Software Defined Networking (SDN) OpenFlow and OpenStack. Vivek Dasgupta Principal Software Maintenance Engineer Red Hat

Software Defined Networking (SDN) OpenFlow and OpenStack Vivek Dasgupta Principal Software Maintenance Engineer Red Hat

CONTENTS Introduction SDN and components SDN Architecture, Components SDN Controller - OpenDayLight SDN Applications OpenFlow architecture Open vswitch SDN Controller OpenStack Neutron OpenStack SDN Future Trends Network Devices

Introduction SDN and related technologies SDN is a technology enabling programmable networks Using software running on general purpose OS/Hardware SDN Separation of SDN SDN Architecture Architecture control and data plane Application Layer Business Applications Cloud Orchestration SDN Applications Programmable Programmable Open Open APIs APIs Control Layer Infrastructure Layer SDN Controller Data Plane Interface Network Devices

The need for SDN Traditional Router / Switch Control Plane Data Plane Router/Switch B Control Plane Control Plane Data Plane Data Plane Router/Switch Router/Switch A C Router/Switch

Evolution to SDN Control Plane Data Plane Applications Layer Router/Switch Control Layer Control Plane Control Plane Data Plane Data Plane Infrastructure Layer / Data plane Router/Switch Router/Switch Router/Switch

SDN Architecture SDN Applications LICATION LAYER Business Applications API API API SDN Control Plane Controller CONTROL LAYER Network Services NOS Network Operating System (NOS) INFRASTRUCTURE LAYER DATA PLANE SDN Data Plane Devices OpenFlow

SDN Components - (Ecosystem) Cloud Orchestration Network Virtualization Network Functions CLOUD SERVICES AND CAPABILITY CLOUD INTELLIGENCE AND CONTROL OPEN DISTRIBUTED CLOUD INFRASTRUCTURE Virtualization (NFV) CUSTOMERS IT SERVICES (PASS,IAAS) NFV LICATIONS CLOUD ORCHESTRATION & AUTOMATION LICATION SERVICES (SAAS) NETWORK VIRTUALIZATION & AUTOMATION PUBLIC CLOUDS HYBRID CLOUDS SDN VIRTUAL PRIVATE CLOUDS ENTERPRISE PRIVATE CLOUDS

SDN Controller OpenDayLight Management GUI NTN Coordinator Open Source Neutron Plugin -> Red Hat Enterprise Linux OpenStack Platform DCOS Protection Network Application Orchestration & Services OpenDay Light API's (REST) Southbound - OF Northbound -> OpenStack Neutron Base Network Service Functions Topology Manager Stats Manager Switch Manager Host Tracker Shortest Path Forwarding DOVE Manager Traffic Affinity Services Redirection Controller Platform LLSP Services VTN Manager Service Abstraction Layer (SAL) (Plugin Manager, Capability Abstraction, Flow Programming, Inventory etc ) OpenFlow 10 10 13 13 OVSDB OpenFlow Enabled Devices NETCONF LISP Open vswitches BCP PCEP SNMP Additional Virtual & Physical Devices Southbound Interfaces & Protocol Plugins Dataplane Elements (Virtual Switches, Physical Device Interfaces)

OpenFlow / Open vswitch

OpenFlow introduction Controller Openflow - standard for interacting with forwarding OpenFlow Protocol behaviours of switches Control the behaviour of switches Secure Channel Group Table dynamically and programmatically Flow tables, Group tables and OpenFlow Channel (TCP port 6633) Flow Table Flow Table Pipeline OpenFlow Switch

OpenFlow protocol - Messages Controller to Switch :: Switch / Flow table config, Packet out, Barrier, Role Req, Bundle [Controller to Switch messages] Asynchronous :: Packet-in, Flow-removed, Port-status, Controller Role status, Table status, Request forward [Async messages ] Symmetric messages :: Hello, Echo Req/Reply, Error, Experimenter [Symmetric messages]

OpenFlow FlowTables and Routing SDN Controller Packet-in message for table miss Packet IN Controller sends a packet-out mesg OpenFlow compliant Open vswitch specifying action Buffer id -> packet Flow modification Packet OUT Table Miss VM 1 VM 2

OpenFlow FlowTables and Routing Flow Table Components Match fields, Priority, Counters, Instructions, Timeouts, Cookie Flow table match vs miss Flow removal OpenFlow Switch-1 10 Device A 20 Device B Match Action Src Port= 10 Fwd to Port 20 Src Port= 20 Fwd to Port 10

OpenFlow FlowTables SDN Controller Software Group table OpenFlow-enabled Network Device Meter table Counters Instructions Actions FlowTable compared to an instruction set MAC Src MAC dst IP Src IP dst TCP dport Action Count 1020 Port 1 250 5678 Port 2 300 25 drop 892 192 local 120 controller 11

OpenFlow Packet Capture

Open vswitch Networking in Software In 2012 total # of virtual ports surpassed physical ports A opensource software switch High performance forwarding using Linux Kernel Module OpenFlow Compliant Advanced switching features

Open vswitch ovs-ofctl Management Kernel Datapath ovsdb-tool OpenFlow ovs-dpctl sflow ovs-vsctl Userspace daemon Configuration User Space UpCall vswitchd database Since RHEL 64 ovsdb Reinject Kernel Netlink Packet Processing Datapath From NetDevice Promiscuous Mode To NetDevice Flow Table Management WorkFlow

Open vswitch operations Normal mode vs Flow mode Flow Table Match based on L2/L3/L4 Forward, Drop Modify headers Systemtap Probe

OpenStack (SDN)

OpenStack Architecture

Nova Networking - Early days of Openstack networking -Flat, Flat-DHCP, VLAN - No router, firewalls etc

Neutron Neutron is at the northbound side of the SDN framework Neutron provides network services to the Nova compute

Neutron plugin architecture Neutron services Neutron API Various plugins connect to controllers or OpenFlow Switches API Extensions Neutron Service L2 Network Abstraction Device and Service framework Does NOT do any actual Implementation of abstraction Neutron Plug-in API Vendor User Plug-in Maps Abstraction to Implementation on Physical Network Makes all decisions about how a network is implemented Can provide additional features through API extension

OpenStack Network Topology

Red Hat Enterprise Linux OpenStack Platform OpenStack SDN Open vswitch Various Components Iptables IPTABLES Open vswitch Tunnels Overlay networks Overlays Tunnels GRE/VXLAN Network Namespace Netfilter NAT for Floating IP addresses Netfilter NAT Network Namespaces

OpenStack Floating IP Red Hat Enterprise Linux OpenStack Platform

Red Hat Enterprise Linux OpenStack Platform OpenStack SDN A, B, C :: Tap, Fw Bridge, Iptables D, E :: VLAN tagging F, G :: Tunnels Open vswitch, GRE O, P :: DHCP M, N :: Router Netfilter NAT

Future Trends Need to stick to open standards Need to have a stable SDN ecosystem Standardization for various components Allows for various vendor solutions (open/closed source) Scope for Innovation at each layer- Apps, Controller, Protocols, Devices (Physical/Virtual) Possible scope for Hardware acceleration products in SDN space Evolution of NOS

Thank You! Questions? <vdasgupt@redhatcom> Please complete this session survey available on the mobile app :: Complete 8 surveys Win Exciting Prizes!! Slides in PDF will be available later at wwwredhatcom/summit/2014/presentations