SDN: SOFTWARE-DEFINED NETWORKING

Presented By: Ankita Mahajan

Introduction

Typical Data Center functioning

Enterprise Survey 2012: problems(% of respondents with N=280)

Networking Business challenges:Summarized: 1. Configuration: Adding or moving devices and

implementing network-wide policies is Overly complex, manual, time-consuming and risk service-disruption; discouraging network changes. VM-migration has challenged many aspects of n/wing

2. Scale: Link oversubscription to provision scalability is not effective with the dynamic traffic patterns in virtualized networks

3. Features: Slow to respond to business requests 4. Software: Too hard to deploy5. Packaging: Inflexible, difficult to scale.6. Reliability: Below expectations

SDN: Definition The physical separation of the network control plane

from the forwarding plane. Ability to directly program n/w operations using

ordinary languages, ordinary OS, ordinary computers.

Steps: Generalize the data path: OpenFlow Decouple Distribution model of control logic from

topology. Ex) Tightly coupled distributed servers for (Logically) centralized control plane(logical because of distributed computing. No single point of

failure)

Need for SDN in DCN/enterprise N/w:

Static Networks : Must respond dynamically based on Business Policy

Essential Applications: Must be developed within the network to deliver business results

Manual Policies: Must be automated to reduce personnel cost

Monolithic Network Services: Must dynamically scale independent of network devices

Limitations of current n/wComplexity that leads to stasis:

For example, to add or move any device, IT must touch multiple switches, routers, firewalls, Web authentication portals, etc. and update ACLs, VLANs, quality of services (QoS), and other protocol-based mechanisms using device-level management tools. In addition, network topology, vendor switch model, and software version all must be taken into account. Due to this complexity, today's networks are relatively static as IT seeks to minimize the risk of service disruption.

VM-migration hs challenged many aspects of n/wingfor voice, data, and video traffic existing networks can

provide differentiated QoS levels for different applications, the provisioning of those resources is highly manual.

..continued

Inconsistent policies: To implement a network-wide policy, IT may have to

configure thousands of devices and mechanisms. For example, every time a new virtual machine is

brought up, it can take hours, in some cases days, for IT to reconfigure ACLs across the entire network.

The complexity of today's networks makes it very difficult for IT to apply a consistent set of access, security, QoS, and other policies to increasingly mobile users, which leaves the enterprise vulnerable to security breaches, non-compliance with regulations, and other negative consequences.

..continued

Inability to scale  IT has relied on link oversubscription to scale

the network, based on predictable traffic patterns; however, in today's virtualized data centers, traffic patterns are incredibly dynamic and therefore unpredictable

Multi-tenancy further complicates carriers’ task, as the network must safely serve groups of users with different applications and different performance needs.

..continued

Vendor dependence: Carriers and enterprises seek to deploy

new capabilities and services in rapid response to changing business needs or user demands.

Lack of common standard, open interfaces limits the ability of network operators to tailor the network to their individual environments.

Computing Trends Driving N/w Change:The static architecture of conventional networks is ill-suited to the dynamic computing and storage needs of today’s data centers, campuses, and carrier environments.

Key Computing trends driving change:

Changing traffic patterns: Applications that commonly access geographically distributed databases and servers through cloud require extremely flexible traffic mngmnt and access to bandwidth on demand.

The rise of cloud services: Users expect on-demand access to applications, infrastructure, and other IT resources. Cloud needs an environment of increased security, compliance, and auditing requirements, along with business reorganizations, consolidations, and mergers that can change assumptions overnight

“Big data” means more bandwidth: Handling today’s mega datasets requires massive parallel processing that is fuelling a constant demand for additional capacity and any-to-any connectivity

The "consumerization of IT": Users are increasingly employing mobile personal devices to access the corporate network. Require smart and secure connections.

SDN: Future of Networking

Sw

itchi

ng

Har

dwar

e

SD

N

Controller

• Easy to scale and manage• Programmable to meet application needs in real time• Open standards based programmable n/w elements.• Presents Network As A Service (NAAS) and Network

As An Infrastructure (NAAI)

OpenFlow

Secure channel

SDN: Simple, scalable N/w Mgmt

Standard based homogenous network 1 touch point(SDN Controller) vs 1000s of touch points(Nw elements) Each element has same configuration, mgmnt and control interface Automated configuration, management and control of the network

Greatly reduce OPEX cost of the network Greatly reduce network management complexity Greatly reduce network downtime

Single touch point

SDN: Smarter Network for Large Scale Deployment

Abstractions of SDN

Data /Forwarding: Interface inside forwarding Hardware

Control /State-Distribution: Single state-distribution algo calculates routes centrally in control

Management abstraction: Logical appearance of n/w. N/w can be managed as a single switch rather than managing multiple switches independently.

Shift from Hardware to SoftwareFacilitators of SDN today: What made SDN possible: ASICs/FGPAs CPU H/W S/w Engineering and Distributed Computing

Capabilities: Global view of n/w: wire once, program as per business need. What if I need to modify the quality of the search signal I want? What if I want more bandwidth for a minute, an hour, a day or month? What if I want an application to request it automatically, not an IT manager logging

into a portal saying please give me more capacity? Thus, SDN is a part of the self-healing qualities of its network Basically the ability to request more bandwidth automatically: "I am an application and I want to move from here to there and I don’t always want to

pay for a large pipe all the time, I want to apply it only when I use it. The pay-by-use model is what SDN enables”

No. of RFCs = 6K => 6K protocols Instead of protocols coded in proprietary OS on a router, Control plane has programs

of the complete bucket of protocols and it can program all the machines with the required protocol at any time.

SDN: Virtualizing the network

SDN: Cloud Multi Tenancy

Network as a Service (NaS)

SDN Application examplesFlow table fields are based on standard fields of Merchant silica or ASICs. Multicasting is trivial with this: direct programming of

these switches. Setting service priority dynamically. Load balancing and firewall can be a s/w model written

in APIs in N/w OS. Mobile service provider Carrier Public/private cloud Financial services: multiple separate infra to prevent

cross-mandating, security, etc => redundancy.

OpenFlow (SouthBound API)

(v)Switches

Controller

(v)Switches (v)Switches

Applications

North bound API

South bound API

Generic primitives that sit on top of (v)switches, designed to match well with ASICS/merchant silicon

(ports)

(drop)

Using switch’s non-openFlow logic

Google’s WAN

All Google’s inter-DC traffic is routed through openflow based traffic engineering model.

Normal 10GigE switches are deployed. No s/w on routers, not even CLI, just openflow.

All other s/w in controller. Servers follow normal IS-IS, BGP protocols

Challenges: controller shouldn’t be the single point of failure:

Master controller, redundant controllers, and tightly coupled distributed controllers were used

Google SDN-WAN Advantages: increased Utilization & Availability: Compute best path for each flow. QoS Guarantee Acceptable Stability Unified view of the network fabric simplifies config, mngmnt, provisioning. Easy to tweak the n/w since s/w provides ability to undo quickly. Time to fix bugs is much less

Simulate topology, scale, n/w, by directing the monitoring s/w to the simulated n/w before actually deploying it.

s/w testing & Bug detection is easy since simulation done before hand. Simple updates: Earlier update done on each m/c, now only controller

servers. Reduced update traffic. In Conventional setup, each box has different complicated stacks behaving differently to new changes.

Fault tolerant. Fast recovery from link failure: the first node to detect failure simply sends

one msg to controller, instead of flooding other routers OSPF takes time to spread link failure info. Link State Detection isn’t always deterministic

Google SDN-WAN challenges The OpenFlow protocol is in its infancy and is bare

bones. However, it is good enough for many nw apps like google’s

To provide Fault tolerant OpenFlow controllers , multiple OpenFlow controllers must be provisioned. This requires handling master election and partitions between the controllers.

Partitioning functionality It is not very clear what functionality should reside in the network devices and what should reside in external controllers.

Flow programming: For large networks, programming of individual flows can take a long time.

Advantages of OpenFlow Centralized management and control of networking devices

from multiple vendors; Improved automation and management by using common

APIs to abstract the underlying networking details from the orchestration and provisioning systems and applications;

Rapid innovation (in each decoupled layer) through the ability to deliver new network capabilities and services without the need to configure individual devices or wait for vendor releases;

Programmability by operators, enterprises, independent software vendors, and users (not just equipment manufacturers) using common programming environments, which gives all parties new opportunities to drive revenue and differentiation;

Lower Capex and Opex for Data and Control plane.

..continued Increased network reliability and security as a result of

centralized and automated management of network devices, uniform policy enforcement, and fewer configuration errors;

Faster time to market/deployment Better and more rigorous testing is done ahead of rollout accelerating deployment and only the features needed are developed

More granular network control with the ability to apply comprehensive and wide-ranging policies at the session, user, device, and application levels;

Better end-user experience as applications exploit centralized network-state information to seamlessly adapt network behaviour to user needs.

Interoperability: Choice of gear from multiple vendors.

Conclusion: SDN principles

References for this ppt1. https://

www.opennetworking.org/sdn-resources/sdn-definition

2. https://www.opennetworking.org/sdn-resources/sdn-library/whitepapers/816-software-defined-networking-the-new-norm-for-networks

3. http://www.techcentral.ie/22261/software-defined-networking

4. SDN Approach to Large Scale Global Data Centers: Rakesh Saha, IBM & Amit Agarwal, Google

5. Decoding SDN: Bob Muglia, Executive VP, S/w Soln division, Juniper N/w

6. https://www.youtube.com/watch?v=CMtuAsm5ApA

…Continue

References continued…

7. https://www.opennetworking.org/sdn-resources/sdn-library/whitepapers

8. https://www.youtube.com/watch?v=4Cb91JT-Xb4

9. http://www.quora.com/Software-defined-Networking

10. http://www.youtube.com/watch?v=5-pLO4MZU3o#t=197

11. http://en.wikipedia.org/wiki/Network_operating_system

12. http://www.sdncentral.com/sdn-document-library/

13. http://www.youtube.com/watch?v=PAtPRXZlvYE