Cisco ONE - The BIG Deal
-
Upload
pawan-sharma -
Category
Technology
-
view
2.217 -
download
2
description
Transcript of Cisco ONE - The BIG Deal
Cisco Confidential© 2012 Cisco and/or its affiliates. All rights reserved. 1© 2012 Cisco and/or its affiliates. All rights reserved. 1
Cisco Open Network Environment Webinar Series
An Introduction to OpenFlow:
February 2013
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
a
Industry’s Most Comprehensive Networking Portfolio
Hardware + SoftwareHardware + Software Physical + VirtualPhysical + Virtual Network + ComputeNetwork + Compute
PlatformPlatformAPIsAPIs
Controllers Controllers and Agentsand Agents
Network Network OverlaysOverlays
ApplicationsApplications
www.cisco.com/go/one
“OpenFlow”
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 3
Q&AQ&A
OpenFlow @CiscoOpenFlow @Cisco
Early Perspectives: Indiana University & NTT communicationsEarly Perspectives: Indiana University & NTT communications
An Introduction to OpenFlowAn Introduction to OpenFlow
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
CTO, Cisco Engineering and Chief Architect
Chair, Technology Advisory Group – Open Networking Foundation
(Former) Executive Director, InCNTRE and Chief Network Architect, Indiana University
Director, Technology Department, Network Services Division
NTT Communications Corporation
David Ward Matt Davy Yuichi Ikejiri
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
Technical Working Group
Technical Working Group
Source: www.opennetworking.org – January 2013
Technical Working Group
Technical Working Group
Council of ChairsCouncil of Chairs
Market Education Activities
Market Education Activities
Regional ActivitiesRegional Activities
Chairs Council of Chairs
Technical Advisory Group
Technical Advisory Group
Board of DirectorsBoard of Directors
Executive Director
Executive Director
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
ExtensibilityExtensibility
HybridHybrid
Forwarding AbstractionsForwarding
Abstractions
Architecture and
Framework
Architecture and
FrameworkConfiguration
and Management
Configuration and
Management
Testing and Interoperability
Testing and Interoperability
Security
Transport
Migration
Market and EducationMarket and Education
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Initiatives: Quantum (Folsom release)
Donabe
Overlay Working Groups: NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3API Working Groups/BOFsNETCONF, ALTO, CDNI, XMPP, SDNP, I2AEXController Working Groups: PCE, FORCESProtocol Working Groups:IDR, IS-IS, OSPF, MPLS, CCAMP, BFDNew working group: I2RS – Interface to the Routing System
Technical Advisory Group, Working Groups:
Config, Extensibility,Futures/FPMOD/OF2.0
ETSI SGI on “Network Function Virtualization”
Open Source Cloud Computing project
802.1 Overlay Networking ProjectsSDN WG
Open Network Research Center at Stanford University
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
OpenFlow ApproachOpenFlow ApproachOpenFlow ApproachOpenFlow Approach
Applications
APIs
ControllerController
Simpler Provisioning, Topology Abstraction
OpenFlow Protocol
Data PlaneData Plane
OpenFlowConfiguration Protocol
“Northbound Interface”
“Southbound Interface”
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
• OpenFlow ComponentsApplication Layer Protocol: OF-Protocol
Device Model: OF-Device Model (abstraction of a device with Ethernet interfaces and a set of forwarding capabilities)
Transport Protocol: Connection between OF-Controller and OF-Device*
• ObservationOF-Controller and OF-Device need pre-established IP-connectivity
* TLS, TCP – OF 1.3.0 introduces auxiliary connections, which can use TCP, TLS, DTLS, or UDP
10
OpenFlowControllerOpenFlowController
Data PlaneData PlaneGroup TableGroup Table
Flow TableFlow Table
Pipeline
OpenFlow Switch
OpenFlow Protocol
Flow TableFlow Table
Source: OpenFlow 1.3.0 specification, figure 1
OpenFlow Config.Point
OpenFlow Config.Point
OF-CONFIG
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
OpenFlow Capable SwitchOpenFlow Capable Switch
Figure 2: Relationship between components defined is this specification, the OF-CONFIG protocol and the OpenFlow protocol
OF-Config OpenFlow OpenFlow
OpenFlowConfiguration Point(s)
OpenFlowConfiguration Point(s)
OpenFlowController(s)
OpenFlowController(s)
OpenFlowController(s)
OpenFlowController(s)
OF Logical SwitchOF Logical Switch
OF Resources (e.g. Port)
OF Resources (e.g. Port)
OF Resources (e.g. Port)
OF Resources (e.g. Port)
OF Logical SwitchOF Logical Switch
OF Resources (e.g. Port)
OF Resources (e.g. Port)
OF Resources (e.g. Port)
OF Resources (e.g. Port)
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
• Single table • L2, IPv4 focused
matching
• Multiple Tables• MPLS, VLAN matching• Groups: {Any-,Multi-}cast• ECMP
• IPv6• Flexible TLV matching• Multiple controllers
• 802.1ah PBB • Multiple parallel channels
between switch and controller
• Bug fixes
• Bug fixes
“Working code before new standards”“ONF should not anoint a single reference implementation but instead encourage open-source implementations”; ONF board encourages multiple reference implementationsOpenFlow 1.0.X : no work plannedOpenFlow 1.3.X: long term supportOpenFlow 1.4: extensibility, incremental improvements
DEC 2009OF 1.0 OF 1.1 OF 1.2 OF 1.3.0 OF 1.0.1 OF 1.3.1
FEB 2011 DEC 2011 APR 2012 JUN 2012 SEP 2012
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 13
Discussions led by the ONF Configuration and
Management Working Group
• Configuration and management protocol for OpenFlow switches
JAN 2012OF Config v1.0 OF Config v1.1
MAY 2012OF Config v1.1.1
JAN 2013OF Config v1.2
PROPOSED
• Capability discovery• Tunnel configuration• Error handling
• Consolidation of ver 1.1• Fixing small inconsistencies
Under discussion, candidates include:•Assigning resources to logical switches•Simple topology detection•Event notification
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
Figure 3: Flowchart detailing packet flow through an OpenFlow switch
Yes
Update Counters Execute Instructions:•Updated action set•Updated packet/match set fields•Update metadata
Update Counters Execute Instructions:•Updated action set•Updated packet/match set fields•Update metadata
Packet inStart at Table 0
Packet inStart at Table 0
Main in Table n?Main in
Table n?
Drop PacketDrop Packet
Execute Action Set
Execute Action Set
Yes
No
No No
Table-miss Flow Entry
Exits?
Table-miss Flow Entry
Exits?
Goto-Table n?
Goto-Table n?
Yes
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
(a) Packets Are Matched Against Multiple Tables in the Pipeline
OpenFlow Capable SwitchOpenFlow Capable Switch
Packet In Packet OutTable 0
Table 0
Table 1
Table 1
Table n
Table n
Execute Action
Set
Execute Action
Set
Ingress Port
Packet + Ingress Port +
Metadata Packet
Action Set =
{}
Action Set
Action Set
{Any,Multi}cast (1.1)ECMP (1.1)
MPLS (1.1, note push/pop, .1q)IPv6 (1.2)
• (1.3.X) introduces per flow meters, IPv6 extension header handling, flexible table miss support, enhanced/refactored capability negotiation, multipart requests, MPLS BoS matching, push/pop for PBB, tunnel-ID meta-data, cookies for packet_in messages, augmented flow table entry (adds cookie), among others
• Configuration Protocol under co-development
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
• Hardware friendly switch model negotiations (“typed tables”) (→ Forwarding Abstractions WG)
• Configuration Management (→ OF Config WG)
• Security model (granular access control) (→ Architecture and Framework WG)
• HA-model for device and controller (state re-sync etc.),Controller peering (→ Architecture & Framework WG)
• Integration with Existing Networks; Integrate SDN Controllers and SDN Control Plane capabilities in Network Devices (formerly covered by “Hybrid WG”) (→ Architecture and Framework WG)
• OF Protocol Extensibility (→ Extensibility WG)
• …
Examples of Ongoing Work
© 2011 Cisco and/or its affiliates. All rights reserved. 17
Early Perspectives: Indiana University & NTT communications
© 2011 Cisco and/or its affiliates. All rights reserved. 18
Indiana University
Interoperability Testing
Scalable, Flexible L4–7 Service Insertion
Layer-3 Fabric
Virtualized,UnifiedAccess Layer
DynamicControlvia SDN
Internet
Building ABuilding A Building BBuilding B
Netw
ork Slicing U
se Case
© 2011 Cisco and/or its affiliates. All rights reserved. 21
NTT
Copyright © 2012 NTT Communications Corporation and/or its affiliates. All right reserved.
Global ICT PartnerInnovative. Reliable. Seamless.
Public Cloud
22
NTT Communications Whole picture of the Cloud Vision
Customer’s System
<NTT Communications Group> <Partners>
Glo
bal T
ota
l Manag
em
ent
One-Stop Operation
Other Cloud
Consulting firm/Application Vendor
SaaS Vendor
HybridHybridCloudCloud
Virtualized Network
Multi network/ PC,
Smartphone, Tablet PC, etc.
Data Center
Arcstar Universal One
Portal
Mail, Desktop, VoIP etc.
Managed Security Services
Consulting/Individual Applications
Private Cloud ProvideProvideHybrid CloudHybrid Cloud
Cloud Controller
Dire
ct Acce
ss to C
loud
Dire
ct Acce
ss to C
loud
NetworkController
Integrated Control
/Visualization
AccessNetwork/Terminals
PhysicalNetwork
Data Center
VirtualizedNetwork
PaaS/
IaaS
OSS
SaaS
Security
Consultingand others
PartneringPartneringHybrid CloudHybrid Cloud
PartneringPartnering
PartneringPartneringHybrid CloudHybrid Cloud
Copyright © 2012 NTT Communications Corporation and/or its affiliates. All right reserved.
Global ICT PartnerInnovative. Reliable. Seamless.
23
Expected expansion of application of OpenFlow/SDN technology
Data Center
Network VirtualizationNetwork Virtualization
Network EdgeNetwork Edge
DC-VPN Interconnection
DC-VPN Interconnection
OAMFunction
OAMFunction
Expand
© 2011 Cisco and/or its affiliates. All rights reserved. 24
OpenFlow@Cisco
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
2Q132Q13
Network Infrastructure
REST
Core FunctionalityCore Functionality
Cisco Advanced FunctionsCisco Advanced Functions
JAVAMore
Coming
onePK OpenFlowMore
Coming
Cisco AppsCisco Apps Customer AppsCustomer Apps ISV AppsISV Apps Open Src AppsOpen Src Apps
Published APIs for Popular Languages and Software (Eg: OpenStack)
Extensible Protocol Support Ensures Continuous Adoption of Emerging Standards
Modular Architecture Allows Rapid Adoption of Evolving Controller Functionality While Minimizing Operational Disruption
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
All Controller Apps Are in Customer PoCAll Controller Apps Are in Customer PoC
Phase 2 AppsPhase 2 AppsPhase 2 AppsPhase 2 AppsPreviously AnnouncedPreviously AnnouncedPreviously AnnouncedPreviously Announced
Dynamic network partitioning of the network using logical
associations provided by ONE Controllers
centralized view
Network Slicing
Ability to monitor, analyze, and debug network flows
using conventional network switches
Network Tapping
Using unique parameters such as low latency to
program specific forwarding rules across the network
Custom Forwarding
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
Overlay NetworksOverlay Networks
CSR 1000V
Controller/AgentsController/Agents
ONE Controller
Platform APIsPlatform APIs
onePK Platforms
•ISR G2•ASR 1000•ASR 9000*•Nexus 3000•Nexus 7000*
OpenFlow Agents
•Catalyst 3000*
•Catalyst 6500*
•Nexus 3000
•Nexus 7000*
•ASR 9000*
Nexus 1000V Updates•N1KV Hyper-V•N1KV KVM*•VXLAN Gateway•Service Chaining (w/ vPath)
Cisco Edition of OpenStack
1H131H131H131H13
1H131H131H131H13
1Q131Q131Q131Q13
1H131H131H131H13
1H131H131H131H13
1H131H131H131H13
1H131H131H131H13
1H131H131H131H13
N1KV InterCloud
Virtual NAM (vNAM)*
2Q132Q132Q132Q13
*Customer PoC: on-going or in 1H13
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
IOS / XEIOS / XE NX-OSNX-OS IOS-XRIOS-XR
onePK APIs PresentationonePK APIs Presentation
onePK API InfrastructureonePK API Infrastructure
Agent FrameworkAgent Framework
Agent Implementation (e.g. OpenFlow)Agent Implementation (e.g. OpenFlow)
Application Framework / ControllerApplication Framework / Controller
Agent Communication ComponentAgent Communication Component
Solution Defined Protocol(e.g. OpenFlow)
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
• A subset of ports controlled by OF, another subset controlled by router’s native CP – physical resources are partitioned
• Some level of integration: “OF_NORMAL”:Implementer free to define what “normal” is
May or may not be what router normally does
“Ships-in-the-night”(aka “Vertical Partitioning”*)
RouterRouter
OpenFlowOpenFlowControlPlane
ControlPlane
• Use OF for feature definition – augment the native control plane
• No longer partitioning of resources
• Can operate at different abstraction levels (low-level like OF1.0 or higher level)
“Integrated”(aka “Horizontal Partitioning”)
RouterRouter
Control PlaneControl Plane
OpenFlowOpenFlow
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
• Installing ephemeral routes in the RIBInstall routes in RIB subject to admin distance or …
Moral equivalent of static routes, but dynamic
May require changes to the OF protocol/model
• Edge classificationBasically use the OF as an API used to install ephemeral classifiers at the edge
Moral equivalent of … ‘ip set next-hop <addr>’ (PBR)
Use case: Service Engineered Paths/Service Wires
Program switch edge classifiers to select set of {MPLS, GRE, …} tunnels
Core remains the same
• Programmable Service Chaining
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
• VIRL is a multi-purpose network virtualization platform
• Brings virtual machines running Cisco Network Operating Systems to the customer The same operating systems as used on physical Cisco products
• Virtual Machine orchestration capabilities enables:Creation of highly-accurate models of real-world or future networks – scales to thousands of virtual network devices
SP / Enterprise
Partner Community
University and Education
Production Network Modeling
Training and Education
NetworkingResearch
‘What-if’ Analysis
Cisco Onepk Virtual Testbed
Rapid Prototyping
Test Lab Virtualization
Test Lab Virtualization
Network Education
VIRLVIRLVirtual Internet Routing LabVirtual Internet Routing Lab
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
VIRL
IOS XR
VM-based tool: XR VR
IOS XE
VM-based tool: CSR1000v
VM-based tool: vIOS
IOS
NXOS
VM-based tool: vNXOS
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
• VIRL virtual networks enable building, testing, learning and experimenting with Cisco open networking technologies
• E,g. OnePK-enabled virtual Openflow switches and routers in a mixed Openflow and MPLS-TE topology
• Virtual-machine based Cisco ONE and PCE controllers drive traffic through the network
• OnePK developers are able to test and validate applications against virtual devices before deploying to the real network
© 2011 Cisco and/or its affiliates. All rights reserved. 34
Demo:
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
AppApp AppApp AppApp
Cisco ONE ControllerCisco ONE Controller
Cisco Network DeviceCisco Network Device
onePKonePK OpenFlowOpenFlow
OpenFlow Support on the Industry’s Most
Extensible Controller
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
Cisco Open Network EnvironmentCisco Open Network Environmentwww.cisco.com/go/one
Open Network FoundationOpen Network Foundationwww.opennetworking.org
© 2011 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
• An Introduction to onePK
• An Introduction to Overlay Networks
• An Introduction to the Cisco ONE controller architecture
• Security in Open Network Environments
• And more!
www.cisco.com/go/onewebcastswww.cisco.com/go/onewebcasts