Introduction to Software Defined Networking (SDN) and how it will change the inside of your DataCentre Wilfried van Haeren CTO Edgeworx Solutions Inc. www.edgeworx.solutions
Topics Intro Edgeworx Past-Present-Future Challenges SDN OpenFlow OpenStack Use Cases 2 Edgeworx Solutions Inc. Proprietary & Confidential
About Edgeworx Solutions Inc. Leading systems integrator of next-generation WAN optimization and application performance management solutions Focusing on an improved and more consistent user experience for business critical applications Providing visibility and understanding of application behavior and performance metrics Offering Project Management, Application Assessments, Network Audits, NOC deployments Technology Solutions: Industry Leaders, Best Practices, Niche Vendors with Proven Track Records www.edge-worx.com/+1.647.793.4731/info@edge-worx.com
Introducing the third computing era
2001 VMware released ESX and started virtualizing servers this broke hierarchical network architectures
2006 Amazon releases AWS defined a new IT operating model
2009 100MW+ mega-data centers are built to support hosting and cloud scale changed everything
2012 Software Defined Networking a customer (and SP) cry for help
9 Edgeworx Solutions Inc. Proprietary & Confidential
Problems we re trying to address Faster response to business demands for new tenants, services and applications. More intelligent configuration of network services such as load balancers, firewalls etc. The ability to dynamically map application tiers to required services. Reductions in cost i.e. CapEx via enabling purchase of lower cost infrastructure Same for OpEx via reducing administrative overhead of device centric configuration. Ability to create new revenue streams via more intelligent network service offerings, think Cloud Storage and AWS services Reduction in lock-in from proprietary systems. Better network integration with cloud management systems and orchestration tools. Better network efficiency through closer match of network resources to application demands. 10 Edgeworx Solutions Inc. Proprietary & Confidential
a host of new network intensive and network integrated applications changed the end-to-end IT stack
SDN thinking in a nutshell Infrastructure specific to specific apps Applications abstracted from infrastructure Vertically integrated, proprietary stacks Open technologies, maximum generalization Vendor lock-in, Forklift refreshes Best-of-breed, continuous innovation Multiple management domains Homogenous, universal automation Complex and custom architectures Simple, repeatable and scalable architectures IT becomes the service provider
What is Software Defined Networking? Purist View a strict separation of control plane and data plane Pragmatic View a network architecture designed to be programmed by high-level languages and APIs A Common View SDN = Network Virtualization
SDN, DC considerations Assess all aspects to deliver cohesive network service: Packet delivery routing/switching as required. Considerations such as requirements for bridging semantics (flooding, broadcast), bandwidth, multi-pathing etc. L4-L7 service integration The ability to map application tiers to required network services such as load-balancers and firewalls. Virtual network integration Virtual switching support for your chosen hypervisor(s). This will be more complex in multi-hypervisor environments. Physical network integration Integration with bare-metal servers, standalone appliances, network storage and existing infrastructure. Physical management The management of the physical network nodes, required configuration of ports, VLANs, routes, etc. Scalability Ability to scale application or customer tenancy beyond the 4000 VLAN limit. Flow management The ability to program network policy from a global perspective. 14 Edgeworx Solutions Inc. Proprietary & Confidential
Software Defined Networking (SDN) SDN centralizes control of the network by separating the control logic to off-device computer resources. All SDN models have some version of an SDN Controller, as well as southbound APIs and northbound APIs Controllers: The brains of the network, SDN Controllers offer a centralized view of the overall network Controllers enable network administrators to dictate to the underlying systems (like switches and routers) how the forwarding plane should handle network traffic. Southbound APIs: SDN uses southbound APIs to relay information to the switches and routers below. OpenFlow, considered the first standard in SDN, was the original southbound API and remains as one of the most common protocols. Northbound APIs: SDN uses northbound APIs to communicates with the applications and business logic above. These help network administrators to programmatically shape traffic and deploy services. 15 Edgeworx Solutions Inc. Proprietary & Confidential
SDN framework 16 Source: www.opennetworking.org
SDN Physical and Virtual Network Integration 17 Edgeworx Solutions Inc. Proprietary & Confidential
Open to Many Controllers & Programming Models OpenFlow support with all major controller vendors OpenStack support with contributions to Quantum to enable seamless provisioning Native VMware integration into vcloud and NSX - VXLAN integration Native OMI Microsoft Integration Native API calls being developed with key partners. Enables network automation through event manager
What is OpenFlow? In a Nutshell Wikipedia Definition: "A communications protocol that gives access to the forwarding plane of a network switch or router over the network." Essentially a remote API for control that allows an external controller to manage (mostly) L2/L3 forwarding and some header manipulation Developed at Stanford 2007-2010, since 2011 managed by the Open Networking Foundation Implementations exist from all major networking vendors (although commercial availability varies) It is currently the only open and standardized SDN protocol out there - Many opinions on design, features, and scope - General consensus that it is "good enough"
The Benefits of SDN Offering a centralized, programmable network that can dynamically provision so as to address the changing needs of businesses, SDN also provides the following benefits: Reduce CapEx: SDN potentially limits the need to purchase purposebuilt, ASIC-based networking hardware, and instead supports pay-asyou-grow models Reduce OpEX: SDN enables algorithmic control of the network of network elements (such as hardware or software switches / routers that are increasingly programmable, making it easier to design, deploy, manage, and scale networks. The ability to automate provisioning and orchestration optimizes service availability and reliability by reducing overall management time and the chance for human error. Deliver Agility and Flexibility: SDN helps organizations rapidly deploy new applications, services, and infrastructure to quickly meet changing business goals and objectives. Enable Innovation: SDN enables organizations to create new types of applications, services, and business models that can offer new revenue streams and more value from the network. 20 Edgeworx Solutions Inc. Proprietary & Confidential
OpenStack 21 Source:https://www.openstack.org/
22 Edgeworx Solutions Inc. Proprietary & Confidential
Introducing the third computing era
Use Cases Network Monitoring OpenFlow switches provide detailed accounting data (similar to SNMP interface counters) with every flow. OpenFlow controller can collect that data and give network operators the traffic statistics at the exact granularity they need be it aggregate IP statistics, per-mac address (or VM) statistics, or even per-application statistics. Programmable Network Taps Using OpenFlow to implement programmable network taps either more intelligent traffic mirroring than the traditional SPAN/RSPAN functionality or filtering the traffic before it s sent to the monitoring/troubleshooting tools has become the Hello World SDN application. Service Insertion OpenFlow functionality is trialed by large service providers to insert user-specific services (authentication, firewalling, caching...) into the packet forwarding path. Scale-Out Load Balancing Stateful network services implemented with OpenFlow remain an elusive goal it s still impossible to implement a flow-based hardware switching fabric programmed with individual user session flows in real time. On the other hand, you can use OpenFlow for coarse-grained traffic distribution to a scale-out farm of stateful network services nodes; an architecture that allows you to bypass the limitations of traditional stateful hardware appliances like load balancers and firewalls. 24 Edgeworx Solutions Inc. Proprietary & Confidential
25 Source:http://www.cohodata.com/
Use Cases (2) DoS Mitigation Tools DoS mitigation solutions can use traffic statistics provided by OpenFlow switches to detect traffic anomalies, engage the traffic redirection capabilities of an OpenFlow controller to divert suspicious traffic to a DoS detection appliance Policy Enforcement You can use the comprehensive traffic filtering functionality offered by some virtual networking SDN solutions to implement a network edge policy enforcement solution. OpenStack Virtual Networking OpenStack cloud management platform implements network virtualization with third-party plugins. 26 Edgeworx Solutions Inc. Proprietary & Confidential
Thank You