Software-Defined Networking Prasad Calyam, Ph.D. Spring 2014 VIMAN Lab Cloud Computing Research http://people.cs.missouri.edu/~calyamp Cloud Resource Allocation Computer and network virtualization models, algorithms, tools Cloud Monitoring Software-defined measurements and performance diagnosis Cloud Testbeds for Apps, Marketplaces e.g., Manufacturing/Healthcare/Education Cloud Security Cyber attacks, Authentication, Authorization, Policy 2 1
Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 3 Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 4 2
Cloud Applications Science and Technical Applications Business Applications Consumer/Social Applications 5 App Marketplaces 6 3
Evolution of Big Data 2. a a 4 G c 3 a 2 2 Experimental Theoretical Computational Analytical Thousand years ago Last few hundred years Last few decades Today and the Future Description of natural phenomena Newton s laws, Maxwell s equations Simulation of complex phenomena Unify theory, experiment and computation with large multidisciplinary Big Data Using data exploration and data mining (from instruments, sensors, humans ) 7 End-to-End Overlay Networks Big Data handling requires overlay networking, especially for satisfying realtime application requirements! 8 4
4/8/2014 GENI: Infrastructure for Overlay Experimentation GENI provides compute resources that can be connected in experimenter specified topologies. (Funded by NSF for Future Internet Experiments) GENI: Infrastructure for Experimentation GENI provides compute resources that can be connected in experimenter specified Layer 2 topologies. 5
Inter aggregate connectivity How are these links formed? Experiments live in isolated slices Unified Resource Broker (URB) Distributed Control: Network Provisioning Issues Centralized Control: Inherent Benefits How can we centrally create intelligent overlay network infrastructures? 12 6
Distributed/Centralized Switch Control Architecture Distributed Control Centralized Control 13 Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 14 7
Network Virtualization Virtualizes a physical network interfaces as a virtual network interface; user flows are treated as virtual tenant flows This layer sits in between Layer 2 and Layer 3 (i.e., Layer 2.5) and uses encapsulation (i.e., Mac-in-UDP) for Layer 2 elasticity and IP address localization Enables VM migration, virtual tenancy across multiple Layer 2 domains! Typical protocols: OpenFlow, Overlay Transport Virtualization (OTV), VXLAN Controller 15 Network Function Virtualization Source: Nicira/VMware vswitch and Stateless Transport Protocol (STT) allow running a custom network protocol over a network built for a different protocol STT enables transporting Ethernet data inside IP packets Open vswitch is a virtual switch used as the network stitching component in the hypervisor Maintains logical state of VM s network connection across physical hosts when VM is migrated Managed and monitored by OpenFlow, NetFlow and others See - http://openvswitch.org/ 16 8
SDN Related Work Related Work NEC ProgrammableFlow Cisco Overlay Transport Virtualization (OTV) VMware Virtual Extensible LAN (VXLAN) Virtual Private LAN Service (VPLS) Features Matching of packet flows based on the IP addresses, MAC addresses and the port numbers MAC-in-IP, Multi-point Tunneling using IP Multicast MAC-in-UDP, 24-bit LAN segment identifier Multi-point to multi-point communication over IP/MPLS networks 17 Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 18 9
Software-Defined Networking with OpenFlow Traditional Network OpenFlow Network 19 Flow Table Management OpenFlow Protocol Interactions More overview details at - http://archive.openflow.org/documen ts/openflow-wp-latest.pdf Forwarding Rule 20 10
OpenFlow is an API Controller has to populate forwarding table of the switch Controls how packets are forwarded through a network path In a table miss, switch asks the Controller Controller reserves flow space in a Slice Installs flow entries either proactively or reactively in switches Once flow is setup, subsequent traffic does not go through the controller Controller is responsible for all traffic, not just your application! Should handle: ARPs, DHCP, etc. Implementable on Commercial off-the-shelf (COTS) hardware Make deployed networks programmable; Not just configurable 21 Virtual Data Center Example Unified Resource Broker Measurement Plane Packet Capture Measurement Engine Active Measurement Congestion Detection Fault Detection Connection Broker System Provisioning Control Plane Secure Channel Service Engine Active Directory Resource Optimization Routing Engine Marker Packet Packet/Flow Handler Inspector OpenFlow Controller Control Plane Secure Channel Load Balancing Data Center Virtual Desktop User Applications RDP/PCoIP Server OpenFlow OpenFlow Switches Flow tables Group Tables Data Plane Thin-clients RDP/PCoIP Client Security Token File System Hypervisor 22 11
Debugging OpenFlow Networks is Hard! Mininet Before actual deployment, test your OpenFlow Controller in the Mininet network emulation tool with virtual switches & hosts OVS (Open vswitch) virtual switch software or a soft switch is used in Mininet Does not require the initial network co-ordination for Controller setup, and also does not require console access to switches Requires an OpenFlow Controller Application Framework Floodlight, POX, OpenDaylight, Beacon, Trema, http://yuba.stanford.edu/~casado/of-sw.html http://groups.geni.net/geni/wiki/openflow/controllers Wireshark helps with debugging control flows of your OpenFlow Controller application 23 OpenFlow Controller Flavors 24 12
Floodlight Controller REST API 25 Wireshark for Debugging your OpenFlow Controller! OpenFlow Protocol packet analysis Virtual Ethernet ports for each switch 26 13
Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 27 GENI/SDN Lab Steps Mininet Installation Floodlight OpenFlow Controller installation QoS Configuration in Controller Application QoS Experimentation using Iperf Tool Lab Experiment #1 (QoS Control through Network-Edge Rate Limiting) Steps Overview Floodlight OpenFlow Controller installation Load Balancer Configuration in Controller Application Load Balancing Experimentation using Ping Tool Lab Experiment #2 (Load Balancer for Scalable Handling of Traffic Flows) Steps Overview Lab Experiment QoS Configuration and Load Balancing using Software Defined Networking/OpenFlow Purpose of the Lab Install and configure Mininet SDN emulator with 2 traffic engineering experiment applications to understand how to program flow spaces within networks to: (i) comply with enterprise network capacity provisioning policies, and (ii) balance the utilization of network resources Use Iperf and Ping Tools to verify your SDN functionality 28 14
SDN/GENI Lab Experiment #1 Use the OpenvSwitch commands to set the network policies Setup 3 queues (Q0, Q1 and Q2) on every switch and configure network-edge bandwidth capacity using the ovs-vsctl commands Q0 default queue Q1 queue 1 rate limiting bandwidth to 50 Mbps Q2 queue 2 rate limiting bandwidth to 40 Mbps 29 SDN/GENI Lab Experiment #2 Use a Load Balancing experiment topology with pools of end-hosts and load balancers Test load balancing functionality with Ping requests from end-hosts Extend the Load Balancing module in your Floodlight Controller Scale the load balancer to handle more Ping requests by adding two new hosts to the load balancer pool Examine the response patterns from end-host Ping responses 30 15
In-class Exercise What emerging technologies can you think that SDN will enable in the next Hype Cycle(s)? Location-aware Apps Virtual Assistants; Virtual Worlds Social Analytics based Mobile Services Augmented Reality Desktop-as-a-Service Simulation-as-a-Service Remote Elder-care.others See US Ignite http://us-ignite.org/next-gen-applications that is fostering creation of next-generation Internet applications that provide transformative public benefit 31 Discussion Topics Traditional Networking versus Software-Defined Networking Overlay Networking Network Function Virtualization OpenFlow Protocol for SDN SDN Programming for Applications SDN Experiments on Real Cloud Platforms 32 16
Campus Access Network Direct Connect Network Campus Access Network 4/8/2014 Science DMZ Use Case with OpenFlow Normal Application Campus Network Science Application IP Network Gatekeeper Proxy Middleware Web Application Science Application Public Cloud Instrument Site on Campus Extended VLAN Overlay Software-Defined Network Science Application Remote Collaborator 33 Science DMZ Flow Orchestration with OpenFlow Performance Engineer Gatekeeper Proxy Middleware Service Engine Routing Engine Measurement Engine 1. Define application end-points and monitoring objectives 2. Provision policy-directed flow rules Authenticated Researcher OpenFlow Controller Legend: Data Flow Control Flow 3. Install HTC flow 3. Install HTC flow 3. Install measurement flow 4. Authorized HTC flow Campus-A Edge Non-IP Network Campus-B Edge 4. Authorized measurement flow Imaging Microscope Extended VLAN Overlay 4. Non-Science DMZ flow Image Processing Cluster Campus-A Firewall IP Network Campus-B Firewall 34 17
Virtual Desktop Clouds (DaaS) Brain of the Cloud 35 (a) (b) (c) (d) (e) Example DaaS Use Cases Virtual classroom lab involving faculty and students Computationally intensive interactive applications for biomedical community (e.g., remote volume visualization) Simulation-as-a-Service requiring HPC resources for advanced manufacturing ElderCare-as-a-Service requiring proactive medical intervention for health care Virtual desktops for underserved communities 36 18
VIMAN Lab s VDC-Analyst Leveraging OpenFlow for Resource Placement of Virtual Desktop Cloud Applications VD Provisioning and Placement GENI Slice Testbed for VDC Hosting VDC-Analyst GENI Design & Development Validation and design tuning Large-scale simulations Cloud deployment experiments 37 VDC-Analyst Features Resource allocation of thin-clients to data centers Run Simulation (Offline) Run Experiment (In GENI) Net-utility per experiment run 38 19
VDC-Analyst Use Cases Research Plug-in new provisioning and placement schemes Study cloud dynamics to see how they affect net-utility Education Explore server-side adaptation E.g., write a macro script to reduce user interaction round-trips for control actions during network health bottlenecks Explore client-side adaptation E.g., select thin-client encodings that delivers best QoE for different user groups knowledge worker vs. designer/artist Explore network-side adaptation E.g.,?? 39 Problem Scope To use OpenFlow for dynamic resource placement of VD applications via an URB Provisioning of non-ip VD application traffic flows between thinclient sites and data centers Path selection and load-balancing of VD flows to improve performance of interactive applications and video playback Leveraging in-band instrumentation and measurement to gather performance intelligence on cross traffic impact affecting VD Automated management and centralized network control 40 20
Marker Packet Header Format 41 Flow Setup Sequence Diagram Virtual Desktop OpenFlow Switch OpenFlow Controller Smart Thin-client 1 2 Join OpenFlow network Install flow rules for marker packets 3 4 5 6 Send marker packet to request virtual desktop Recognize and punt the marker packet Parse marker packet and install client/server flows Access virtual desktop applications 42 21
VDC-Analyst Experiment w/o Load-Balancing 43 VDC-Analyst Experiment w/ Load-Balancing 44 22
VDC-Analyst OpenFlow Demonstration Step-1 Route setup Step-2 Cross-traffic Impact Step-3 Load-balancing Improvement OpenFlow Switch Client In Port Out Port ATLA PG46 20 52 ATLA PG47 20 52 OpenFlow Switch Client In Port Out Port SUNNW PG48 50 51 SUNNW PG49 50 51 ATLANTA PG46 52 52 ATLANTA PG47 52 52 ATLANTA PG46 20 52 ATLANTA PG47 20 52 OpenFlow Switch Client In Port Out Port ATLANTA PG46 20 52 ATLANTA PG47 20 52 SUNNW PG48 50 52 SUNNW PG49 50 52 Video runs smooth, GUI applications are responsive Video freezes, disconnects, GUI applications are not responsive Video runs smooth, GUI applications are responsive 45 VDC-Analyst OpenFlow Demonstration Step-1 Route setup Step-2 Cross-traffic Impact Step-3 Load-balancing Improvement Bandwidth Consumed (Mbytes/s) 20 15 10 4.6 5 0 0 Application Cross-Traffic 20 15 10 5 0 0.21 Application 15.36 Cross-Traffic 20 15 10 5 0 4.45 Application 14.8 Cross-Traffic Video runs smooth, GUI applications are responsive Video freezes, disconnects, GUI applications are not responsive Video runs smooth, GUI applications are responsive 46 23
Simulation-as-a-Service 47 ElderCare-as-a-Service 48 24
Further Reading GENI http://www.geni.net Open Networking Foundation - https://www.opennetworking.org Select papers network and server adaptation for scientific applications on virtual desktops: P. Calyam, S. Rajagopalan, S. Seetharam, A. Selvadhurai, K. Salah, R. Ramnath, VDC-Analyst: Design and Verification of Virtual Desktop Cloud Resource Allocations, Elsevier Computer Networks Journal (COMNET), 2014. P. Calyam, S. Rajagopalan, A. Selvadhurai, S. Mohan, A. Venkataraman, A. Berryman, R. Ramnath, Leveraging OpenFlow for Resource Placement of Virtual Desktop Cloud Applications, IFIP/IEEE International Symposium on Integrated Network Management (IM), 2013. 49 25