OpenFlow: operational experiences Christopher Small, Indiana - - PowerPoint PPT Presentation

openflow operational
SMART_READER_LITE
LIVE PREVIEW

OpenFlow: operational experiences Christopher Small, Indiana - - PowerPoint PPT Presentation

Nov 19, 2023 102 likes •277 views

OpenFlow: operational experiences Christopher Small, Indiana University APAN Future Internet Workshop August 11 th , 2010 App App App Network Operating System Ap Ap Ap p p p Operating System Ap Ap Ap p p p Specialized Packet

slide-1
SLIDE 1

OpenFlow: operational experiences

Christopher Small, Indiana University APAN Future Internet Workshop August 11th, 2010

slide-2
SLIDE 2

Specialized Packet Forwarding Hardware

Ap p Ap p Ap p

Specialized Packet Forwarding Hardware

Ap p Ap p Ap p

Specialized Packet Forwarding Hardware

Ap p Ap p Ap p

Specialized Packet Forwarding Hardware

Ap p Ap p Ap p

Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System

Ap p Ap p Ap p

Network Operating System

App App App

Slide from Nick McKeown at Stanford

slide-3
SLIDE 3

Keys to OpenFlow/Software-Defined Networking

  • Separation of Control Plane & Data Plane with

Open API Between the Two

  • Logically Centralized Control-Plane with Open API

to Applications

  • Network Slicing/Virtualization
  • Creates Open Interfaces between Hardware, OS

and Applications Similar to Computer Industry

  • Increases Competition, Enables Innovation
slide-4
SLIDE 4

App

Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware

App App

Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware

Network Operating System

  • 1. Open interface to hardware
  • 3. Well-defined open API
  • 2. At least one good operating system

Extensible, possibly open-source

The “Software-defined Network”

Slide from Nick McKeown at Stanford

slide-5
SLIDE 5

Windows (OS) Windows (OS)

Linux Mac OS

x86 (Computer)

Windows (OS)

App App Linux Linux Mac OS Mac OS

Virtualization layer

App

Controller 1

App App

Controller 2

Virtualization or “Slicing”

App

OpenFlow Controller 1 NOX

(Network OS)

Controller 2 Network OS

Trend

Computer Industry Network Industry Slide from Nick McKeown at Stanford

slide-6
SLIDE 6

Logically Centralized Control-Plane

  • “Logically” because multiple controllers for

scalability and resiliency; even geographic diversity

  • Analogy to Chassis-based Architecture

– Mgmt Module (PC-class hw) Running OS – Mgmt Module Updates Linecard ASICs that forward packets – With Openflow, OS runs on central server and can update ASICs in many switch enclosures

  • Turns your network into one big switch
slide-7
SLIDE 7

What Could You Do with Openflow ?

  • 1k-3k TCAM Entries in Typical Edge Switch

– Difficult to take advantage of

  • Individual configuration in every switch
  • Pushing ACLs via RADIUS has limited benefit

– Can only push once at time of authentication – Specific to individual switch port – Only Support Allow/Deny

– But what if you could flexibly program these centrally using a standard API ?

slide-8
SLIDE 8

Possible Uses of OpenFlow (Quick Wins)

  • Security Applications

– Network Access Control – Intrusion Detection System – Remote Packet Capture & Injection

  • VM Mobility

– Redirect specific application traffic to remote site – Flow-based forwarding – no need to extend entire broadcast domain – no STP issues

slide-9
SLIDE 9

Possible Uses of OpenFlow (Quick Wins)

  • Dynamic Circuit Provisioning

– Don’t need to extend layer-2 end-to-end – Simply direct specific flows down a engineered path with guaranteed priority – Don’t have to rely on scripted SSH sessions, SNMP

  • r other sub-optimal ways to programmatically

configure switches/routers.

slide-10
SLIDE 10

Possible Uses of Openflow (Grand Challenges)

  • Distributed Control-Plane Architecture

Requires a Lot of State to be Synchronized Across Many Devices

  • Many Protocols Needed for Synchronization

Internally to Networks (OSPF, RSVP, STP, etc)

  • Can these “internal” protocols eventually be

removed entirely with only BGP for inter- domain route advertisements ?

slide-11
SLIDE 11

Virtualization/Slicing

  • Enable Multiple Research Instances on Same

Switch

– Each research slice would have separate controller

  • Once Production is OpenFlow Controlled…

– Slicing Enables Separate Controllers for Production & Research (or regular forwarding) – Multiple Controllers for Different Parts of Production Network (Think MPLS VPN Replacement)

  • Ease of transition from Research to Production
slide-12
SLIDE 12

GENI & OpenFlow

  • Global Environment for Network Innovation

– NSF Funded research infrastructure to conduct research – Virtualized environment

  • OpenFlow Campus Trials at 7 U.S. Campuses
  • National Deployments in U.S.

(Internet2/National Lambda Rail)

  • International connections ?? (IRNC, OFELIA)
slide-13
SLIDE 13

OpenFlow deployments

  • Need Basic Components for Deployment

– Openflow: 1.0 available, 1.1 in development – Hardware (HP, NEC, Pronto) – Open-Source Controller (NOX) – Apps that provide base functionality

  • SNAC

– Basic Layer-2 Switching – Policy Enforcement (ACL & Captive Portal) – Enables “Edge” Deployment

– Operational Tools

slide-14
SLIDE 14

Current Status @ IU

  • 2 Campuses w/national connectivity (via NLR/I2)

– 4 OpenFlow-enabled switches in lab – 3 OpenFlow switches in production

  • Opt-in users only
  • OpenFlow SSID in 6 Buildings
  • 20-30 Regular Users
  • Focused on “Edge” Deployment

– Most compelling short-term use case – Limitations # of table entries, flows/sec

  • Adapting NMS and processes to OpenFlow
slide-15
SLIDE 15
slide-16
SLIDE 16

How do I get started ?

  • www.openflowswitch.org
  • Can run everything in VMs (Mininet,

OpenVSwitch, OpenFlowVMS)

  • Start with SNAC + Switch
  • Install Reference Implementation for

Wireshark Plugin and dpctl

  • Deploy on existing hw switches if you have
  • nes that support OpenFlow