Slide 1

Handout # 16: Software-Defined NetworkingProfessor Yashar GanjaliDepartment of Computer ScienceUniversity of Toronto

yganjali@cs.toronto.eduhttp://www.cs.toronto.edu/~yganjaliCSC 458/2209 Computer Networks1AnnouncementsProgramming assignment 2Due: Fri. Dec. 4th at 5pmDont leave it to the last minute

Auto-marker running every 15 minutes For PA1 and PA2

Grading for PA2 (18% of your final mark)6% testing simple router (PA1)12% for the NATCSC 458/CSC 2209 Computer Networks2University of Toronto Fall 20152AnnouncementsFinal exam: Monday Dec. 14 2014, 9am-12pmLocation: see class web site for location information

This weeks tutorialQ&A for programming assignment 2

CSC 458/CSC 2209 Computer Networks3University of Toronto Fall 20153The Story So FarLayeringLink layerMedia, framing, error detection/correction, switches, hubs, Network layerAddressing (CIDR, subnet), routing and forwarding, DNS, BGP, Transport layerTCP, UDP, flow control, congestion control, queue management, Misc: Queueing Mechanisms, MiddleboxesNext: Software-defined networksCSC 458/CSC 2209 Computer Networks4University of Toronto Fall 20154Innovation Computers vs. NetworksHow difficult is it to create/modify a computer application?How difficult is it to create/modify a network feature?

What is the difference?

What are the tools available for each?

CSC 458/CSC 2209 Computer Networks5University of Toronto Fall 2015ComputerApplicationComputerApplicationApplicationOSOS abstracts hardware substrate Innovation in applicationsInnovation in ApplicationsCSC 458/CSC 2209 Computer Networks6University of Toronto Fall 2015x86(Computer)Windows(OS)ApplicationApplicationLinuxMacOSx86(Computer)Windows(OS)ororApplicationApplicationSimple, common, stable, hardware substrate below+ Programmability+ Competition Innovation in OS and applicationsInnovation in OS and ApplicationsCSC 458/CSC 2209 Computer Networks7University of Toronto Fall 2015LinuxMacOSx86(Computer)Windows(OS)ororApplicationApplicationWindows(OS)Windows(OS)LinuxMacOSx86(Computer)Windows(OS)AppAppLinuxLinuxMacOSMacOSVirtualizationAppSimple, common, stable, hardware substrate below+ Programmability + Strong isolation model+ Competition above Innovation in infrastructureInnovation in InfrastructureCSC 458/CSC 2209 Computer Networks8University of Toronto Fall 2015Vertically integratedClosed, proprietarySlow innovationSmall industry

SpecializedOperatingSystemSpecializedHardwareAppAppAppAppAppAppAppAppAppAppAppSpecializedApplicationsHorizontalOpen interfacesRapid innovationHuge industryMicroprocessor

Open InterfaceLinuxMacOSWindows(OS)ororOpen InterfaceCSC 458/CSC 2209 Computer Networks9University of Toronto Fall 2015The mainframe industry in the 1980s was vertical and closed: it consisted of specialized hardware, operating system and applications --- all from the same company. A revolution happened when open interfaces started to appear. The industry became horizontal. Innovation exploded. 9Million of linesof source code6,000 RFCsBillions of gatesBloatedPower Hungry Vertically integrated, complex, closed, proprietary Networking industry with mainframe mind-set

Custom HardwareOSRouting, management, mobility management, access control, VPNs, FeatureFeature

We Have Lost Our WayCSC 458/CSC 2209 Computer Networks10University of Toronto Fall 201510Operating SystemReality is Even WorseAppAppAppSpecialized Packet Forwarding HardwareSpecialized Packet Forwarding HardwareOperatingSystemAppAppApp Lack of competition means glacial innovation Closed architecture means blurry, closed interfaces CSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 20151111Vertically integratedClosed, proprietarySlow innovationAppAppAppAppAppAppAppAppAppAppAppHorizontalOpen interfacesRapid innovationControlPlaneControlPlaneControlPlaneororOpen Interface

SpecializedControlPlaneSpecializedHardwareSpecializedFeaturesMerchantSwitching ChipsOpen Interface

CSC 458/CSC 2209 Computer Networks12University of Toronto Fall 201512CSC 458/CSC 2209 Computer Networks13University of Toronto Fall 2015What we need

New function!Operators, users, 3rd party developers, researchers, 1) Separate Intelligence from DatapathCSC 458/CSC 2209 Computer Networks14University of Toronto Fall 201514

2) Cache DecisionsIn minimal flow-based datapath15If header = x, send to port 4FlowTableIf header = ?, send to meIf header = y, overwrite header with z, send to ports 5,6CSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 201515Custom HardwareCustom HardwareCustom HardwareCustom HardwareCustom HardwareOSOSOSOSOSNetwork OSFeatureFeatureHow Can We Do This?CSC 458/CSC 2209 Computer Networks16University of Toronto Fall 2015FeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureFeatureNetwork OS1. Open interface to packet forwarding3. Consistent, up-to-date global network view2. At least one Network OSprobably many.Open- and closed-sourceSoftware Defined Network (SDN)CSC 458/CSC 2209 Computer Networks17University of Toronto Fall 2015PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

ConsequencesMore innovation in network servicesOwners, operators, 3rd party developers, researchers can improve the networkE.g. energy management, data center management, policy routing, access control, denial of service, mobilityLower barrier to entry for competitionHealthier market place, new players Lower costInfrastructureManagementCSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 20151818Example: RoutingOSPFRFC 2328: 245 pagesDistributed SystemBuilds consistent, up-to-date map of the network: 101 pages

Dijkstras AlgorithmOperates on map: 4 pagesCSC 458/CSC 2209 Computer Networks19University of Toronto Fall 2015Example: RoutingCSC 458/CSC 2209 Computer Networks20University of Toronto Fall 2015OSPF = DijkstraIS-ISNetwork OSPacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

Distributed SystemCustom HardwareOSOSPF

IS-IS

DistributedSystemDistributedSystemCSC 458/CSC 2209 Computer Networks21University of Toronto Fall 2015Back to the story Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC 458/CSC 2209 Computer Networks22University of Toronto Fall 2015PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

Network OSNetwork OS: distributed system that creates a consistent, up-to-date network viewRuns on servers (controllers) in the networkNOX, ONIX, HyperFlow, Kandoo, Floodlight, Trema, Beacon, Maestro, BeeHive, OpenDayLight, + more

Uses forwarding abstraction to:Get state information from forwarding elementsGive control directives to forwarding elements

CSC 458/CSC 2209 Computer Networks23University of Toronto Fall 2015Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC 458/CSC 2209 Computer Networks24University of Toronto Fall 2015PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

Control ProgramControl program operates on view of networkInput: global network view (graph/database)Output: configuration of each network device

Control program is not a distributed systemAbstraction hides details of distributed state

CSC 458/CSC 2209 Computer Networks25University of Toronto Fall 2015Control Program AControl Program BNetwork OSSoftware Defined Network (SDN)CSC 458/CSC 2209 Computer Networks26University of Toronto Fall 2015PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

PacketForwarding

OpenFlow Open standard to run experimental protocols in production networksAPI between the forwarding elements and the network OSBased in Stanford, supported by various companies (Cisco, Juniper, HP, NEC, )Used by universities to deploy innovative networking technology

CSC 458/CSC 2209 Computer Networks27University of Toronto Fall 2015

Ethernet Switch

Traditional SwitchCSC 458/CSC 2209 Computer Networks28University of Toronto Fall 201528Traditional SwitchData Path (Hardware)Control PathControl Path (Software)CSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 20152929OpenFlow Protocol (SSL)Data Path (Hardware)Control PathOpenFlow

Ethernet SwitchNetwork OSControl Program AControl Program BOpenFlow SwitchCSC 458/CSC 2209 Computer Networks30University of Toronto Fall 201530Control Program AControl Program BNetwork OSOpenFlow RulesCSC 458/CSC 2209 Computer Networks31University of Toronto Fall 2015PacketForwarding

PacketForwarding

PacketForwarding

FlowTable(s)If header = p, send to port 4If header = ?, send to meIf header = q, overwrite header with r, add header s, and send to ports 5,6Plumbing Primitives

Match arbitrary bits in headers:

Match on any header, or new headerAllows any flow granularity

ActionForward to port(s), drop, send to controllerOverwrite header with mask, push or popForward at specific bit-rateCSC 458/CSC 2209 Computer Networks32University of Toronto Fall 2015HeaderDataMatch: 1000x01xx0101001xOpenFlow Rules ContdExploit the flow table in switches, routers, and chipsetsCSC 458/CSC 2209 Computer Networks33University of Toronto Fall 2015Rule(exact & wildcard)ActionStatisticsRule(exact & wildcard)ActionStatisticsRule(exact & wildcard)ActionStatisticsRule(exact & wildcard)Default ActionStatisticsFlow 1.Flow 2.Flow 3.Flow N.3333Flow Table EntryOpenFlow Protocol Version 1.0CSC 458/CSC 2209 Computer Networks34University of Toronto Fall 2015SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportRuleActionStatsForward packet to port(s)Encapsulate and forward to controllerDrop packetSend to normal processing pipeline+ mask what fields to matchPacket + byte countersExamplesSwitching*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction*00:1f:..*******port6Flow Switchingport3SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction00:2e..00:1f..0800vlan11.2.3.45.6.7.841726480port6Firewall*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportForward********22dropCSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 201535ExamplesRouting*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction*****5.6.7.8***port6VLAN*SwitchPortMACsrcMACdstEthtypeVLANIDIPSrcIPDstIPProtTCPsportTCPdportAction***vlan1*****port6, port7,port9CSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 201536OpenFlow Hardware

Cisco Catalyst 6kNEC IP8800HP Procurve 5400Juniper MX-series

WiMax (NEC)PC Engines

Quanta LB4GMore coming soon...CSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 201537

OpenFlowSwitch.org

Controller

OpenFlow SwitchPCOpenFlow Usage ExampleDedicated OpenFlow NetworkCSC 458/CSC 2209 Computer Networks38University of Toronto Fall 2015

OpenFlow Switch

OpenFlow Switch

OpenFlowProtocolPeters codeRuleActionStatisticsRuleActionStatisticsRuleActionStatisticsPeter3838Usage examplesPeters code:Static VLANsHis own new routing protocol: unicast, multicast, multipath, load-balancingNetwork access controlHome network managerMobility managerEnergy managerPacket processor (in controller)IPvPeterNetwork measurement and visualizationCSC 458/CSC 2209 Computer Networks39University of Toronto Fall 20153939Research/Production VLANS

Normal L2/L3 Processing Flow Table

Production VLANsResearch VLANs

ControllerCSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 20154040Virtualize OpenFlow Switch

Normal L2/L3 Processing Flow Table

Flow Table

Flow Table

Researcher A VLANsResearcher B VLANsResearcher C VLANsProduction VLANsController AController BController CCSC 458/CSC 2209 Computer NetworksUniversity of Toronto Fall 20154141

OpenFlow SwitchOpenFlowProtocolOpenFlow FlowVisor & Policy Control

CsControllerBsController

AsController

OpenFlowProtocol

OpenFlow SwitchOpenFlow Switch

Virtualizing OpenFlowCSC 458/CSC 2209 Computer Networks42University of Toronto Fall 2015

OpenFlowProtocolOpenFlowFlowVisor & Policy ControlBroadcastMulticast

OpenFlowProtocolhttpLoad-balancerOpenFlow SwitchOpenFlow SwitchOpenFlow SwitchVirtualizing OpenFlowCSC 458/CSC 2209 Computer Networks43University of Toronto Fall 2015Food for ThoughtWhat are the challenges in switching from traditional networks to OpenFlow networks?

What are the opportunities?

CSC 458/CSC 2209 Computer Networks44University of Toronto Fall 2015