An overview of SDN & Openflow

Peyman Faizian – Feb 2015

2

Overview Current State in Networking What is SDN? SDN Abstractions SDN Architecture & Layers Cross-Layer Issues

3

STATE OF QUO IN NETWORKING Planes of functionality:

Management (Define the network policy) Control (Enforce the policy) Data (Execute the policy)

Control & data planes are tightly coupled− difficult to add new functionality

Decentralized structure Network resilience− Complex and Static Architecture

4

What is SDN?Network Architecture with four characteristics:

1. Control and data planes are decoupled2. Forwarding decisions are flow based instead

of destination based3. Control logic is moved to SDN controller or

Network Operating System4. Network is programmable through software

applications

5

SDN Abstractions What do we do when dealing with complex problems?

Decompose it to simpler problems Define an abstraction for each component

SDN Abstractions: Forwarding Distribution Specification

6

SDN Architecture

7

Layer 1: Infrastructure Switches, routers, … No embedded control software Include open and standard interfaces (e.g. OpenFlow, POF, …)

A data plane device is a hardware or software element specialized in packet forwarding based on a pipeline of flow tables

8

SDN Data Plane Devices

9

Layer 2: Southbound Interface APIs connecting and separating control and forwarding elements Openflow is the most widely accepted. Openflow provides three information sources for NOS:

Event-based messages when a port or link changes Flow statistics Packet-in messages when forwarding device doesn’t know what to do

10

Layer 4: Network Operating Systems

Operating System

CPU NetworkMemoryStorage

App

1

App

2

App

N

Operating System Model

11

Layer 4: Network Operating Systems

Network Operating System

Forwarding Device

Forwarding Device

Forwarding Device

Forwarding Device

Net

App

1

Net

App

2

Net

App

N

SDN Model

12

Types of SDN Controllers(NOSs) Existing controllers can be categorized based on many aspects

Centralized vs Distributed

Centralized Single point of failure Scaling limitations Can be highly parallelized to overcome above limitations

Distributed Scalable Fault tolerant May offer weak consistency

13

SDN Controller Parts

14

SDN Controller Parts: Core Services Topology Statistics Notifications and device management Shortest path forwarding Security mechanisms

15

SDN Controller Parts: South and Northbound Southbound:

Common interface for upper layers while allowing different southbound APIs Can be seen as device drivers

Northbound: Ad hoc APIs RESTful APIs File systems

16

SDN Controller Parts: West/Eastbound Only in distributed controllers import/export data between controllers algorithms for data consistency models monitoring/notification capabilities

17

Architecture and Design of SDN Controllers

18

Layer 5: Northbound Interfaces Mostly a software ecosystem Can be compared to POSIX standard in operating systems No de facto standard as of right now Each controller defines its own northbound APIs NOSIX is an attempt in this direction

19

Layer 7: Programming languages Current state in network programming languages:

Openflow : same as Assembly language Mimic hardware Too much low-level details No modular code No code reuse

Thus we are moving to higher level programming languages FatTire (functional): uses reg exp to describe network paths FML (dataflow, reactive): high level policy description language Procera (functional, reactive): high level abstractions to describe reactive and

temporal behaviors

20

Layer 8: Network Applications “Network brains” Implement control-logic which dictate the forwarding device behavior

Traffic engineering Routing, load balancing, scheduling, …

Mobility and wireless Interference management, wireless network modeling, …

Measurement and monitoring Measuring link utilization, traffic monitoring, …

Security Attack detection, access control, flow-rule enforcement

Data center networking Optimizing network utilization, predict application workloads, …

21

Cross-layer Issues Debugging and troubleshooting

Runtime debugging Ndb(same as gdb): breakpoints, watch, back-trace, …

Post-mortem analysis Record and replay network events

Testing and verification Verification

Connectivity, loop-freedom, access control Testing

Generate streams of packets and test as many events as possible

Simulation and emulation Mininet: prototype and evaluate SDN protocols and applications

22

Reference Software defined networking: A comprehensive survey; Diego Kreutz,

Fernando Ramos, Pauolo Verissimo, Christian Esteve Rothenberg, Siamak Azodolmolky, Steve Uhlig, Oct 2014.