toward transitional sdn deployment in enterprise networks › ct › stefan › ons13slides.pdf ·...

29
Toward Transitional SDN Deployment in Enterprise Networks Marco Canini with Dan Levin, Stefan Schmid, Anja Feldmann TU Berlin / Telekom Innovation Labs

Upload: others

Post on 28-May-2020

12 views

Category:

Documents


0 download

TRANSCRIPT

Toward Transitional SDN Deployment in Enterprise Networks

Marco Canini

with Dan Levin, Stefan Schmid, Anja Feldmann

TU Berlin / Telekom Innovation Labs

I

Motivation

GOAL: Help SDN succeed!

♥ SDN

The SDN Deployment Problem

A real large-scale campus network

Full SDN

Must upgrade to SDN incrementally

Key Questions

• How can we incrementally deploy SDN into enterprise campus networks?

• Can we reap the benefits of SDN with partial deployment?

Current Transitional Networks

Dual-stack approach

SDN Platform

Legacy Mgmt ?

Current Transitional Networks

Dual-stack approach Edge-only approach

SDN Platform

Legacy Mgmt ?

Legacy

Mgmt

SDN Platform

App

1

App

2

App

3

Where the heck is the edge?

TOOL Determine the partial

SDN deployment

PANOPTICON

SDN ARCHITECTURE Operate the network as

a (nearly) full SDN

The Existing Network

1. Planning the SDN Deployment

A

B

C

D

E

F

Network architect provides set of

ingress ports to be controlled via SDN

Optimized partial SDN deployment

Tunable parameters • Port priorities • Price model • Utilization thresholds

(link utilization, VLANs, etc.)

Network topology

Cost-aware optimizer

Objectives • Upgrade budget • Path delay

Traffic estimates

TOOL

The Partial SDN Deployment ( )

A

B

C

D

E

F

Benefits of Partial SDN Deployment?

A

B

C

D

E

F

Harvest unutilized network capacity

A

B

C

D

E

F

Main benefits of SDN =

Principled orchestration of the network policy

Can partial SDN deployment still take advantage of the principled orchestration of the network policy

2. Realizing the Benefits of SDN

A

B

C

D

E

F Access control

Insight #1: ≥ 1 SDN switch

Policy enforcement

IDS

Middlebox traversal

2. Realizing the Benefits of SDN

A

B

C

D

E

F

Traffic load-balancing

Insight #2: ≥ 2 SDN switch

Fine-grained control

SDN Waypoint Enforcement

Insight #1: ≥ 1 SDN switch

Policy enforcement

Insight #2: ≥ 2 SDN switch

Fine-grained control

Must isolate traffic across legacy devices

Ensure that all traffic to/from an SDN-controlled port always

traverses at least one SDN switch

A

B

C

D

E

F

Conceptually group SDN ports in Cell Blocks

The SDN Architecture PANOPTICON

Isolate traffic to Solitary Confinement Trees

A

B

C

D

E

F Per-port spanning trees ensure waypoint enforcement while providing traffic isolation

The SDN Architecture PANOPTICON

A

B

C

D

E

F

PANOPTICON

B C D E F

A

“Logical SDN”

“Logical SDN”

PANOPTICON

SDN Platform

App 1

App 2

App 3

B C D E F

A

PANOPTICON provides the abstraction of a fully-deployed SDN in a partially upgraded network

Results Highlights

• Evaluated a large campus network (1713 switches)

• 5 SDN distribution switches (1.2%)

– SDN-controlled > 80% of network end-points

Results Highlights

• Evaluated a large campus network (1713 switches)

• 5 SDN distribution switches (1.2%)

– SDN-controlled > 80% of network end-points

• 6% of upgraded distribution switches

– 100% SDN-controlled

– avg. path stretch < 50%

– max. link util. < 70%

PANOPTICON

SDN Platform

App 1

App 2

App 3

B C D E F

A

TOOL Determine the partial

SDN deployment

SDN ARCHITECTURE Operate the network as

a (nearly) full SDN

Summary

The Collaborators

Anja Feldmann Stefan Schmid Dan Levin

PANOPTICON

SDN Platform

App 1

App 2

App 3

B C D E F

A

Thank you! Questions?

• Rigorously planned partial SDN deployment – Cost-aware optimization framework that plans for

operational objectives

• SDN architecture for operating transitional

networks – Exposes the abstraction (and the benefits) of a nearly

fully-deployed SDN

PANOPTICON Demo at ONS. Come and see us!

[IN DEMO AT ONS!]