Software Defined Networking-SDN

What is SDN?
-An OS for networks
-SDN Concept
-Advantage of SDN
What is OpenFlow?
-How it helps SDN
The current status & the future of SDN

Limitations of Current Networks
Enterprise networks are difficult to manage.
“New control requirements have arisen”:
--Greater scale
--Migration of VMS
How to easily configure huge networks? 
--validate responsiveness as demand varies according to user needs.
--firewalls and load balancers.
--eliminate vulnerability and exposure between users and applications

Old ways to configure a network

Many complex functions baked into infrastructure:OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, …
--Cannot dynamically change according to network conditions
--No control plane abstraction for the whole network! 
--It’s like old times – when there was no OS…

Packages travel inside the network…Switches pass them along…But the decisions are made individually by the switches.. such as where to pass them,Nobody is dynamically controlling the network flow.

History Of SDN
~2004: Research on new management paradigms
RCP, 4D [Princeton, CMU,….]
SANE, Ethane [Stanford/Berkeley]
2008: Software-Defined Networking (SDN)
NOX Network Operating System [Nicira]
OpenFlow switch interface [Stanford/Nicira]
2011: Open Networking Foundation (~69 members)
Board: Google, Yahoo, Verizon, DT, Microsoft, Facebook, NTT
Members: Cisco, Juniper, HP, Dell, Broadcom, IBM,…..
2013: Latest Open Networking Summit
1600 attendees, Google: SDN used for their WAN
Commercialized, in production use (few places)

Idea: An OS for Networks
--The key is to have a standardized control interface that speaks directly to hardware.
--A whole network is like a big machine.

--NOX: Towards an Operating System for Networks”

Software-Defined Networking (SDN)
--A remote controller has control of a switch’s forwarding decisions.

SDN Concept
Separate Control plane and Data plane entities
--Network intelligence and state are logically centralized.
--The underlying network infrastructure is abstracted from the applications.
Execute or run Control plane software on general purpose hardware
--Decouple from specific networking hardware.
--Use commodity servers.
Have programmable data planes
--Maintain, control and program data plane state from a central entity
An architecture to control not just a networking device but an entire network

Forwarding Abstraction
Purpose: Abstract away forwarding hardware
--Behavior specified by control plane.
--Built from basic set of forwarding primitives.
--Streamlined for speed and low-power.
--Control program not vendor-specific.
OpenFlow is an example of such an abstraction

Control Program
Control program operates on view of network
Input: global network view (graph/database)
Output: configuration of each network device
Control program is not a distributed system
--Abstraction hides details of distributed state.

Advantage of SDN
No longer designing distributed control protocols.
Much easier to write, verify, maintain, …
--An interface for programming
NOS serves as fundamental control block
--With a global view of network
The scope, the design goal
--No need for distance-vector routing if you have a global view – compute dijkstra directly.
Network is programmable.
Centre point of Control.
Network is agile.
Consistent security policies in network.
Visibility of Whole Network.
Topology change can easily auto configure the.
Network wide policies.

What is OpenFlow
OpenFlow is similar to an x86 instruction set for the network.
Provide open interface to “black box” networking node 
--(ie. Routers, L2/L3 switch) to enable visibility and openness in network
Separation of control plane and data plane.
--The datapath of an OpenFlow Switch consists of a Flow Table, and an action associated with each flow entry.
--The control path consists of a controller which programs the flow entry in the flow table
OpenFlow is based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries

OpenFlow Consortium
--Evangelize OpenFlow to vendors.
--Free membership for all researchers.
--Whitepaper, OpenFlow Switch Specification, Reference Designs.
--Licensing: Free for research and commercial use.

OpenFlow building blocks

Components of OpenFlow Network

--OpenFlow protocol messages 
--Controlled channel
 +Pipeline Processing
  +Packet Matchin
  +Instructions & Action Set

OpenFlow switch
--Secure Channel (SC)
--Flow Table
  +Flow entry

OpenFlow Controllers

Current Software Switch Implementation with Open Flow Standard

Secure Channel (SC)
SC is the interface that connects each OpenFlow switch to controller.
A controller configures and manages the switch via this interface.
--Receives events from the switch 
--Send packets out the switch 
SC establishes and terminates the connection between OpenFlow Switch and the controller using the procedures
--Connection Setup 
--Connection Interrupt
The SC connection is a TLS  connection.  Switch and controller mutually authenticate by exchanging certificates signed by a site-specific private key.

Flow Table
--Flow table in switches, routers, and chipsets

Flow Entry
A flow entry consists of:
Match fields 
--Match against packets
--Modify the action set or pipeline processing
--Update the matching packets 


OpenFlow Switching

OpenFlow Table Entry

OpenFlow Example

OpenFlow Usage

Separate VLANs for Production and Research Traffic
Centralized/Distributed Control
--“Onix: A Distributed Control Platform for Large-scale Production Networks”

Current status of SDN
--Hardware Support.
Industry support
--Google built hardware and software based on the OpenFlow protocol
--VMware purchased Nicira for $1.26 billion in 2012
--IBM, HP, NEC, Cisco and Juniper also are offering SDNs that may incorporate OpenFlow, but also have other elements that are specific to that vendor and their gear. 
--Nicira offers a way to build scale out virtualized networks and uses OpenFlow, but only as a small aspect of its controller product.
100+ institutions around the world are using openflow

Future Focuses of SDN
Research focuses
--Mostly implementations of newly proposed systems, frameworks, or applications
1.Transparently changing host IP to avoid attack – sdn provides a namespace interface (a strong mapping mechanism) 
2. access point (AP) association decisions are not made by the infrastructure, but by clients. Have no control to that part… state changes.. Virtual AP for management
4. Breakpoints and packet backtraces

SDN “Implementations” – Software/Hardware
Forwarding Model
Software Switches compliant with OpenFlow std.
-Open vSwitch
Controller compliant with OpenFlow std.
Available Commodity Switches compliant with OpenFlow std. 
-Hewlett-Packard 8200zl, 6600, 6200zl,
-Brocade 5400zl, and 3500/3500yl
-IBM NetIron CES 2000 Series

SDN Literature - Sources
Browsing on proceedings of:
-ACM Sigcomm;
-ACM Sigcomm Workshop HotSDN;
-ACM Sigcomm Workshop HotNets;
-USENIX HotCloud;

SDN research areas
SDN architecture
Controller scalability
 -reduce messages sent to controller
 -switch/CPU design approaches
Network Updates

SDN applications
Traffic Management/QoS
 -flow scheduling
 -Load balancing
 -Transport protocol

What is SDN? 
--A system-layered abstraction
--Programmable, flexible, and extensible
What is OpenFlow?
--Interface between switches and controllers
--Enabling SDN
Future SDN
--Enabling innovation
SDN not about new mechanisms; can use current
--Forwarding primitives (e.g., MPLS)
--State distribution primitives (e.g., flooding as in OSPF)
--Operator control programs (e.g., BGP on scale-out router)

Related Posts