Uploaded byopenflow
PPT, PDF33,747 views

OpenFlow tutorial

The document discusses software-defined networking (SDN) and OpenFlow, including: 1) OpenFlow allows the control logic to be separated from the forwarding hardware by defining an open interface between the two. This enables more flexible and programmable networks. 2) OpenFlow works by defining flows that match packets and actions that are applied to the matched packets. The flows are populated and managed by an external controller through the OpenFlow protocol. 3) OpenFlow is being deployed in over 100 organizations and is enabling network innovation through its programmable and customizable nature.

Technology
In this document
Powered by AI
See More

Introduction to OpenFlow and Software-defined Networking by Srini Seetharaman, outlining the discussion.

Discusses the ossification of networks, highlighting the barriers like complexity, power consumption, and outdated mentality.

Identifies gaps in current tools for networking, noting inadequate performance and scalability across various technologies.

Describes the closed nature of current internet infrastructure dominated by specialized hardware and lack of innovation.

Introduces SDN as a method to open infrastructure through a unified software-based approach.

Details essential features of SDN, including the necessity for an open interface and well-defined APIs.

Explains the basic operation of OpenFlow and its components.

Illustrates the architecture of OpenFlow switching, showing data paths and control paths.

Details the usage and configuration of OpenFlow switches, including flow table mechanics.

Examines how OpenFlow balances vendor hardware speed and flexibility of software.

Examples of OpenFlow in action, focusing on flow switching and routing techniques.

Explains centralized vs. distributed control models and their implications in OpenFlow.

Analyzes flow routing vs. aggregation, and reactive vs. proactive handling of flows.

Illustrates various applications and scenarios where OpenFlow can be implemented.

Interactive quiz questions designed to test understanding of OpenFlow principles and functionalities.

Discusses what OpenFlow version 1.0 can’t do, and future enhancements in subsequent versions.

Overview of existing OpenFlow implementations including switch and controller options.

Details on commercial vendors offering SDN hardware and operational capabilities.

Examines differences in the approaches taken by various controller vendors in the market.

Discusses the growing interest and participation in OpenFlow from diverse stakeholders.

Describes the virtualization layer in OpenFlow and its significance for network slicing.

Introduces different virtualization methods within OpenFlow and their implementation.

Details management and orchestration capabilities provided by FlowSpace in OpenFlow.

Presents a use case scenario for implementing OpenFlow in a Content Delivery Network.

Summarization of findings and a perspective on the evolution of Software-defined Networking.

Credits the contributors who assisted in providing content for the tutorial.

Embed presentation

Downloaded 2,176 times
OpenFlow/Software-defined Networking Nov, 2011 Srini Seetharaman Tech Lead, SDN Deutsche Telekom Innovation Center
The Ossified Network 6000+ RFCs Barrier to entry Bloated Power Hungry Many complex functions baked into the infrastructure OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, MPLS, redundant layers, … An industry with a “mainframe-mentality”, reluctant to change Million of lines of source code Billions of gates Specialized Packet Forwarding Hardware Operating System Feature Feature Routing, management, mobility management, access control, VPNs, …
Open Systems gap in the tool space none have all the desired attributes! Performance Fidelity Scale Real User Traffic? Complexity Open Simulation medium medium no medium yes Emulation medium low no medium yes Software Switches poor low yes medium yes NetFPGA high low yes high yes Network Processors high medium yes high yes Vendor Switches high high yes low no
Current Internet Closed to Innovations in the Infrastructure Closed Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App
“ Software Defined Networking” approach to open it Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App Network Operating System App App App
The “Software-defined Network” App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware App App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source
How does OpenFlow work?
Ethernet Switch
Data Path (Hardware) Control Path Control Path (Software)
Data Path (Hardware) Control Path OpenFlow OpenFlow Controller OpenFlow Protocol (SSL/TCP)
OpenFlow usage Controller OpenFlow Switch OpenFlow Switch OpenFlow Switch Alice’s code Decision? OpenFlow Protocol OpenFlow offloads control intelligence to a remote software PC Alice’s Rule Alice’s Rule Alice’s Rule
Controller PC Hardware Layer Software Layer Flow Table OpenFlow Client port 4 port 3 port 2 port 1 1.2.3.4 5.6.7.8 OpenFlow Example MAC src MAC dst IP Src IP Dst TCP sport TCP dport Action * * 5.6.7.8 * * * port 1
OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action Stats Forward packet to zero or more ports Encapsulate and forward to controller Send to normal processing pipeline Modify Fields Any extensions you add! + mask what fields to match Packet + byte counters VLAN pcp IP ToS
OpenFlow: a pragmatic compromise + Speed, scale, fidelity of vendor hardware + Flexibility and control of software and simulation Vendors don’t need to expose implementation Leverages hardware inside most switches today (ACL tables)
Examples Switching * * 00:1f:.. * * * * * * * port6 Flow Switching port3 00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6 Firewall * * * * * * * * * 22 drop Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
Examples Routing * * * * * * 5.6.7.8 * * * port6 VLAN Switching * * * vlan1 * * * * * port6, port7, port9 00:1f.. Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
Centralized vs Distributed Control Both models are possible with OpenFlow Centralized Control Controller Distributed Control Controller Controller Controller OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch
Flow Routing vs. Aggregation Both models are possible with OpenFlow Flow-Based Every flow is individually set up by controller Exact-match flow entries Flow table contains one entry per flow Good for fine grain control, e.g. campus networks Aggregated One flow entry covers large groups of flows Wildcard flow entries Flow table contains one entry per category of flows Good for large number of flows, e.g. backbone
Reactive vs. Proactive (pre-populated) Both models are possible with OpenFlow Reactive First packet of flow triggers controller to insert flow entries Efficient use of flow table Every flow incurs small additional flow setup time If control connection lost, switch has limited utility Proactive Controller pre-populates flow table in switch Zero additional flow setup time Loss of control connection does not disrupt traffic Essentially requires aggregated (wildcard) rules
Usage examples Alice’s code: Simple learning switch Per Flow switching Network access control/firewall Static “VLANs” Her own new routing protocol: unicast, multicast, multipath Home network manager Packet processor (in controller) IPvAlice Stanford demonstrated VM migration Server Load balancing Mobility manager Power management Network monitoring and visualization Network debugging Network slicing … and much more you can create!
Quiz Time How do I provide control connectivity? Is it really clean slate? Why aren’t users complaining about time to setup flows over OpenFlow? (Hint: What is the predominant traffic today?) Considering switch CPU is the major limit, how can one take down an OpenFlow network? How to perform topology discovery over OpenFlow-enabled switches? What happens when you have a non-OpenFlow switch inbetween? What if there are two islands connected to same controller? How scalable is OpenFlow? How does one scale deployments?
What can you not do with OpenFlow ver1.0 Non-flow-based (per-packet) networking e.g., Handling pkt 1 differently from pkt 2 of same flow yes, this is a fundamental limitation BUT OpenFlow provides the plumbing to connect devices New forwarding primitives BUT provides a nice way to integrate them through extensions New packet formats/field definitions BUT a generalized OpenFlow (2.0) is on the horizon Optical Circuits BUT efforts underway to apply OpenFlow model to circuits Low-setup-time individual flows BUT can push down flows proactively to avoid delays
Where it’s going OF v1.1: Extensions for WAN, spring 2011 multiple tables: leverage additional tables tags and tunnels multipath forwarding OF v2+ generalized matching and actions: an “instruction set” for networking
OpenFlow Implementations (Switch and Controller)
OpenFlow building blocks Controller NOX Slicing Software FlowVisor FlowVisor Console Applications LAVI ENVI (GUI) Expedient n-Casting NetFPGA Software Ref. Switch Broadcom Ref. Switch OpenWRT PCEngine WiFi AP Commercial Switches Stanford Provided OpenFlow Switches SNAC Stanford Provided Monitoring/ debugging tools oflops oftrace openseer OpenVSwitch HP, NEC, Pronto, Juniper.. and many more Beacon Helios Maestro
Current SDN hardware Ciena Coredirector NEC IP8800 More coming soon... Juniper MX-series HP Procurve 5400 Pronto 3240/3290 WiMax (NEC) PC Engines Netgear 7324
Commercial Switch Vendors Notes Virtualize Model No legacy protocols (like VLAN and STP) Most actions processed in hardware MAC header rewriting in h/w OpenFlow takes precedence Most actions processed in hardware MAC header rewriting in h/w LACP, VLAN and STP processing before OpenFlow Wildcard rules or non-IP pkts processed in s/w Header rewriting in s/w CPU protects mgmt during loop 1 OF instance per switch Pronto 3240 or 3290 with Pica8 or Indigo firmware 1 OF instance per VLAN NEC IP8800 1 OF instance per VLAN HP Procurve 5400zl or 6600
Controller Vendors Closed-source Datacenter networks Nicira’s ONIX Open-source GPL Code based on NOX0.4 Enterprise network C++, Python and Javascript Currently used by campuses SNAC Notes Vendor Open-source GPL C++ and Python Researcher friendly Nicira’s NOX Open-source Researcher friendly Java-based Stanford’s Beacon Open-source Based on Java Maestro (from Rice Univ) Notes Vendor Open-source Written in C Closed source Based on Beacon Enterprise network NEC’s Helios BigSwitch controller
Growing Community Vendors and start-ups Providers and business-unit More... More... Note: Level of interest varies
Virtualizing OpenFlow
Trend Computer Industry Network Industry Windows (OS) Windows (OS) Linux Mac OS x86 (Computer) Windows (OS) App App Linux Linux Mac OS Mac OS Virtualization layer App Controller 1 App App Controller 2 Virtualization or “Slicing” App OpenFlow Controller 1 NOX (Network OS) Controller 2 Network OS
Simple Packet Forwarding Hardware Network Operating System 1 Open interface to hardware Virtualization or “Slicing” Layer Network Operating System 2 Network Operating System 3 Network Operating System 4 App App App App App App App App Many operating systems, or Many versions Open interface to hardware Isolated “slices” Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware
Switch Based Virtualization Exists for NEC, HP switches but not flexible enough Normal L2/L3 Processing Production VLANs Research VLAN 1 Research VLAN 2 Flow Table Controller Flow Table Controller
FlowVisor-based Virtualization OpenFlow Protocol Craig’s Controller Heidi’s Controller Aaron’s Controller OpenFlow Protocol Topology discovery is per slice OpenFlow Switch OpenFlow FlowVisor & Policy Control OpenFlow Switch OpenFlow Switch
OpenFlow Protocol Broadcast Multicast http Load-balancer FlowVisor-based Virtualization Separation not only by VLANs, but any L1-L4 pattern dl_dst=FFFFFFFFFFFF tp_src=80, or tp_dst=80 OpenFlow FlowVisor & Policy Control OpenFlow Protocol OpenFlow Switch OpenFlow Switch OpenFlow Switch
FlowSpace: Maps Packets to Slices
FlowVisor Message Handling Packet Exception Policy Check: Is this rule allowed? Policy Check: Who controls this packet? Full Line Rate Forwarding Rule Packet OpenFlow Firmware Data Path Alice Controller Bob Controller Cathy Controller FlowVisor OpenFlow OpenFlow
Use Case: New CDN - Turbo Coral ++ Basic Idea: Build a CDN where you control the entire network All traffic to or from Coral IP space controlled by Experimenter All other traffic controlled by default routing Topology is entire network End hosts are automatically added (no opt-in) Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport * * * * * 84.65.* * * * * * * * * * * 84.65.* * * * * * * * * * * * * *
Summary
Summary Software-defined networking is still evolving OpenFlow is being deployed in over 100 organizations world-wide GEC9 in Nov, 2010 showcased nation-wide OF Internet 2 and NLR starting to serve as the GENI Backbone Are you innovating in your networks??
Credits Thanks to following for contributing content to the tutorial: Nick McKeown Guru Parulkar Brandon Heller Yiannis Yiakoumis Guido Appenzeller Rob Sherwood Masa Kobayashi

More Related Content

PDF
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
PDF
Introduction to OpenFlow
byJoel W. King
 
PDF
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
PPTX
Software Defined Network (SDN)
byAhmed Ayman
 
PPTX
Introduction to SDN: Software Defined Networking
byAnkita Mahajan
 
PDF
Mininet Basics
byEueung Mulyana
 
PPTX
RYU Introduction
byNCTU
 
PDF
5G Network Architecture and Design
by3G4G
 
SDN & NFV Introduction - Open Source Data Center Networking
byThomas Graf
 
Introduction to OpenFlow
byJoel W. King
 
SDN Fundamentals - short presentation
byAzhar Khuwaja
 
Software Defined Network (SDN)
byAhmed Ayman
 
Introduction to SDN: Software Defined Networking
byAnkita Mahajan
 
Mininet Basics
byEueung Mulyana
 
RYU Introduction
byNCTU
 
5G Network Architecture and Design
by3G4G
 

What's hot

PDF
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
PPTX
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
PPTX
Software Defined Networks
byShreeya Shah
 
PDF
Wireshark Traffic Analysis
byDavid Sweigert
 
PPTX
Sdn ppt
byPallavi Chhikara
 
PPTX
OpenFlow
byKingston Smiler
 
PPTX
Software Defined Network - SDN
byVenkata Naga Ravi
 
PPTX
Data link layer
byAbdul MaTéèñ
 
PPTX
Introduction to SDN and NFV
byCoreStack
 
PDF
Mininet introduction
byVipin Gupta
 
PDF
Introduction to Software Defined Networking (SDN)
byrjain51
 
PPTX
MPLS VPN
byShahzaib Mahesar
 
PPTX
SDN Basics – What You Need to Know about Software-Defined Networking
bySDxCentral
 
PPT
Wireless security presentation
byMuhammad Zia
 
PPTX
Iot architecture
byAnam Iqbal
 
PPT
VLAN
byAlberto Jimenez
 
PDF
Advanced: 5G Service Based Architecture (SBA)
by3G4G
 
PDF
Introduction to Network Function Virtualization (NFV)
byrjain51
 
PPTX
Dynamic source routing
byAshraf Uddin
 
PPTX
DSR Protocol
by@zenafaris91
 
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
Introduction to Software Defined Networking (SDN)
byBangladesh Network Operators Group
 
Software Defined Networks
byShreeya Shah
 
Wireshark Traffic Analysis
byDavid Sweigert
 
Sdn ppt
byPallavi Chhikara
 
OpenFlow
byKingston Smiler
 
Software Defined Network - SDN
byVenkata Naga Ravi
 
Data link layer
byAbdul MaTéèñ
 
Introduction to SDN and NFV
byCoreStack
 
Mininet introduction
byVipin Gupta
 
Introduction to Software Defined Networking (SDN)
byrjain51
 
MPLS VPN
byShahzaib Mahesar
 
SDN Basics – What You Need to Know about Software-Defined Networking
bySDxCentral
 
Wireless security presentation
byMuhammad Zia
 
Iot architecture
byAnam Iqbal
 
VLAN
byAlberto Jimenez
 
Advanced: 5G Service Based Architecture (SBA)
by3G4G
 
Introduction to Network Function Virtualization (NFV)
byrjain51
 
Dynamic source routing
byAshraf Uddin
 
DSR Protocol
by@zenafaris91
 

Similar to OpenFlow tutorial

PPTX
Software Defined networking (SDN)
byMilson Munakami
 
PDF
Introduction to OpenFlow
byrjain51
 
PPTX
Network programmability: an Overview
byAymen AlAwadi
 
PDF
SDN - OpenFlow protocol
byUlf Marxen
 
PPT
OpenFlow Tutorial
byJa-seop Kwak
 
PPT
Software defined network and Virtualization
byidrajeev
 
PPTX
08-Software Defined Networking Southern Carolina
bycustcharanhp2309
 
PPTX
Software-Defined Networking (SDN) is a transformative networking paradigm
byeticket4403
 
PPTX
lect4_SDNbasic_openflow.pptx
byJesicaDcruz1
 
PPTX
Open Flow Protocol
byVishal S M B
 
PDF
Protocol Independence
byOpen Networking Summits
 
PPT
Naveen nimmu sdn future of networking
bysuniltomar04
 
PPT
Naveen nimmu sdn future of networking
byOpenSourceIndia
 
PDF
SDN/OpenFlow #lspe
byChris Westin
 
PDF
Openlab.2014 02-13.major.vi sion
byCcie Light
 
PDF
software defined network, openflow protocol and its controllers
byIsaku Yamahata
 
PDF
PLNOG 8: Piotr Gierz - Protokół OpenFlow
byPROIDEA
 
PPTX
Lecture14 1
byEdwin Castillo
 
PDF
M 14ofl
byronsito
 
PDF
OpenFlow — the key standard of Software-Defined Networks
byMinsk Linux User Group
 
Software Defined networking (SDN)
byMilson Munakami
 
Introduction to OpenFlow
byrjain51
 
Network programmability: an Overview
byAymen AlAwadi
 
SDN - OpenFlow protocol
byUlf Marxen
 
OpenFlow Tutorial
byJa-seop Kwak
 
Software defined network and Virtualization
byidrajeev
 
08-Software Defined Networking Southern Carolina
bycustcharanhp2309
 
Software-Defined Networking (SDN) is a transformative networking paradigm
byeticket4403
 
lect4_SDNbasic_openflow.pptx
byJesicaDcruz1
 
Open Flow Protocol
byVishal S M B
 
Protocol Independence
byOpen Networking Summits
 
Naveen nimmu sdn future of networking
bysuniltomar04
 
Naveen nimmu sdn future of networking
byOpenSourceIndia
 
SDN/OpenFlow #lspe
byChris Westin
 
Openlab.2014 02-13.major.vi sion
byCcie Light
 
software defined network, openflow protocol and its controllers
byIsaku Yamahata
 
PLNOG 8: Piotr Gierz - Protokół OpenFlow
byPROIDEA
 
Lecture14 1
byEdwin Castillo
 
M 14ofl
byronsito
 
OpenFlow — the key standard of Software-Defined Networks
byMinsk Linux User Group
 

Recently uploaded

PDF
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
DOCX
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
PDF
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
PDF
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
PDF
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
PDF
Safeguarding AI-Based Financial Infrastructure
bysleepandremedies
 
PPTX
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
PDF
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
PDF
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
PDF
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
PPTX
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
PDF
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
PDF
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
PDF
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
PDF
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
PDF
DevSecOps Learning Path - TryHackMe Certificate
byVICTOR MAESTRE RAMIREZ
 
PDF
Cybersecurity Prevention and Detection Specialization
byVICTOR MAESTRE RAMIREZ
 
PDF
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
PDF
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
PDF
AI Technology important knowledge ......
byutkarshj2007
 
ElyriaSoftware — Powering the Future with Blockchain Innovation
byElyria Software
 
Introduction to the World of Computers (Hardware & Software)
byALIABBAS ABASOV
 
Generative AI in UiPath: Mastering the Generative Extractor for Intelligent D...
byDianaGray10
 
Knowing and Doing: Knowledge graphs, AI, and work
bymarainglezakis1
 
AI and Computer Architecture: 200 Years Together
byDmitry Zinoviev
 
Safeguarding AI-Based Financial Infrastructure
bysleepandremedies
 
RISE with SAP for Automotive - S4 HANA Value.pptx
byAmira Jemi
 
DIGITAL FORENSICS - Notes for Everything.pdf
bypankajkumavatbeit
 
Tracing the Thread: Decoding the Decision-Making Process with GraphRAG
byEnterprise Knowledge
 
Generative AI in 2026: Hype, Bubble, Winter or The Real Deal?
byDr. Tathagat Varma
 
The Future of IT Service Management AI Automation & Beyond.pptx
byChetu
 
Top 7 Manufacturing Software for Small Businesses Boosting Growth in 2025
byEnvertis Software Solutions
 
TPPmark2025 Kenta Inoue's answer 12/04/2025
byKenta Inoue
 
Innovative AI Solutions for Business Growth.pdf
byVox Works
 
The Ultimate Guide to Problem Management Dashboards for IT Teams.pdf
byomnex systems
 
DevSecOps Learning Path - TryHackMe Certificate
byVICTOR MAESTRE RAMIREZ
 
Cybersecurity Prevention and Detection Specialization
byVICTOR MAESTRE RAMIREZ
 
8 LLM Surveys https://tinyurl.com/bdz8e6fp
byBob Marcus
 
Ransomware_Resilience_Strategic_Playbook.pdf
byAfonso Henrique Rodrigues Alves
 
AI Technology important knowledge ......
byutkarshj2007
 

OpenFlow tutorial

  • 1.
    OpenFlow/Software-defined Networking Nov,2011 Srini Seetharaman Tech Lead, SDN Deutsche Telekom Innovation Center
  • 2.
    The Ossified Network6000+ RFCs Barrier to entry Bloated Power Hungry Many complex functions baked into the infrastructure OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, MPLS, redundant layers, … An industry with a “mainframe-mentality”, reluctant to change Million of lines of source code Billions of gates Specialized Packet Forwarding Hardware Operating System Feature Feature Routing, management, mobility management, access control, VPNs, …
  • 3.
    Open Systems gapin the tool space none have all the desired attributes! Performance Fidelity Scale Real User Traffic? Complexity Open Simulation medium medium no medium yes Emulation medium low no medium yes Software Switches poor low yes medium yes NetFPGA high low yes high yes Network Processors high medium yes high yes Vendor Switches high high yes low no
  • 4.
    Current Internet Closed to Innovations in the Infrastructure Closed Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App
  • 5.
    “ Software DefinedNetworking” approach to open it Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App Network Operating System App App App
  • 6.
    The “Software-defined Network”App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware App App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source
  • 7.
  • 8.
  • 9.
    Data Path (Hardware)Control Path Control Path (Software)
  • 10.
    Data Path (Hardware)Control Path OpenFlow OpenFlow Controller OpenFlow Protocol (SSL/TCP)
  • 11.
    OpenFlow usage ControllerOpenFlow Switch OpenFlow Switch OpenFlow Switch Alice’s code Decision? OpenFlow Protocol OpenFlow offloads control intelligence to a remote software PC Alice’s Rule Alice’s Rule Alice’s Rule
  • 12.
    Controller PC HardwareLayer Software Layer Flow Table OpenFlow Client port 4 port 3 port 2 port 1 1.2.3.4 5.6.7.8 OpenFlow Example MAC src MAC dst IP Src IP Dst TCP sport TCP dport Action * * 5.6.7.8 * * * port 1
  • 13.
    OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action Stats Forward packet to zero or more ports Encapsulate and forward to controller Send to normal processing pipeline Modify Fields Any extensions you add! + mask what fields to match Packet + byte counters VLAN pcp IP ToS
  • 14.
    OpenFlow: a pragmaticcompromise + Speed, scale, fidelity of vendor hardware + Flexibility and control of software and simulation Vendors don’t need to expose implementation Leverages hardware inside most switches today (ACL tables)
  • 15.
    Examples Switching ** 00:1f:.. * * * * * * * port6 Flow Switching port3 00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6 Firewall * * * * * * * * * 22 drop Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
  • 16.
    Examples Routing ** * * * * 5.6.7.8 * * * port6 VLAN Switching * * * vlan1 * * * * * port6, port7, port9 00:1f.. Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
  • 17.
    Centralized vs DistributedControl Both models are possible with OpenFlow Centralized Control Controller Distributed Control Controller Controller Controller OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch OpenFlow Switch
  • 18.
    Flow Routing vs.Aggregation Both models are possible with OpenFlow Flow-Based Every flow is individually set up by controller Exact-match flow entries Flow table contains one entry per flow Good for fine grain control, e.g. campus networks Aggregated One flow entry covers large groups of flows Wildcard flow entries Flow table contains one entry per category of flows Good for large number of flows, e.g. backbone
  • 19.
    Reactive vs. Proactive(pre-populated) Both models are possible with OpenFlow Reactive First packet of flow triggers controller to insert flow entries Efficient use of flow table Every flow incurs small additional flow setup time If control connection lost, switch has limited utility Proactive Controller pre-populates flow table in switch Zero additional flow setup time Loss of control connection does not disrupt traffic Essentially requires aggregated (wildcard) rules
  • 20.
    Usage examples Alice’scode: Simple learning switch Per Flow switching Network access control/firewall Static “VLANs” Her own new routing protocol: unicast, multicast, multipath Home network manager Packet processor (in controller) IPvAlice Stanford demonstrated VM migration Server Load balancing Mobility manager Power management Network monitoring and visualization Network debugging Network slicing … and much more you can create!
  • 21.
    Quiz Time Howdo I provide control connectivity? Is it really clean slate? Why aren’t users complaining about time to setup flows over OpenFlow? (Hint: What is the predominant traffic today?) Considering switch CPU is the major limit, how can one take down an OpenFlow network? How to perform topology discovery over OpenFlow-enabled switches? What happens when you have a non-OpenFlow switch inbetween? What if there are two islands connected to same controller? How scalable is OpenFlow? How does one scale deployments?
  • 22.
    What can younot do with OpenFlow ver1.0 Non-flow-based (per-packet) networking e.g., Handling pkt 1 differently from pkt 2 of same flow yes, this is a fundamental limitation BUT OpenFlow provides the plumbing to connect devices New forwarding primitives BUT provides a nice way to integrate them through extensions New packet formats/field definitions BUT a generalized OpenFlow (2.0) is on the horizon Optical Circuits BUT efforts underway to apply OpenFlow model to circuits Low-setup-time individual flows BUT can push down flows proactively to avoid delays
  • 23.
    Where it’s goingOF v1.1: Extensions for WAN, spring 2011 multiple tables: leverage additional tables tags and tunnels multipath forwarding OF v2+ generalized matching and actions: an “instruction set” for networking
  • 24.
  • 25.
    OpenFlow building blocksController NOX Slicing Software FlowVisor FlowVisor Console Applications LAVI ENVI (GUI) Expedient n-Casting NetFPGA Software Ref. Switch Broadcom Ref. Switch OpenWRT PCEngine WiFi AP Commercial Switches Stanford Provided OpenFlow Switches SNAC Stanford Provided Monitoring/ debugging tools oflops oftrace openseer OpenVSwitch HP, NEC, Pronto, Juniper.. and many more Beacon Helios Maestro
  • 26.
    Current SDN hardwareCiena Coredirector NEC IP8800 More coming soon... Juniper MX-series HP Procurve 5400 Pronto 3240/3290 WiMax (NEC) PC Engines Netgear 7324
  • 27.
    Commercial Switch VendorsNotes Virtualize Model No legacy protocols (like VLAN and STP) Most actions processed in hardware MAC header rewriting in h/w OpenFlow takes precedence Most actions processed in hardware MAC header rewriting in h/w LACP, VLAN and STP processing before OpenFlow Wildcard rules or non-IP pkts processed in s/w Header rewriting in s/w CPU protects mgmt during loop 1 OF instance per switch Pronto 3240 or 3290 with Pica8 or Indigo firmware 1 OF instance per VLAN NEC IP8800 1 OF instance per VLAN HP Procurve 5400zl or 6600
  • 28.
    Controller Vendors Closed-sourceDatacenter networks Nicira’s ONIX Open-source GPL Code based on NOX0.4 Enterprise network C++, Python and Javascript Currently used by campuses SNAC Notes Vendor Open-source GPL C++ and Python Researcher friendly Nicira’s NOX Open-source Researcher friendly Java-based Stanford’s Beacon Open-source Based on Java Maestro (from Rice Univ) Notes Vendor Open-source Written in C Closed source Based on Beacon Enterprise network NEC’s Helios BigSwitch controller
  • 29.
    Growing Community Vendorsand start-ups Providers and business-unit More... More... Note: Level of interest varies
  • 30.
  • 31.
    Trend Computer IndustryNetwork Industry Windows (OS) Windows (OS) Linux Mac OS x86 (Computer) Windows (OS) App App Linux Linux Mac OS Mac OS Virtualization layer App Controller 1 App App Controller 2 Virtualization or “Slicing” App OpenFlow Controller 1 NOX (Network OS) Controller 2 Network OS
  • 32.
    Simple Packet Forwarding Hardware Network Operating System 1 Open interface to hardware Virtualization or “Slicing” Layer Network Operating System 2 Network Operating System 3 Network Operating System 4 App App App App App App App App Many operating systems, or Many versions Open interface to hardware Isolated “slices” Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware
  • 33.
    Switch Based VirtualizationExists for NEC, HP switches but not flexible enough Normal L2/L3 Processing Production VLANs Research VLAN 1 Research VLAN 2 Flow Table Controller Flow Table Controller
  • 34.
    FlowVisor-based Virtualization OpenFlowProtocol Craig’s Controller Heidi’s Controller Aaron’s Controller OpenFlow Protocol Topology discovery is per slice OpenFlow Switch OpenFlow FlowVisor & Policy Control OpenFlow Switch OpenFlow Switch
  • 35.
    OpenFlow Protocol BroadcastMulticast http Load-balancer FlowVisor-based Virtualization Separation not only by VLANs, but any L1-L4 pattern dl_dst=FFFFFFFFFFFF tp_src=80, or tp_dst=80 OpenFlow FlowVisor & Policy Control OpenFlow Protocol OpenFlow Switch OpenFlow Switch OpenFlow Switch
  • 36.
  • 37.
    FlowVisor Message HandlingPacket Exception Policy Check: Is this rule allowed? Policy Check: Who controls this packet? Full Line Rate Forwarding Rule Packet OpenFlow Firmware Data Path Alice Controller Bob Controller Cathy Controller FlowVisor OpenFlow OpenFlow
  • 38.
    Use Case: NewCDN - Turbo Coral ++ Basic Idea: Build a CDN where you control the entire network All traffic to or from Coral IP space controlled by Experimenter All other traffic controlled by default routing Topology is entire network End hosts are automatically added (no opt-in) Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport * * * * * 84.65.* * * * * * * * * * * 84.65.* * * * * * * * * * * * * *
  • 39.
  • 40.
    Summary Software-defined networkingis still evolving OpenFlow is being deployed in over 100 organizations world-wide GEC9 in Nov, 2010 showcased nation-wide OF Internet 2 and NLR starting to serve as the GENI Backbone Are you innovating in your networks??
  • 41.
    Credits Thanks tofollowing for contributing content to the tutorial: Nick McKeown Guru Parulkar Brandon Heller Yiannis Yiakoumis Guido Appenzeller Rob Sherwood Masa Kobayashi

Editor's Notes

  • #5 The next 3 slides are a set of animation to show how we enable innovation: - Infrastructure is closed to innovation and only driven by vendors. Consumers have little say - Business model makes it hard for new features to be added
  • #6 How do we redefine the architecture to open up networking infrastructure and the industry! By bring to the networking industry what we did to the computing world
  • #7 Switches, routers and other middleboxes are dumbed down The key is to have a standardized control interface that speaks directly to hardware
  • #12 How the actual protocol works
  • #14 Now I’ll describe the API that tries to meet these goals.
  • #21 What is possible in the controller? Anything that needs intelligent routing of a flow At Stanford, we have even shown how OpenFlow may be used for: VM migration Power management Load balancing Network monitoring and debugging Easier network visualization
  • #26 There are components at different levels that work together in making it work The commercial switch details will follow in next slide There are a plethora of applications possible. I only list those available at Stanford
  • #28 All support ver 1.0 All have approx 1500 flow table entry limit
  • #32 Hidden slide (just for backup reasons) Shows how far along we can go in opening up the network
  • #34 Experiments running on PRODUCTION infrastructure Key to get scale, key to get traffic on the network (e.g. can’t just do a reset...)