school of computing national university of singaporetbma/teaching/cs5229y15_past/08_sdn.pdf ·...
TRANSCRIPT
![Page 1: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/1.jpg)
Software Defined Networking
Richard T. B. Ma School of Computing
National University of Singapore
Material from: Scott Shenker (UC Berkeley), Nick McKeown (Stanford), Jennifer Rexford (Princeton)
CS 5229: Advanced Computer Networks
![Page 2: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/2.jpg)
What is Software Defined Networking?
A new approach to do networking new fundamental principles
How does it contrast with traditional networking?
Before knowing what it is, let us understand why we need it in the first place what is wrong with the current Internet?
![Page 3: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/3.jpg)
The Internet: A Remarkable Story
Tremendous success From research experiment
to global infrastructure
Brilliance of under-specifying Network: best-effort packet delivery Hosts: arbitrary applications
Enables innovation in applications Web, P2P, VoIP, social networks, virtual worlds
But, change is easy only at the edge…
![Page 4: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/4.jpg)
Inside the Net: A Different Story
Closed equipment Software bundled with hardware Vendor-specific interfaces
Over specified Slow protocol standardization
Few people can innovate Equipment vendors write the code Long delays to introduce new features
Impacts performance, security, reliability, cost…
![Page 5: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/5.jpg)
Networks are Hard to Manage
Operating a network is expensive More than half the cost of a network Yet, operator error causes most outages
Buggy software in the equipment Routers with 20+ million lines of code Cascading failures, vulnerabilities, etc.
The network is “in the way” Especially a problem in data centers … and home networks
![Page 6: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/6.jpg)
Networks Vs. Other Systems Networks are hard to manage Computation and storage have been virtualized
• Creating more flexible and manageable infrastructure Networks are still notoriously hard to manage
• Still heavily rely on network administrators
Networks are hard to evolve Ongoing innovation in systems software
• New programming languages, operating systems, etc. Networks are stuck in the past
• Routing algorithms change very slowly • Network management extremely primitive
![Page 7: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/7.jpg)
Networking as a Discipline Other fields in “systems”: OS, DB, DS, etc. Teach basic principles Are easily managed Continue to evolve
Networking: Teach big bag of protocols Notoriously difficult to manage Evolves very slowly
A failure from an academic point of view
![Page 8: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/8.jpg)
Why Does Networking Lag Behind?
Networks used to be simple: Ethernet, IP, TCP….
New control requirements led to great complexity
Isolation VLANs, ACLs Traffic engineering MPLS Packet processing Firewalls, NATs Payload analysis Deep packet inspection
Ability to master complexity a curse
Extract simplicity is needed to build a discipline
![Page 9: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/9.jpg)
A Good Example: Programming
Machine languages: no abstractions Mastering complexity was crucial
Higher-level languages: OS and other abstractions File system, virtual memory, abstract data
types, ...
Modern languages: even more abstractions Object orientation, garbage collection,…
Abstractions key to extracting simplicity
![Page 10: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/10.jpg)
Hourglass IP model
Layered service abstractions (why is this important?) decompose delivery into
fundamental components independent, compatible
innovation at each layer
Only for network edges
Key to the Internet’s Success
![Page 11: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/11.jpg)
Complicated Router at the Core two key router functions: run routing algorithms/protocol (RIP, OSPF, BGP) forwarding datagrams from incoming to outgoing link
switching fabric
routing processor
line card
line card
input ports
line card
line card
output ports
Forwarding data plane (hardware)
Routing, management control plane (software)
![Page 12: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/12.jpg)
Two Key Definitions
Data Plane: processing and delivery of packets Based on state in routers and endpoints E.g., IP, TCP, Ethernet, etc. Fast timescales (per-packet)
Control Plane: establishing the state in routers Determines how and where packets are
forwarded Routing, traffic engineering, firewall state, … Slow time-scales (per control event)
![Page 13: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/13.jpg)
What have we learned so far?
Layers are great abstractions Layers only deal with the data plane No powerful control plane abstractions!
“Modularity based on abstraction is the way things get done” – Barbara Liskov
Abstractions Interfaces Modularity
How do we find control plane abstractions? first define problem and then decompose it
![Page 14: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/14.jpg)
The network control problem
Compute the configuration of each physical devices, e.g., forwarding tables
Operate without communication guarantees
Operate within given network-level protocol, e.g., RIP, OSPF.
Only people who love complexity would find this a reasonable request!
![Page 15: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/15.jpg)
Separation of Control/Data Plane
Routing processor
Routing processor
Routing processor
Switch
Switch Switch
Switch fabric
Switch fabric
Switch fabric
Control Plane
Data Plane
![Page 16: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/16.jpg)
Benefits of Separation
Independent evolution and development The software control of the network can evolve
independently of the hardware.
Control from high-level software program Control behavior using higher-order programs Debug/check behavior more easily
![Page 17: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/17.jpg)
Logically Centralized Control
Routing processor
Routing processor
Routing processor
Switch
Switch Switch
Switch
Switch Switch
Control Plane
Data Plane
Controller
![Page 18: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/18.jpg)
Benefits of Centralization
Centralized decisions are easier to make E.g., OSPF (RFC 2328) 244 pages Distributed system part (builds consistent
network 100 pages) Routing algorithm (Dijkstra’s algorithm 4 pages)
Logically vs. physically centralized Issues of a physically centralized controller? How to implement a logically centralized one?
![Page 19: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/19.jpg)
Controller
Open Interfaces
Switch
Switch Switch
Switch
Switch Switch
Control Plane
Data Plane
Southbound Interface
Southbound Interface
Southbound Interface
![Page 20: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/20.jpg)
Controller
Programmability
Switch
Switch Switch
Switch
Switch Switch
Control Plane
Data Plane
Southbound Interface
Southbound Interface
Southbound Interface
Application Control Plane
Northbound
Interface
Network Control Plane
![Page 21: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/21.jpg)
Benefits of Open Interfaces and Programmability
Enable competitive technologies Independent developments Rapid innovation and fast evolution Cheap and better networks
Make network management much easier Management goals are expressed as policies New control/services for network providers Detailed configuration are done by controller
![Page 22: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/22.jpg)
A Quick Summary
Principles of Software Defined Networking Separation of Control Plane and Data Plane Logically Centralized Control Open Interfaces Programmability
All these principles use abstractions to modularize the network control problem
A nice analogy from Prof. Nick McKeown
![Page 23: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/23.jpg)
Vertically integrated Closed, proprietary
Slow innovation Small industry
Specialized Operating System
Specialized Hardware
App App App App App App App App App App App
Specialized Applications
Horizontal Open interfaces Rapid innovation
Huge industry
Microprocessor
Open Interface
Linux Mac OS
Windows (OS) or or
Open Interface
Mainframes
![Page 24: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/24.jpg)
Vertically integrated Closed, proprietary
Slow innovation
App App App App App App App App App App App
Horizontal Open interfaces Rapid innovation
Control Plane
Control Plane
Control Plane or or
Open Interface
Specialized Control Plane
Specialized Hardware
Specialized Features
Merchant Switching Chips
Open Interface
Routers/Switches
![Page 25: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/25.jpg)
Conventional Vs. SDN (Pros)
D. Kreutz et al. “Software-Defined Networking: A Comprehensive Survey”, Proceedings of the IEEE, Vol. 103, No. 1, January 2015.
Easy to program
Consistent policies
Better integration of programs
![Page 26: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/26.jpg)
Layers in a SDN
D. Kreutz et al. “Software-Defined Networking: A Comprehensive Survey”, Proceedings of the IEEE, Vol. 103, No. 1, January 2015.
![Page 27: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/27.jpg)
Abstractions
D. Kreutz et al. “Software-Defined Networking: A Comprehensive Survey”, Proceedings of the IEEE, Vol. 103, No. 1, January 2015.
Specification
Distribution
Forwarding
![Page 28: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/28.jpg)
Three layers of abstractions
Specification allow a application to express the desired
network behavior without implementing it Distribution shield SDN apps from the distributed states,
making distributed control logically centralized Forwarding allow any forwarding behavior desired by the
network application (the control program) while hiding details of the underlying hardware
![Page 29: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/29.jpg)
OpenFlow Protocol and Switch
OpenFlow protocol Open southbound API
OpenFlow switch Forwarding abstraction
![Page 30: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/30.jpg)
Main components of an OpenFlow switch
![Page 31: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/31.jpg)
Packet flow through the processing pipeline
![Page 32: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/32.jpg)
For each packet from a packet flow Header and header field Pipeline fields
• values attached to the packet during pipeline processing, e.g., ingress port and metadata
Action: an operation that acts on a packet • e.g., drop, forward to a port, modify (decreasing TTL)
Action set • accumulated while processed by flow tables • executed at then end of pipeline processing
OF terminology associated with packets
![Page 33: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/33.jpg)
A flow entry in a flow table looks like
Match field: packets are matched against • header fields and pipeline fields • may be wildcarded (any) or bitmasked (subset of bits)
Priority: used to choose from multiple matches Instruction set
• contains a list of actions to apply immediately • contains a set of actions to add to the action set • modify pipeline processing (go to another flow table)
A “default” entry: table-miss flow entry
OpenFlow flow entry
![Page 34: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/34.jpg)
Packet flow through an OF switch
![Page 35: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/35.jpg)
![Page 36: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/36.jpg)
Matching and Instruction execution in a flow table.
Matching and instruction execution
![Page 37: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/37.jpg)
Operation of SDN (controller-switch)
S. Sezer et al. “Are we ready for SDN? Implementation Challenges for Software-Defined Networks”, IEEE Communications Magazine, July 2013.
![Page 38: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/38.jpg)
Interfaces of a SDN
M. Jarschel et al. “Interfaces, attributes, and use cases: a compass for SDN”, IEEE Communications Magazine, June 2014.
![Page 39: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/39.jpg)
S. Sezer et al. “Are we ready for SDN? Implementation Challenges for Software-Defined Networks”, IEEE Communications Magazine, July 2013.
![Page 40: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/40.jpg)
Applications of SDN
Killer application Network virtualization
Other applications Datacenter and cloud computing WAN (Google B4) Software Internet exchange point (IXP) Mobility and wireless Security, measurement and monitoring
![Page 41: School of Computing National University of Singaporetbma/teaching/cs5229y15_past/08_SDN.pdf · School of Computing . National University of Singapore . ... OpenFlow flow entry](https://reader031.vdocuments.site/reader031/viewer/2022022505/5abc28e97f8b9a24028d7e79/html5/thumbnails/41.jpg)
References
D. Kreutz et al. “Software-Defined Networking: A Comprehensive Survey”, Proceedings of the IEEE, Vol. 103, No. 1, January 2015.
OpenFlow Switch Specification Ver. 1.5.1 o https://www.opennetworking.org/images/stories/downloa
ds/sdn-resources/onf-specifications/openflow/openflow-switch-v1.5.1.pdf