Handout # 3: Introduction to Software-Defined Networking
54
Handout # 3: Introduction to Software-Defined Networking Professor Yashar Ganjali Department of Computer Science University of Toronto [email protected] http://www.cs.toronto.edu/~yganjali CSC 2229 – Software-Defined Networking
-
Upload
arden-joyce -
Category
Documents
-
view
56 -
download
1
description
Handout # 3: Introduction to Software-Defined Networking. CSC 2229 – Software-Defined Networking. Professor Yashar Ganjali Department of Computer Science University of Toronto [email protected] http://www.cs.toronto.edu/~yganjali. Today. Software-defined networking - PowerPoint PPT Presentation
Transcript of Handout # 3: Introduction to Software-Defined Networking
Slide 1
Handout # 3:Introduction to Software-Defined NetworkingProfessor Yashar GanjaliDepartment of Computer ScienceUniversity of Toronto
[email protected]://www.cs.toronto.edu/~yganjaliCSC 2229 Software-Defined Networking1AnnouncementsPapers 1, 2, and 3 posted on the reading list. Please check (and read the papers) regularly.Please read papers 2 and 3 before next lecture.Have you read paper 1 already?!
Guidelines for final projects will be posted on class website by the end of the week. Please check the website on Friday.
Paper presentations start next weekVolunteers for the week after?
CSC2229 -- Software-Defined Networking2University of Toronto Fall 20152TodaySoftware-Defined Networking
OpenFlow basics
CSC2229 -- Software-Defined Networking3University of Toronto Fall 2015Innovation Computers vs. NetworksHow difficult is it to create/modify a computer application?How difficult is it to create/modify a network feature?
What is the difference?
What are the tools available for each?
CSC2229 -- Software-Defined Networking4University of Toronto Fall 2015ComputerApplicationComputerApplicationApplicationOSOS abstracts hardware substrate Innovation in applicationsInnovation in ApplicationsCSC2229 -- Software-Defined Networking5University of Toronto Fall 2015x86(Computer)Windows(OS)ApplicationApplicationLinuxMacOSx86(Computer)Windows(OS)ororApplicationApplicationSimple, common, stable, hardware substrate below+ Programmability+ Competition Innovation in OS and applicationsInnovation in OS and ApplicationsCSC2229 -- Software-Defined Networking6University of Toronto Fall 2015LinuxMacOSx86(Computer)Windows(OS)ororApplicationApplicationWindows(OS)Windows(OS)LinuxMacOSx86(Computer)Windows(OS)AppAppLinuxLinuxMacOSMacOSVirtualizationAppSimple, common, stable, hardware substrate below+ Programmability + Strong isolation model+ Competition above Innovation in infrastructureInnovation in InfrastructureCSC2229 -- Software-Defined Networking7University of Toronto Fall 2015Vertically integratedClosed, proprietarySlow innovationSmall industry
SpecializedOperatingSystemSpecializedHardwareAppAppAppAppAppAppAppAppAppAppAppSpecializedApplicationsHorizontalOpen interfacesRapid innovationHuge industryMicroprocessor
Open InterfaceLinuxMacOSWindows(OS)ororOpen InterfaceCSC2229 -- Software-Defined Networking8University of Toronto Fall 2015The mainframe industry in the 1980s was vertical and closed: it consisted of specialized hardware, operating system and applications --- all from the same company. A revolution happened when open interfaces started to appear. The industry became horizontal. Innovation exploded. 8Million of linesof source code6,000 RFCsBillions of gatesBloatedPower Hungry Vertically integrated, complex, closed, proprietary Networking industry with mainframe mind-set
Custom HardwareOSRouting, management, mobility management, access control, VPNs, FeatureFeature
We Have Lost Our WayCSC2229 -- Software-Defined Networking9University of Toronto Fall 20159Operating SystemReality is Even WorseAppAppAppSpecialized Packet Forwarding HardwareSpecialized Packet Forwarding HardwareOperatingSystemAppAppApp Lack of competition means glacial innovation Closed architecture means blurry, closed interfaces CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20151010Vertically integratedClosed, proprietarySlow innovationAppAppAppAppAppAppAppAppAppAppAppHorizontalOpen interfacesRapid innovationControlPlaneControlPlaneControlPlaneororOpen Interface
SpecializedControlPlaneSpecializedHardwareSpecializedFeaturesMerchantSwitching ChipsOpen Interface
CSC2229 -- Software-Defined Networking11University of Toronto Fall 201511A Simple Stable Common SubstrateAllows applications to flourish Internet: Stable IPv4 led to the web
Allows the infrastructure on top to be defined in softwareInternet: Routing protocols, management,
Rapid innovation of the infrastructure itselfInternet: er...? Whats missing? What is the substrate?
CSC2229 -- Software-Defined Networking12University of Toronto Fall 2015CSC2229 -- Software-Defined Networking13University of Toronto Fall 2015What we need
New function!Operators, users, 3rd party developers, researchers, 1) Separate Intelligence from DatapathCSC2229 -- Software-Defined Networking14University of Toronto Fall 201514
2) Cache DecisionsIn minimal flow-based datapath15If header = x, send to port 4FlowTableIf header = ?, send to meIf header = y, overwrite header with z, send to ports 5,6CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201515Custom HardwareCustom HardwareCustom HardwareCustom HardwareCustom HardwareOSOSOSOSOSNetwork OSFeatureFeatureHow Can We Do This?CSC2229 -- Software-Defined Networking16University of Toronto Fall 2015FeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureNetwork OS1. Open interface to packet forwarding3. Consistent, up-to-date global network view2. At least one Network OSprobably many.Open- and closed-sourceSoftware Defined Network (SDN)CSC2229 -- Software-Defined Networking17University of Toronto Fall 2015PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
ConsequencesMore innovation in network servicesOwners, operators, 3rd party developers, researchers can improve the networkE.g. energy management, data center management, policy routing, access control, denial of service, mobilityLower barrier to entry for competitionHealthier market place, new players Lower costInfrastructureManagementCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20151818Example I: New Data CenterCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 2015
Cost200,000 serversFanout of 20 a 10,000 switches$5k commercial switch a $50M$1k custom-built switch a $10M
Savings in 10 data centers = $400M
Control
Optimize for features neededCustomize for services & appsQuickly improve and innovateLarge data center operators are moving towards defining their own network in software.1919Example II: RoutingOSPFRFC 2328: 245 pagesDistributed SystemBuilds consistent, up-to-date map of the network: 101 pages
Dijkstras AlgorithmOperates on map: 4 pagesCSC2229 -- Software-Defined Networking20University of Toronto Fall 2015Example II: RoutingCSC2229 -- Software-Defined Networking21University of Toronto Fall 2015OSPF = DijkstraIS-ISNetwork OSPacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
Distributed SystemCustom HardwareOSOSPF
IS-IS
DistributedSystemDistributedSystemCSC2229 -- Software-Defined Networking22University of Toronto Fall 2015Back to the story Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC2229 -- Software-Defined Networking23University of Toronto Fall 2015PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
Network OSNetwork OS: distributed system that creates a consistent, up-to-date network viewRuns on servers (controllers) in the networkNOX, ONIX, Floodlight, Trema, HyperFlow, Kandoo, Beehive, Beacon, Maestro, + more
Uses forwarding abstraction to:Get state information from forwarding elementsGive control directives to forwarding elements
CSC2229 -- Software-Defined Networking24University of Toronto Fall 2015Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC2229 -- Software-Defined Networking25University of Toronto Fall 2015PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
Control ProgramControl program operates on view of networkInput: global network view (graph/database)Output: configuration of each network device
Control program is not a distributed systemAbstraction hides details of distributed state
CSC2229 -- Software-Defined Networking26University of Toronto Fall 2015Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC2229 -- Software-Defined Networking27University of Toronto Fall 2015PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
PacketForwarding
Forwarding AbstractionPurpose: Abstract away forwarding hardwareFlexibleBehavior specified by control planeBuilt from basic set of forwarding primitivesMinimalStreamlined for speed and low-powerControl program not vendor-specific
OpenFlow is an example of such an abstraction
CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201528Forwarding SubstrateFlow-basedSmall number of actions for each flow Plumbing: Forward to port(s)Control: Forward to controllerRouting between flow-spaces: Rewrite headerBandwidth isolation: Min/max rateExternal open API to flow-table
CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201529Types of action
Allow/deny flow Route & re-route flow Isolate flow Make flow private Remove flowWhat is a flow?
Application flow All http Jims traffic All packets to Canada CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20153030Properties of a Flow-based SubstrateWe need flexible definitions of a flowUnicast, multicast, waypoints, load-balancingDifferent aggregationsWe need direct control over flowsFlow as an entity we program: To route, to make private, to move, Exploit the benefits of packet switchingIt works and is universally deployedIt is efficient (when kept simple)
CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201531Substrate: FlowspacePayloadEthernetDA, SA, etcIPDA, SA, etcTCPDP, SP, etcCollection of bits to plumb flows (of different granularities)between end pointsPayloadHeaderUser-defined flowspaceCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201532Flowspace: Simple ExampleIP SAIP DASingle flowAll flows from AAAll flows between two subnetsCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201533Flowspace: GeneralizationField 2Field 1Single flowSet of flowsField nCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201534Properties of FlowspaceBackwards compatibleCurrent layers are a special caseNo end points need to changeEasily implemented in hardwaree.g. TCAM flow-table in each switchStrong isolation of flowsSimple geometric constructionCan prove which flows can/cannot communicateCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201535TodaySoftware-Defined Networking
OpenFlow basics
CSC2229 -- Software-Defined Networking36University of Toronto Fall 2015OpenFlow Open standard to run experimental protocols in production networksAPI between the forwarding elements and the network OSBased in Stanford, supported by various companies (Cisco, Juniper, HP, NEC, )Used by universities to deploy innovative networking technology
CSC2229 -- Software-Defined Networking37University of Toronto Fall 2015
Ethernet Switch
Traditional SwitchCSC2229 -- Software-Defined Networking38University of Toronto Fall 201538Traditional SwitchData Path (Hardware)Control PathControl Path (Software)CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20153939OpenFlow Protocol (SSL)Data Path (Hardware)Control PathOpenFlow
Ethernet SwitchNetwork OSControl Program AControl Program BOpenFlow SwitchCSC2229 -- Software-Defined Networking40University of Toronto Fall 201540Control Program AControl Program BNetwork OSOpenFlow RulesCSC2229 -- Software-Defined Networking41University of Toronto Fall 2015PacketForwarding
PacketForwarding
PacketForwarding
FlowTable(s)If header = p, send to port 4If header = ?, send to meIf header = q, overwrite header with r, add header s, and send to ports 5,6Plumbing Primitives
Match arbitrary bits in headers:
Match on any header, or new headerAllows any flow granularity
ActionForward to port(s), drop, send to controllerOverwrite header with mask, push or popForward at specific bit-rateCSC2229 -- Software-Defined Networking42University of Toronto Fall 2015HeaderDataMatch: 1000x01xx0101001xOpenFlow Rules ContdExploit the flow table in switches, routers, and chipsetsCSC2229 -- Software-Defined Networking43University of Toronto Fall 2015Rule(exact & wildcard)ActionStatisticsRule(exact & wildcard)ActionStatisticsRule(exact & wildcard)ActionStatisticsRule(exact & wildcard)Default ActionStatisticsFlow 1.Flow 2.Flow 3.Flow N.4343Flow Table EntryOpenFlow Protocol Version 1.0CSC2229 -- Software-Defined Networking44University of Toronto Fall 2015SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportRuleActionStatsForward packet to port(s)Encapsulate and forward to controllerDrop packetSend to normal processing pipeline+ mask what fields to matchPacket + byte countersExamplesSwitching*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction*00:1f:..*******port6Flow Switchingport3SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction00:2e..00:1f..0800vlan11.2.3.45.6.7.841726480port6Firewall*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportForward********22dropCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201545ExamplesRouting*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction*****5.6.7.8***port6VLAN*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction***vlan1*****port6, port7,port9CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201546OpenFlow Hardware
Cisco Catalyst 6kNEC IP8800HP Procurve 5400Juniper MX-series
WiMax (NEC)PC Engines
Quanta LB4GMore coming soon...CSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 201547
OpenFlowSwitch.org
Controller
OpenFlow SwitchPCOpenFlow Usage ExampleDedicated OpenFlow NetworkCSC2229 -- Software-Defined Networking48University of Toronto Fall 2015
OpenFlow Switch
OpenFlow Switch
OpenFlowProtocolPeters codeRuleActionStatisticsRuleActionStatisticsRuleActionStatisticsPeter4848Usage examplesPeters code:Static VLANsHis own new routing protocol: unicast, multicast, multipath, load-balancingNetwork access controlHome network managerMobility managerEnergy managerPacket processor (in controller)IPvPeterNetwork measurement and visualizationCSC2229 -- Software-Defined Networking49University of Toronto Fall 20154949Research/Production VLANS
Normal L2/L3 Processing Flow Table
Production VLANsResearch VLANs
ControllerCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20155050Virtualize OpenFlow Switch
Normal L2/L3 Processing Flow Table
Flow Table
Flow Table
Researcher A VLANsResearcher B VLANsResearcher C VLANsProduction VLANsController AController BController CCSC2229 -- Software-Defined NetworkingUniversity of Toronto Fall 20155151
OpenFlow SwitchOpenFlowProtocolOpenFlow FlowVisor & Policy Control
CsControllerBsController
AsController
OpenFlowProtocol
OpenFlow SwitchOpenFlow Switch
Virtualizing OpenFlowCSC2229 -- Software-Defined Networking52University of Toronto Fall 2015
OpenFlowProtocolOpenFlowFlowVisor & Policy ControlBroadcastMulticast
OpenFlowProtocolhttpLoad-balancerOpenFlow SwitchOpenFlow SwitchOpenFlow SwitchVirtualizing OpenFlowCSC2229 -- Software-Defined Networking53University of Toronto Fall 2015Food for ThoughtWhat are the challenges in switching from traditional networks to OpenFlow networks?
What are the opportunities?
CSC2229 -- Software-Defined Networking54University of Toronto Fall 2015
