ORCHESTRATING THE CLOUD USING SDN Joerg Ammon <jammon@brocade.com> Systems Engineer Service Provider 2013-09-10 2013 Brocade Communications Systems, Inc. Company Proprietary Information 1
SDN Update - Openflow 2
OpenFlow 1.1 (.2,.3) added multiple tables Plus group tables and various new actions for IPv6 support, MPLS, etc Flow Entry Matching Fields Actions Stats Ingress Port MAC DA Packet counters, byte counters, and etc Forward packet to a port list Add/remove/modify VLAN Tag Drop packet Send packet to the controller ADDED A GOTO TABLE N action MAC SA OpenFlow-Enabled Router Control Plane OpenFlow Client Data Plane Flow Table Layer 2 Layer 3 EtherType VLAN ID P-bits IP Src IP Dst IP Protocol IP DSCP OpenFlow protocol Flow Table Flow Table Flow Table Flow Table Flow Table Flow Table TCP/UDP src port TCP/UDP dst port OpenFlow Controller 2012 Brocade Communications Systems, Inc. PROPRIETARY 3
Example of a multi-table Openflow forwarding plan Table 0 Table 1 Ingress VLAN Ingress ACLs Drop Send to Contrllr Drop Drop disallowed VLANs or untagged on trunk ports. Assign VLAN by port. Send special protocols (LLDP?) to controller Drop as directed by ACLs (table miss means keep ) Lots of existing hardware can support this example. Good! Table 2 Table 3 Table 4 Router MAC L3 demux V4L3 Drop Send to Contrllr TTL exception Check if MAC matches Router if not go to L2, else check protocol Check protocol. Send some to controller, others to correct L3 table, drop remaining Route using IPv4. Handle TTL exception in controller Innovators would naturally like to be able to tweak such models on the fly. Table 5 Table 6 Table 7 V6L3 L2 Switching Egress VLAN TTL exception Route using IPv6. Handle TTL exception in controller Use DMAC address to send to correct port Handle VLAN correctly,. Do the right things with ECMP, multicast, floods, etc Pragmatists want to take advantage of the results but want to minimize risk. 2012 Brocade Communications Systems, Inc. 9/16/134
OpenFlow Market Status 19 vendors participated in October 12 plugfest Certification in Pilot phase now Many customers engaging in codevelopment and trials Ongoing progress to: Expand the capabilities of OpenFlow Make interoperability more robust In short: OpenFlow is maturing quickly 2012 Brocade Communications Systems, Inc. PROPRIETARY 5
2013 Brocade Communications Systems, Inc. Company Proprietary Information http://routerproxy.grnoc.iu.edu/al2s/
SDN Target Use Cases WAN Network Virtualization Services Creation & Insertion Network Analytics DC Network Virtualization WAN Virtualization App & SDN Controller Services Insertion App & SDN Controller Network Analytics App & SDN Controller DC Virtualization App & SDN Controller Customer 1 Customer 2 DC 1 10/100G WAN DC 2 ADC FW Cache AAA Production 10/100G WAN Analytics Tool 1 Network Tool 2 Tool 3 VM VM VM VM VM VM PHY PHY VM VM VM PHY PHY PHY PHY DC Network Fabric Application Delivery SDN Cloud Gateway SDN Packet-Optical Integration ADP APP & SDN Controller SDN Orchestration & SDN Controller Packet-Optical Integration APP & SDN Controller VM VM VM VM VM VM Cloud Orchestration Existing Infrastructure Network (Physical) Internet Virtualized VXLAN Environment (Logical) PHY PHY L2/L3VPN WAN PHY PHY DC1 SDN OTN DC2 SDN DC 1 Optical DC 2 Brocade ADX VxLAN Gateway VXLAN Segment VNI 5001 VXLAN Segment VNI 6001 Tunnels or VLANs Data Center MPLS/IP 7
Introducing Openflow Traditional L2/L3VPN-IP Network with OpenFlow Overlay Protection Layer Traditional WAN Management OpenFlow Overlay WAN SDN Controller Traditional L2/L3VPN, IP DC 1 DC 2 WAN Physical Infrastructure OpenFlow as an overlay to existing network Allows for new revenue-generating features on top of existing production network Hybrid port mode OpenFlow and traditional features enabled concurrently on same router ports Protected Hybrid Port Mode OpenFlow does not affect Traditional traffic Protection in hardware Allows for initial OpenFlow overlay service development without risk 2013 Brocade Communications Systems, Inc. PROPRIETARY 8
OpenDaylight SDN Consortium Brocade: Founding Member Open source SDN project under the Linux Foundation Open controller framework for SDN implementation Brocade to use OpenDaylight Controller as foundation for a rich set of SDN offerings Storage networking, Ethernet Fabric, virtual routing and L4-7 services Brocade s SDN commitment Board Member and Chair, Technical Steering Committee 9/16/13 2013 Brocade Communications Systems, Inc. Company Proprietary Information. 9
SDN Update - Openstack 2013 Brocade Communications Systems, Inc. 10
Cloud Orchestration OpenStack Open source cloud management framework for private and public clouds Your Applications Created by Rackspace and NASA in July 2010 Capturing the hearts and minds of the industry Rapidly becoming the de facto open source standard for cloud computing ~200 participants and 6,000+ developers Allows any organization to create and offer cloud computing capabilities using open source software, rapidly and at a low cost OpenStack Dashboard Compute Networking OpenStack Shared Services Physical Infrastructure Storage 11
OpenStack CONCEPTUAL Architecture 2013 Brocade Communications Systems, Inc.
NFV Network Functions Virtualization 2013 Brocade Communications Systems, Inc. CONFIDENTIAL For Internal Use Only 13
Different Views of SDN Not all SDN is OpenFlow Not all SDN handled by ONF If there is orchestration, combined with networking it is SDN Source: http://www.tid.es/es/documents/nfv_white_paperv2.pdf 2012 Brocade Communications Systems, Inc. Proprietary Information 9/16/13 14
Network Functions Virtualization (NfV) White Paper, October 2012 Vision is to implement network functions in software that Can run on industry standard x86 server hardware Can be moved to, or instantiated in, various locations in the network as required without the need for installation of new network equipment NFV + SDN = Greater Value NFV can support SDN by providing the infrastructure upon which SDN can run http://www.tid.es/es/documents/nfv_white_paperv2.pdf 2013 Brocade Communications Systems, Inc. PROPRIETARY AND CONFIDENTIAL For internal use only DO NOT DISTRIBUTE 15
Virtual routing - Use Cases 2013 Brocade Communications Systems, Inc. CONFIDENTIAL For Internal Use Only 16
Virtual Compute Changes Networking Application Density Drives New Traffic Patterns Networks Must Adapt To Virtualized Compute By 2014, 80% of networking traffic will be between servers. Gartner VM-to-VM Traffic Dominates Network Topologies Within The Server 2013 Brocade Communications Systems, Inc. Company Proprietary Information 17
The Value of Software Networking Network infrastructure with the flexibility & economics of software Rely on industry standard hardware Reduce capital and operational expenses Leverage Intel Hardware Deploy & Change Scale Up & Down Move, scale-up and scale-down network resources with the click of a mouse Users Hypervisor & Cloud agnostic Speed 2013 Brocade Communications Systems, Inc. Company Proprietary Information 18
The Size and Scope Of Data Center Have Expanded Internet CLOUD HOSTING ON-PREMISE DATA CENTER PRIVATE CLOUD PUBLIC CLOUD 2013 Brocade Communications Systems, Inc. 19
Use Cases Cloud Bridging Layer 2 Cloud Bridging Advanced Routing Site-to-Site IPSec/ SSL VPN Virtual Networking Routing within & between hypervisors Supports VMware, Zen, KVM, Hyper V Multitenancy Public Cloud Amazon AWS, Rackspace and other public clouds Advanced routing inside the cloud Secure remote access The SDN Story Software Defined Data Center Virtual N-Tier Architecture Massive Scalability On-Demand Deployment 2013 Brocade Communications Systems, Inc. Company Proprietary Information 20
Summary Simplify Through Solution Layers SDN Cloud Management Layer Application Layer Virtualization Layer Network Layer OpenStack, REST API Network Analytics Virtual Routing OpenFlow Hybrid Mode Ethernet Fabrics, Core Routing 2013 Brocade Communications Systems, Inc. Company Proprietary Information 21
THANK YOU Remember When You Used to Get Excited about Networking? Thank you It s that time again