sdn & nfv overview · 8/1/2019 · sample nfv value prepositions. open innovation create...
TRANSCRIPT
SDN & NFV OVERVIEW
Stanford University – Clean Slate Project“…explore what kind of Internet we would design if we were to start with a
clean slate and 20-30 years of hindsight.”http://cleanslate.stanford.edu
With SDN, ControlPlane is separatedfrom the physicaldevice
NOT ALL PROCESSING HAPPENS INSIDE DEVICE
In “traditional” networkControl Plane and DataPlane reside in thesame physical device
Over the years…“Traditional” network paradigm
has remained mostly intact…
$1.05 Billion Cash$1.05 Billion Cash+ $210 Million in stock+ $210 Million in stock
++
WHY?WHY?
Urs Holzle, Senior Vice President of Technology Infrastructure at Googlespeaking in a keynote at the
second annual Open Networking Summit (April 2012)
http://www.eetimes.com/electronics-news/4371179/Google-describes-its-OpenFlow-network
What is SDN?(per Wikipedia definition)
Software defined networking (SDN) is an approach tocomputer networking that allows network administrators tomanage network services through abstraction of lower-level
functionality
FOUR PARTS OF OPENFLOW• Controller – resides on a server
and provides control planefunction for the network
• OpenFlow Agent – resides on anetwork devices and fulfillrequests from the Controller
• Northbound APIs – enableapplications to interface withthe Controller
• OpenFlow Protocol – the Layer2 protocol that the Controllerand Agents use tocommunicate
• Controller – resides on a serverand provides control planefunction for the network
• OpenFlow Agent – resides on anetwork devices and fulfillrequests from the Controller
• Northbound APIs – enableapplications to interface withthe Controller
• OpenFlow Protocol – the Layer2 protocol that the Controllerand Agents use tocommunicate
OPENFLOW PROCESSING PIPELINE
Table 0 Table 1 Table nExecuteActionSet
Ingress Port Packet+Ingress Port +Metadata
Action Set {} Action Set
…Packet
Action Set
Packet INPacket OUT
CONTROLLER
OF 1.1 and beyond model(multiple lookups)
OF 1.0 model(single lookup)
Action Set {} Action Set
Packet IN Packet OUT
Packet DROP
SingleTable
Source: OpenFlow 1.3.2 specification, figure 2
ONF Board Members
Deutsche Telekom : Facebook :Goldman Sachs : YahooGoogle : Microsoft : NTT
Communications : Verizon
Application Frameworks, Management Systems, Controllers, ...Application Frameworks, Management Systems, Controllers, ...
Orchestration
Management
…
…
OpenFlow OpenStack PuppetC/Java
Puppet
Neutron
ProtocolsPython NETCONF REST ACI Fabric
RESTfulRESTful
OPENFLOW IS NOT THE ONLY ONE
Forwarding
Control
Network Services
Orchestration
OpenFlow
Network OperatingNetwork Operating SystemsSystems –– IOS / NXIOS / NX--OS / IOSOS / IOS--XR / OthersXR / OthersAPIAPI and Dataand Data ModelsModels
Neutron
“Protocols”BGP, PCEP,...
OpFlex
YANG JSON
ControllerController
Applications
Vendor-specific APIs
2a Pure SDNApplications
Virtual SwitchVirtual SwitchOverlaysOverlays
Vendor-specific APIs
3 Overlays Networks
Vendor-specific APIs
Applications
1 Programmable APIs
ControllerController
Applications
Vendor-specific APIs
2b Hybrid SDN
Applications(Network Mgmt,Monitoring, …)
NETWORK PROGRAMMABILITY OPTIONS
Data PlaneData Plane
OpenFlow,PCEP,I2RS,Netconf
VendorSpecific(e.g. onePK,Nexus API)
OverlayProtocols(e.g. VXLAN)
Control PlaneControl Plane
Data PlaneData PlaneOverlaysOverlays
Control PlaneControl Plane
Data PlaneData Plane
VendorSpecific(e.g. onePK,Nexus API)
Data PlaneData Plane
OpenFlow,PCEP,I2RS,Netconf
Control PlaneControl Plane
VendorSpecific(e.g. onePK,Nexus API)
Control PlaneControl Plane
Data PlaneData Plane
CLI,SNMP,Netflow,…
Logical “switch” devices overlay thephysical network
OVERLAY 101
Underlying physical network carries datatraffic for overlay network
They define their own topology
NETWORK FUNCTION VIRTUALIZATION (NFV)
NAT
VM
Firewall
VM
SBC
VM
dDOS
VM
Virus Scan
VM
IPS
VM
DPI
VM
CGN
VM
From specialized hardwareto common hardware
Service provisioningfrom days to minutes
Portal
VM
PCRF
VM
DNS
VM
DHCP
VM
BRAS
VM
SDN Ctrl.
VM
RaaS
VM
WLC
VM
WAAS
VM
CDN
VM
Caching
VM
NMS
VM
From cabling to service chaining
Simple logistics & sparing
Dynamic & elastic scale
Seamless integration withPhysical network
• e.g. IPv6/v4, MPLS, VPNs, Optical• High throughput / BW• Stateless functions• Mostly predictable traffic• Many flows needing isolation, significant traffic
management needed• Interface-specific functions (2-stage forwarding)
NetworkForwarding (L0-
3)
Better fit for NPU
ComputeBandwidth
VIRTUALIZING NETWORK FUNCTIONSX86 VS. CUSTOM CPU
• e.g. DPI, FW, CGN, BNG, Mobility S/PGW, AAA, DNS,DDOS
• Low to Med Throughput• Stateful functions• Unpredictable traffic• # of flows (traffic management) – varies• No interface-specific functions
NetworkServices
(L4+)
Better fit for x86(Virtualization)
ComputeBandwidth
CP
U, G
B, b
ps
Traditional Physical CPE Virtual CPE as NFV Use Case
CP
U, G
B, b
ps
SAMPLE NFV VALUE PREPOSITIONS
CP
U, G
B, b
ps
CP
U, G
B, b
ps
Open InnovationCreate competitive supply of innovative applications
by third parties
Network Function VirtualizationNetwork functions and software runningon any open standards-based hardware.Reduce CAPEX, OPEX, power and space
OpenInnovation
NewService
SDN, NFV AND OPEN INNOVATION
Orchestration for automation, provisioning andinterworking of physical and virtual resource.
Enable new service innovation from Weeksand Months to Minutes and Days
Software Defined NetworkSeparation of control and data plane. Create
network abstraction for faster innovation
Network Function VirtualizationNetwork functions and software runningon any open standards-based hardware.Reduce CAPEX, OPEX, power and space
NFVSDNNew
Service
Open Source
Linux Foundation
Collaboration
OPENDAYLIGHT (ODL)
Collaboration
Network-Function Virtualization (NFV)
Software-Defined Networking (SDN)
Innovation
WHAT IS PROJECT DAYLIGHT?• …an open source project formed by industry leaders and others under the
Linux Foundation with the mutual goal of furthering the adoption andinnovation of Software Defined Networking (SDN) through the creation of acommon vendor supported framework.
• Focus: Customers with some programming resources that desire afree, community-supported SDN controller
• …an open source project formed by industry leaders and others under theLinux Foundation with the mutual goal of furthering the adoption andinnovation of Software Defined Networking (SDN) through the creation of acommon vendor supported framework.
• Focus: Customers with some programming resources that desire afree, community-supported SDN controller
PlatinumPlatinum GoldGold SilverSilver
OPENDAYLIGHT SDN PLATFORM
OpenFlow-enableddevices that areconfigured to thiscontrollerautomatically showup in the topology
Community Support Cisco® Supported“Helium” Open SDN Controller
Defense4all
OpenContrailPlug-in
LISP FlowMapping
LogsMetrics
OVADistribution
One-Click InstallBGP-LS
MD-SAL
BasicClustering
AAA
Group Policy
DLUX
VENDORS BUILD ODL-BASED PLATFORM
Common Content IncrementalCiscoValue
PrecludedOpenDaylight
Content
SDNi
Defense4all
PacketCablePCMM
VTN Project
SNMP4SDN
AD-SAL
Monitoring
Central Mgmtand Admin
One-Click Install
Plug-in Clustering
Secure NetworkBootstrap Infra
Developer Support
PCEP
BasicClustering
L2 Switch
OpenFlowPlug-in
OVSDB
Controller
Service FunctionChaining
YANG Tools
CISCO OPEN SDN CONTROLLER
Preinstalled Apps• BGPLS Manager - Visualizes
network topology from BGPdatabase
• Inventory – AugmentedOpenDaylight “nodes” appidentifies all connected devices
• (YANG) Model Explorer –Exposes system models andpreviews JSON API body
• OpenFlow Manager – Manages,visualizes, and troubleshootsflows + previews JSON API body
• PCEP Manager – Creates,modifies, and deletes MPLS LSPs
Centralized OA&M• Robust
user, application, andfeature administration
• Status monitoring;system, cluster, node
• Event logging
• Real-timeCPU, memory, disk, heapsize, load, and networkutilization metrics
SDN APPLICATIONS AS DISTINGUISHER
• BGPLS Manager - Visualizesnetwork topology from BGPdatabase
• Inventory – AugmentedOpenDaylight “nodes” appidentifies all connected devices
• (YANG) Model Explorer –Exposes system models andpreviews JSON API body
• OpenFlow Manager – Manages,visualizes, and troubleshootsflows + previews JSON API body
• PCEP Manager – Creates,modifies, and deletes MPLS LSPs
• Robustuser, application, andfeature administration
• Status monitoring;system, cluster, node
• Event logging
• Real-timeCPU, memory, disk, heapsize, load, and networkutilization metrics“One-Click” Install
• VMware ESXi and OracleVirtual Box hypervisor ready
Virtualized NetworkFunction, actual NFapplication (ex. vFR,
vCPE,vLB)
Virtualized NetworkFunction, actual NFapplication (ex. vFR,
vCPE,vLB)
Traditional ElementManager
Traditional ElementManager
Lifecycle mgmt for VFNs(upgrade, scale, termina
tion, etc.)
Lifecycle mgmt for VFNs(upgrade, scale, termina
tion, etc.)
Orchestration of overallsolution
Orchestration of overallsolutionDeployment
templates, forwardinggraph, service-related
information
Deploymenttemplates, forwardinggraph, service-related
information
OSS(CMDB, Montoring, Alarming,
IPAM/DNS/DHCP)BSS (CRM, Billing, Order
Mgmt)
OSS(CMDB, Montoring, Alarming,
IPAM/DNS/DHCP)BSS (CRM, Billing, Order
Mgmt)
ETSI NFV REFERENCE ARCHITECTURE
(MANO)
Virtualized NetworkFunction, actual NFapplication (ex. vFR,
vCPE,vLB)
Virtualized NetworkFunction, actual NFapplication (ex. vFR,
vCPE,vLB)
Virtualisation layer,Server (hypervisor),Network, Storage
Virtualisation layer,Server (hypervisor),Network, Storage
PhysicalhardwarePhysical
hardware
ResourceMgr, Operations
ResourceMgr, Operations
Lifecycle mgmt for VFNs(upgrade, scale, termina
tion, etc.)
Lifecycle mgmt for VFNs(upgrade, scale, termina
tion, etc.)
SAMPLE PRODUCTS MAPPED TO ETSI NFV
VNF Manager
Service, VNF andInfrastructure
Description
Service Catalog
Cisco Network Services Orchestrator (Based on Tail-F NCS)
SP’s ExistingOSS/Catalog
NFVOrchestrator
OpenStack HeatCisco VNF Manager
REST API
Service Lifecycle Management(ESC)
Service Lifecycle Management(ESC)
VMware BigSwitch
VNF Manager
VNF Library (sample list)
OpenStack
CSR1kvCSR1kvCSR1kv
NFF3rd Party
vNFASAvASAvASAv
QvPC SIQvPC SIvWAAS
QvPC DIQvPC DIvWSA
Virtual Infra.Managers (VIM)
Service Lifecycle Management Service Provisioning
ODLCisco APIC, VTC
(Compute and Storage VIMs)
OpenStack Heat
VirtualNetwork
(Network VIMs)
Service Lifecycle Management(ESC)
Service Lifecycle Management(ESC)
OVSOVS
Cisco VTF, VPP, AVS
Openstack is an IAAS (Infrastructure As AService) cloud computing project
It is also referred to as a Cloud Operating System
“…provides a means to control (administer)compute, storage, network and virtualization technologies…”
OPENSTACK TO MANAGE IAAS
OVERLAY NETWORK WITH VIRTUAL SWITCH
VXLAN TUNNELS CONNECT VIRTUAL MACHINES
Neutron is used to helpmanage the overlay(virtual) networks
This is one linkagebetween
SDN and OpenStack
VXLAN TUNNEL FROM HARDWARE SWITCH
Local LANSegment
Local LANSegment
VTEPVTEP VTEPVTEP
VVEncapsulatio
nEncapsulatio
n
Local LANSegment
PhysicalHost
Local LANSegment
PhysicalHostVTEPVTEP V
Encapsulation
Encapsulation
VirtualHosts
Local LANSegment
VirtualSwitch
VTEP – VXLAN Tunnel End-PointVNI/VNID – VXLAN Network Identifier
VXLAN EXTENDS VLAN FROM 4K TO 16M
• Traditionally VLAN space is expressedover 12 bits (802.1Q tag)
– Limits the maximum number ofsegments in a Data Center to 4096VLANs
• VXLAN leverages the VNI field with atotal address space of 24 bits
– Support of ~16M segments• Segment-ID (VNI) is part of the VXLAN
header and supported in Hardware byvarious Router and Switch products
Cisco DFAFrame
• Traditionally VLAN space is expressedover 12 bits (802.1Q tag)
– Limits the maximum number ofsegments in a Data Center to 4096VLANs
• VXLAN leverages the VNI field with atotal address space of 24 bits
– Support of ~16M segments• Segment-ID (VNI) is part of the VXLAN
header and supported in Hardware byvarious Router and Switch products
VXLANFrame
Classical Ethernet Frame
CRC(new)
VxLAN(8)
UDP(8)
IP(20)
Original CE Frame50 bytes
OuterMAC(14)
VNI
DMAC SMAC 802.1Q Etype CRCPayload
DMAC SMAC 802.1Qoptional Etype Payload
ags
8 bits 24 bits 8 bits24 bits
Reserved ReservedVNI
Segment-IDSegment-ID = VNIVNI
VTEP PEER DISCOVERY & ADDRESS LEARNINGUsing Multicast Flood & Learn #1
V1
MAC VNI VTEP
MAC_A 30000 E1/12
MAC VNI VTEP
MAC_B 30000 E1/4
MAC_A 30000 V1
V2
31
ARP Request for IP_BSrc MAC: MAC_ADst MAC: FF:FF:FF:FF:FF:FF
3
ARP Request for IP_BSrc MAC: MAC_ADst MAC: FF:FF:FF:FF:FF:FF
MAC VNI VTEP
MAC_B 30000 E1/4
V3
Und
erla
y
SIP: IP_V1DIP: 239.1.1.1SIP: IP_V1DIP: 239.1.1.1
SMAC: MAC_V1DMAC: 00:01:5E:01:01:01SMAC: MAC_V1DMAC: 00:01:5E:01:01:01
UDPUDP
VXLAN VNID: 30000VXLAN VNID: 30000
ARP RequestARP Request
SMAC: MAC_ADMAC: FF:FF:FF:FF:FF:FFSMAC: MAC_ADMAC: FF:FF:FF:FF:FF:FF
Ove
rlay
2
Host BMAC_B / IP_B
Virtual Switch
ARP Request for IP_BSrc MAC: MAC_ADst MAC: FF:FF:FF:FF:FF:FF4
MAC VNI VTEP
MAC_C 30000 E1/8
MAC_A 30000 V1
3
Host AMAC_A / IP_A
1
Host CMAC_C / IP_C
4MAC VNI VTEP
MAC_C 30000 E1/8
VTEP PEER DISCOVERY & ADDRESS LEARNINGUsing Multicast Flood & Learn #2
ARP Response from IP_BSrc MAC: MAC_BDst MAC: MAC_A
MAC VNI VTEP
MAC_B 30000 E1/4
MAC_A 30000 V1
MAC VNI VTEP
MAC_A 30000 E1/12
MAC_B 30000 V2
ARP Response for IP_BSrc MAC: MAC_BDst MAC: MAC_A
7
V2V1
MAC VNI VTEP
MAC_A 30000 E1/12
Host AMAC_A / IP_A Host B
MAC_B / IP_BV3
57
Und
erla
y
SIP: IP_V2DIP: IP_V1SIP: IP_V2DIP: IP_V1
SMAC: hop-by-hopDMAC: MAC_V2SMAC: hop-by-hopDMAC: MAC_V2
UDPUDP
VXLAN VNID: 30000VXLAN VNID: 30000
ARP ResponseARP Response
SMAC: MAC_BDMAC: MAC_ASMAC: MAC_BDMAC: MAC_A
Ove
rlay
6
PROTOCOL LEARNING & DISTRIBUTIONUsing VXLAN EVPN #1
RR RR
V2V1 1
1
1
Host AMAC_A / IP_A Host B
MAC_B / IP_B
Virtual Switch
Host CMAC_C / IP_C
Host YMAC_Y / IP_Y
V3
1 VTEPs advertise Host Routes (IP+MAC)for the Host within the Control-Plane
PROTOCOL LEARNING & DISTRIBUTIONUsing VXLAN EVPN #2
RR RR
V2V1
22
2
MAC, IP VNI VTEP
MAC_A, IP_A 30000 V1
MAC_C, IP_C 30000 V3
MAC_Y, IP_Y 30001 V3
3 3
MAC, IP VNI VTEP
MAC_B, IP_B 30000 V2
MAC_C, IP_C 30000 V3
MAC_Y, IP_Y 30001 V3
Host AMAC_A / IP_A Host B
MAC_B / IP_B
Virtual Switch
Host CMAC_C / IP_C
Host YMAC_Y / IP_Y
V3
2 BGP propagates routes forThe Host to all other VTEPs
MAC, IP VNI VTEP
MAC_A, IP_A 30000 V1
MAC_B, IP_B 30000 V2
3 VTEPs obtain host routes forremote hosts and install in RIB/FIB
3
VXLAN PACKET FORWARDINGOnce Peer & Address Learning is Done
RR RRMAC, IP VNI VTEP
MAC_B, IP_B 30000 E1/4
MAC_A, IP_A 30000 V1
MAC, IP VNI VTEP
MAC_A, IP_A 30000 E1/12
MAC_B, IP_B 30000 V2
SIP: IP_ADIP: IP_BSIP: IP_ADIP: IP_B
SMAC: MAC_ADMAC: MAC_BSMAC: MAC_ADMAC: MAC_B
1SIP: IP_ADIP: IP_BSIP: IP_ADIP: IP_B
SMAC: MAC_ADMAC: MAC_BSMAC: MAC_ADMAC: MAC_B
V2V1
Host AMAC_A / IP_A Host B
MAC_B / IP_B
4
SIP: IP_ADIP: IP_B
1SIP: IP_ADIP: IP_BSIP: IP_ADIP: IP_B
Und
erla
y
SIP: IP_V1DIP: IP_V2SIP: IP_V1DIP: IP_V2
SMAC: MAC_V1DMAC: hop-by-hopSMAC: MAC_V1DMAC: hop-by-hop
UDPUDP
VXLAN VNID: 30000VXLAN VNID: 30000
SMAC: MAC_ADMAC: MAC_BSMAC: MAC_ADMAC: MAC_B
SIP: IP_ADIP: IP_BSIP: IP_ADIP: IP_B
Ove
rlay
2
SIP: IP_V1DIP: IP_V2SIP: IP_V1DIP: IP_V2
SMAC: hop-by-hopDMAC: MAC_V2SMAC: hop-by-hopDMAC: MAC_V2
Und
erla
y
VXLAN VNID: 30000VXLAN VNID: 30000
SMAC: MAC_ADMAC: MAC_BSMAC: MAC_ADMAC: MAC_B
SIP: IP_ADIP: IP_BSIP: IP_ADIP: IP_B
UDPUDP
Ove
rlay
3
V3
Management &Orchestration(ETSI NFV MANO)
ServicesConsumptions
SDN & NFVSolutions
Business Outcomes
Cloud VPN/VMS, vCPE, vEPC
User Web Portal, AdminPortal, Ticketing System,Billing/BSS, UCS Director
BigThree
Cisco NSOVNF Manager:
Elastic Controller
OSS/Management
UnderlayTechnologies
Virtualization& Overlay(include VNFs)
VIM andOverlay/SDNControllers(Network VIM)
Compute: Physical(servers), Linux OS
Network: Physical (Routers &Switches), Routing, Switching,Network Device OS/Firmware
Storage: Physical(disks), OS, FCOE
ComputeVirtualization:
Hypervisor (KVM)
Network Virtualization:VXLAN, OpenFlow, MPL
S, EVPN, OVSDB
StorageVirtualization:CEPH, Swift
VTSVTS
THANK YOU