6 888 lecture 14 software defined networking
play

6.888 Lecture 14: Software Defined Networking Mohammad Alizadeh - PowerPoint PPT Presentation

Jul 31, 2023 •258 likes •765 views

6.888 Lecture 14: Software Defined Networking Mohammad Alizadeh Many thanks to Nick McKeown (Stanford), Jennifer Rexford (Princeton), Sco< Shenker (Berkeley), Nick Feamster (Princeton), Li Erran Li (Columbia), Yashar Ganjali (Toronto)

  1. 6.888 Lecture 14: Software Defined Networking Mohammad Alizadeh ² Many thanks to Nick McKeown (Stanford), Jennifer Rexford (Princeton), Sco< Shenker (Berkeley), Nick Feamster (Princeton), Li Erran Li (Columbia), Yashar Ganjali (Toronto) Spring 2016 1

  2. Outline What is SDN? OpenFlow basics Why is SDN happening now? (a brief history) 4D discussion 2

  3. What is SDN? 3

  4. Software Defined Network A network in which the control plane is physically separate from the data plane. and A single (logically centralized) control plane controls several forwarding devices. 4

  5. SoJware Defined Network (SDN) Control Control Control Program Program Program Global Network Map Control Plane Control Packet Control Forwarding Packet Forwarding Control Packet Control Forwarding Packet Forwarding Control Packet Forwarding 5

  6. What You Said “Overall, the idea of SDN feels a little bit unsettling to me because it is proposing to change one of the main reasons for the success of computer networks: fully decentralized control. Once we introduce a centralized entity to control the network we have to make sure that it doesn’t fail, which I think is very difficult.” 6

  7. A Major Trend in Networking EnNre backbone runs on SDN Bought for $1.2 billion (mostly cash) 7

  8. The Networking “Planes” Data plane : processing and delivery of packets with local forwarding state – Forwarding state + packet header à forwarding decision – Filtering, buffering, scheduling Control plane : computing the forwarding state in routers – Determines how and where packets are forwarded – Routing, traffic engineering, failure detection/recovery, … Management plane : configuring and tuning the network – Traffic engineering, ACL config, device provisioning, … 8

  9. Timescales Data Control Management Time- Packet Event (10 Human (min scale (nsec) msec to sec) to hours) Location Linecard Router Humans or hardware software scripts 9

  10. Data and Control Planes control plane Processor data plane Line card Line card Switching Line card Line card Fabric Line card Line card 10

  11. Data Plane Streaming algorithms on packets – Matching on some header bits – Perform some actions Example: IP Forwarding 1.2.3.4 1.2.3.7 1.2.3.156 5.6.7.8 5.6.7.9 ... ... host host host host host host LAN 2 LAN 1 router router router WAN WAN 1.2.3.0/24 5.6.7.0/24 11 forwarding table

  12. Control Plane Compute paths the packets will follow – Populate forwarding tables – Traditionally, a distributed protocol Example: Link-state routing (OSPF, IS-IS) – Flood the entire topology to all nodes – Each node computes shortest paths – Dijkstra’s algorithm 12

  13. 13

  14. 1. Figure out which routers and links are present. 2. Run Dijkstra’s algorithm to find shortest paths. “If a packet is going to B, then send it to output 3” Data 2 1 “If , send to 3” 3 14

  15. Management Plane Traffic Engineering: setting the weights – Inversely proportional to link capacity? – Proportional to propagation delay? – Network-wide optimization based on traffic? 2 1 3 1 3 2 3 1 5 4 3 15

  16. Challenges (Too) many task-specific control mechanisms – No modularity, limited functionality Indirect control The network is – Must invert protocol behavior, “coax” it to do what you want • Hard to reason about – Ex. Changing weights instead of paths for TE • Hard to evolve Uncoordinated control • Expensive – Cannot control which router updates first Interacting protocols and mechanisms – Routing, addressing, access control, QoS 16

  17. Example 1: Inter-domain Routing Today’s inter-domain routing protocol, BGP, artificially constrains routes - Routing only on destination IP address blocks - Can only influence immediate neighbors - Very difficult to incorporate other information Application-specific peering – Route video traffic one way, and non-video another Blocking denial-of-service traffic – Dropping unwanted traffic further upstream Inbound traffic engineering – Splitting incoming traffic over multiple peering links 17

  18. Example 2: Access Control R1 R2 Chicago (chi) New York (nyc) Data Center Front Office R5 R3 R4 Two locations, each with data center & front office All routers exchange routes over all links 18

  19. Example 2: Access Control R1 R2 Chicago (chi) New York (nyc) Data Center Front Office R5 R3 R4 chi-DC chi-FO nyc-DC nyc-FO 19

  20. Example 2: Access Control Packet filter: R1 R2 Drop nyc-FO -> * chi Permit * Data Center Front Office Packet filter: R5 nyc Drop chi-FO -> * Permit * R3 R4 chi-DC chi-FO nyc-DC nyc-FO 20

  21. Example 2: Access Control Packet filter: R1 R2 Drop nyc-FO -> * chi Permit * Data Center Front Office Packet filter: R5 nyc Drop chi-FO -> * Permit * R3 R4 A new short-cut link added between data centers Intended for backup traffic between centers 21

  22. Example 2: Access Control Packet filter: R1 R2 Drop nyc-FO -> * chi Permit * Data Center Front Office Packet filter: R5 nyc Drop chi-FO -> * Permit * R3 R4 Oops – new link lets packets violate access control policy ! Routing changed, but Packet filters don’t update automatically 22

  23. How SDN Changes the Network Feature Feature Network OS Feature Feature OS Feature Feature Custom Hardware OS Feature Feature Custom Hardware OS Feature Feature Custom Hardware OS Custom Hardware Feature Feature OS Custom Hardware 23 23

  24. Software Defined Network (SDN) 2. At least one Network OS 3. Consistent, up-to-date global network view probably many. Open- and closed-source Control Program 1 Control Program 2 Network OS 1. Open interface to packet forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding 24 24

  25. Network OS Network OS: distributed system that creates a consistent, up-to-date network view – Runs on servers (controllers) in the network – NOX, ONIX, Floodlight, Trema, OpenDaylight, HyperFlow, Kandoo, Beehive, Beacon, Maestro, … + more Uses forwarding abstracAon to: – Get state informaNon from forwarding elements – Give control direcNves to forwarding elements 25

  26. SoJware Defined Network (SDN) Control Program A Control Program B Network OS Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding 26

  27. Control Program Control program operates on view of network – Input : global network view (graph/database) – Output : configuraNon of each network device Control program is not a distributed system – AbstracNon hides details of distributed state 27

  28. Forwarding AbstracNon Purpose : Standard way of defining forwarding state – Flexible • Behavior specified by control plane • Built from basic set of forwarding primiNves – Minimal • Streamlined for speed and low-power • Control program not vendor-specific OpenFlow is an example of such an abstracNon 28

  29. Software Defined Network Virtual Topology Network Hypervisor Control Program Global Network View Network OS 29

  30. Virtualization Simplifies Control Program Abstract Network View A A à B drop B Hypervisor then inserts flow entries as needed A A à B drop Global Network View A à B drop B 30

  31. Does SDN Simplify the Network? 31

  32. What You Said “However, I remain skeptical that such an approach will actually simplify much in the long run. That is, the basic paradigm in networks (layers) is in fact a simple model. However, the ever-changing performance and functionality goals have forced more complexity into network design. I'm not sure if SDN will be able to maintain its simplified model as goals continue to evolve.” 32

  33. Does SDN Simplify the Network? Abstraction doesn’t eliminate complexity - NOS, Hypervisor are still complicated pieces of code SDN main achievements - Simplifies interface for control program (user-specific) - Pushes complexity into reusable code (SDN platform) Just like compilers … . 33

  34. OpenFlow Basics 34

  35. OpenFlow Basics Control Program A Control Program B Network OS OpenFlow Protocol Ethernet Switch Control Path OpenFlow Data Path (Hardware) 35

  36. OpenFlow Basics Control Program B Control Program A Network OS “ If header = p , send to port 4 ” “ If header = q , overwrite header with r , Packet add header s , and send to ports 5,6 ” Forwarding “ If header = ? , send to me ” Flow Packet Table(s) Forwarding Packet Forwarding 36

  37. Primitives <Match, Action> Match arbitrary bits in headers: Header Data Match: 1000x01xx0101001x – Match on any header, or new header – Allows any flow granularity Action – Forward to port(s), drop, send to controller – Overwrite header with mask, push or pop – Forward at specific bit-rate

  38. OpenFlow Rules Exploit the flow table in switches, routers, and chipsets Rule Flow 1. AcNon StaNsNcs (exact & wildcard) Rule Flow 2. AcNon StaNsNcs (exact & wildcard) Rule Flow 3. AcNon StaNsNcs (exact & wildcard) Rule Flow N. Default AcNon StaNsNcs (exact & wildcard)

  39. Why is SDN happening now? 39

Download Presentation
Download Policy: The content available on the website is offered to you 'AS IS' for your personal information and use only. It cannot be commercialized, licensed, or distributed on other websites without prior consent from the author. To download a presentation, simply click this link. If you encounter any difficulties during the download process, it's possible that the publisher has removed the file from their server.

Recommend

CompSci 514: Computer Networks Lecture 11: Software Defined Networking Xiaowei Yang 1

CompSci 514: Computer Networks Lecture 11: Software Defined Networking Xiaowei Yang 1

CompSci 514: Computer Networks Lecture 11: Software Defined Networking Xiaowei Yang 1 Overview Introducing SDN A real-world application of SDN Googles B4 netwok 2 Software Defined Networking Slides adapted from Mohammad

661 views • 50 slides
CS 356: Computer Network Architectures Lecture 26: Router hardware, Software defined networking,

CS 356: Computer Network Architectures Lecture 26: Router hardware, Software defined networking,

CS 356: Computer Network Architectures Lecture 26: Router hardware, Software defined networking, and programmable routers [PD] chapter 3.4 Xiaowei Yang xwy@cs.duke.edu Overview Switching hardware Software defined networking

1.07k views • 70 slides
software defined networking CS 6410 Fall 2017 Eric Campbell and Rolph Recto software defined

software defined networking CS 6410 Fall 2017 Eric Campbell and Rolph Recto software defined

software defined networking CS 6410 Fall 2017 Eric Campbell and Rolph Recto software defined networking software defined networking (OpenFlow, originally) Stanford computer scientist Nick McKeown and colleagues developed a standard called

1.13k views • 77 slides
Software Defined Networking Is it really the future of networking? And are the big switch vendors

Software Defined Networking Is it really the future of networking? And are the big switch vendors

Software Defined Networking Is it really the future of networking? And are the big switch vendors finished? 0 Data Centers a network crunch More Traffic Complexity More Dollars Less Latency Infiniband Fiber Channel More Servers

240 views • 9 slides
(First) NSF AiTF Workshop on Algorithms for Software-Defined Networking Michael Dinitz Vyas

(First) NSF AiTF Workshop on Algorithms for Software-Defined Networking Michael Dinitz Vyas

Welcome! (First) NSF AiTF Workshop on Algorithms for Software-Defined Networking Michael Dinitz Vyas Sekar JHU CMU 1 Context for this workshop Software-defined Networking taking off! E.g., Google Software-defined WAN E.g.,

501 views • 9 slides
Software-Defined Networking Paul Grubbs Portions of this talk taken from:

Software-Defined Networking Paul Grubbs Portions of this talk taken from:

Software-Defined Networking Paul Grubbs Portions of this talk taken from: https://www.cs.rutgers.edu/~badri/552dir/papers/intro/nick09.pdf http://dl.acm.org/citation.cfm?id=2602219

643 views • 35 slides
Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking

Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking

Addressing Shortcomings of Existing DDoS Protection Software Using Software-Defined Networking SSP 2018, Hildesheim Lukas Ifflnder , Stefan Geissler, Jrgen Walter, Lukas Beierlieb, Samuel Kounev 08.11.2018

677 views • 46 slides
Software Defined Networking nancy@di.uoa.gr The Internet: A Remarkable Story Tremendous

Software Defined Networking nancy@di.uoa.gr The Internet: A Remarkable Story Tremendous

Software Defined Networking nancy@di.uoa.gr The Internet: A Remarkable Story Tremendous success From research experiment to global infrastructure Brilliance of under-specifying Network: best-effort packet delivery Hosts:

1.58k views • 144 slides
OF-RHM: Transparent Moving Target Defense using Software Defined Networking Haadi Jafarian, Qi

OF-RHM: Transparent Moving Target Defense using Software Defined Networking Haadi Jafarian, Qi

OF-RHM: Transparent Moving Target Defense using Software Defined Networking Haadi Jafarian, Qi Duan and Ehab Al-Shaer ACM SIGCOMM HotSDN Workshop August 2012 Helsinki, Finland CyberDNA lab, UNC Charlotte Why IP Mutation Static assignment

571 views • 28 slides
Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong

Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong

Towards a Secure and Resilient Industrial Control System Using Software-Defined Networking Dong (Kevin) Jin 1 Who am I? CS faculty, Ph.D., University of Illinois at Urbana- Champaign (UIUC), http://cs.iit.edu/~djin/ Research:

851 views • 52 slides
Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking

Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking

Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking ACM SIGCOMM HotSDN' 12 Workshop Helsinki, Finland, 13 August 2012 Agenda Research in scope and contribution RouteFlow Control Platform

621 views • 31 slides
Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking

Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking

Revisiting Routing Control Platforms with the Eyes and Muscles of Software-Defined Networking ACM SIGCOMM HotSDN' 12 Workshop Helsinki, Finland, 13 August 2012 Agenda Research in scope and contribution RouteFlow Control Platform

709 views • 26 slides
Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika Mittal Acknowledgements:

Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika Mittal Acknowledgements:

Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika Mittal Acknowledgements: Yashar Ganjali, Univ. of Toronto Software Defined Network (SDN) Feature Feature Network OS Packet Forwarding Packet Forwarding Packet

772 views • 36 slides
Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking

Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking

Automated Discovery of Cross - Plane Event - Based Vulnerabilities in Software - Defined Networking Benjamin E. Ujcich 1 , Samuel Jero 2 , Richard Skowyra 2 , Steven R. Gomez 2 , Adam Bates 1 , William H. Sanders 1 , and Hamed Okhravi 2 1 University

605 views • 46 slides
FlowFence: A Denial of Service Defense System for Software Defined Networking Andr es Felipe

FlowFence: A Denial of Service Defense System for Software Defined Networking Andr es Felipe

FlowFence: A Denial of Service Defense System for Software Defined Networking Andr es Felipe Murillo Piedrahita and Sandra Rueda Diogo M. F. Mattos and Otto Carlos M. B. Duarte Systems and Computing Engineering Department Grupo de

417 views • 6 slides
Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments

Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments

Introduction Solutions Evaluation Summary Software-Defined Networking Architecture Framework for Multi-Tenant Enterprise Cloud Environments Aryan TaheriMonfared Department of Electrical Engineering and Computer Science University of

1.51k views • 92 slides
Empowering Peer-to-peer Services Luca Deri &lt;deri@{unipi.it,ntop.org}&gt; Vision The

Empowering Peer-to-peer Services Luca Deri &lt;deri@{unipi.it,ntop.org}&gt; Vision The

Empowering Peer-to-peer Services Luca Deri &lt;deri@{unipi.it,ntop.org}&gt; Vision The internet should be a transparent IP-based transport for users, not a geographical/ISP constrain. Users should control/create their community

468 views • 20 slides
Queuing Networks - Outline of queuing networks - Mean Value Analisys (MVA) for open and closed

Queuing Networks - Outline of queuing networks - Mean Value Analisys (MVA) for open and closed

Queuing Networks - Outline of queuing networks - Mean Value Analisys (MVA) for open and closed queuing networks 1 Open queuing networks outgoing requests incoming requests DISK CPU CD Closed queuing networks (finite number of users)

691 views • 30 slides
CS 3700 Networks and Distributed Systems NAT (You Better Forward Those Ports) Revised

CS 3700 Networks and Distributed Systems NAT (You Better Forward Those Ports) Revised

CS 3700 Networks and Distributed Systems NAT (You Better Forward Those Ports) Revised 10/7/16 The IPv4 Shortage 2 Problem: consumer ISPs typically only give one IP address per-household Additional IPs cost extra More IPs may not

1.03k views • 53 slides
Network Analysis Ma Maneesh Agrawala CS 448B: Visualization Winter 2020 1 Last Time: Network

Network Analysis Ma Maneesh Agrawala CS 448B: Visualization Winter 2020 1 Last Time: Network

Network Analysis Ma Maneesh Agrawala CS 448B: Visualization Winter 2020 1 Last Time: Network Layout 2 1 Interactive Example: Configurable Force Layout 3 Linear node layout, circular arcs show connections. Layout quality sensitive to

338 views • 33 slides
Trade Networks Jos e de Sousa and Isabelle Mejean Topics in International Trade University

Trade Networks Jos e de Sousa and Isabelle Mejean Topics in International Trade University

Trade Networks Jos e de Sousa and Isabelle Mejean Topics in International Trade University Paris-Saclay Master in Economics, 2nd year Motivation : Trade Frictions Samuelson (1954) and Krugman (1980) : Key importance of frictions in

556 views • 34 slides
Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v

Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v

Cellular Security - What can we expect for 5G? - Yongdae Kim KAIST SysSec Lab SysSec Lab. v System Security Lab. @ KAIST, Korea Yongdae Kim Prof @ Electrical Engineering &amp; Information Security Director @ Cyber Security Research

629 views • 46 slides
MEF LSO: Connecting Open Source and Standards to implement and Deliver Dynamic Third Network

MEF LSO: Connecting Open Source and Standards to implement and Deliver Dynamic Third Network

min MEF LSO: Connecting Open Source and Standards to implement and Deliver Dynamic Third Network Services min Introduction to MEF and to MEF LSO - SDNFV Service Orchestration Dan Pitt, Senior Vice President, MEF MEF Created the $80B*

599 views • 39 slides
Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini

Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini

Security in in Security 802.11 Data Link Link Protocols Protocols 802.11 Data Gianluca Dini Gianluca Dini Dept. of Ingegneria dellInformazione University of Pisa, Italy Via Diotisalvi 2, 56100 Pisa gianluca.dini@ing.unipi.it If you

467 views • 35 slides

More recommend