An Elementary Multi-tenant Framework on the Northbound Side of SDN

HAO JIANG

Advisor: Prof. Ahmed Bouabdallah

1

Agenda• State of the Art

- Software-defined Networking (SDN)- Multi-tenant Networking- Multi-tenancy in SDN

• Existing Solution- OpenDaylight’s Approach (Virtual Tenant

Network)• Our Proposal

- Research Content- Comparison with Existing Solution- Future Work 2

“An network architecture that decouples the control and data planes,

moving the control logic to an external entity called SDN controller.”

Software-defined NetworkingNetwork Orchestrations & Services

Southbound APIs

Northbound APIs

Application Layer

Controller Control Layer

Data Layer

3

We define ‘Multi-tenancy’ as a property of a network

infrastructure which is transparently shared by multiple tenants,

while still being able to present as an individually managed

network to each tenant.

Multi-tenancy in Networking

• A tenant could be ..

4

A user of a network testbedA department of a campus

networkA virtual network operator

(VNO)

Service Provider

A Property of a network adopting SDN architecture, where multiple

tenants transparently share the underlying resources in data plane,

without any knowledge of others’ existence.

Multi-tenancy in SDN

5

A virtual network environment created in the container of OpenDaylight

controller. VTN is set up by configuring virtual network nodes and

links. Multiple VTNs can be created and managed as individual

networks.

OpenDaylight’s Approach - Virtual Tenant Network (VTN)

6

VTN Application

Southbound APIs

Northbound APIs

Application Layer

OpenDayLight Controller Control Layer

Data Layer

VTN Manager

VTN Coordinator

REST API

7

• VTN Function Conclusion- Centralized Administration in Application Layer- Differentiated Management and Monitoring- Physical Resources Isolation and Allocation- Layer 2 and Layer 3 Functionalities (vBridge,

vRouter)- Flow Filter and QoS Control- Multiple SDN Controller Coordination

OpenDayLight’s Approach

8

To develop a multi-tenant framework on the northbound of SDN,

enabling multiple organizational entities transparently share the

data plane resources of a SDN provider, with controlling services

offered through NBIs to control and monitor their own network.

A Proposal for Operator Network

9

SDN ProviderTenant A

Tenant B

Tenant A

Tenant A

Tenant B

Backbone Network…

10

Network Services

Network Services

Southbound APIs

Northbound APIs

Application Layer

Controller of SDN Provider Control Layer

Data Layer

Backbone SDN Architecture

Tenant BTenant A

11

Work Flow• Service Subscription

- SDN provider register tenants to network with an account

• Tenant Authentication and Authorization- Tenants use the account to access the controller

• Tenant Network Initiation- A tenant network domain is initiated

• Service Monitoring and Debugging- Tenants modify network to their needs and

monitor stats 12

General Goal• Openness

- Tenant Network Control and Monitoring• Security and Privacy

- Tenant Access Control, Tenant Network Isolation

• Connectivity- Intra/inter Tenant and External Communication

• Elasticity- Resource and Service Management

13

Services & ControlTenant A

Network AdminSDN

ProviderTenant BServices &

Control

Tenant CServices & Control

Data Plane Controller

AccessService Orchestrator Resource OrchestratorTopology Lifecycle MonitorTenant Manager Mapping&Allocati

onStatsPolicy

AAA

Southbound APIs

Northbound APIs

14

1. User Access & Verification

2. Service Compilation

3. Resource Reservation andConfiguration Instruction

4. Service & Resource Monitoring

ComparisonVTN MTN framework

Network Scope Campus BackboneSDN Administrator Campus Owner SDN Provider

Possible Tenant Departmental network of a campus

a virtual network operator

Functionality Management Commercial ServicesVirtual Network Management

Centralized in Administrator

Outsourced to tenants

Tenant Authority No controlling abilities

Monitoring & Management

Multi-controller Coordination

Yes Not considered

15

My Future Work

16

1.Definition of an elementary multi-tenant framework for SDN 1-Dec Objectives and requirements plan 1-Dec Determine the constraints to be satisfied 4-Dec Specification of the framework 8-Dec Architecture definition 8-Dec

Specification of AAA services15-Dec

Phase report and planning18-Dec

17

2.Controller selection and testbed installation (Mininet)20-Dec

Comprehensive comparison among existing SDN controllers

20-Dec

Selection and Installation of the controller27-Dec

Phase report and planning30-Dec

3.Development and test 1-Jan Development and test 1-Jan Results analysis and validation 22-Jan Draft - final report 29-Jan4.Conclusion work 1-Feb

My Future Work

18

Thank You !