Cisco Open Network Environment: Software Defined Networking and beyond
-
Upload
get-your-build-on-with-software-for-the-network-beyond -
Category
Technology
-
view
4.147 -
download
3
description
Transcript of Cisco Open Network Environment: Software Defined Networking and beyond
© 2012 Cisco and/or its affiliates. All rights reserved. 1
Cisco Open Network Environment Software Defined Networking and beyond Cisco Open Network Environment SDN Concepts and onePK Network Operating Systems Group, Cisco Systems Inc.
© 2012 Cisco and/or its affiliates. All rights reserved. 2
SDN, OpenFlow, Openstack and Overlays – Important to Align on Semantics
What Is Software Defined Network (SDN)?
“…In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications…”
Source: www.opennetworking.org
What is OpenStack?
Opensource software for building public and private Clouds; includes Compute (Nova), Networking (Quantum) and Storage (Swift) services.
Source: www.openstack.org
What is an Overlay Network?
Overlay network is created on existing network infrastructure (physical and/or virtual) using a network protocol. Examples of overlay network protocol are: GRE, VPLS, OTV, LISP and VXLAN
What Is OpenFlow?
“…open standard that enables researchers to run experimental protocols in campus networks. Provides standard hook for researchers to run experiments, without exposing internal working of vendor devices…”
Source: www.opennetworking.org
Note: OF is not mandatory for SDN
Note: Applicable to SDN and non-SDN networks Note: Applicable to SDN and non-SDN networks
Note: SDN is not mandatory for network programmability nor automation
© 2012 Cisco and/or its affiliates. All rights reserved. 3
Private Cloud Automation
Research/ Academia
Experimental OpenFlow/SDN components for production networks
Massively Scalable Data Center
Customize with Programmatic APIs to provide deep insight into network traffic
Service Providers
Policy-based control and analytics to optimize and monetize service delivery
Enterprise
Virtual workloads, VDI, Orchestration of security profiles
Customers Want to Solve for Different Pain-Points via SDN…Common Theme Programmability/Automation
Cloud
Automated provisioning and programmable overlay, OpenStack
Diverse Programmability Requirements Across Segments Most Requirements are for Automation & Programmability
Scalable Multi-Tenancy
Network Flow Management
Network “Slicing”
Agile Service Delivery
© 2012 Cisco and/or its affiliates. All rights reserved. 4
Networking Standards are Critical
Technical Advisory Group Chair,
Working Groups: Config, Hybrid,
Extensibility, Futures/FPMOD/OF2.0
802.1 Overlay Networking Projects, Cisco Innovations:
FEX Architecture
Overlay Working Groups: NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3 API Working Groups: NETCONF, ALTO, CDNI, XMPP, SDNP, I2AEX Controller Working Groups: PCE, FORCES
Open Source Cloud Computing project
Open Network Research Center at Stanford University
Working Groups: Quantum API Donabe Cisco Innovations: OpenStack API for Nexus OpenStack Extensions
Note: Very little standardization in hypervisor technologies (e.g. live migration, config, APIs)
© 2012 Cisco and/or its affiliates. All rights reserved. 5
Industry Standards
Technical Advisory Group Chair,
Working Groups: Config, Hybrid,
Extensibility, Futures/FPMOD/OF2.0
802.1 Overlay Networking Projects, Cisco Innovations:
FEX Architecture
Overlay Working Groups: NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3 API Working Groups: NETCONF, ALTO, CDNI, XMPP, SDNP, I2AEX Controller Working Groups: PCE, FORCES
Open Source Cloud Computing project
Open Network Research Center at Stanford University
Working Groups: Quantum API Donabe Cisco Innovations: OpenStack API for Nexus OpenStack Extensions
Org Cisco Leadership/Contributions for Open & Programmable Networking
ONF • Harden OpenFlow spec • Technical Advisory Group Chair • Hybrid Group Chair
Openstack Major contributions to Quantum networking APIs
IETF Overlay protocols • LISP, OTV, VXLAN, …
© 2012 Cisco and/or its affiliates. All rights reserved. 6
a
Cisco Open Network Environment – Integrate and Complement
Industry’s Most Comprehensive Networking Portfolio Hardware + Software Physical + Virtual Network + Compute
Network
Platform APIs
Controllers and Agents
Virtual Overlays
Applications
www.cisco.com/go/one
onePK SDN: Controller SW OpenFlow Agents
N1KV Enhancements for Open Clouds
© 2012 Cisco and/or its affiliates. All rights reserved. 7
onePK
© 2012 Cisco and/or its affiliates. All rights reserved. 8
Evolution Traditional Approach
Evolving How We Interact With The Network Operating System
App C
Java …
IOS
Events
App EEM (TCL) Actions
Routing
Data Plane
Policy
Interface
Monitoring
Discovery
CLI
AAA
SNMP
HTML
XML
Syslog
Span
Netflow
CDP
Routing Protocols Any
thin
g yo
u ca
n th
ink
of
© 2012 Cisco and/or its affiliates. All rights reserved. 9
onePK Architecture
C, JAVA Program
onePK API Presentation
onePK API Infrastructure
IOS / XE (Catalyst, ISR, ASR1K)
NXOS (Nexus Platforms)
IOS XR (ASR 9K, CRS)
© 2012 Cisco and/or its affiliates. All rights reserved. 10
Container
Network OS
onePK Apps
Process Hosting
Container
onePK Apps
Network OS
Bla
de
Blade Hosting
onePK Apps E
xter
nal
Ser
ver
Network OS
End-Point Hosting
Write Once, Run Anywhere
onePK Application Hosting Options
© 2012 Cisco and/or its affiliates. All rights reserved. 11
Yes, it is secure Security Five Ways
App Security
Admin Security
Container Security
Runtime Security
Code Security
Digital Signing Certification Process
CLI Control Resource Allocation
Isolation Resource Consumption
Code Isolation Strong Typing
AAA (PKI) Encryption (TLS)
© 2012 Cisco and/or its affiliates. All rights reserved. 12
Languages and Service Sets
Network Element
Network Element
Network Element
Network Element
Network Element
Network Element
Network Element
Network Element
Network Element
Element • Element Capabilities • Configuration Management • Interface/Ports Events • Location Information
Utilities • Syslog Events and Queries • AAA Interface • Path Trace
Discovery • Network Element Discovery • Service Discovery • Topology Discovery
Developer • Debug Capabilities • Tracing Interfaces • Management Extensions
Data Path • Packet/Flow Classifiers • Copy/Punt/Inject • Statistics
Policy • Interface Policy • Interface Feature Policy • Forwarding Policy • Flow Action Policy
Routing • Read RIB Routes • Add/Delete Application Routes • RIB Events (Route up/down)
Cloud Connectors • Identity • QoS • Provisioning
© 2012 Cisco and/or its affiliates. All rights reserved. 13
Example onePK Applications
© 2012 Cisco and/or its affiliates. All rights reserved. 14
Example: Simplified Management
NX3K
CRS
9K
1K
ISR
1. Network begins with mismatched parameters on either side of link (e.g. MTU)
2. Application checks parameters on either side and identifies mismatches (red lines)
3. Application sets parameters to match (lines turn green)
4. Application registers for events related to parameters change.
5. Users logs into console and manually changes parameter. Topology indicates change.
1 2 MTU 1500
MTU 1518
MTU 1518
MTU 1600
MTU 1600
MTU 1500
MTU 1500
MTU 1000
4
5
3
Problem: Misconfigurations cause network outages, degrade performance, impact SLAs. Value proposition: Get, set, and detect configuration changes via cross-platform API
© 2012 Cisco and/or its affiliates. All rights reserved. 15
Example: Custom Encryption Problem: Customers want custom encryption on specific traffic types Value proposition: Punt traffic of interest, encrypt, and re-inject.
onePK application
onePK application
telnet
encrypt
encrypt
decrypt
telnet telnet
1 1. Policy APIs on ingress router are set to punt telnet and syslog to app
2. App encrypts punted traffic and re-injects into data path.
3. Policy APIs on egress router punt telnet and syslog to app
4. App decrypts punted traffic and re-injects into data path.
5. Traffic that does not match policy passes through unencrypted.
2
3
4
http
http
Unsecure Network 5
© 2012 Cisco and/or its affiliates. All rights reserved. 16
Example: Custom Routing Data Center Traffic Forwarding Based on a Custom Algorithm
onePK Custom Routing Application
Unique Data Forwarding Algorithm Highly Optimized for the Network Operator’s Application
Business Data & Logic
© 2012 Cisco and/or its affiliates. All rights reserved. 17
Summary
© 2012 Cisco and/or its affiliates. All rights reserved. 18
• Evolutionary step for networking Integrate with and complement the Network Control Plane
• Centered around delivering open, programmable environment for real-world use cases No one-size-fits-all APIs, Agents/Controllers, Network Virtualization Joint evolution with industry and academia
• Technology-agnostic Not predicated on a particular technology or standard Draw from existing technologies and industry standards
• Delivered as incremental functionality Many customers will use hybrid implementations Build upon existing infrastructure with investment protection
www.cisco.com/go/onepk; www.cisco.com/go/getyourbuildon
Summary: Open Network Environment The Industry’s Broadest Approach to Programmatic Access to the Network
www.cisco.com/go/one Open Network Environment onePK
© 2012 Cisco and/or its affiliates. All rights reserved. 19
Some References • Open Network Environment
www.cisco.com/go/one
• onePK www.cisco.com/go/onepk www.cisco.com/go/getyourbuildon developer.cisco.com/web/getyourbuildon
• Blogs blogs.cisco.com/getyourbuildon/ blogs.cisco.com/tag/onepk/ blogs.cisco.com/tag/openflow/ blogs.cisco.com/tag/sdn/
© 2012 Cisco and/or its affiliates. All rights reserved. 20
Thank you. Thank you.