Академический Документы
Профессиональный Документы
Культура Документы
Virgil Dobrota
Technical University of Cluj-Napoca, Romania
Virgil.Dobrota@com.utcluj.ro
1
Copyright © Virgil Dobrota 2015, All rights reserved
My background
Affiliation:
- IEEE Communications Society (since 1990)
- ACM SIGCOMM (since 1994)
Teaching:
- Switching & Routing Systems
- Internet Protocols
- Unified Communications
Research
- Cross-Layer QoS
- Seamless connectivity
- Passive/active measurements in Internet
2
Copyright © Virgil Dobrota 2015, All rights reserved
Course Outline
1. Introduction
2. Legacy Networking Definitions
3. SDN
4. SDN and OpenFlow
5. SDN and OpenStack
6. SDN and NFV
7. SDN and OpenDayLight
8. SDN and MPLS
9. SDN and 5G
10. Practical Demonstration
11. Conclusions
12. References
3
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow, NFV, MPLS, etc.
OpenFlow
OpenDay
5G
Light
… SDN …
OpenStack MPLS
NFV
4
Copyright © Virgil Dobrota 2015, All rights reserved
2. Legacy Networking Definitions
5
Copyright © Virgil Dobrota 2015, All rights reserved
Definitions 1/5
A network architecture has data, control and management planes.
Data Plane:
• Tasks: forwarding of the user traffic
• Devices: switches (usually Layer 2 devices), routers (Layer 3 devices)
• Examples of components:
6
Copyright © Virgil Dobrota 2015, All rights reserved
Definitions 2/5
Control Plane:
• Tasks: signaling how to forward the user traffic. The routing functions could
be distributed across multiple processors
• Examples:
7
Copyright © Virgil Dobrota 2015, All rights reserved
Definitions 3/5
Management Plane:
• Tasks: methods of configuring the control plane
• Examples:
8
Copyright © Virgil Dobrota 2015, All rights reserved
Definitions 4/5
Virtualization has been proposed long time ago. So nothing is new under the sun…
9
Copyright © Virgil Dobrota 2015, All rights reserved
Definitions 5/5
10
Copyright © Virgil Dobrota 2015, All rights reserved
3. SDN
11
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 1/12
“The physical separation of the network control plane from the forwarding plane,
and where a control plane controls several devices” [ONF15]
“SDN is new networking paradigm where control of the network is decoupled from
the hardware allowing a logically centralized software program to control the
behavior of an entire network” [6WIND15]
12
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 2/12
Standardization Bodies
13
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 3/12
Source: https://www.opennetworking.org/images/stories/downloads/sdn-resources/white-papers/wp-sdn-newnorm.pdf
14
SDN 4/12
IETF’s SDN
architecture
RFC 7426,
January 2015
Source:
https://tools.ietf.org/html/rfc7426
15
SDN 5/12
ITU-T’s SDN
architecture
Y.3300,
July 2014
Source: http://www.itu.int/rec/T-REC-Y.3300-201406-I
16
SDN 6/12
6WIND’s SDN
architecture
Source: http://www.6wind.com/solutions/software-defined-networking/ 17
SDN 7/12
ToR Switch: is the Top-the-Rack switch in a data center (multiple I/O interfaces
GbE/10GbE/40GbE etc.) acting at Layer 2 and Layer 3, performing bridging and Fibre
Channel over Ethernet (FCoE) for an entire rack of servers.
SDN Controller: is used in Control Plane and exposes several APIs. Southbound API
is used for logical centralized control of network resources (i.e. Open vSwitches) in
Data Plane, whilst the Northbound one allows the network/security/business
applications to perform a programmatic control of abstracted network resources. The
Westbound and Eastbound APIs are used for horizontal interoperability (handover)
with other SDN controllers. Note that it could run on a (virtual) server.
18
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 8/12
AT&T’s SDN
architecture
Source:
https://www.att.com/Common/about_us/pdf/AT&T%20Domain%202.0%20Vision%20White%20Paper.pdf
19
SDN 9/12
Question 1: Why should we physically separate the control plane from the data
plane?
20
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 10/12
Answer to Question 1:
• Each node is trying to perform rerouting but from neighbors perspective.
Thus the forwarding decision may not be optimized overall.
• There are a lot of middle-boxes in the network (NAT, firewall, load balancers)
without re-routing capabilities.
• Network devices are provided by several vendors (with there own operating
system, configuration rules). Thus the admin does not have to configure each
switch individually.
• A centralized SDN controller has a complete vision about the network that
allows a faster response to link or node failures.
• The routing loops are avoided.
• There is a single interface to Application Layer.
21
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 11/12
22
Copyright © Virgil Dobrota 2015, All rights reserved
SDN 12/12
Answer to Question 2:
• A single point of failure
• A major target for the attackers
• FIB updates provided by the controller to the switches may generate
inconsistency when the geographical distances do matter.
Countermeasures:
• Several SDN controllers may work in a cloud-based network
• Multiple controllers could be logically/physically distributed, hierarchical or hybrid.
Advantages: traffic load balancing using ECMP (Equal-Cost Multi-Path) or
other scheme [Aky14]
Disadvantages: this process has a latency
23
Copyright © Virgil Dobrota 2015, All rights reserved
4. SDN and OpenFlow
24
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 1/17
25
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 2/17
• Counters: maintained for each table, flow, port, queue, group, and bucket
• Instructions: packet forwarding, packet modification, group table
processing, and pipeline processing. Note that pipelining allows packets to be
sent to subsequent tables for further processing.
28
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 5/17
Ingress processing:
• Find the flow entry with the highest-priority matching
• Apply instructions:
- apply actions instruction: modify packet & update matching field
- clear actions and/or write actions instructions: update action set
- update metadata
• Send the packet + action set to next table or sent the first packet of the
unknown flow to SDN controller or discard the packet.
30
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 7/17
Egress processing:
• Separation in pipeline processing from ingress part is indicated by the first
egress flow table e
• Note that: Flow Tables 0…n are for ingress only and Flow Tables e…e+m for
egress only (e>n !!!)
• Egress processing is optional. If Flow Table e is not valid (or not
configured)
=> packet goes to the output port
31
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 8/17
Table-miss flow entry within Flow Table: all matching fields omitted +
lowest priority (0) =>
• send packet to SDN controller to ask for a new forwarding rule in TCAM/FIB
• drop packet
• send packet to next Flow Table
In case of missing, the packets are discarded (similar to the case of missing the
default route for destination IP networks not defined within the routing table).
32
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 9/17
34
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 11/17
35
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 12/17
36
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 13/17
37
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 14/17
38
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 15/17
39
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenFlow 16/17
Answer to Question 3:
• Yes, the competitors are BGP Border Gateway Protocol), XMPP (Extensible
Messaging and Presence Protocol), OVSDB, NETCONF (for management, see
RFC 6241) etc.
[Pep14b] Ivan Pepelnjak, SDN and OpenFlow -The Hype and the Harsh Reality, ipSpace.net AG, 2014, pp.7-8
40
SDN and OpenFlow 17/17
• The trend is to replace the imperative languages (telling the "machine" how to
do something, and as a result what you want to happen will happen, e.g. C, Java
etc.) by declarative languages (describing what you want to do, and not how
you want to do it, e.g. Haskell, Erlang etc.).
• Cisco claims that APIC-EM can enable independent software developers to create
innovative network services and applications on top of a vendor-independent
network device. See
https://developer.cisco.com/site/networking/DevNetZone/
42
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenStack 1/2
OpenStack components:
GLANCE: stores and retrieves
virtual machine disk images
HORIZON: provides a web-based
self-service portal
KEYSTONE: responsible for the
authentication and authorization
service
NOVA: manages the lifecycle of
compute instances
NEUTRON: enables network
connectivity as a service for other
OpenStack services (such as
OpenStack Compute)
HEAT: the orchestrator of the
OpenStack: Open source project developed cloud CEILOMETER: monitors and
by OSF (OpenStack Foundation) as a cloud meters services within the cloud
operating system for computing, networking TROVE: provides a scalable and
and storage. reliable database.
43
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenStack 2/2
45
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and NFV 1/3
Source: https://www.sdxcentral.com/articles/contributed/nfv-and-sdn-whats-the-difference/2013/03/
46
SDN and NFV 2/3
Source: https://portal.etsi.org/NFV/NFV_White_Paper.pdf
48
Copyright © Virgil Dobrota 2015, All rights reserved
7. SDN and OpenDayLight
49
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and OpenDayLight
Source: https://www.opendaylight.org/lithium
50
8. SDN and MPLS
51
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and MPLS 1/2
Source: http://archive.openflow.org/wk/index.php/MPLS_with_OpenFlow/SDN
52
SDN and MPLS 2/2
Source: http://archive.openflow.org/wk/index.php/MPLS_with_OpenFlow/SDN
53
9. SDN and 5G
54
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and 5G 1/6
Characteristics:
• Transfer rates > 1 Gbps
• Ultra Wide Band (UWB)
• Virtualization of HLRs, VLRs, eNodeB,
RANs
• Software-based approach (Software-
defined radio, SDN, seamless access)
• Smart antennas, smart cells
• Multi-access, multi-homing, Device to
Device (D2D) etc.
• Multi-tenancy (a single instance of a
software application serves multiple
customers (called atenants).
55
Copyright © Virgil Dobrota 2015, All rights reserved
SDN and 5G 2/6
SDN over
Wireless Mesh
Networks
• Wireless Mesh
Routers (WMR)
dynamically
selects end-to-
end paths
through the
mesh based on
maximizing
client-server
throughput and
minimizing
latency.
Source: [Gra15]
Source: https://5g-ppp.eu/wp-content/uploads/2015/02/5G-Vision-Brochure-v1.pdf
57
SDN and 5G 4/6
Source: https://5g-ppp.eu/wp-content/uploads/2015/02/5G-Vision-Brochure-v1.pdf
Source: https://5g-ppp.eu/wp-content/uploads/2015/02/5G-Vision-Brochure-v1.pdf
59
SDN and 5G 6/6
SDN, NFV, cloud systems are milestones in 2015-2017 for 5G deployment after
2020…
Source: https://5g-ppp.eu/wp-content/uploads/2015/02/5G-Vision-Brochure-v1.pdf
60
10. Practical Demonstration
61
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 1/8
Real implementation
of an SDN-based
testbed migrated into
a private cloud: An
OpenStack Approach
[Uli14]
62
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 2/8
63
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 3/8
64
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 4/8
66
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 6/8
67
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 7/8
68
Copyright © Virgil Dobrota 2015, All rights reserved
Practical Demonstration 8/8
69
Copyright © Virgil Dobrota 2015, All rights reserved
11. Conclusions
70
Copyright © Virgil Dobrota 2015, All rights reserved
Conclusions
71
Copyright © Virgil Dobrota 2015, All rights reserved
12. References
72
Copyright © Virgil Dobrota 2015, All rights reserved
References: Books
[Aky14] I.F. Akyildiz, A.Lee, P.Wang, M.Luo, W.Chou, “A roadmap for traffic
engineering in SDN-OpenFlow networks”, Computer Networks, 71 (2014),
pp.1–30
[Azo13] S. Azodolmolky, P. Wieder, and R. Yahyapour, “Cloud computing
networking: challenges and opportunities for innovations”, IEEE
Communications Magazine, 51(7), 2013, pp.54-62
[Fur13] A.G. Furculita, M.V. Ulinic, A.B. Rus, and V. Dobrota,
“Implementation Issues for Modified Dijkstra’s and Floyd-Warshall Algorithms
in OpenFlow", 12th IEEE RoEduNet International Conference, Constanta,
Romania, 2013, pp.50-55, DOI:10.1109/RoEduNet.2013.6714208
[Gra15] F.Granelli, et al., “Software defined and virtualized wireless access in
future wireless networks: Scenarios and standards”, IEEE Communications
Magazine - Communications Standards Supplement, June 2015, pp.26-34
[Kre15] D. Kreutz, F.M.V. Ramos, P. Esteves Verissimo, C. Esteve
Rothenberg, S. Azodolmolky, and S. Uhlig, “Software-Defined Networking: A
Comprehensive Survey”, Proceedings of the IEEE, Vol. 103, No.1, 2015,
pp.14-76
74
Copyright © Virgil Dobrota 2015, All rights reserved
References: Papers 2/2
75
Copyright © Virgil Dobrota 2015, All rights reserved
Acknowledgments
76
Copyright © Virgil Dobrota 2015, All rights reserved