virtualized networks and external hosts 27 2013 IBM Corporation

Multi-tenant network with overlays System Networking provide each data center tenant with a single virtual network abstraction SDN controller uses overlays to virtualize physical network infrastructure one-time deployment and configuration of the physical network VM Tenant 1 VM VM Tenant 2 VM VM SDN controller virtual network implemented purely on end hosts by software switches and encapsulation overcomes scaling limits of physical network virtualization 28 2013 IBM Corporation

Open DOVE Architecture System Networking Open DOVE Connectivity Server Open DOVE Management Console OpenDaylight controller APIs RESTful, Quantum OpenStack Cloud/DC Provisioning Applications Open DOVE virtual overlays VM VM VM Open DOVE vswitch Hypervisor Virtual Network 1 VM VM VM Open DOVE vswitch Hypervisor Virtual Network 2 VM VM VM Open DOVE vswitch Hypervisor VM Virtual Network 1 VM Virtual Network 2 VM Virtual Network 3 Virtual Network 3 Open DOVE Gateway Existing IP Network Existing IP Network Virtual Network 3 End Station End Station 29 2013 IBM Corporation

DOVE virtual network model System Networking DOVE virtual networks are modeled as domains, virtual networks, subnets, policies, and gateways Policy subnet Y subnet W Virtual network 5 subnet Z policy subnet Y subnet X Virrtual network 1 Virtual network 3 Virtual network 4 domain A domain B gateway 30 2013 IBM Corporation

DOVE address discovery System Networking On VM activation, DOVE vswitch detects VM s IP / MAC@ and updates the DOVE Connectivity Service (DCS). 1 Server VM VM DOVE vswitch Hypervisor Server VM VM DOVE vswitch Hypervisor The DCS clustered nodes share the address mapping information. Server 2 DOVE Management Console DCS Clustered DOVE Connectivity Service A VM begins communicating with a VM on another Server. DOVE vswitch requests resolution from the DCS. 3 Server VM VM DOVE vswitch DCS DCS 4 VM VM DOVE vswitch Hypervisor The DCS responds with the VM mapping Hypervisor information. VM mapping information is cached locally at the DOVE 31 vswitch 31 OpenDaylight mini-summit September 2013 2013 IBM Corporation

DOVE packets in virtual and physical networks System Networking SRC DOVE Switch (SRC DS) SRC DS -> DST DS Dove Encapsulation SRC->DST IP Cloud DOVE Switch (DST DS) DST DOVE Header: R R R R I R R R Reserved (24-bits) DOVE VNID (24-bits) Reserved (8-bits) 32 2013 IBM Corporation

DOVE packet forwarding System Networking VM1 attached to vswitch by a vnic VM1 sends data to VM3 which enters the vswitch VM1 Host 1 VM2 VM1,3 & VM2,4 belong to different tenants and are isolated from one another. VM3 Host 2 VM4 vswitch2 strips the encapsulation headers and delivers the packet to VM3 DOVE vswitch 1 DOVE vswitch 2 vswitch1 determines VM3 reachable through vswitch2. vswitch1 encapsulates the packets for delivery to vswitch 2 using Physical Network Physical Network delivers the encapsulated packet to vswitch2 vswitches use Overlay ID in the encapsulation header to keep traffic isolated DCN (Physical Underlay) Physical Network is aware of vswitches 1 & 2, but is unaware of VMs 1..4 33 2013 IBM Corporation

DOVE Gateway System Networking DOVE Gateways allow VMs on a DOVE Network to connect to systems on a non-dove Network. Two types of connections are supported: DOVE External Gateway Connects VMs on a DOVE Network with Systems on an External Network and viceversa. Supports for NAT or Pass-Thru connection to External Networks. DOVE VLAN Gateway Connects VMs on a DOVE Network to Systems on a VLAN Segment and vice-versa 74.125.227.96 (google.com) 10.1.1.5 10.1.1.7 10.1.1.8 VM VM VM DOVE Overlay Network DOVE Overlay Network DOVE Gateway DOVE Encap / Decap 129.42.56.158 (ibm.com) External Connection VLAN Connection External / Physical Network VLAN Segment VM VM VM Server / VM Server / VM 10.1.2.6 10.1.2.3 10.1.2.8 10.1.2.10 10.1.2.13 2013 IBM Corporation 34

Page 35 Future of Virtualization

Overlay Approach Overlay & Hop by Hop Overlay Hop by Hop Pros Cons Effectively use existing IP network resources Enable construction of a scalable end-to-end virtual network Traffic quality and quantity, using only virtual switches causes performance bottleneck Bandwidth control for each node OpenDaylight Open DOVE VTN In line with business needs like SLA, it enables traffic control, including bandwidth control etc., at a minute level for each flow OpenFlow complaint switch needed Physical specifications are a limiting factor in scalability Existing assets, scalability Hybrid Virtualization Hop by Hop Approach TE, QoS 36

Hybrid Virtualization Options Pattern 1-1 Pattern 1-2 Pattern 2 Pattern 3 Vertical Integration (VTN as Network Model) Vertical Integration (VTN as Underlay) Horizontal Integration Gateway Integration VTN VTN VTN VTN Elastic network control by flow control Edge overlay Gateway overlay OpenFlow network Traditional IP network 37

Virtualization related projects in OpenDaylight Category Started at Hydrogen Accepted projects for Helium Application Network Virtualization South-bound Defence4All VTN Open DOVE Affinity OpenFlow LISP OVSDB BGP/PCEP SNMP4SDN Group Policy Plugin Packet Cable PCMM OpFlex 38

Future direction Integration among OpenDaylight projects Introduction of applications on virtualized network Accumulation of user experiences 39

Thank you for your attention. 40