Innovating Networking with Software Defined Networking and OpenFlow

An Introduction to Software Defined Networking and OpenFlow Vic Thomas vicraj.Thomas@gmail.com Sponsored by the National Science Foundation

Reserve Resources (Step 1 of Instructions) Slice 1: Controller Portal RSpec: XEN OpenFlow Controllers Slice 2: Network Portal RSpec: OpenFlow OVS all XEN Create both slices on the same InstaGENI rack Instructions at: https://tinyurl.com/geni-of-ryu Sponsored by the National Science Foundation www.geni.net 2

Software Defined Networking Basics OpenFlow Sponsored by the National Science Foundation www.geni.net 3

Software Defined Networking Basics Sponsored by the National Science Foundation www.geni.net 4

The current Internet is at an impasse because new architecture cannot be deployed or even adequately evaluated [PST04] [PST04]: Overcoming the Internet Impasse through Virtualization, Larry Peterson, Scott Shenker, Jonothan Turner. Hotnets 2004 Sponsored by the National Science Foundation www.geni.net 5

Software Defined Networking Enables innovation in networking Changes practice of networking A Purpose-Built Global Network: Google's Move to SDN CACM March 2016, pp 46 54 Sponsored by the National Science Foundation www.geni.net 6

SDN Basics Smarts baked into switch Network Switch Sponsored by the National Science Foundation www.geni.net 7

SDN Basics Open API Controller Smarts moved out of switch Network Switch Sponsored by the National Science Foundation www.geni.net 8

SDN Basics From: Forwarding table entries added by vendor provided logic internal to switch MATCH dst subnet X dst subnet Y ACTION output port 48 output port 47 output port 2 dst MAC: 00:00:00:00:00:01 SDN dst MAC: 00:00:00:00:00:01 output port 5 To: Table entries added by external controller written by anyone src subnet Z TCP port 80 drop output port 10 Switch Forwarding Table Sponsored by the National Science Foundation www.geni.net 9

SDN Basics Controller One controller can manage many switches Sponsored by the National Science Foundation www.geni.net 10

SDN Enables Network Function Virtualization DHCP access point router Controller DNS proxy VPN gateway firewall NAT switch Network Device Many network functions can be implemented using a generic network device Sponsored by the National Science Foundation www.geni.net 11

NFV: Network Function Virtualization Slide from: http://docbox.etsi.org/Workshop/2013/201304_FNTWORKSHOP/S07_NFV/BT_REID.pdf Sponsored by the National Science Foundation www.geni.net 12

Software Defined Infrastructures User defined virtual networks with compute, storage, networking Everything is virtualized Highly optimized networks Dynamic reconfigurations Network snapshotting Orchestration Layer (e.g. ONOS) Network engineering ~ ~ Software engineering Physical infrastructure Figure adapted from http://www.slideshare.net/LarryCover/virtualizing-the-network-to-enable-a-software-defined-infrastructure-sdi?related=1 Sponsored by the National Science Foundation www.geni.net 13

SDN Benefits* External control Enables network Apps Fosters innovation: Not limited to vendor provided switch logic Leverages general-purpose computers (Moore s Law) Drives down costs: Network hardware becomes a commodity Centralized control Enterprise-wide optimization and planning Dynamic network reconfiguration One place for apps to interact (auth & auth, etc) * OpenFlow: A radical New idea in Networking, Thomas A. Limoncelli CACM 08/12 (Vol 55 No. 8) Sponsored by the National Science Foundation www.geni.net 14

SDN Drawbacks Unexpected interactions between features Controller reliability and stability Controller security (runs on a general purpose computer and OS) There an now many more ways of messing up a nework Sponsored by the National Science Foundation www.geni.net 15

OpenFlow Sponsored by the National Science Foundation www.geni.net 16

OpenFlow is an SDN API OpenFlow is the most widely implemented controller-switch API Sponsored by the National Science Foundation www.geni.net 17

OpenFlow Versions ( 12/ 13) OpenFlow 1.3.x Complex & support in progress ( 11) Open Networking Foundation (ONF) formed to shepherd standards (Dec 09) OpenFlow 1.0.0 Simple & widely supported (Dec 14) OpenFlow 1.5 (Oct 13) OpenFlow 1.4 (Nov 13) OpenFlow 1.0.2 (Feb 11) OpenFlow 1.1.0 Not implemented by HW vendors (Dec 11) OpenFlow 1.2 First ONF standard https://www.opennetworking.org/sdn-resources/technical-library Sponsored by the National Science Foundation www.geni.net 18

OpenFlow The controller is responsible for populating forwarding table of the switch Any Host OpenFlow Controller OpenFlow Protocol (SSL/TCP) Switch Control Path OpenFlow In a table miss the switch asks the controller Data Path (Hardware) Modified slide from : http://www.deutsche-telekom-laboratories.de/~robert/GENI-Experimenters-Workshop.ppt Sponsored by the National Science Foundation www.geni.net 19

OpenFlow in Action Host1 sends a packet Any Host OpenFlow Controller OpenFlow Protocol (SSL/TCP) If there are no rules for handling this packet Forward packet to the controller installs a rule on the forwarding table (flow table) Switch Control Path OpenFlow Data Path (Hardware) Subsequent packets do not go through the controller host2 host1 Modified slide from : http://www.deutsche-telekom-laboratories.de/~robert/GENI-Experimenters-Workshop.ppt Sponsored by the National Science Foundation www.geni.net 20

OpenFlow 1.0 Basics Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline 5. Modify Fields Eth type VLAN PCP Switch Port IP Prot IP Src IP Dst IP ToS TCP sport TCP dport VLAN ID MAC src MAC dst + mask what fields to match slide from : http://www.deutsche-telekom-laboratories.de/~robert/GENI-Experimenters-Workshop.ppt Sponsored by the National Science Foundation www.geni.net 21

OpenFlow controllers Open source controller frameworks NoX C++ PoX - Python OpenDaylight - Java FloodLight - Java Trema C / Ruby Maestro - Java Ryu - Python Proprietary controllers Mostly customized solutions based on Open Source frameworks ProgrammableFlow - NEC Sponsored by the National Science Foundation www.geni.net 24

Running OpenFlow Experiments Debugging OpenFlow experiments is hard: Network configuration debugging requires coordination Many networking elements in play No console access to the switch Before deploying your OpenFlow experiment test your controller. http://mininet.github.com/ http://openvswitch.org/ Sponsored by the National Science Foundation www.geni.net 26

Exercise: Use the Ryu controller to set up simple flows Sponsored by the National Science Foundation www.geni.net 27

OpenFlow 1.0 Intro Exercise Write simple controllers to control the traffic between the three hosts. Sponsored by the National Science Foundation www.geni.net 28

Major Steps Step 2 of instructions 2. Configure your switch 2a. Connect switch ports to Ethernet interfaces of VM running switch 2b. Point switch to controller Controller can by anywhere on the Internet. Yours runs on a GENI VM in a different slice. host2 host1 OVS switch name: br0 controller host3 Sponsored by the National Science Foundation www.geni.net 29

Run Experiments 1. Simple learning switch OVS switch acts as a regular switch: Learns which MAC addresses are connected to which ports and forwards traffic accordingly 2. Port forwarding Traffic from Host 1 to Host 2 on Port 5000 gets forwarded to Port 6000 on Host 2 3. Server proxy Traffic from Host 1 to Host 2 gets forwarded to Host 3 Sponsored by the National Science Foundation www.geni.net 30

Tips Cut and paste the curl commands Keep online version of instructions open http://tinyurl.com/geni-of-ryu You will have multiple terminals open to each of Hosts 1, 2, 3, controller and switch. Make sure your are typing your commands in the right window. Sponsored by the National Science Foundation www.geni.net 31

Instructions: http://tinyurl.com/geni-of-ryu Sponsored by the National Science Foundation www.geni.net 32