3rd sdn interest group seminar-session 3 (130123)
DESCRIPTION
지난 2013년 1월 23일 진행된 제3차 SDN Interest Group Seminar의 발표 자료 입니다.TRANSCRIPT
Jan, 2013
DMX Technologies Korea SDN Strategy team
SDN / OpenFlow
Network Operation Problem
▌ Automation ▌ Agility ▌ Integration ▌ Maintainable
Software 영역 (Control Plane)
Hardware 영역 (Data Plane)
Routing
Policy
QoS
ㅖ Forwarding
SDN 네트워크 장비
SDN Architecture
SDN Controller
NEC SDN Architecture
NEC SDN Portfolio - Controller PFC (ProgrammableFlow Controller) – PF6800
• First generally-available OpenFlow controller
• OpenFlow 1.0.0
• Linux appliance
PF6800 ProgrammableFlow Controller Appliance
Benefits
• Dramatically reduces network operation costs through simplified network management
• Increases service agility by providing network control through a single pain of glass
• Improves return on investment by Increasing network and server utilization
• Reduces power and space requirements verses chassis deployments
• Achieves greater resiliency to network equipment failures
• Foundation for multi-vendor network hardware environment OpenFlow Control (Trema)
Physical Topology Manager
Path Control
L2L3 Stack
• Topology
Discovery,
Self Repair
• Multitenant
Networks
• Flow Table Entry
Management
• Flow allocation
based on Policy
• Policy
Management
VTN VTN VTN
API
NEC SDN Portfolio - Switch PFS (ProgrammableFlow Switch) – PF5240 • 48 10/100/1000 ports + 4 1000/10000 ports
176Gbps fully non blocking switching
• OpenFlow Support - Flow Entries capabilities of 64,000-160,000
• Hybrid OpenFlow
• Connects OpenFlow Networks to L2/L3 Networks
• Virtual switch instance for running OpenFlow and distributed protocols on the same equipment
PF5240 ProgrammableFlow Switch
Benefits
• ProgrammableFlow OpenFlow technology delivers chassis like capabilities with fixed ports economics
• NEC OpenFlow capability delivers enterprise class performance with dramatic reductions in network complexity and configuration
• High-availability location free networks with hitless fail-over and hot insertion/removal of units
• Layer 2 / Layer 3 OSPF,BGP, RIP,VRRP, PIM, MLD STP, RSTP, MSTP, PVST, IGMP, Rate limiting, bandwidth control
• Data Center Ready
- Modular design with internal redundant hot– swappable power supplies and fan - 4 sfp+ ports supporting cost effective SFP+ SR - Front to Back/Back to Front Airflow
NEC SDN Portfolio - Switch PFS (ProgrammableFlow Switch) – PF5820
• 10GbE(SFP/SFP+) x 48 ports + 40GbE(QSFP+) x 4 ports
• OpenFlow based flow handling with hardware at full wire rate (1.28Tbps)
• Support Layer 2 (MAC) forwarding table manipulated through OpenFlow
• Layer 2 (MAC) Table max 96K entries
• 12-tuple flow table max 750 entries
• Redundant hot swappable power supplies
• Rack-mountable in standard 19" racks. Dimensions17.3" wide, 19.0" deep, 1U high
PF5820 ProgrammableFlow Switch
New ProgrammableFlow Switches
• PF5248
- 10G * 8 ports - Functionally equivalent to PF5240
• PF5220 (Japanese market, US market : TBD) - 10G * 2 ports + 1G * 24 ports - Functionally equivalent to PF5248
• PF1000(Japanese market, US market : TBD) - Windows Server 2012 Hyper-V virtual SW with OpenFlow
1. Management and Design : Drag and Drop Network Design
2. Security : Network isolation and access control (ACL)
3. Automation: VM Mobility and Traffic Steering • Mobility support of physical hosts and VMs
• Routing / Path management
• Layer 2 multipath routing (N=8 )
• Operational Rerouting of flows (without any packet loss)
• Automatic detour of all flows through nodes
• Redirection
• Redirect matched flows with specified 12 tuple flow entries
(exact match, wild card match, and its any mix)
4. Reliability • Controller: Active-Standby Redundancy
• Switches: N Active Redundancy
• Links : Link Aggregation, Multi-Chassis LAG (N Active)
• Automatic network failure recovery (for all failure modes)
5. Openness • Services independent from hardware
8
NEC SDN Unique Features
Awards
Q1. Numbers of flow in switch? OpenFlow is based on “flow switching architecture” and requires a lot of flow entry in switches
Answer From NEC: NEC’s switch has extra TCAM to accommodate up to 160K flow entry (commercial chip has only 2K to 4K flow entry)
Q2. Multi-layer forwarding?
OpenFlow 1.0 specifies 12 tuple (L1/L2/L3/L4) based matching condition and header rewriting
Answer From NEC: NEC PFS provide hardware based (not software!) 12 tuple matching condition and rewriting
(mac rewriting, strip VLAN, IP header and etc.)
SDN Answer From NEC
SDN Answer From NEC Q3. Network virtualization
OpenFlow is just a protocol and doesn’t provide network virtualization.
Answer From NEC: NEC provide VTN (Virtual Tenant Network) which completely separate physical and logical network resource. User can fully design and configure network only logical views
Q4. Broadcast
OpenFlow is controller based architecture. Controller need to manage all broadcast traffic as single point.
Answer From NEC: NEC has wire rate broadcast/multicast solution, “In-band BC/MC” as vender extension.
NEC SDN Virtualized Network
Automated Deployment on Physical Network
Virtualized Physical Network • Hides physical switches, ports, network topology, protocols • Zero switch/port level configuration on deployment • Automatically optimizes underlying network resources
Virtual Router
Virtual Bridge
Physical Network
Virtualized Network
NEC SDN Virtualized Network
Physical Network Layer 2 Virtualized Network #1
Layer 2 Virtualized Network #2
Layer 3 Virtualized Network #3
Virtualized Network
Nippon Express Benefits from NEC SDN
NEC SDN Reference
분 류 고 객 사
Cloud
Data Center
Campus Network
Research Network
Carriers
NEC Demo - Physical Topology
PFS#1 PFS#2
PFS#4 PFS#3
Client Server
Server
PFC
PFC : NEC Controller ( 2대, 이중화 구성)
PFS : NEC Switch (4대, PF 5240) Server : HP DL380p Gen8 (3대, vSphere 5.1)
OpenFlow Network
NEC Demo - Virtual Topology
VTN 101
192.168.1.X 192.168.11.X
Client Server
VTN 102
192.168.1.X 192.168.11.X
192.168.3.X 192.168.13.X
VTN 103
VTN : Virtual Network
NEC Demo #1 – Traffic Steering
시나리오 내용 : - 기 생성된 가상네트워크 VTN 101과 VTN 102에서 각각 비디오 영상과 Ping 트래픽 생성 - 이 중 VTN 101의 비디오 영상만 경로 변경 수행 시나리오 결과 : Switch의 Configuration 변경 없이 가상 네트워크 구현 및 Traffic Steering - IP 대역, 트래픽 경로, 서버, 클라이언트 위치 등 모든 조건이 같으면서 서로 간 독립된 가상네트워크 구현 - 특정 가상 네트워크의 트래픽만 선별적 Traffic Steering 구현 & 끊김 없는 서비스 제공
ping Server
비디오 Server
VTN 101
VTN 102
Client Server
VTN 101
VTN 102
ping
비디오
ping
비디오
비디오
비디오 & Ping
Ping 비디오 & Ping
NEC Demo #2 – Fault Tolerant
시나리오 내용 : - 서버와 연결된 PFS 2번 스위치에서 스위치 간 연결 포트를 트래픽 흐름에 따라 순차적으로 절체 시 서비스 안정성 확인 - 서비스 원복 시 처음 의도된 트래픽 경로로 전송 여부 확인 시나리오 결과 : 장애 속에서도 지속적이고 안정적인 서비스 제공 - 장애 시 최적의 경로로 즉시적 이동을 통한 지속적인 서비스 제공 - Full Mesh 구조에서 Loop 발생 없이 전 포트 사용을 통한 효율적 네트워크 운용
ping Server
비디오 Server
VTN 101
VTN 102
Client Server Ping
비디오
VTN 101
VTN 102
ping
비디오
ping
비디오
비디오 & Ping
NEC Demo #3 – Flow Filter
시나리오 내용 : - Controller에서 VTN 102의 ICMP type 8에 대해서 Drop하는 Flow Filter 설정 - VTN 101의 영상 및 Ping, 그리고 VTN 102의 영상 및 다른 ICMP type이 정상적 통신 여부 확인 시나리오 결과 : Controller 설정만으로 전체 네트워크에 즉시적인 ACL 적용 - 동일한 물리적 경로를 지나도 가상 네트워크 간 독립적 운용 - Controller에 의한 즉시적인 네트워크 보안 구성
ping Server
비디오 Server
VTN 101
VTN 102
Client Server
VTN 101
VTN 102
ping
비디오
ping
비디오
Ping
비디오
비디오 & Ping
NEC Demo #4 – VMotion
시나리오 내용 : - PFS 2번에 연결된 서버 상의 VTN 102의 비디오 서버를 PFS 3번에 연결된 서버로 VMotion 수행 - VMotion 완료 후 서비스 지속성 및 Flow 경로 확인 시나리오 결과 : 가상 머신의 장비 간 이동 시 No Down Time 서비스 제공 - VMotion 시 Configuration 변경 불필요
ping Server
비디오 Server
VTN 101
VTN 102
Client Server
Ping
비디오
비디오 & Ping
Server
비디오 Server
비디오
NEC Demo #5 – 가상 네트워크 생성
시나리오 내용 : - 새로운 가상 네트워크 (VTN 103) 생성 - VTN 103에 최대 4Mbps 대역폭 (QoS) 설정 후 PFS 1 -> PFS 4 -> PFS3 -> PFS1 경로로 변경 후 비디오 및 FTP 실행 - VTN 101의 비디오를 PFS 1 -> PFS 4 -> PFS3 -> PFS1 경로로 변경 - VTN 101의 비디오와 VTN 103의 비디오 화질 확인 시나리오 결과 : 유연한 가상 네트워크 생성 및 가상 네트워크에 따른 QoS 구현 - 가상 네트워크의 즉시적 사용 및 가상 네트워크 별 차등 대역폭 보장
VTN 101
VTN 102
Client Server 비디오
비디오 & Ping
Server
비디오
VTN 103 ping Server
비디오 Server
VTN103 가상네트워크 QoS 설정 : 최대 4M 망
1. No Local VLAN setting
- PFC directly configure VLAN settings instead of local setting to PFS
2. Quick Failure recovery
- Reducing failure recovery time by re-routing a group of flows (not re-routing individual flows)
3. IPv6 Routing Function
- Full IPv6 routing by vBridge(L2) and vRouter (L3)
4. OpenStack support
- Essex : GA - Folsom : RC (POC quality and functionality)
Overview of PFlow V4.0