Chandelle: Principles of integration wireless controller and SDN controller Sergey Monin, Alexander Shalimov, Ruslan Smeliansky 10/29/2014
WiFi management methods There are two methods of deploying WiFi networks - Using autonomous access points (SOHO) - Using access points together with centralized management systems (enterprises, publics and operators wifi) Autonomous WLAN solution Autonomous access points For SDN : just a small switch with one uplink Centralized WLAN solution Lightweight access points WLAN controller 2
WiFi + SDN SDN networks become a reality. WiFi devices has to interact with new environment. The main question is: How should WiFi network devices interact with the SDN network?? 3
Autonomous WiFi devices + SDN? Are you sure? Creating an access point that supports OF is not right direction: Not enough memory on the board => tens OpenFlow rules only; Not enough CPU power => we will have problem with the performance; The Access Point usually have only one uplink => need only one simple OF rule. OF v.1.3.x does not support mechanisms for managing radio interfaces of APs (This is very important in the enterprise network )!! In a small network, it does not make sense to implement SDN, and in a large network, it is no sense to deploy WiFi without wifi controller 4
Centralized WiFi it is SDN already When we deploy WiFi centralized solution based on protocol capwap, we essentially create a regular SDN network where access points play role of switches that are managed by an external program. This is for all of us already well known approach. It remains to make possible the interaction between the WiFicontroller and SDN controller together! CAPWAP RFC 5415/5416 CAPWAP 5
The principle of interaction with SDN controller over Northbound API: Universal Wireless Information REST API WiFi to Access Points Interconnections via CAPWAP protocol Northbound API SDN SDN to Network devices Interconnections via OpenFlow protocol Southbound API I-net 6
The principle of interaction with SDN controller over Northbound API: Universal Wireless Information Northbound API SDN Southbound API UWC to Access Points Interconnections via CAPWAP protocol SDN to Network devices Interconnections via OpenFlow protocol What benefits? -Seamless roaming -No excess tunnels -Optimal paths (no excess hops) -Integration with Firewalls and IDS systems -Load balancing (wire+wireless) -Ability to implement convenient geoservices -WiFi controller informs about location of user and an application configures ALL network devices for traffic of this user. 7
Seamless roaming: WiFi & SDN Networks The information which wifi controller sends to SDN controller are: Information about all of their APs (MAC) for the identification of the ports on the switches. Thus SDN controller receives information about which ports of switches connected access point and where there will be a user traffic. User MAC address and the address of the access point to which it will move during the roaming. Thus SDN controller is informed that the traffic coming to the user now has to be moved to another port on a new switch. As a result, a bunch of «CAPWAP controller + SDN network" prepare the network for roaming faster than in a traditional networks! 8
Seamless roaming extra tunneling problem: Eliminates the problem of excess tunneling Mobile IP, EthernetOverIP, etc. C The problem in traditional networks : 1 step 3.3.3.3 Anchor 4.4.4.2 5.5.5.2 Foreign A Packet from client A to client C on subnetwork 4.4.4.0 before L3 roaming. No problem, a path is optimal. ip 4.4.4.4 9
Seamless roaming extra tunneling problem: Eliminates the problem of excess tunneling Mobile IP, EthernetOverIP, etc. C The problem in traditional networks : 2 step 3.3.3.3 Anchor 4.4.4.2 5.5.5.2 Foreign Packet from client A to client C on subnetwork 4.4.4.0 after L3 roaming. NOT optimal path, additional overhead (EoIP,Mobile IP,etc) A ip 4.4.4.4 10
Seamless roaming extra tunneling problem: Eliminates the problem of excess tunneling Mobile IP, EthernetOverIP, etc. C The advantage of the integration and SDN WiFi controllers: 3.3.3.3 Anchor 4.4.4.2 SDN 5.5.5.2 Foreign Packet from client A to client C on subnetwork 4.4.4.0 after L3 roaming & SDN controller. Optimal path, no additional overhead! A ip 4.4.4.4 11
Load balancing: If the user has both wired and wireless interfaces, it allows you to balance traffic between them - SDN network will ready for it (802.11ac wave2 provide 6.9Gb/s). IDS and FW integrations: If the wifi controller detects the user's actions as destructive, it will be possible to block user traffic and into wires. When roaming happens, the client session s context is passed to the application «Firewall» with noticing about changing of ports from where traffic is occurs. Geoservices: If oblige users corporate network ALWAYS keep the wifi interface, even working through the wire, we will always know his location in the office (3-5m.) Thus we will be able dynamically change the rules, based on the geographical location! For example: financial documents will be accepted from the laptop only if it is in accounting room. 12
Implementation: WiFi & SDN Networks Implementation of seamless roaming: Chandelle controller and RUNOS controller + CAPWAP topo l2fwd OF controller WiFi controller 13
Test bed consists of: Three hardware OpenFlow switches Extreme Networks SummitX 460t Two TP-LINK access points A laptop moving from one AP to another one and running ping command to the outside server Both controllers run on the same server The legacy network needs in average 1.5 seconds to reconfigure, while the SDN/OpenFlow network doesn't bring additional delay. This is because the migration procedure in Chandelle requires less than 80ms and the OpenFlow controller has enough time to reconfigure the switches. Finally, we have more faster roaming with SDN/OpenFlow.
Q & A