Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika - - PowerPoint PPT Presentation

software defined networking openflow and nox
SMART_READER_LITE
LIVE PREVIEW

Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika - - PowerPoint PPT Presentation

Oct 21, 2023 402 likes •773 views

Software Defined Networking OpenFlow and NOX ECE/CS598HPN Radhika Mittal Acknowledgements: Yashar Ganjali, Univ. of Toronto Software Defined Network (SDN) Feature Feature Network OS Packet Forwarding Packet Forwarding Packet

slide-1
SLIDE 1

Software Defined Networking OpenFlow and NOX

ECE/CS598HPN Radhika Mittal

Acknowledgements: Yashar Ganjali, Univ. of Toronto

slide-2
SLIDE 2

Feature Feature Network OS

Software Defined Network (SDN)

Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding

slide-3
SLIDE 3

Abs#1: Forwarding Abstraction

  • Express intent independent of implementation
  • Don’t want to deal with proprietary HW and SW
  • OpenFlow is a standardized interface to switch.
slide-4
SLIDE 4

Open interface to packet forwarding

Feature Feature Network OS

Software Defined Network (SDN)

Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding

slide-5
SLIDE 5

OpenFlow

  • Initial objective: Enable experimentation and

innovation within universities.

  • Developed at Stanford.
  • Supported by various companies (Cisco, Juniper, HP

, NEC, …)

  • Now being used world-wide in industries.
slide-6
SLIDE 6

Ethernet Switch

Traditional Switch

slide-7
SLIDE 7

Traditional Switch

Data Path (Hardware) Control Path Control Path (Software)

slide-8
SLIDE 8

OpenFlow Protocol (SSL)

Data Path (Hardware) Control Path OpenFlow

Ethernet Switch

Network OS

Control Program A Control Program B

OpenFlow Switch

slide-9
SLIDE 9

Control Program A Control Program B

Network OS

OpenFlow Rules

Packet Forwarding Packet Forwarding Packet Forwarding Flow Table(s) “If header = p, send to port 4” “If header = ?, send to me” “If header = q, overwrite header with r, add header s, and send to ports 5,6”

slide-10
SLIDE 10

Match-Action Primitive

Match arbitrary bits in headers:

  • Match on any of the supported header fields
  • Allows any flow granularity

Action

  • Forward to port(s)
  • Encapsulate and send to controller
  • Drop
  • Rewrite packet headers, map to a particular priority level

Header Data

Match: 1000x01xx0101001x

slide-11
SLIDE 11

OpenFlow Rules – Cont’d

Rule (exact & wildcard) Action Statistics Rule (exact & wildcard) Action Statistics Rule (exact & wildcard) Action Statistics Rule (exact & wildcard) Default Action Statistics Flow 1. Flow 2. Flow 3. Flow N.

  • Exploit the flow table in switches, routers, and chipsets
slide-12
SLIDE 12

Flow Table Entry

  • OpenFlow Protocol Version 1.0

Rule Action Stats

  • 1. Forward packet to port(s)
  • 2. Encapsulate and forward to controller
  • 3. Drop packet
  • 4. Send to normal processing pipeline

Packet + byte counters

Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport + mask what fields to match

slide-13
SLIDE 13

Flow Table Entry

  • OpenFlow Protocol Version 1.0

Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport

Rule Action Stats

  • 1. Forward packet to port(s)
  • 2. Encapsulate and forward to controller
  • 3. Drop packet
  • 4. Send to normal processing pipeline

+ mask what fields to match

Packet + byte counters

VLAN prio IP ToS

slide-14
SLIDE 14

Examples

Switching

* Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * 00:1f:.. * * * * * * * port6

Flow Switching

port3

Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action

00:2e.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6

Firewall

*

Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Forward

* * * * * * * * 22 drop

slide-15
SLIDE 15

Examples

Routing

* Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * * * * * 5.6.7.8 * * * port6

VLAN

* Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * * * vlan1 * * * * * port6, port7, port9

slide-16
SLIDE 16

Supported Header Fields

Version Date # Headers OF 1.0 Dec 2009 12 OF 1.1 Feb 2011 15 OF 1.2 Dec 2011 36 OF 1.3 Jun 2012 40 OF 1.4 Oct 2013 41

slide-17
SLIDE 17

OpenFlow Switches

Cisco Catalyst 6k NEC IP8800 HP Procurve 5400 Juniper MX-series WiMax (NEC) PC Engines Quanta LB4G

More coming soon...

slide-18
SLIDE 18

OpenFlowSwitch.org

Controller

OpenFlow Switch

PC

OpenFlow Usage Example

  • Dedicated OpenFlow Network

OpenFlow Switch OpenFlow Switch

OpenFlow Protocol

Peter’s code

Rule Action Statistics Rule Action Statistics Rule Action Statistics

Peter

slide-19
SLIDE 19

Usage examples

  • Peter’s code:
  • Static “VLANs”
  • His own new routing protocol: unicast, multicast, multipath,

load-balancing

  • Network access control
  • Home network manager
  • Mobility manager
  • Energy manager
  • Packet processor (in controller)
  • IPvPeter
  • Network measurement and visualization
slide-20
SLIDE 20

Research/Production VLANS

Normal L2/L3 Processing

Flow Table Production VLANs Research VLANs Controller

slide-21
SLIDE 21

Virtualize OpenFlow Switch

Normal L2/L3 Processing

Flow Table Flow Table Flow Table

Researcher A VLANs Researcher B VLANs Researcher C VLANs Production VLANs

Controller A Controller B Controller C

slide-22
SLIDE 22

OpenFlow Switch

OpenFlow Protocol

OpenFlow FlowVisor & Policy Control C’s Controller B’s Controller A’s Controller

OpenFlow Protocol

OpenFlow Switch OpenFlow Switch

Virtualizing OpenFlow

slide-23
SLIDE 23

OpenFlow Protocol

OpenFlow FlowVisor & Policy Control Broadcast Multicast

OpenFlow Protocol

http Load-balancer

OpenFlow Switch OpenFlow Switch OpenFlow Switch

Virtualizing OpenFlow

slide-24
SLIDE 24

Discuss!

  • What are the challenges in switching from traditional

networks to OpenFlow networks?

  • Performance
  • Security or DoS
  • Dealing with very large network, scalability
  • What are the opportunities?
  • Test network without disrupting production
  • Functionality within switches, middleboxes (caching…)
slide-25
SLIDE 25

OpenFlow -- your opinions

  • Pros:
  • concrete, clear workflow, comprehensive examples, achievable
  • flexible packet format (somewhat)
  • use existing switch mechanisms -- flow tables
  • Not overly ambitious – first focus on campus networks
slide-26
SLIDE 26

OpenFlow -- your opinions

Cons:

  • Reliability of performance (?)
  • Security (?)
  • Performance (?)
  • Latency to the controller
  • Size of flow table
  • Incentive for vendors
  • Impact on production traffic
  • More details on controller
  • Sharing resources across multiple OpenFlow users
  • How to support multiple controller instances?
slide-27
SLIDE 27

OpenFlow -- your opinions

Ideas:

  • QoS for production and experimental traffic
  • ML + controller for network resource regulation (?)
  • Make OpenFlow more flexible and expressive
  • Refactoring middlebox functionality using OpenFlow
  • Evaluate scalability
  • Use OpenFlow to handle link failures
  • Can it really be deployed at large scale?
slide-28
SLIDE 28

Open interface to packet forwarding

Feature Feature Network OS

Software Defined Network (SDN)

Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding

slide-29
SLIDE 29

Design choices for scalability

  • Granularity of network view
  • Topology (switches, hosts, middleboxes)
  • Bindings between names and addresses
  • Exclude network traffic state.
  • Granularity of control
  • Per-packet control will not scale.
  • Prefix-based control too coarse-grained.
  • Use flow-based control.
slide-30
SLIDE 30

Scalability Argument

Per Packet Per Flow Per Network Event No Consistency No Consistency Eventual Consistency 106 – 108/s 103 – 106/s 101 – 103/s Modification of Control Program Strong Consistency 0 - 10/s

slide-31
SLIDE 31

Implication

  • Can replicate controllers.
  • Each replica can independently handle flow initiations.
  • With network change events being less frequent, a

consistent network view can be maintained across replicas.

slide-32
SLIDE 32

Discuss!

  • Do you buy the scalability argument?
  • Are there any other concerns?
slide-33
SLIDE 33

NOX was just the beginning…

  • Support different languages
  • POX: Python
  • OpenDaylight, Floodlight, ONOS, Beacon, Maestro: Java
  • Onix: C++
  • ….
  • Improved APIs/flexibility/scalability:
  • Maestro: exploit mutli-core parallelism.
  • Onix: richer state (network information base), that is replicated

and distributed across instances.

  • Many many more…..
slide-34
SLIDE 34

NOX -- your opinions

  • Pros:
  • ”flow” granularity – trade-off flexibility and scalability
  • OS-like abstraction -- multiple applications
  • Functional prototype
  • Good motivation, examples
slide-35
SLIDE 35

NOX -- your opinions

Cons:

  • Controller energy consumption
  • No experimental results
  • What are the pitfalls?
  • How well can it scale?
  • Costly to maintain network view?
  • Performance issues?
  • Security issues?
  • How to handle packet losses?
slide-36
SLIDE 36

NOX -- your opinions

Ideas:

  • What level of consistency is required for network state?
  • More functionality
  • Evaluation performance and scalability
  • What if network topology changes very rapidly?
  • More powerful distributed algorithm?