Software Defined Networking for APRP

Wang-Cheol Song

ProfessorJeju National University

Republic of Korea

Content

• Software Defined Networking(SDN)

• KREONET-S

• Intent Based Networking

Software Defined Networking

Traditional vs. Software-Defined

• Over the past few years, Software Defined Networking (SDN) has been a key buzz in the computer networking/IT industry.

• Traditional networks cannot meet the following current networking requirements:– dynamic scalability– central control and management– on the fly changes or experiments– lesser error-prone manual configurations on each networking

node– handling of massively increasing network traffic– server virtualization traffic in data centers and etc.

• Since SDN is a software layer, it provides advantages such as reduced manual efforts, dynamic scalability, and central management of network devices.

Definition of Software-Defined Networking

• SDN: – The physical separation of the network control

plane from the forwarding plane, and where a control plane controls several devices.

– Similar approaches in R&E networks: • NSF funded DRAGON project, Internet2 DCN/ION,

ESnet OSCARS, and the GEANT2 AutoBAHN project.Figures are from http://www.inf.ed.ac.uk/teaching/courses/comn/lecture-notes/lec18.pdf

How Does Software-Defined Networking Work?

• Software-defined networking provides a method for centralized control of the network by separating the control logic to off-device computer resources. – Controllers: SDN Controllers offer a

centralized view of the overall network, and enable network administrators to dictate to switches and routers how the forwarding plane should handle network traffic.

– Southbound APIs: Software-defined networking uses southbound APIs to relay information to the switches and routers “below.” OpenFlow is used as one of the most common protocols.

– Northbound APIs: Software-Defined Networking uses northbound APIs to communicates with the applications and business logic “above.”

Content is from https://www.sdxcentral.com/sdn/definitions/what-the-definition-of-software-defined-networking-sdn/

출처: Eli Dart, Lauren Rotman, Brian Tierney, Mary Hester, and Jason Zurawski. The Science DMZ: A Network Design Pattern for Da

ta-Intensive Science. In Proceedings of the IEEE/ACM Annual SuperComputing Conference (SC13), Denver CO, 2013.

Considering Aspects in SDN for APRP

• Recent SDN technology is usually combined with network virtualization. – OVS, virtual Router and several Virtualized Network

Functions(VNFs) are used to make network infrastructure.

• VNFs cannot guarantee Performance.– An example use case of SDN shown in Esnet for Science DMZ is

for separate large flows from normal ones.

• Network Functions in APRP should be developed only as Physical Machines, not as VNFs.

• Some functions such as Network slicing for Tenant networks could be rather complex than fully softwarized SDN networks.

KREONET-Sas an SDN enabled Network

- Bandwidth on Demand by user (Tenant network through slicing)

create end-to-end dedicated network by researcher & scientist

- Easy-to-Use User InterfaceSimple and Rapid: several-click Easy, ms Fast

- User-oriented Network Visualization and MonitoringVirtual Network Topology and Operational Attributes

Global Topology View

User-oriented Visibility: E2E & Whole VDN Topology Views

VDN Manager: Main Screen

Time-to-Research & Time-to-Collaboration

StarLignt, Chicago, ILKREONET Seoul center, KR

KREONET Busan Center, KR

KREONET Daejeon Center, KR

KREONET Gwangju Center, KRKREONET Changwon Center, KR

KREONET-S & DTN Topology

PS

PSScienceDMZ(D

TN)ScienceDMZ(D

TN)

High Vendor Dependency

(Vendor Lock-in)

Inability to scale

Distributed Control

Open Source (Vendor Neutral)

High Scalability

Central Control

Virtualization, but not for VNFs

Saving CapEX/OpEX

Production-level SD-WAN Deployment

Legacy Network Software-Defined Network

Building the SD-WAN infrastructure

Using Physical Machines for NFs on APRP

Setting up the central control plane (OS)

Developing application(service)

software

SDN status of KREONET(Domestic)

Intl’ Exchange

(via StarLight)

Seoul-Core

Busan-Core

ChangWon-Core

GwangJu-Core

Chicago-Core

ScienceDMZ/DTN

ScienceDMZ/DTN

GwangJu-Edge

Deajeon-Core

Deajeon-Edge

ChangWon-Edge

Busan-Edge

Chicago-Edge

Seoul-Edge

KIMS

Tongmyong

Univ.

Ulsan Observatory

Tamna

Observatory

Yonsei Observatory

PLSI

(via KISTI)

OverCloud-Box

(via GIST)

Cloud Gateway

(COREEN)

PLSI

(via GIST)

OverCloud-Box

(via GIST)

KREONET-S has already prepared SDN enabled end-to-end provisioning.

Intent Based Networking

as the Future work

KREONET Big Data AcitivitesAREA Institutes Contents Bandwidth

High Energy Physics

Seoul National University and 14 Institutes

(서울대학교 격자게이지 이론연구단 외

14개 기관)

- 입자가속기 중심의 실험데이터를 국내연구진의 글로벌

전송/활용1G-10G

Astronomy Space

Korea Astronomy and Space Science

(천문연구원, 국토지리정보연구원(전파망원경센터))

- 울산, 세종, 제주, 서울에 구축된 전파망원경 관측

데이터의 상관센터 중심의 데이터 공유100G-40G

Korea Astronomy and Space Science

천문연구원(SDO)

- NASA 태양위성 관측 이미지를 글로벌 전송 및 국내

우주기상센터간 전송10G

Korea Astronomy and Space Science

천문연구원(SKA, LSST)

- 칠레, 남아프리카공화국 에 위치한 광시야 망원경 관측

데이터의 공유10G

Genome/BioSeoul National University Hospital and 8 Institutes

서울대병원 CMI센터외 8개 기관- ICGC 유전체 데이터 중심 RDC센터 구축 10G

MeteorologyThe National Weather Service and 5 Institutes

(기상청외 5개 기관)- 기상청 슈퍼컴퓨터 및 기상데이터 공유 및 연구 활용 1G-40G

KSTARNational Fusion Research Institutes

NFRI외 3개 기관- KSTAR를 활용한 데이터 저장 및 연구활용 100G

Basic Science Facility

(기초연구 관측장비)

Institute of Basic Science

(기초연구원)- 대형현미경으로 관찰된 고해상도이미지 및 데이터 전송 10G

EducationPusan University and 5 Institute

(부산대학교외 5개기관)

- 데이터, 계산자원, 저장자원의 연계를 통한 대규모

인력교육(원격)1G-10G

Building Construction KOCED-CI(1,2차 실험센터)- 지진실험 등 대규모 건설/건축 실험장비를 활용한 연구

및 교육1G

Particle AcceleratorPohang Accelerator

(포항가속기센터(4세대))

- 포항가속기센터에서 연간 실험/발생되는 데이터의

공유10G

Intent based Networking

• It is a piece of networking software that helps to plan, design and implement/operate networks that can improve network availability and agility.

• It would be lifecycle management software for networking infrastructure.

Intent based Networking

• Traditionally we have built networks with an imperativeapproach.

• With an declarativeapproach, we want to be able to define a policy and have the network figure out all of the details.

Intent Based Networking Example

From Imperative to Declarative

• Assign a VLAN for HR users• Assign a VLAN for Sales users• Assign a VLAN for servers• Assign a subnet for HR users• Assign a subnet for Sales users• Assign a subnet for servers• Configure Bob’s and Alice’s ports to be in

the correct VLAN (access port)• Configure the trunk from the access layer

to the distribution layer to allow these VLANs

• Configure the trunk between the distribution switches to allow these VLANs

• Configure two SVIs in the distribution switches

• Configure HSRP on the distribution switches

• Configure an ACL on the FW to deny traffic from Bob (HR) but allow traffic from Alice (Sales) towards the server

• The ACL should allow traffic from both departments towards the Internet

• Allow Bob to access all internal resources except the server, and the Internet

• Allow Alice to access all internal resources and the Internet

• Provide gateway redundancy for the users

Imperative Declarative

Intent Based Networking System(IBNS)

Self-Driving networks can be provided automatically orchestrated

Intent based Networking

Intent framework of ONOS

Intent framework (protocol) is provided by different SDN-controllers.Below are the subsystems of ONOS-controller (the protocols are in red)

Intent is implemented as a protocol in ONOS(which provides REST APIs and CLI commands. These collectively make up the Intent framework)

Subsystems of ONOS:

SummarySDN for APRP

• Network Functions in APRP need to be developed only as Physical Machines.

– It is due to that VNFs cannot guarantee the performance and even very small latency can induce performance degradation.

• According to the requirements of each Science Application, APRP Networks can be developed as Application-oriented Networks using IBNS in the future.