Melanie Palmer, Rob Sullivan, John Bilberry LA-UR-13-25961 Overview - - PowerPoint PPT Presentation

melanie palmer rob sullivan john bilberry
SMART_READER_LITE
LIVE PREVIEW

Melanie Palmer, Rob Sullivan, John Bilberry LA-UR-13-25961 Overview - - PowerPoint PPT Presentation

Dec 10, 2023 358 likes •660 views

Melanie Palmer, Rob Sullivan, John Bilberry LA-UR-13-25961 Overview Introduction Test Method and Materials Results Conclusion Future Work Questions LA-UR-13-25961 Software Defined Networking Separate the

slide-1
SLIDE 1

Melanie Palmer, Rob Sullivan, John Bilberry

LA-UR-13-25961

slide-2
SLIDE 2

Overview

ž Introduction ž Test Method and Materials ž Results ž Conclusion ž Future Work ž Questions

LA-UR-13-25961

slide-3
SLIDE 3

Software Defined Networking

ž Separate the data plane and the

control plane

ž Software layer between hardware

and admin

ž Virtual networks within a physical

network

LA-UR-13-25961

slide-4
SLIDE 4

OpenFlow

ž Open source SDN ž Hardware management on a single

platform

ž Exploits a common set of functions

found on most switches

ž OpenFlow Protocol

— Flow table — Actions

LA-UR-13-25961

slide-5
SLIDE 5

Controller

ž Management software for network ž Communicates via a secure channel ž Push and remove flows ž Determine actions for undefined flows

LA-UR-13-25961

slide-6
SLIDE 6

Networks for Security

User Switch Network 2 Network 1

  • User job in Node 1
  • If User accesses Node 2
  • Redirect to Security

Node

Security Node Controller

Rule 1 Allow access to Network 1 Rule 2 Redirect to Security Node if access to Network 2 is attempted LA-UR-13-25961

slide-7
SLIDE 7

Networks for Security

User Network 2 Network 1

Rule 1 Allow access to Network 1 Rule 2 Redirect to Security Node if access to Network 2 is attempted

Security Node Controller Switch

LA-UR-13-25961

slide-8
SLIDE 8

Melanie Palmer

LA-UR-13-25961

slide-9
SLIDE 9

Objective

ž Performance ž Reliability ž Scalability

LA-UR-13-25961

slide-10
SLIDE 10

Materials

ž Our Cluster

— Seven node — CentOS 6.4

ž Arista 7050S

— OpenFlow 1.0 — EOS 4.10.4

ž Floodlight 0.9

— Open source — Widely used in

industry

— Java based

LA-UR-13-25961

slide-11
SLIDE 11

Test Suite

ž Load Test

— Performance — Reliability

LA-UR-13-25961

slide-12
SLIDE 12

Test Suite

ž Load Test

Start T Test

TCPDu Dump Start 1 10 Sections ns Inc Increme ment nt Ping ngs/Sec Fini nish h

Start Tr Traffic Cha hang nge Flo lows

Inc Increme ment nt Flo lows/Sec

Fini nish h

St Start

Tests

Sections

Timing Limit Traffic Limit

LA-UR-13-25961

slide-13
SLIDE 13

Load Test

Controller Node C Node B Node A Rule 1: Connect A and B Rule 2: Drop Anything to C Switch LA-UR-13-25961

slide-14
SLIDE 14

Load Test

Controller Node C Node B Node A Rule 1: Connect A and C Rule 2: Drop Anything to B Switch LA-UR-13-25961

slide-15
SLIDE 15

Test Suite

ž Load Test ž Speed Test

— Scalability — Performance

LA-UR-13-25961

slide-16
SLIDE 16

Test Suite

ž Load Test ž Speed Test

Start Test TCPDump to File Send Traffic to Node C Change Flow

LA-UR-13-25961

slide-17
SLIDE 17

Speed Test

Controller Node C Node A Rule 1: Connect A and C Switch LA-UR-13-25961

slide-18
SLIDE 18

Speed Test

Controller Node C Node A Rule 1: Drop Node C Switch LA-UR-13-25961

slide-19
SLIDE 19

Test Suite

ž Load Test ž Speed Test ž Analysis Program

Failure! Expected Behavior

LA-UR-13-25961

slide-20
SLIDE 20

Test Suite

ž Load Test ž Speed Test ž Analysis Program

— Stage 1 - Extracts

○ Error rate ○ Flow change speed

— Stage 2 - Analyzes

○ Averages data ○ Standard deviations

Failure!

LA-UR-13-25961

slide-21
SLIDE 21

Rob Sullivan

LA-UR-13-25961

slide-22
SLIDE 22

Load Test Results

2 4 6 8 10 12 14 16 0.1 0.2 0.3 0.6 1.2 2.3 4.3 7.9 13.9 21.9 31.4 40.0 45.8 51.2 53.5 Error (%) Flows per Second

Flow Push Error Rate

250 500 750

Pings/Second

LA-UR-13-25961

slide-23
SLIDE 23

Speed Test Results

2 4 6 8 10 12 14 16

100 pings/s

Milliseconds

200 pings/s 300 pings/s 400 pings/s 600 pings/s 700 pings/s 800 pings/s 900 pings/s 1000 pings/s 500 pings/s

LA-UR-13-25961

slide-24
SLIDE 24

Problems

ž OpenFlow 1.0 ž Volume and nature of

data

ž Human error ž Imprecision of some test

methods

ž Meaningful packet

redirection

LA-UR-13-25961

slide-25
SLIDE 25

LA-UR-13-25961

slide-26
SLIDE 26

Will OpenFlow Work?

ž Allows software

reconfiguration of networks

ž Easy administration ž Flows can be reliably

pushed up to a measurable rate

ž Flow push failure is

low even at high push rates

ž OpenFlow v. 1.0

inadequacies

ž Hardware specific

limits

ž Potential security

issues

ž Controller can get

  • verwhelmed

LA-UR-13-25961

slide-27
SLIDE 27

Future Work

ž OpenFlow 1.1 ž Security ž Controllers and hardware ž Scale

LA-UR-13-25961

slide-28
SLIDE 28

Acknowledgements

Instructors – Dane Gardner and Matthew Broomfield (T.A.) Mentors – Kyle Lamb (HPC-3) and Ben McClelland (HPC-5) Special Thanks: Los Alamos National Laboratory – Gary Grider, Josephine Olivas, Carolyn Connor, Scott Robbins and Carol Hogsett New Mexico Consortium – Ann Kuiper PRObE – Andree Jacobson Our Schools: University of Texas at El Paso New Mexico Institute of Mining and Technology Michigan Technological University

LA-UR-13-25961

slide-29
SLIDE 29

Your turn!

LA-UR-13-25961