Upload
mahesh-mohan
View
636
Download
1
Embed Size (px)
Citation preview
Software Defined Networks and Open flow Protocol
Mahesh M
11/27/2015Software Defined Networks and Open Flow Protocol
1
Introduction to SDN
An innovative approach to network architecture that provides the ability to create a whole new class of functionality
Experimental
Separates the data plane and the control plane of nodes
Nodes will only be forwarding the information
11/27/2015Software Defined Networks and Open Flow Protocol
2
Why SDN? Network – Core element of an organization’s technology service
Current Scenario
Several discrete network devices require manual configuration and management
These devices will be closed, proprietary units that limit innovation
Hence extensibility close to zero
Need for a New network?
Change in traffic patterns
The “consumerisation of IT”
Rise of cloud services
Big Data => requirement of more bandwidth
11/27/2015Software Defined Networks and Open Flow Protocol
3
Transition to SDN…
11/27/2015Software Defined Networks and Open Flow Protocol
4
Features Features
Operating System
Specialized packet
forwarding hardware
Features Features
Operating System
Specialized packet
forwarding hardware
Features Features
Operating System
Specialized packet
forwarding hardware
Transition to SDN…
11/27/2015Software Defined Networks and Open Flow Protocol
5
packet forwarding
Features Features
Network Operating System
Control Plane
Data Plane
Open Flow Protocol
packet forwarding
packet forwarding
What is SDN?
A flexible network architecture
Control plane and Data plane – core components of a network switch
Current devices have both control and data plane residing on the physical switch
SDN - Control plane separated from the data plane and placed on a server
Software application – provides direction to data plane
Interaction between controller and data plane – using Open Flow protocol
11/27/2015Software Defined Networks and Open Flow Protocol
6
Open Flow Protocol
TCP based
Maintained by the open networking foundation
Provides numerous functions and commands for
Communication of data
Status and management of the devices
11/27/2015Software Defined Networks and Open Flow Protocol
7
Open Flow Protocol
Basic idea – use of flow tables as in Ethernet switches
Flow Tables – vendor specific
OFP : provides an open protocol to program the flow table in different switches
and routers
In a OFP : data path consists of flow table
An action will be associated with a flow entry
Set of actions supported by the open flow is extensible
11/27/2015Software Defined Networks and Open Flow Protocol
8
The Open Flow Switch Consists of at least 3 parts
A flow table – an action associated with each flow entry
A secure channel – connects the switch to a remote control process(controller)
Open Flow Protocol – Open and standard way for a controller to communicate with a switch
Types
Dedicated OF switches
Open Flow Enabled switches
11/27/2015Software Defined Networks and Open Flow Protocol
9
OFP – How it works?
11/27/2015Software Defined Networks and Open Flow Protocol
10
Controller
Node 4Node 2
Node 3
Flow Table
If matchfield : forward message to node 4
If matchfield : change header and forward to node 2
Flow Table
Consists of flow entries
Each flow entry has
Match fields
Counters – update the number of matching packets
Set of instructions to apply to matching packets
Matching starts from 1st flow table and may continue to other flow tables
Matching done in priority order – first match is used
If no match – may continue to next flow table or may be forwarded to the controller via OFP or packet can be dropped – depends on the switch configuration
11/27/2015Software Defined Networks and Open Flow Protocol
11
11/27/2015Software Defined Networks and Open Flow Protocol
12
Flowchart detailing packet flow through an Open Flow switch
Instructions
Each flow entry include set of instructions that are executed when a packet matches the entry
Supported instructions
Apply-Actions action
Clear-Action
Write-Action actions
11/27/2015Software Defined Networks and Open Flow Protocol
13
Open Flow Channel
Connects each open flow switch to the controller
Usually encrypted using TLS, but may be run directly over TCP
PROTOCOL OVERVIEW
Support 3 messages
Controller to switch
Asynchronous
symmetric
11/27/2015Software Defined Networks and Open Flow Protocol
14
Controller to Switch
Initiated by the controller
Message types
Features : Controller may request for the features of the switch – expects a features reply with available capabilities of the switch
Configuration : controller set/query conffig parameters
Modify State : manages state on the switches – mainly to add/delete/modify flow entries
Read State : to collect sttistics from the switch
Packet-out : used to send packets out of a specied port on the switch, and to forward packets received via Packet-in messages
Barrier : to ensure message dependencies have been met or to receive notications for completed operations
11/27/2015Software Defined Networks and Open Flow Protocol
15
Asynchronous
Switches send these to indicate packet arrival, switch state change or error
Message types:
Packet In : For all packets that do not have a matching row entry, a packet-in event may be sent to the controller
Flow removed
Port status
Error
11/27/2015Software Defined Networks and Open Flow Protocol
16
Synchronous
sent without solicitation, in either direction
Hello: Hello messages are exchanged between the switch and controller upon connection startup
Echo : used to measure the latency or bandwidth of a controller-switch connection, as well as verify its liveness
11/27/2015Software Defined Networks and Open Flow Protocol
17
Open Flow Channel Connection setup
Switch must be able to connect to a known IP via a user specified port
If IP is known – switch initiates a TLS or TCP connection to the controller
After connection is established each side should send a OFTP_Hello message with the version number
If version supported connection proceeds
Else – reply OFPT_Error with
with a type field of OFPET_HELLO_FAILED,
a code field of OFPHFC_COMPATIBLE, and
optionally an ASCII string explaining the situation in data,
And terminate the connection
11/27/2015Software Defined Networks and Open Flow Protocol
18
Connection Interruption
Switch may lose connection due to
Echo request timeout
TLS session timeout
Or other disconnections
Switch should contact one or more backup controllers – not specified in the protocol
Two modes
Fail Secure – packets and messages destined to current controller is dropped
Fail standalone – Switch act as a legacy Ethernet switch or router – processes all the packets by itself
11/27/2015Software Defined Networks and Open Flow Protocol
19
Encryption and Message Handling
Encryption
Communication through TLS connection
TLS initiated by switch during the startup
Controller and switch mutually authenticate using certificates
Controller Certificate
Switch Certificate
Message Handling
OFP provide reliable message delivery and processing
Does not provide automatic acknowledgements
11/27/2015Software Defined Networks and Open Flow Protocol
20
Benefits of Open flow SDN
Centralized control of multi-vendor environments
Reduced complexity through automation
Higher rate of innovation
Increased network reliability and security
More granular network control
Better user experience
11/27/2015Software Defined Networks and Open Flow Protocol
21
Summary
Current networks - less extensible
Solution - Software Defined Networking and Open Flow protocol
SDN – Emerging technology
Separates data and control planes
Makes the network control centralized
Network devices are only packet forwarding objects
11/27/2015Software Defined Networks and Open Flow Protocol
22
References
OpenFlow Switch Specication, Version 1.1.0 Implemented (Wire Protocol 0x02 ), February 28, 2011 – The Open Networking Foundation
Software-Defined Networking: The New Norm for Networks, ONF White Paper, April 13, 2012
Zanna, P.; Hosseini, S.; Radcliffe, P.; O'Neill, B., "The challenges of deploying a software defined network," in Telecommunication Networks and Applications Conference (ATNAC), 2014 Australasian , vol., no., pp.111-116, 26-28 Nov. 2014doi: 10.1109/ATNAC.2014.7020883URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7020883&isnumber=7020854
Jian-Quan Wang; Haijing Fu; Chang Cao, "Software defined networking for telecom operators: Architecture and applications," in Communications and Networking in China (CHINACOM), 2013 8th International ICST Conference on , vol., no., pp.828-833, 14-16 Aug. 2013doi: 10.1109/ChinaCom.2013.6694710 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6694710&isnumber=6694549
11/27/2015Software Defined Networks and Open Flow Protocol
23
11/27/2015Software Defined Networks and Open Flow Protocol
24