Software Defined Networking (SDN) OpenFlow and OpenStack€¦ · Linux OpenStack Platform...
Transcript of Software Defined Networking (SDN) OpenFlow and OpenStack€¦ · Linux OpenStack Platform...
Software Defined Networking (SDN) OpenFlow and OpenStack
Vivek DasguptaPrincipal Software Maintenance EngineerRed Hat
CONTENTS
• Introduction – SDN and components
•SDN Architecture, Components
•SDN Controller - OpenDayLight
•OpenFlow architecture
•Open vSwitch
•OpenStack Neutron
•OpenStack SDN
•Future Trends
SDN ApplicationsSDN Applications
SDN ControllerSDN Controller
Network DevicesNetwork Devices
Introduction – SDN and related technologies
•SDN is a technology enabling programmable networks
•Using software running on general purpose OS/Hardware
•SDN – Separation of
control and data plane
InfrastructureLayer
InfrastructureLayer
ApplicationLayer
ApplicationLayer
ControlLayer
ControlLayer
SD
N A
rch
ite
ctu
reS
DN
Arc
hit
ec
ture
Programmable Open APIsProgrammable Open APIs
Data Plane Interface Network DevicesData Plane Interface Network Devices
Business ApplicationsBusiness Applications
SDN ApplicationsSDN ApplicationsCloud OrchestrationCloud Orchestration
SDN ControllerSDN Controller
The need for SDN
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
• Traditional Router
/ Switch
AA
BB
CC
Evolution to SDN
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
Router/SwitchRouter/Switch
APPAPP APPAPP
APPAPP
Control PlaneControl Plane
Data PlaneData Plane
APPAPP
Applications Layer
Control Layer
Infrastructure Layer / Data plane
SDN Architecture•SDN Applications
•SDN Control Plane
Controller
NOS
•SDN Data Plane
Devices
OpenFlow
APPLICATION LAYERAPPLICATION LAYER
Business ApplicationsBusiness Applications
CONTROL LAYERCONTROL LAYER
Network Operating System (NOS)Network Operating System (NOS)
Network Services
INFRASTRUCTURE LAYER
DATA PLANE
INFRASTRUCTURE LAYER
DATA PLANE
APIAPI APIAPI APIAPI
SDN Components - (Ecosystem)
•Cloud
Orchestration
•Network
Virtualization
•Network
Functions
Virtualization
(NFV)
PUBLIC CLOUDSPUBLIC CLOUDS
ENTERPRISE PRIVATE CLOUDS
ENTERPRISE PRIVATE CLOUDS
VIRTUAL PRIVATE CLOUDS
VIRTUAL PRIVATE CLOUDS
HYBRID CLOUDSHYBRID CLOUDS
NFV APPLICATIONS
NFV APPLICATIONS
IT SERVICES(PASS,IAAS)IT SERVICES(PASS,IAAS)
APPLICATION SERVICES(SAAS)
APPLICATION SERVICES(SAAS)
SDNSDN
CLOUD ORCHESTRATION & AUTOMATION
CLOUD ORCHESTRATION & AUTOMATION
NETWORK VIRTUALIZATION & AUTOMATION
NETWORK VIRTUALIZATION & AUTOMATION
CUSTOMERS
OPEN DISTRIBUTED CLOUD INFRA-STRUCTURE
CLOUD SERVICESANDCAPABILITY
CLOUD INTELLIGENCEANDCONTROL
SDN Controller OpenDayLight
•Open Source
•Southbound - OF
•Northbound ->
Neutron
•Plugin ->
Red Hat Enterprise
Linux OpenStack
Platform
ManagementGUI
ManagementGUI
Network ApplicationOrchestration &
Services
Network ApplicationOrchestration &
Services
OpenStackNeutron
OpenStackNeutron
NTNCoordinator
NTNCoordinator
OpenDay Light API's (REST)OpenDay Light API's (REST)
SNMPSNMPPCEPPCEPBCPBCPLISPLISPNETCONFNETCONFOVSDBOVSDBOpenFlowOpenFlow
OpenFlow Enabled Devices
OpenFlow Enabled Devices
Additional Virtual &Physical Devices
Additional Virtual &Physical Devices Open vSwitchesOpen vSwitches Dataplane Elements
(Virtual Switches, Physical Device
Interfaces)
Dataplane Elements(Virtual Switches, Physical Device
Interfaces)
Southbound Interfaces &Protocol Plugins
Southbound Interfaces &Protocol Plugins
Controller PlatformController Platform
Service Abstraction Layer (SAL)(Plugin Manager, Capability Abstraction, Flow Programming, Inventory etc. )
Service Abstraction Layer (SAL)(Plugin Manager, Capability Abstraction, Flow Programming, Inventory etc. )
LLSPServices
LLSPServices
VTN Manager
VTN Manager
DOVEManager
DOVEManager
Base Network Service FunctionsBase Network Service Functions
Topology Manager
Topology Manager
Shortest Path
Forwarding
Shortest Path
Forwarding
HostTracker
HostTracker
SwitchManagerSwitch
ManagerStats
ManagerStats
Manager
Traffic Redirection
Traffic Redirection
AffinityServicesAffinity
Services
DCOSProtection
DCOSProtection
1.01.0 1.31.3
OpenFlow introductionController
OpenFlow ProtocolOpenFlow Protocol
Pipeline
OpenFlow Switch
Pipeline
OpenFlow Switch
Secure ChannelSecure Channel Group TableGroup Table
Flow TableFlow TableFlow TableFlow Table
•Openflow - standard for
interacting with forwarding
behaviours of switches
•Control the behaviour of switches
dynamically and programmatically
•Flow tables, Group tables and
OpenFlow Channel (TCP port 6633)
OpenFlow protocol - Messages
• Controller to Switch :: Switch / Flow table config, Packet out, Barrier, Role Req, Bundle [Controller to Switch messages]
•Asynchronous :: Packet-in, Flow-removed, Port-status, Controller Role status, Table status, Request forward [Async messages ]
•Symmetric messages :: Hello, Echo Req/Reply, Error, Experimenter [Symmetric messages]
OpenFlow – FlowTables and Routing
•Packet-in message
for table miss
•Controller sends a
packet-out mesg
specifying action
• Buffer id -> packet
• Flow modification VM 1VM 1 VM 2VM 2
OpenFlow compliant
Open vSwitch
OpenFlow compliant
Open vSwitch
SDN Controller
SDN Controller
Packet INPacket IN Packet OUTPacket OUT
Table MissTable Miss
OpenFlow – FlowTables and Routing
• Flow Table Components
Match fields, Priority, Counters, Instructions, Timeouts, Cookie
• Flow table
match vs miss
• Flow removalOpenFlow Switch-1OpenFlow Switch-1
1010 2020
DeviceA
DeviceA
DeviceB
DeviceB
Match Action
Src. Port= 10 Fwd to Port 20
Src. Port= 20 Fwd to Port 10
Match Action
Src. Port= 10 Fwd to Port 20
Src. Port= 20 Fwd to Port 10
OpenFlow – FlowTables SDN Controller SoftwareSDN Controller Software
OpenFlow-enabled Network DeviceFlowTable compared to an instruction set
OpenFlow-enabled Network DeviceFlowTable compared to an instruction set
MAC Src
MAC dst
IPSrc
IP dst
TCP dport
…. Action Count
. 10.20 . . . . Port 1 250
. . . 5.6.7.8 . . Port 2 300
. . . . 25 . drop 892
. . . 192. . . local 120
. . . . . . controller 11
MAC Src
MAC dst
IPSrc
IP dst
TCP dport
…. Action Count
. 10.20 . . . . Port 1 250
. . . 5.6.7.8 . . Port 2 300
. . . . 25 . drop 892
. . . 192. . . local 120
. . . . . . controller 11
• Group table
• Meter table
• Counters
• Instructions
• Actions
Open vSwitch
•Networking in Software
• In 2012 – total # of virtual ports
surpassed physical ports
•A opensource software switch
•High performance forwarding
using Linux Kernel Module
•OpenFlow Compliant
•Advanced switching features
Open vSwitch
•Kernel Datapath
•Userspace daemon
•Configuration
database
•Since RHEL 6.4
vSwitchdvSwitchd ovsdbovsdb
OpenFlowOpenFlow sFlowsFlowovs-vsctlovs-vsctlovs-dpctlovs-dpctl
ovs-ofctlovs-ofctl
ovsdb-toolovsdb-tool
DatapathDatapath
ManagementManagement
UserSpaceUserSpace
KernelKernel
Promiscuous ModePromiscuous Mode
From NetDeviceFrom NetDevice To NetDeviceTo NetDevice
Flow TableFlow Table
NetlinkNetlink
UpCallUpCall
ReinjectReinject
Packet ProcessingPacket Processing
Management WorkFlowManagement WorkFlow
Open vSwitch operations
•Normal mode vs
Flow mode
•Flow Table Match
based on L2/L3/L4
•Forward, Drop
Modify headers
•Systemtap Probe
Nova Networking
- Early days of Openstack
networking
-Flat, Flat-DHCP, VLAN
- No router, firewalls etc
Neutron
•Neutron is at the
northbound side
of the SDN framework
•Neutron provides
network services to
the Nova compute
Neutron plugin architecture
• Neutron services
• Various plugins
connect to controllers
or OpenFlow Switches
Neutron APINeutron API API ExtensionsAPI Extensions
Neutron Service
● L2 Network Abstraction● Device and Service framework● Does NOT do any actualImplementation of abstraction
Neutron Service
● L2 Network Abstraction● Device and Service framework● Does NOT do any actualImplementation of abstraction
Neutron Plug-in APINeutron Plug-in API
Vendor User Plug-in
● Maps Abstraction to Implementation on Physical Network● Makes all decisions about how a network is implemented● Can provide additional features through API extension
Vendor User Plug-in
● Maps Abstraction to Implementation on Physical Network● Makes all decisions about how a network is implemented● Can provide additional features through API extension
OpenStack SDN
•Various Components
• Iptables
•Open vSwitch
•Overlay networks
•Tunnels – GRE/VXLAN
•Network Namespace
•Netfilter NAT for
Floating IP addresses
IPTABLESIPTABLES
Open vSwitchOpen vSwitch
OverlaysOverlays
TunnelsTunnels
Netfilter NATNetfilter NAT NetworkNamespaces
NetworkNamespaces
Red Hat Enterprise Linux OpenStack Platform
OpenStack SDN
•A, B, C :: Tap,
Fw Bridge, Iptables
•D, E :: VLAN tagging
•F, G :: Tunnels
•Open vSwitch, GRE
•O, P :: DHCP
•M, N :: Router
Netfilter NAT
Red Hat Enterprise Linux OpenStack Platform
Future Trends•Need to stick to open standards
•Need to have a stable SDN ecosystem
•Standardization for various components
•Allows for various vendor solutions
(open/closed source)
•Scope for Innovation at each layer- Apps, Controller, Protocols, Devices (Physical/Virtual)
•Possible scope for Hardware acceleration products in SDN space
•Evolution of NOS
Thank You ! Questions ? <[email protected]>
Please complete this session survey available on the mobile app :: Complete 8 surveys – Win Exciting Prizes !!
Slides in PDF will be available later at www.redhat.com/summit/2014/presentations