OpenFlow: Concept and Practice Dukhyun Chang (dhchang@mmlab.snu.ac.kr) 1
Contents Software-Defined Networking (SDN) Overview of OpenFlow Experiment with OpenFlow 2/24
Software Defined Networking.. decoupling the network control and data planes, and putting the former under the control of software running in a (logically) central location from Verivue blog posing by Larry Peterson 3/24
ONF s View of SDN Open Networking Foundation (ONF) s View 4/24
ONF s View of SDN The SDN architecture is Directly programmable Agile Centrally managed Programmatically configured Open standards-based and vendor-neutral 5/24
OpenFlow Overview a communications protocol that gives access to the forwarding plane of anetwork switchorrouterover the network 6/24
OpenFlow (v1.0) Switch Flow table packet lookup and forwarding Secure channel the controller manages the switch over the secure channel using the OpenFlow protocol 7/24
Flow Table 8/24
Flow Table Actions required actions forward all, controller, local, table, in_port drop optional actions forward normal, flood enqueue modify-field 9/24
Flow Table Counters they are maintained per-table, per-flow, perport and per-queue 10/24
Matching Packet flow in an OpenFlow switch 11/24
Matching Examples Ethernet Switching Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action * * 00:1F:. * * * * * * * Fwd to port6 Routing Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action * * * * * * 5.6.7.8 * * * Fwd to port6 Application Firewall Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action * * * * * * * * * 22 drop 12/24
Mathcing Examples Flow Switching Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action port3 00:2E:.. 00:1F:. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 Fwd to port6 VLAN + App Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action * * * * vlan1 * * * * 80 Fwd to port6 Port + Ethernet + Switch Port MAC src MAC dst Eth type VLAN ID Src Dst Prot TCP sport TCP dport Action port3 00:2E:.. * 0800 * * 5.6.7.8 4 * 22 drop 13/24
Secure Channel Controller-to-Switch features, configuration, modify-state, readstate, send-packet, barrier Asynchronous packet_in, flow-removed, port-status, error Symmetric hello, echo, vendor 14/24
OpenFlow Controller The OpenFlow ecosystem has seen rise to numerous controllers in multiple languages (C, C++, Java, Python and Ruby for starters) NOX, Beacon, Maestro, Floodlight, etc. 15/24
OpenFlow Switches NEC HP Pronto 16/24
Experiment with OpenFlow Emulation tool Mininet HiFi Mininet HiFi creates scalable (up to hundreds of nodes) softwaredefined (e.g. OpenFlow) networks on a single PC Handigol, N., Heller, B., Jeyakumar, V., Lantz, B., and McKeown, N. Reproducible network, experiments using container-based emulation, 2012. http://mininet.org/ OpenFlow switch Open vswitch Multilayer virtual switch Controller one of many OpenFlow controllers NOX, floodlight,.. 17/24
Mininet: Sample Workflow creating a network interacting with a network using custom topology 18/24
Mininet: Custom Topologies Define using a simple Python API 19/24
Mininet: xterm Display - Host(Client and Server) Nodes terminal h4 h1 h3 20/24
Mininet Flow table list - Normal switch on route (i.e. s16) 1. output : forward to output port Switches flow entry info. - First and last switch on route (i.e. s18) 1. mod_nw_src or mod_nw_dst : change header 2. output : forward to output port 21/24
WireShark 22/24
Mininet: Connecting Controller Any OpenFlow controller can be used in mininet using a remote controller Example 23/24
References https://www.opennetworking.org/ http://openflow.org Materials at ONS 2011/2012 http://opennetsummit.org/ N. Mckeown, Making SDNs Work B. Heller et al., Tutorial 1: SDN for Engineers IETF materials on SDN http://www.ietf.org/proceedings/82/sdn.html Materials at Krnet 2012 Sangheon Pack, Software-Defined Networking (SDN): Concept, Control, and Applications Jeongkeun Lee, Controller-based Networking and SDN development 24/24
25