demystifying sdn saurav das sauravdas@alumni.stanford.edu at&t talk 3/27/14 1

Demystifying SDN

Saurav Dassauravdas@alumni.stanford.edu

AT&T Talk3/27/14

1

2

A number of slides are courtesy of

www.sdnacademy.com

Outline

• What is SDN? (or how was it originally intended)

• Different Shades of SDN

• SDN Myths and Misconceptions

© 2013 SDN Academy, LLC™. All Rights Reserved. 4

(A) Forwarding Abstraction: Match-Action Tables

(B) State-Distribution Abstraction: Global View

Network OS running on distributed controllers

NORTHBOUND

SOUTHBOUND

Configuration; Control over Forwarding; Monitoring

What is SDN?

© 2013 SDN Academy, LLC™. All Rights Reserved. 5

What is an Abstraction?

Data – plane abstractions

Where are the control-plane abstractions?

© 2013 SDN Academy, LLC™. All Rights Reserved. 6

Where are the Control-Plane Abstractions? • Networking is about getting stuff from here to there …• Is OSPF a topology abstraction?• Is OSPF a routing abstraction?

• Can I use it to route IPv6 traffic? • well you need v2 for IPv4 and v3 for IPv6

• Can I use it to route multicast traffic?• no you need MOSPF or PIM

• Can I use it in Ethernet networks?• no you need TRILL (with IS-IS) for that

State Distribution Mechanisms

Switch Operating

System

DistributedNetwork Functions

IGP- Route Advert, Link-State

OSPFv2

TE Label Distribution

RSVP-TE

VPN-IPv4 Route Advert

MP-BGP

E-BGP learned Route Advert

I-BGP + RR

PE Label Distribution

LDP

Developing a Control Plane Abstraction

Requires

Developing a Data Plane (Forwarding) Abstraction

Towards a Forwarding Abstraction

7

(A) Forwarding Abstraction

8

A way to define forwarding behavior that is not layer or vendor specific

Interfaces are the Realizations of Abstractions

9

10

(B) State Distribution Abstraction

Abstracted away by Network Operating System

State Collection Dissemination & Synchronization

Application Isolation

Proposed abstraction: global network view

Control program should not have to handle distributed-state details

11

App

Switch

Switch

Switch

App App

SwitchSwitch

Controller

northbound interface

So What is SDN?

southboundInterface eg. OpenFlow

Forwarding Abstraction:Match-Action Tables

Control Abstraction:Global View

Interfaces are the Realizations of Abstractions

© 2013 SDN Academy, LLC™. All Rights Reserved. 12

What is SDN? – A Simpler View

SDN has two defining characteristics.

First, it physically separates the control plane (which

decides how to handle the traffic) from the data plane

(which forwards traffic according to decisions that the

control plane makes). Second, SDN consolidates the control plane, so that a single instance controls multiple data- plane elements

-- The Road To SDN, http://queue.acm.org/detail.cfm?id=2560327

© 2013 SDN Academy, LLC™. All Rights Reserved. 13

Benefits of SDN1.Simpler Control with Greater Flexibility• Networks work because we can master complexity, but what

we should be doing is extracting simplicity, with the right abstractions

2.Programmability: Speed of Innovation, Ease of Service Insertion & Faster Time to Market• Does not involve changing/creating a fully distributed

protocol

3.Lower Total Cost of Ownership (TCO)• Lower Opex – easier to manage, troubleshoot, emulate,

automate, optimize• Lower Capex – replacing proprietary hardware, pay for what

you need and no more.

© 2013 SDN Academy, LLC™. All Rights Reserved. 14

[1] ‘Pure’ SDN / ‘True’ SDN?

14

(A) Forwarding Abstraction: Match-Action Tables

(B) State-Distribution Abstraction: Global View

Network OS running on distributed controllers

NORTHBOUND

SOUTHBOUND

Configuration; Control over Forwarding; Monitoring

Separation D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

© 2013 SDN Academy, LLC™. All Rights Reserved. 15

Different Shades of SDN

• ‘Pure’ SDN or ‘True’ SDN

• Orchestration/ Automation/ Gluework• Traditional Networking + SDN ‘Hook’• Overlay Networks for DC Network Virtualization• Traditional Networking + White-Box• Traditional Networking + White-Box + Orchestration• Decoupled Traditional Networking• Decoupled Traditional Networking + Global View• Open Source Networking

© 2013 SDN Academy, LLC™. All Rights Reserved. 16

[2] Orchestration/Automation/GlueworkSeparation

D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

“Controller”

VendorX

VendorY

VendorZ

CLI

EMS EMS

ProvidesAutomation

By Orchestrating Across

Automation ProgrammabilityModified NMS, OpenStack, cli-scripts automateConfiguration & provisioning

Changing Behavior

(if-then-else)

© 2013 SDN Academy, LLC™. All Rights Reserved. 17

[3] Traditional Networking + ‘SDN Hook’Legacy Preserving with Claimed Advantages A. Customer realizes benefits of SDN on same infrastructureB. Allows vendor to build SDN on existing products

CLI Replacement

‘Controller’ Instead of CLI expect scripts, write python programs

L2 L3 Tunnel ECMP ACL

PBR overide

Under traditional networking control

© 2013 SDN Academy, LLC™. All Rights Reserved. 18

[3] Traditional Networking + ‘SDN Hook’Legacy Preserving with Claimed Advantages A. Customer realizes benefits of SDN on same infrastructureB. Allows vendor to build SDN on existing products

PointSolutions PCE

Exampe:PCE based

PCEPBGP-LS

RSVP, LDPOSPF v2, OSPF v3, ISISMP-BGPI-BGP + RRMOSPF, PIM

© 2013 SDN Academy, LLC™. All Rights Reserved. 19

[3] Traditional Networking + ‘SDN Hook’Legacy Preserving with Claimed Advantages A. Customer realizes benefits of SDN on same infrastructureB. Allows vendor to build SDN on existing products

‘Controller’HybridSolutions /‘Ships-in-the-night’

Some VLANs have SDN control

© 2013 SDN Academy, LLC™. All Rights Reserved. 20

[3] Traditional Networking + ‘SDN Hook’Separation

D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Legacy Preserving with Claimed Advantages A. Customer realizes benefits of SDN on same infrastructureB. Allows vendor to build SDN on existing products

CLI Replacement

‘Controller’ Instead of CLI expect scripts, write python programs

PointSolutions

‘Controller’ Eg. PCE based

HybridSolutions /‘Ships-in-the-night’

‘Controller’ Some VLANs have SDN control

© 2013 SDN Academy, LLC™. All Rights Reserved. 21

[4] Overlay Networking

‘Controller’

Separation D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Underlying L2/L3 fabric

R1

R2 R3

B1

B2

B3

OrchestratorOpenStack,CloudStack,VMWare

vSwitch,vRouter

R1

R2

R3 B3

B1

B2

Context: Data center network virtualization for public/private cloud; presented from the viewpoint of the cloud provider (not the tenant)!

© 2013 SDN Academy, LLC™. All Rights Reserved. 22

[5] Traditional Networking + White Box

Data Path (Hardware)

Control Plane (Software)

Separation D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Merchant Silicon

White -box

© 2013 SDN Academy, LLC™. All Rights Reserved. 23

[5.5] Traditional Networking + White Box + Orchestration

Data Path (Hardware)

Control Plane (Software)

Separation D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Merchant Silicon

White -box

© 2013 SDN Academy, LLC™. All Rights Reserved. 24

[6] Decoupled Traditional NetworkingSeparation

D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Traditional networking control plane

Usually proprietary, could be OF,See IETF ForCES

1. Software stacks

2. Merchant

Silicon

© 2013 SDN Academy, LLC™. All Rights Reserved. 25

[6.5] Decoupled Traditional Networking + Global View

Separation D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Traditional networking control plane

Usually proprietary, could be OF,See IETF ForCES

1. Software stacks

2. Merchant

Silicon

‘Controller’

© 2013 SDN Academy, LLC™. All Rights Reserved. 26

[7] Open Source NetworkingSeparation

D <---> C

Simplicity

Programmability

Lower Capex

Lower Opex

Has Open Source ever worked in networking?What are the best know open source networking projects…• Quagga• OVS… not used in production without modification

What about controllers?:• No open source controller used in production• No open source networking project today is complete solution• Open source is part of the solution

© 2013 SDN Academy, LLC™. All Rights Reserved. 27

SeparateD <---> C

Simplicity

Programm-ability

Lower Capex

Lower Opex

True

SD

N

Orche

strati

on

/Aut

omati

onTr

aditi

onal

net

w. +

SDN ‘H

ook’

Trad

ition

al n

etw. +

Whi

te B

ox

Overla

y Net

works

for D

C ne

t virt

.

Decou

pled

Tr

aditi

onal

Net

w.Dec

oupl

ed Tr

ad.

n/w

+ Glo

bal V

iew

Open

Sour

ce

Different Shades of SDN

Trad

ition

al n

etw. +

Whi

te B

ox +

Orch.

© 2013 SDN Academy, LLC™. All Rights Reserved. 28

Myths & Misconceptions• SDN is Network Virtualization

• SDN == NFV

• SDN is about centralized control

• OpenFlow is not mature

© 2013 SDN Academy, LLC™. All Rights Reserved.

state behavior Interfacemsg

match Eth, VLAN, IP, L4flows1.0

Q4 ‘09

single message queuew/optional barriers

ports

forward {0, 1, n}

1.1Q1 ‘11

+ Multiple Tables/Pipelines:

+ Group Tables + forward 1-in-n (ECMP)+ match QinQ, MPLS, SCTP

+ match virtual ports

+ extensible match+ extensible actions

1.2Q4 ‘11

+ IPv6+ multiple controllers

1.3Q2 ‘12

+ per-flow metering+ tunnel-id

OpenFlow has evolved towards production readiness.

+ multiple channels (auxiliary connections)

1.4Q4 ‘13

+ optical ports+ synchronized tables

+ bundle messages

© 2013 SDN Academy, LLC™. All Rights Reserved. 30

Myths & Misconceptions• SDN is Network Virtualization

• SDN == NFV

• SDN is about centralized control

• OpenFlow is not mature

• OpenFlow does not work with current hardware

• OpenFlow does not scale

• Do we really need another protocol?

• I can’t just throw away my existing network …

Source: Ed Crabbe, Google31

Source: Ed Crabbe, Google32

33

Source: Guru Parulkar

34Source: Guru Parulkar

Q & A