network virtualization
DESCRIPTION
Ảo hóa mạngTRANSCRIPT
Virtualized Network Infrastructure using OpenFlowClick to edit Master subtitle style
Ging vin hng dn: TS. Ng Hng Sn Sinh vin thc hin: Nguyn Vn Thnh V Tun Anh5/6/12 BKHN 2011
Ni dung1. 2. 3. 4. 5.
Gii thiu Ti sao li o ha? M hnh mng o ha nh ngha o ha mng Kin trc h tng mng o ha s dng OpenFlow Kt lunBKHN 2011 22
6.
5/6/12
Gii thiuq
H tng mng hin ti rt phc tp v kh qun l. Qu nhiu nh cung cp dch v vi mc tiu v chnh sch khc nhau.
q
q
Xy dng kin trc mng mi hoc thay i kin trc mng hin ti cn s ng thun ca tt c.Yu cu: n gin ha mng m bo tnh mm do nhm p ng s thay i khi cc nhu cu nghip v pht trin V vy: o ha2011 => gip n gin ha v t mng BKHN 33
q
5/6/12
Thch thc Internet trong tng lai
An ton linh ng Qun l mng tin cy v sn sng Kh nng m rng
5/6/12
BKHN 2011
44
An ton
Internet hin nay khng thc s an ton Gii phpo
Thm tnh bo mt, an ton trong mi giao thc Kt hp nhiu thnh phn bo mt khng m bo an ton cho c h thngBKHN 2011 55
Vn o
5/6/12
Nguyn nhn
Tnh linh ng
Yu cuo
Cn h tr cho ng dng v cng ngh di ng: c lp v a l, phng thc truy cp, thay i im truy cp Phn cp nh tuyn S dng a ch khc Phn cp nh tuyn e da tnh m rng v lc IPBKHN 2011 66
Gii phpo o
Vn
5/6/12
Qun l mng
tin cy v tnh sn sng Tnh m rng
E.g: h nh tuyn. Thit k qun l phn tn Thiu cc cng c tnh ton hiu nng s dng ti nguyn
Nguyn nhn
5/6/12
BKHN 2011
77
Ti sao o ha mng
Internet ngy nay hu nh khng cn xu hng thay i - ossifications, khng p ng nhu cu hin ti E.g: Trin khai IPv6:o
IPv6 - gii php cho s cn kit IPv4 Cn c nguyn b giao thc t tng mng: DNS, HTTP, SMTP tr ln chy trn IPv6: TCP6, UDP6 Giao tip gia cc my IPv6 v IPv4 hin t i BKHN 2011 88
o
o
5/6/12
Ti sao o ha mng (cont)
o ha mng l phng php y ha hn cho php th nghim cc giao thc mi (giao thc chn ng, gii php thay th IP) o ha mng khng ging vi cng ngh hin nay nh VPNs Mng o non-IPtng lai c th vn hnh cng mng Internet hin ti
im quan trng: mng o c th 5/6/12c xy dng theo cc tiu ch thit BKHN 2011 99
Ni dung1. 2. 3. 4. 5.
Gii thiu Ti sao li o ha? M hnh mng o ha nh ngha o ha mng Kin trc h tng mng o ha s dng OpenFlow Kt lunBKHN 2011 1010
6.
5/6/12
M hnh o ha mng
M hnh nghip v Kin trc Nguyn l thit k Mc tiu thit k
5/6/12
BKHN 2011
1111
M hnh nghip v
q
Nh cung cp h tng (InPs)q
Qun l h thng mng vt l
q
Nh cung cp dch v (SPs)q
Thit lp v qun l mng oBKHN 2011 1212
5/6/12
q
Kin trc mng
5/6/12
BKHN 2011
1313
Kin trc mng
5/6/12
BKHN 2011
1414
Nguyn tc thit k
Tnh ng thi (Concurrence)o
Nhiu mng tn ti o c lp
Tnh quy cc mng o Tnh k tha cc thuc tnh v kin trc1515
S thm li cc nt o 5/6/12 BKHN 2011 (Revisitation)
Mc tiu thit k
Tnh linh hot - Flexibilityo
Cc nh cung cp dch v c th chn:
Kin trc mng bt k Cc chc nng nh tuyn v chuyn tip iu khin ty bin v d liu
o
Khng cn kt hp vi nh cung cp khc
S tht bi IPv6 khng th xy ra
Kh nng qun l - Manageabilityo
5/6/12
1616 TrchBKHN 2011 ca nh cung cp h tng nghim
Mc tiu thit k
Kh nng m rng - Scalabilityo
Ti a s mng o (VN) cng tn ti Tng kh nng s dng ti nguyn
o
An ton, tnh ring t v c lpo
S c lp hon ton gia cc mng o
V logic v ti nguyn
o
5/6/12
Trong sut khi c s c, li k thut v cu hnh sai BKHN 2011 1717
Mc tiu thit k
Kh nng lp trnh c Programmabilityo
Ca cc phn t h thng nh router D dng v hiu qu m khng d b tn cng vi cc mi e da
o
Tnh c lp Heterogeneityo
Gia cc cng ngh mng: quang, v tuynBKHN 2011 1818
5/6/12
Mc tiu thit k
Tnh nng th nghim v trin khaio
Trin khai trc tip cc dch v trong th gii thc t pha th nghim trn mng o
K thao
Xem Internet hin ti l mt phn ca tp hp cc mng Internet oBKHN 2011 1919
5/6/12
Ni dung1. 2. 3. 4. 5.
Gii thiu Ti sao li o ha? M hnh mng o ha nh ngha o ha mng Kin trc h tng mng o ha s dng OpenFlow Kt lunBKHN 2011 2020
6.
5/6/12
nh ngha o ha mng
5/6/12
BKHN 2011
2121
Ni dung1. 2. 3. 4. 5. 6.
Gii thiu Ti sao li o ha? M hnh mng o ha nh ngha o ha mng H tng mng o ha s dng OpenFlow Kt lun
5/6/12
BKHN 2011
2222
o ha h tng v kh nng lp trnh c To ra nguyn mu nhanh (rapid prototyping) trn h tng o
OpenFlow Network
C kh nng lp trnh2323
5/6/12
BKHN 2011 H iu hnh mng
Mng kh trnh ( Programmable Network)
H tng mng c h tr cng ngh o ha ( kh) cung cp openBKHN 2011 2424
5/6/12
Lp trnh linh hot bng flow
Flow = kt hp no header ca L1, L2, L3 v L4. Chuyn mch da trn flow c thBKHN 2011 2525
5/6/12
OpenFlow
OpenFlow switch OpenFlow channel OpenFlow protocol OpenFlow controller
5/6/12
BKHN 2011
2626
OpenFlow Switch
Vn hnh da theo flow (flow-based)o
Cho php lp trnh m khng lm thay i mt bng d liu (data-plane)
5/6/12
BKHN 2011
2727
OpenFlow Switch
Mt hay nhiu flow table v mt group table Mt knh OpenFlow channel Trnh iu khin qun l
Switch thng qua giao thc OpenFlow protocol (vi giao5/6/12 BKHN 2011 2828
Flow table
Mi flow table bao gm mt tp cc flow entry Mi entry ny bao gm cc trng match field, cc bin m, cc lnh iu khin tng ng vi cc packet c th
5/6/12
BKHN 2011
2929
Flow table
Flow entry:
Rule: nh ngha flow Action: cho bit cc gi tin s c x l nh th no 2011 BKHN
5/6/12
3030
Flow table
X l ng tin:
OpenFlow-only switch: ch h tr cc hot ng c tnh OpenFlow, ch x l cc gi tin trn cc ng tin ring ca OpenFlow OpenFlow-hybrid switch: h tr cho c cc hot ng trn ng tin ca OpenFlow v ca cc switch Ethernet hin ti ni chung. Cc switch ny cung cp mt c ch phn bit c th va x l c cc gi tin trn ng tinBKHN 2011 3131
5/6/12
Flow table
Cc gi tin tng tc vi cc flow table nh th no?
5/6/12
BKHN 2011
3232
Flow table
5/6/12
BKHN 2011
3333
OpenFlow channel
Giao din cho php kt ni mi OpenFlow switch vi mt trnh iu khin. Cc thng ip (message) trn OpenFlow channel phi c nh dng ph thuc vo giao thc OpenFlow protocol. Knh ny c m ha 3434 BKHN 2011
5/6/12
OpenFlow channel
Thit lp kt ni: switch phi c kh nng thit lp kt ni n mt trnh iu khin ti mt a ch IP kh cu hnh), s dng mt cng do ngi dng c t.o
Nu switch bit a ch IP ca trnh iu khin, switch khi to mt kt ni chun TLS hoc TCP ti trnh iu khin. Lu thng trn OpenFlow channel khng thng qua OpenFlow pipeline, do switch phi nh danh tt c cc lu thngBKHN 2011 trc khi 3535 u vi cc qua n i chi
o
5/6/12
OpenFlow channel
Ng bk n trong tr h t t i: ng p switch mt kt ni vi trnh iu khin hin ti, chng hn nh echo request timeout, TLS session timeout, ... N s c gng kt ni vi mt hay nhiu trnh iu khin sao lu. Switch chuyn sang trng thi fail secure mode hay fail standalone mode, ph thuc vo cu hnh hinBKHN 2011 3636
5/6/12
OpenFlow channel
M ha: switch v trnh iu khin c th kt ni vi nhau thng qua kt ni TLS Kt ni TLS c khi to bi switch, mc nh da trn TCP ti cng 6633. switch v trnh iu khin xc thc ln nhau bng vic trao i cc chng ch (certificate) c k bi kha ring ca cc bn.BKHN c mi switch 2011 th c 3737u hnh bi c
5/6/12
OpenFlow protocol
3 kiu thng ip ( message):
controller-to-switch: c khi to bi trnh iu khin v mang ni dung iu khin n switch.
Cu hnh switch Trao i dung lng gia cc switch Qun l bng flow table
5/6/12
asynchronous: c khi to bi switch v c dng cp nht cc s kin ca mng, trng thi ca switch nBKHN 2011 3838
Trnh iu khin (controller)
L yu t quyt nh to nn tnh thng minh cho mng kh trnh Thc th tp trung ha cho ton b mng OpenFlow
5/6/12
BKHN 2011
3939
Trnh iu khin NOX
H iu hnh m ngun m cho mng OpenFlow (Linux: Debian, Red Hat, Gentoo) Cung cp mt platform n gin cho cc phn mm iu khin mng (ngn ng C++, Python) H tr cho c mng ln ( hng trm switch) v mng nh (mt vi host)
Cho php ngi qun tr theo di 5/6/12hin trng hot ng ca mng BKHN 2011 4040
Trnh iu khin - NOX
C th hot ng Lun lng nghe
ch trn mt PC
cc s kin pht sinh t mng
a ra cc lnh
iu khin n cc5/6/12
switch
BKHN 2011
4141
Trnh iu khin - NOX
Webserv Webservi er ce Webservicecli ent Topolog Discove Routin y ry g Authenticat Monitorin or g Funtionalities for Network apps and Web apps 5/6/12 BKHN 2011 4242
Ci t h iu hnh mng
5/6/12
BKHN 2011
4343
Kt lun
Cng ngh OpenFlow cho php xy dng mng kh trnh linh hot H iu hnh mng cung cp nn phn mm cho vic tch hp tnh nng iu khin vo h tng mng
5/6/12
BKHN 2011
4444
Ti liu tham kho1.
Network Virtualization Architecture: Proposal and Initial Prototype, Gr.Schaffrath et al. 2009 NOX: Towards an Operating System for Networks, Natasha Gude et al. OpenFlow: Enabling Innovation in Campus Network, Nick McKeown at al. 2008
2.
3.
OpenFlow Switch Specification, www.openflow.org 2004 4545 5/6/12 BKHN 20114.
CM N THY V CC BN CH LNG NGHE5/6/12 BKHN 2011 4646