Software Defined Network (SDN)



Similar documents
Outline. Why Neutron? What is Neutron? API Abstractions Plugin Architecture

Open Source Networking for Cloud Data Centers

Virtualization, SDN and NFV

HAWAII TECH TALK SDN. Paul Deakin Field Systems Engineer

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Palo Alto Networks. Security Models in the Software Defined Data Center

SDN v praxi overlay sítí pro OpenStack Daniel Prchal daniel.prchal@hpe.com

Designing Virtual Network Security Architectures Dave Shackleford

Software Defined Environments

Software Defined Networks Virtualized networks & SDN

What is SDN? And Why Should I Care? Jim Metzler Vice President Ashton Metzler & Associates

SDN CONTROLLER. Emil Gągała. PLNOG, , Kraków

Data Center Network Virtualisation Standards. Matthew Bocci, Director of Technology & Standards, IP Division IETF NVO3 Co-chair

Quantum Hyper- V plugin

Network Virtualization and Software-defined Networking. Chris Wright and Thomas Graf Red Hat June 14, 2013

Network Virtualization

How To Make A Vpc More Secure With A Cloud Network Overlay (Network) On A Vlan) On An Openstack Vlan On A Server On A Network On A 2D (Vlan) (Vpn) On Your Vlan

Qualifying SDN/OpenFlow Enabled Networks

Building an Open, Adaptive & Responsive Data Center using OpenDaylight

DCB for Network Virtualization Overlays. Rakesh Sharma, IBM Austin IEEE 802 Plenary, Nov 2013, Dallas, TX

Using SouthBound APIs to build an SDN Solution. Dan Mihai Dumitriu Midokura Feb 5 th, 2014

White Paper. Juniper Networks. Enabling Businesses to Deploy Virtualized Data Center Environments. Copyright 2013, Juniper Networks, Inc.

Network Virtualization for the Enterprise Data Center. Guido Appenzeller Open Networking Summit October 2011

SOFTWARE-DEFINED NETWORKING AND OPENFLOW

Network Virtualization

Testing Software Defined Network (SDN) For Data Center and Cloud VERYX TECHNOLOGIES

CS244 Lecture 5 Architecture and Principles

Transform Your Business and Protect Your Cisco Nexus Investment While Adopting Cisco Application Centric Infrastructure

OpenDaylight Network Virtualization and its Future Direction

Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre

JUNIPER. One network for all demands MICHAEL FRITZ CEE PARTNER MANAGER. 1 Copyright 2010 Juniper Networks, Inc.

Nuage Networks Virtualised Services Platform. Packet Pushers White Paper

Data Center Virtualization and Cloud QA Expertise

White Paper. SDN 101: An Introduction to Software Defined Networking. citrix.com

VIRTUALIZED SERVICES PLATFORM Software Defined Networking for enterprises and service providers

Cisco and Canonical: Cisco Network Virtualization Solution for Ubuntu OpenStack

SOFTWARE DEFINED NETWORKING

A Case for Overlays in DCN Virtualization Katherine Barabash, Rami Cohen, David Hadas, Vinit Jain, Renato Recio and Benny Rochwerger IBM

Cloud Networking Disruption with Software Defined Network Virtualization. Ali Khayam

SDN PARTNER INTEGRATION: SANDVINE

An Open Approach to Enhancing Networking for OpenStack

Data Center Infrastructure of the future. Alexei Agueev, Systems Engineer

2013 ONS Tutorial 2: SDN Market Opportunities

Utility Computing and Cloud Networking. Delivering Networking as a Service

Cisco Prime Network Services Controller. Sonali Kalje Sr. Product Manager Cloud and Virtualization, Cisco Systems

VXLAN: Scaling Data Center Capacity. White Paper

RIDE THE SDN AND CLOUD WAVE WITH CONTRAIL

SDN Applications in Today s Data Center

The Road to SDN: Software-Based Networking and Security from Brocade

SDN/Virtualization and Cloud Computing

Simplifying IT with SDN & Virtual Application Networks

USING SOFTWARE-DEFINED DATA CENTERS TO ENABLE CLOUD ADOPTION

Ubuntu OpenStack on VMware vsphere: A reference architecture for deploying OpenStack while limiting changes to existing infrastructure

Analysis of Network Segmentation Techniques in Cloud Data Centers

Roman Hochuli - nexellent ag / Mathias Seiler - MiroNet AG

Aerohive Networks Inc. Free Bonjour Gateway FAQ

SINGLE-TOUCH ORCHESTRATION FOR PROVISIONING, END-TO-END VISIBILITY AND MORE CONTROL IN THE DATA CENTER

Software defined networking. Your path to an agile hybrid cloud network

Simplify IT. With Cisco Application Centric Infrastructure. Barry Huang Nov 13, 2014

How To Build A Software Defined Data Center

OVERLAYING VIRTUALIZED LAYER 2 NETWORKS OVER LAYER 3 NETWORKS

NEC contribution to OpenDaylight: Virtual Tenant Network (VTN)

Brocade VCS Fabrics: The Foundation for Software-Defined Networks

CERN Cloud Infrastructure. Cloud Networking

Open Fabric SDN The Comprehensive SDN approach. Jake Howering, Director SDN Product Line Management Bithika Khargharia, PhD, Senior Engineer

Installation Guide Avi Networks Cloud Application Delivery Platform Integration with Cisco Application Policy Infrastructure

Software Defined Networking (SDN) OpenFlow and OpenStack. Vivek Dasgupta Principal Software Maintenance Engineer Red Hat

Definition of a White Box. Benefits of White Boxes

Open vswitch and the Intelligent Edge

How do software-defined networks enhance the value of converged infrastructures?

Pluribus Netvisor Solution Brief

Bringing OpenFlow s Power to Real Networks

May 13-14, Copyright 2015 Open Networking User Group. All Rights Reserved Not For

IPOP-TinCan: User-defined IP-over-P2P Virtual Private Networks

Network Virtualization Solutions

Bring your virtualized networking stack to the next level

How To Orchestrate The Clouddusing Network With Andn

Simplify IT. With Cisco Application Centric Infrastructure. Roberto Barrera VERSION May, 2015

7 Ways OpenStack Enables Automation & Agility for KVM Environments

How Network Virtualization can improve your Data Center Security

Networking in the Era of Virtualization

Programmable Networking with Open vswitch

Network Virtualization: Delivering on the Promises of SDN. Bruce Davie, Principal Engineer

Building Scalable Multi-Tenant Cloud Networks with OpenFlow and OpenStack

Software Defined Networking (SDN) and OpenStack. Christian Koenning

SDN and Data Center Networks

BRINGING NETWORKS TO THE CLOUD ERA

Challenges and Opportunities:

Orchestrating the next generation data center

Software Defined Networks

Group-Based Policy for OpenStack

Data Center Use Cases and Trends

Network Virtualization for Large-Scale Data Centers

VMware and Brocade Network Virtualization Reference Whitepaper

Why Software Defined Networking (SDN)? Boyan Sotirov

Research trends in abstraction of networks and orchestration of network services

A Coordinated. Enterprise Networks Software Defined. and Application Fluent Programmable Networks

VMware. NSX Network Virtualization Design Guide

Transcription:

Georg Ochs, Smart Cloud Orchestrator (gochs@de.ibm.com) Software Defined Network (SDN) University of Stuttgart Cloud Course Fall 2013

Agenda Introduction SDN Components Openstack and SDN Example Scenario 2

Data Center Network Pain Points Agility Network and security provisioning time for a new virtual system varies from 5 days to 3 weeks (traditional network provisioning consumes 50% of the time) Security appliance policy configuration is complex & labor intensive error prone Need for increased Bandwidth & reduced Latency New workloads (Social, Mobile & Big Data) require more bandwidth & lower latency and are less predictable. Most data traffic remains inside the Data Center, the majority within a single rack Weeks Labor Time Days Minutes Traditional Network SDN based Need to reduce network operational & capital costs Automation of network and security tasks Introduction of new network capability with SDN Huge amount of tenants > 4K High reconfiguration and tenant on-boarding rate.

SDN Motivation Today's Network Management New Style SDN based Network Management

SDN Landscape Open Source Implementations: OpenFlow : Is the physical Switch Operating System and Management API. OpenVSwitch : Is the hypervisor virtual switch implementation supporting OpenFlow API and tunneling Protocols like GRE. SDN Controller: Is the main entry point for System management access and configuration supporting a high level management API. E.g. OpenDaylight New Network Concepts Underlay networks: Encapsulating today's physical networks or creating new network infrastructure based on OpenFlow technology Overlay networks: Create a segregated per tenant view of the network. Tunneling Protocols: Connect multiple virtual switch networks together to form a per tenant layer 2 network including segregation and individual network configuration. (VXLAN, NVGRE, ) Data and Control planes: Divide the physical and virtual switches into the management part ( Control Plane) and the high performance transport part ( Data Plane) allowing to plug-in Services and API on both levels. Service Insertion Frameworks: Provide the capability to plug-in services like ( Firewall, Router, Load Balancer) into the Data Planes either on physical or virtual switch level.

Agenda Introduction SDN Components Openstack and SDN Example Scenario 6

SDN Components Network Controller providing high level management API. E.g. OpenDaylight,.. Virtual Switches on the hypervisor. E.g. OpenVSwitch, VMware Distributed switch Physical switches supporting OpenFlow protocol. Overlay Protocols connecting the virtual switches. E.g. VXLAN, NVGRE, VMware NSX, Service virtual machine s connected to the data Plane and managed via Network Controller providing high level services like: Firewall Load Balancing VPN Intrusion Detection

OpenDaylight Network Controller

Virtual Switch Providing Data / Control Plane on Hypervisor Tenant Overlay Intrusion Detection Firewall Load Balancer Virtual Machine Virtual Machine VPN / Gateway Tunnel Protocols Data Plane Virtual Switch Control Plane Data Plane on Hypervisor allows to plug virtual machines within the data path Network Controller Administrator

Hypervisor network Overlay Components Hypervisor 1 Hypervisor 2 Virtual Machine Virtual Machine Virtual Machine Virtual Machine Port Group Port Group Port Group Port Group VXLAN / GRE Tunnel vswitch VXLAN / GRE Tunnel vswitch Layer 2 packets are tunneled via Layer 3 connection (UDP). Each packet has a tenant id with could be 24 / 32 or 64 bit depending on the tunnel protocol.

OpenFlow Switches OpenFlow switches provide together with the OpenFlow Controller a new way of configuring the network environment. Like the OpenVSwitch for the Hypervisor they provide a data and control plane allowing to: Plug-in services at the switch layer Filtering traffic based on open flow rules Create a underlay network Dynamically reconfigure network based on Quality of Services (QoS) and Events Standardized Open Source management API Large Vendor support

OpenFlow Routing Table Core of an OpenFlow switch is a programmable routing table which supports Layer 2 and Layer 3 filtering

OpenFlow Switch Routing Examples

Tenant Level Network Overlay Tenant Visible Overlay VPN / Gateway Intrusion Detection Firewall Load Balancer Virtual Machine Virtual Machine Data Plane (Hypervisor Virtual Switch) Virtual Switch Overlay Overlay Controller Administrator Control Plane (Management API and Events) Underlay Network (OpenFlow)

Tenant local network view Virtual Machine Virtual Machine Network 1 HR with Subnetwork 192.168.1.0/24 Firewall Network 2 CRM with Subnetwork 192.168.2.0/24 WEB Virtual Machine Virtual Machine Ext Gateway Tenant will not see how the physical network looks like. The Network services like firewall / gateway can be virtual or physical machines. Underlay Subnetwork 9.16.2.0/24

Agenda Introduction SDN Components Openstack and SDN Example Scenario 16

openstack as the emerging cross vendor IaaS open source cloud platform OpenStack seeks to produce a ubiquitous Infrastructure as a Service (IaaS) open source cloud computing platform for public & private clouds. Platinum Sponsors Gold Sponsors 17 http://www.openstack.org

Openstack and Software Define Network Openstack has several components which are used in SDN. Neutron is the main component which contains all the API plug points to configure networking OpenVSwitch for KVM as the virtual switch. Heat as the pattern engine exposes network resource types, allowing to build network templates. Horizon as the Administration UI allows: Creating and configuring network resources Visualizing the network setup for each tenant Executing pattern via heat engine

Horizon Network Topology

Openstack Neutron, OpenVSwitch and SDN Controller Neutron Server Neutron Firewall Service Neutron Load Balancer Service Neutron VPN Service OpenVSwitch Plug-in Firewall Plug-in Load Balancer Plug-in VPN Plug-in OpenVSwitch SDN Controller

Neutron Network Elements The following network elements consist in Neutron: Network Is the Layer 2 representation of a network Port Is the Layer 2 connection of a VM to a network Router Is a Layer 3 construct connecting networks Subnet Is the Layer 3 construct with holds the IP-Address, Gateway, DNS and routes Floating IP Is a layer 3 construct which represents an external reachable IP-Address. It can be associated to a virtual machine. Load Balancer Is a layer 3 construct to distribute requests across a set of virtual machines. Is implemented as a service with plug point interface to vendor implementation. Firewall Is a layer 3 construct to filter TCP/IP requests. Is implemented as a service with plug point interface to vendor implementation. VPN Is a layer 3 construct allowing connectivity from the outside in a secure way to a network. Is implemented as a service with plug point interface to vendor implementation.

Heat Network Elements The heat pattern engine has 2 distinct sets of network resources: CloudFormation style network definitions: AWS::EC2::CustomerGateway (p. 255) AWS::EC2::DHCPOptions (p. 257) AWS::EC2::EIP (p. 259) AWS::EC2::EIPAssociation (p. 260) AWS::EC2::Instance (p. 262) AWS::EC2::InternetGateway (p. 268) AWS::EC2::NetworkAcl (p. 269) AWS::EC2::NetworkAclEntry (p. 270) AWS::EC2::NetworkInterface (p. 272) AWS::EC2::NetworkInterfaceAttachment (p. 276) AWS::EC2::Route (p. 277) AWS::EC2::RouteTable (p. 279) AWS::EC2::SecurityGroup (p. 281) AWS::EC2::SecurityGroupIngress (p. 283) AWS::EC2::SecurityGroupEgress (p. 286) AWS::EC2::Subnet (p. 288) AWS::EC2::SubnetNetworkAclAssociation (p. 290) AWS::EC2::SubnetRouteTableAssociation (p. 292) AWS::EC2::VPC (p. 297) AWS::EC2::VPCDHCPOptionsAssociation (p. 299) AWS::EC2::VPCGatewayAttachment (p. 300) AWS::EC2::VPNConnection (p. 301) AWS::EC2::VPNConnectionRoute (p. 303) AWS::EC2::VPNGateway (p. 304)

Heat Network Elements (2) The heat pattern engine has 2 distinct sets of network resources: Neutron style network definitions: OS::Neutron::Firewall OS::Neutron::FirewallPolicy OS::Neutron::FirewallRule OS::Neutron::FloatingIP OS::Neutron::FloatingIPAssociation OS::Neutron::HealthMonitor OS::Neutron::IKEPolicy OS::Neutron::IPsecPolicy OS::Neutron::IPsecSiteConnection OS::Neutron::LoadBalancer OS::Neutron::Net OS::Neutron::Pool OS::Neutron::Port OS::Neutron::Router OS::Neutron::RouterGateway OS::Neutron::RouterInterface OS::Neutron::Subnet OS::Neutron::VPNService

Agenda Introduction SDN Components Openstack and SDN Example Scenario 24

Example Scenario Overview Picture Virtual Center Components VC V5000 Distributed Switch ESX ESX Smart Cloud Orchestrator (SCO) Management Overlay Controller VM OpenFlow Controller VM Overlay Service VM s Provisioning ESX ESX Open Flow Switches V5000 Switch Agents Management Data Access

Physical Network Elements (Switches and Hosts)

Network Underlay

Tenant Network Overlay

Smart Cloud Orchestrator Offerings

References OpenFlow OpenVSwitch OpenDaylight Openstack Neutron, Heat and Horizon IBM SDN for Virtual Environments ( SDN VE) VMware vsphere 5.x NSX Tunneling Protocols Software Defined Network (SDN) Book from O Reilly

Thanks for your attention! 31

2026 © DocPlayer.net Privacy Policy | Terms of Service | Feedback  | Do Not Sell My Personal Information