SDN OpenFlow Load Balancer 시나리오
description
Transcript of SDN OpenFlow Load Balancer 시나리오
㈜유미테크
SDN/OpenFlow Load Balancer
시나리오
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
MAP Container
5
List Container
VIp: 192.168.30.14
Toperdo proper-ties
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
GARP 시나리오 1 SENDER MAC
TARGET MAC
xxxxxx:30:A1
192.168.30.14
192.168.30.14
xxxxxx:30:A1
xxxxxx:30:A1
ETH HEAD TARGER MAC
ff:ff:ff:ff:ff:ff:ff:ff
FLOW
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
MAP Container
5
List Container
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
GARP 시나리오 2 SENDER MAC
TARGET MAC
xxxxxx:30:A1
192.168.30.14
192.168.30.14
xxxxxx:30:A1
xxxxxx:30:A1
ETH HEAD TARGER MAC
ff:ff:ff:ff:ff:ff:ff:ff
FLOW
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
ARP 시나리오 REQUEST 1SENDER MAC
TARGET MAC
xxxxxx:20:01
192.168.20.1
192.168.30.14
xxxxxx:20:01
ff:ff:ff:ff:ff:ff:ff:ff
ETH HEAD TARGER MAC
ff:ff:ff:ff:ff:ff:ff:ff
FLOW
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
REPLY ARP 시나리오 1SENDER MAC
TARGET MAC
xxxxxxxx:B1
192.168.30.14
192.168.20.1
xxxxxxxx:B1
xxxxxx:20:01
ETH HEAD TARGER MAC
xxxxxx:20:01
FLOW
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
DNS REQUEST 시나리오 1SENDER MAC
TARGET MAC
192.168.20.1
192.168.30.14
xxxxxx:20:01
xxxxxxxx:B1
ETH HEAD TARGER MAC
192.168.30.14
xxxxxxxx:B1
ARP TABLEFLOW
www.a.com
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
DNS REQUEST 시나리오 2SENDER MAC
TARGET MAC
ETH HEAD TARGER MAC
192.168.30.14
xxxxxxxx:B1
ARP TABLEFLOW
FLOW : DNS REQUEST
ETH_SRC ETH_DST
xxxxxx:20:01 xxxxxxxx:B1
DST_MAC PORT
xxxxxx:30:A1 5
192.168.20.1
192.168.30.14
xxxxxx:20:01
xxxxxx:30:A1
www.a.com
Condition
Action
FLOW : DNS RESPONSE
ETH_SRC ETH_DST
xxxxxx:30:A1 xxxxxx:20:01
DST_MAC PORT
xxxxxxxx:B1 1
Condition
Action
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
DNS REQUEST 시나리오 3SENDER MAC
TARGET MAC
192.168.20.1
192.168.30.14
xxxxxx:20:01
xxxxxx:30:A1
ETH HEAD TARGER MAC
192.168.30.14
xxxxxxxx:B1
ARP TABLEFLOW
www.a.com
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
xxxxxx:30:A1 5
xxxxxx:30:A2 6
MAP Container
5
List Container
xxxxxx:30:A2
VIp: 192.168.30.14
Toperdo proper-ties
xxxxxx:30:A1
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
xxxxxx:30:A3 7 xxxxxx:30:A3
DNS RESPONSE 시나리오 1SENDER MAC
TARGET MAC
ETH HEAD TARGER MAC
192.168.30.14
xxxxxxxx:B1
ARP TABLEFLOW
192.168.30.14
192.168.20.1
xxxxxxxx:B1
xxxxxx:20:01
1.1.1.1
FLOW : DNS REQUEST
ETH_SRC ETH_DST
xxxxxx:20:01 xxxxxxxx:B1
DST_MAC PORT
xxxxxx:30:A1 5
Condition
Action
FLOW : DNS RESPONSE
ETH_SRC ETH_DST
xxxxxx:30:A1 xxxxxx:20:01
DST_MAC PORT
xxxxxxxx:B1 1
Condition
Action
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
MAP Container
5
List Container
VIp: 192.168.30.14
Toperdo proper-ties
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
문제 시나리오 1SENDER MAC
TARGET MAC
ETH HEAD TARGER MAC
FLOW
ARP 패킷xxxxxx:20:01
192.168.20.1
192.168.30.14
xxxxxx:20:01
ff:ff:ff:ff:ff:ff:ff:ff
ff:ff:ff:ff:ff:ff:ff:ff
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
MAP Container
5
List Container
VIp: 192.168.30.14
Toperdo proper-ties
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
문제 시나리오 2SENDER MAC
TARGET MAC
ETH HEAD TARGER MAC
FLOW
ARP 패킷xxxxxxxx:B1
192.168.30.14
192.168.20.1
xxxxxxxx:B1
xxxxxx:20:01
xxxxxx:20:01
192.168.30.14
xxxxxxxx:B1
ARP TABLE
Ip : 192.168.40.13
Mac : xxxxxxxx:B1
controller
Ip : 192.168.20.1/24
Mac : xxxxxx:20:01
Client #1
switch
Ip : 192.168.30.14
Mac : xxxxxx:30:A1
DNS Server#1
Ip : 192.168.30.14
Mac : xxxxxx:30:A2
DNS Server#2
Ip : 192.168.30.14
Mac : xxxxxx:30:A3
DNS Server#3
Ip : 192.168.20.2/24
Mac : xxxxxx:20:02
Client #2
Ip : 192.168.20.3/24
Mac : xxxxxx20:13
Client #3
MAP Container
5
List Container
VIp: 192.168.30.14
Toperdo proper-ties
6 7
1 2 3
PORT
ETH HEAD SENDER MAC
SENDER IP
TARGET IP
4
문제 시나리오 3SENDER MAC
TARGET MAC
ETH HEAD TARGER MAC
FLOW
ARP 패킷xxxxxxxx:B1
192.168.30.14
192.168.20.1
Xxxxxx:30:A1
xxxxxx:20:01
xxxxxx:20:01
192.168.30.14
xxxxxx:30:A1
ARP TABLE
같은 망에 물려 있어 arp 테이블이 변경됨