Software Defined

Networking(SDN)

Lubak M.
[email protected]
Content
● Current Challenges in Networking
● What’s SDN
● OpenFlow
● Details of operations
● Conclusion

2
 Limitations of Current Networks

Switches

3
Traditional Computer Networks (1)

Data
plane:
Packet
streaming

Forward, filter, buffer, mark,

rate-limit, and measure
packets 4
Traditional Computer Networks
(2)
Control plane:
Distributed algorithms

Track topology changes, compute

routes, install forwarding rules
5
 Traditional Computer Networks
(3)
Management plane:
Human time
scale

Collect measurements and configure

the equipment 6
Traditional Network Node: 7
Router
● Router can be partitioned into control and data plane
○ Management plane/ configuration
○ Control plane / Decision: OSPF (Open Shortest Path First)
○ Data plane / Forwarding

Adjacent Router Adjacent

Router Management/Policy plane Router
Configuration / CLI / GUI

Control plane Control plane

Control plane Static
OSPF routes OSPF OSPF
Routing
Neighbor Link state IP routing
table table
database
Data plane Data plane Data plane
Forwarding table
Switching
Traditional Network Node:
8
Switch
● Typical Networking Software
○ Management plane
○ Control Plane – The decision maker
○ Data Plane – Packet forwarder
Old ways to configure networks 9

App App App

App App App

Operating
Operating System
System
Specialized Packet
App App App Specialized Packet Forwarding Hardware
Forwarding Hardware
Operating
System

Specialized Packet
Forwarding Hardware App App App

Operating
System
App App App
Specialized Packet
Forwarding Hardware
Operating
System

Specialized Packet
Forwarding Hardware
 10
Reality

App App App

App
App
App
Operating
System
Operating System
Specialized Packet Specialized Packet
Forwarding Hardware Forwarding Hardware

● Closed architecture means blurry, closed interfaces

● Vertically integrated, complex, closed, proprietary
● Not good for network owners & users
The Two Networking “Planes” 11

● Data plane: processing and delivery of packets with local forwarding

state
○ Forwarding state + packet header →forwarding decision
○ Based on state in routers and endpoints
○ Implemented by protocols, E.g., IP, TCP, Ethernet, etc.
○ Fast timescales (per-packet)
● Control plane: compute the state in routers (forwarding state)
○ Determines how and where packets are forwarded
○ Routing, traffic engineering, firewall state, …
○ Slow time-scales (per control event)
○ Implemented with distributed protocols, manual configuration
(and scripting) or centralized computation
● These different planes require different abstractions
 12
Data Plane Abstractions: Layers
Applications
…built on…
Reliable (or unreliable) transport
…built on…
Best-effort global packet delivery
…built on…
Best-effort local packet delivery
…built on…
Local physical transfer of bits
Routing vs. Forwarding 13

● Routing (algorithm):
○ A successive exchange of connectivity information
between routers.
○ Each router builds its own routing table based on
collected information.
● Forwarding (process):
○ A switch- or router-local process which forwards
packets towards the destination using the
information given in the local routing table.
Forwarding vs. Routing 14

Forwarding: data plane

Directing a data packet to an outgoing link
Individual router using a forwarding table
Routing: control plane
Computing paths the packets will follow
Routers talking amongst themselves
Individual router creating a forwarding table
Traffic Engineering Problem 15

 Management plane: setting the weights

 Inversely proportional to link capacity?
 Proportional to propagation delay?
 Network-wide optimization based on traffic?

2
3 1
1
3
2 3
1 5

4 3
(Too) Many Control Plane
16
Mechanisms
● Variety of goals, no modularity:
○ Routing: distributed routing algorithms
○ Isolation: ACLs, VLANs, Firewalls,…
○ Traffic engineering: adjusting weights,
MPLS,…
● Control Plane: mechanism without
abstraction
○ Too many mechanisms, not enough
functionality
We have lost our way 17

Routing, management, mobility management,

access control, VPNs, …

App App App

Million of lines 7400 RFCs Barrier to entry
Operating of source
System code

Specialized Packet
Forwarding Hardware Billions of gates Bloated Power Hungry

● Many complex functions baked into the infrastructure

OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT,
firewalls, MPLS, redundant layers, …
● Cannot dynamically change according to network
conditions
Challenges on Network Operations and
18
Management (1)
● Operating a network is expensive
○ More than half the cost of a network is for operating
and management
○ Operator error causes most outages
○ Cascading failures, vulnerabilities are always
attached with networks
○ Routers with 20+ million lines of code
○ System administrators need to understand all
aspects of networks
○ This ability to master complexity is both a blessing
and a curse!
 Challenges on Network Operations
19
and Management (2)
● Networks design is not based on formal principles
○ Networks used to be simple
■ Basic Ethernet/IP straightforward, easy to manage
○ New control requirements have led to complexity
■ ACLs, VLANs, Middleboxes,…
○ The infrastructure still works, only because of our great
ability to master complexity
○ OS courses teach fundamental principles
■ Mutual exclusion and other synchronization
primitives
■ Files, file systems, threads, and other building
blocks
○ Networking courses teach a big bag of protocols
■ No formal principles, just general design
Challenges on Network
20
Management (3)
● Networks are hard to evolve
○ Ongoing innovation in systems software
○ New languages, operating systems, etc.
○ Networks are stuck in the past
○ Routing algorithms change very slowly
○ Network operations and management are extremely
primitive
Idea: An OS for Networks 21

Control Programs

Network Operating System

App App App

App App App

Operating
Operating System
System
Specialized Packet
App App App Specialized Packet Forwarding Hardware
Forwarding Hardware
Operating
System

Specialized Packet
Forwarding Hardware App App App

Operating
System
App App App
Specialized Packet
Forwarding Hardware
Operating
System

Specialized Packet
Forwarding Hardware
Idea: An OS for Networks 22

Control Programs

Network Operating System

Simple Packet Simple Packet

Forwarding Hardware Forwarding Hardware

Simple Packet
Forwarding Hardware

Simple Packet
Forwarding Hardware

Simple Packet
Forwarding Hardware
Software defined networking 23
(SDN)

Software-Defined Networking (SDN)

Control Programs

Network Operating System

Control via

forwarding
Protocols Protocols
interface
Trend 24

App App App

App App App

Controller
Controller
Controller11
NOX
Controller
Windows
Windows
Windows Linux
Linux
Mac
Mac
Mac (Network OS) 22
Network OS
(OS) Linux OS
OS
(OS)
(OS) OS

Virtualization or “Slicing”
Virtualization layer

x86 OpenFlow
(Computer)

Computer Industry Network Industry

Software Defined Networking 25
(SDN)
● Software-defined networking (SDN) is an
approach to networking in which control is
decoupled from hardware and given to a
software application called a controller.
● SDN is a new network architecture to make it
easier to program networks.
● With the core idea that software remotely
controls network hardware.
Control/Data Separation 26
decouple control and data planes
by providing open standard API
(Logically) Centralized Controller 27

Controller Platform
Protocols  Applications 28

Controller Application
Controller Platform
SDN Concept
● Separate Control plane and Data plane entities
○ Network intelligence and state are logically
centralized
○ The underlying network infrastructure is abstracted
from the applications
● Execute or run Control plane software on general
purpose hardware
○ Decouple from specific networking hardware
○ Use commodity servers
● Have programmable data planes
○ Maintain, control and program data plane state from a
central entity
● An architecture to control not just a networking device but
an entire network 24
30

AppAppAppAppAppAppAppAppAppAppApp

Specialized
Open Interface
Applications
Specialized Windows Mac
or Linux or
(OS) OS
Operating
System
Open Interface
Specialized
Hardware Microprocessor

Vertically integrated Horizontal

Closed, proprietary Open interfaces
Slow innovation Rapid innovation
Small industry Huge industry
31
31

AppAppAppAppAppAppAppAppAppAppApp

Specialized Open Interface

Features
Control Control Control
or or
Specialized Plane Plane Plane
Control
Plane Open Interface

Specialized Merchant
Hardware Switching Chips

Vertically integrated Horizontal

Closed, proprietary Open interfaces
Slow innovation Rapid innovation
32

Routing, management, mobility management,

access control, VPNs, …

Feature Feature
Million of lines 6,000 RFCs
of source code
OS

Billions of gates Bloated Power Hungry

Custom Hardware

• Vertically integrated, complex, closed, proprietary

• Networking industry with “mainframe” mind-set
 The network is changing
33

Feature Feature
Network OS

Feature Feature

OS
Feature Feature
Custom Hardware
OS
Feature Feature
Custom Hardware
OS
Feature Feature
Custom Hardware
OS

Feature Feature Custom Hardware

OS
Custom Hardware
Software Defined Networking 34
Abstract Network View

VCiortnutarloizl
aPtrionrLaamyer
Global Network View
Network
OS
 Software Defined Network (SDN)

3. Consistent, up-to-date global network view 2. At least one Network OS

35 probably many.
Open- and closed-source
Feature Feature
Network OS
1. Open interface to packet forwarding

Packet
Forwarding Packet
Forwarding

Packet
Packet Forwarding
Forwarding Packet
Forwarding
Software Defined Network (SDN)

Control Program A Control Program B

Network OS

Packet
Forwarding Packet
Forwarding

Packet
Packet Forwarding
Forwarding
Packet
Forwarding
Separate Concerns with Abstractions
37

● Be compatible with low-level hardware/software

○ Need an abstraction for general forwarding model
● Make decisions based on entire network
○ Need an abstraction for network state
● Compute configuration of each physical device
○ Need an abstraction that simplifies configuration
SDN: Layers for the Control 38
Plane
Control Program
Abstract Network
View
Network
Virtualization
Global Network
View

Network
OS
Software-Defined Network with Key Abstractions in
the Control Plane

Network
Well-defined API Virtualization
Traffic Other
Routing Engineering Applications Network Map
Abstraction
Network Operating System

Forwarding Separation of Data

and Control Plane
Forwarding
Forwarding

Forwarding 28
Abstractions Don’t Remove 40
Complexity
● NOS, Virtualization are complicated pieces of code
● SDN merely localizes the complexity:
○ Simplifies interface for control program (user-specific)
○ Pushes complexity into reusable code (SDN platform)
● The big payoff of SDN: modularity!
○ The core distribution mechanisms can be reused
○ Control programs only deal with their specific function
● Note that SDN separates control and data planes
○ SDN platform does control plane, switches do data
plane
 41
Advantages of SDN
● to allow network administrators respond
quickly to changing business requirements.
● to shape traffic from a centralized control
console without having to touch individual
switches.
● to change any network switch's rules when
necessary.
● to support cloud computing architecture with
multi-tenant by the flexible and efficient
management of traffic load.
 42
Advantages of SDN
 43
OpenFlow Basics
Control Program A Control Program B

Network OS
OpenFlow Protocol

Control Path OpenFlow Data

Path (Hardware)
 44
OpenFlow
● Standard way to control flow-tables in commercial switches and
routers
● Just need to update firmware
● Essential to the implementation of SDN
● Provide open interface to “black box” networking node
○ (ie. Routers, L2/L3 switch) to enable visibility and openness in
network
● Separation of control plane and data plane.
○ The datapath of an OpenFlow Switch consists of a Flow Table, and
an action associated with each flow entry
○ The control path consists of a controller which programs the
flow entry in the flow table
● OpenFlow is based on an Ethernet switch, with an internal
flow-table, and a standardized interface to add and remove flow
entries
 45
OpenFlow

OpenFlow Controller
OpenFlow Protocol
(SSL/TCP)

Control Path

OpenFlow
Components of OpenFlow
46
Network
● Controller
○ OpenFlow protocol messages
○ Controlled channel
○ Processing
■ Pipeline Processing
■ Packet Matching
■ Instructions & Action Set
● OpenFlow switch
○ Secure Channel (SC)
○ Flow Table
■ Flow entry
 OpenFlow
47
Switching
Controller

PC
Software
Layer OpenFlow Client
OpenFlow Table

Hardware MAC MAC IP IP TCP TCP Action

Layer src dst Src Dst sport dport
* * * 5.6.7.8 * * port 1

port 1 port 2 port 3 port 4

OpenFlow Table
Entry

Rule Action Stats

Packet + byte counters

1.Forward packet to port(s) 2.Encapsulate

and forward to controller 3.Drop packet
4.Send to normal processing pipeline 5.
…

Switch MAC MAC Eth VLAN IP IP IP TCP TCP

Port src dst type ID Src Dst Prot sport dport
+ mask 37
OpenFlow Examples
Switching

Switch MAC MAC Eth VLAN IP IP IP TCP TCP Action

Port src dst type ID Src Dst Prot sport dport
* * 00:1f:.. * * * * * * * port6
Routing

Switch MAC MAC Eth VLAN IP IP IP TCP TCP Action

Port src dst type ID Src Dst Prot sport dport
* * * * * * 5.6.7.8 * * port6
*
Firewall

Switch MAC MAC Eth VLAN IP IP IP TCP TCP Action

Port src dst type ID Src Dst Prot sport dport
* * * * * * * * * 22 drop 38
OpenFlow in the Wild
● Commercial OpenFlow switches
○ HP, NEC, Quanta, Dell, IBM, Juniper, …
● Network operating systems
○ NOX, Beacon, Floodlight, Nettle, ONIX, POX, Frenetic
● Network deployments
○ Eight campuses, and two research backbone networks
○ Commercial deployments (e.g., Google backbone)

39
Networking Becomes Software-
Oriented
● All complicated forwarding done in software
(edge)
● And control plane is a program (on a server), not
a protocol (on a closed proprietary
switch/router)
● We’re programming the network, not
designing it
○ Focus on modularity and abstractions, not
packet headers
● Innovation at software, not hardware
● Software lends itself to clean abstractions 40
 SDN in development
52

Domains Products
 Data centers  Switches, routers:
 Enterprise/campus About 15 vendors
 Cellular backhaul  Software: About 6

 Enterprise WiFi vendors and startups

 WANs
 Cellular industry
54

 Recently made transition to IP

 Billions of mobile users
 Need to securely extract payments and hold users accountable
 IP is bad at both, yet hard to change

SDN enables industry to customize their network

 Telco Operators
55

 Global IP traffic growing 40-50% per year

 End-customer monthly bill remains unchanged
 Therefore, CAPEX and OPEX need to reduce 40-50% per Gb/s per year
 But in practice, reduces by ~20% per year

SDN enables industry to reduce OPEX and CAPEX

…and to create new differentiating services
 Example: New Data Center
56

Cost
200,000 servers
Fanout of 20  10,000 switches
$5k vendor switch = $50M
$1k commodity switch = $10M
Control
More flexible control
Tailor network for services
Quickly improve and innovate

Savings in 10 data centers = $400M

 57
Research Problems (1)
● Scalability:
○ Control plane bottleneck.
■ Single controller is not sufficient to manage large scale network.
○ How many controllers are needed to support large scale
network?
○ When to scale down?
● Multi Controllers.
○ Each controller is responsible to a subset of the
network.
○ Concern with synchronization and communication
between controllers.
○ How to slice the resources among controllers?
● Latency between controllers and switches.
○ Less accurate decision?
 58
Research Problems (2)
● Slicing Resources (CPU, bandwidth, etc).
○ How to allocate resources to different
controllers and users?
○ Formulated to optimization and
fairness
problems.
● Security
○ Security on data plane and control
plane
 59
Conclusion
● Rethinking networking
○ Open interfaces to the data plane
○ Separation of control and data
○ Leveraging techniques from distributed systems
● SDN widely accepted as “future of networking”
○ open, programmable, vendor-neutral, standards where it needs to be
● Industry: broad acceptance of OpenFlow and investment
● Open Networking Foundation (ONF): driving the global commercialization of
open, standards-based SDN.
○ 150 members, include Google, Facebook, Microsoft, Yahoo, CISCO, IBM,
Verizon, Deutsche Telekom, Ericsson, HP, Huawei, Vodafone, etc.
https://www.opennetworking.org/membership/member-listing
● Significant momentum
○ In both research and industry
 Cont..
60
 Networks becoming
 More programmatic
 Defined by owners and operators, not vendors
 Faster changing, to meet operator needs
 Lower opex, capex and power
 Abstractions
 Will shield programmers from complexity
 Make behavior more provable
 Will take us places we can’t yet imagine
 61
References
● Thomas D. Nadeau, Ken Gray. SDN: Software Defined Networks.
Publisher: O'Reilly, ISBN:978-1-4493-4230-2, 2013.
● "OpenFlow: Enabling Innovation in Campus Networks“ N. McKeown,
T.
Andershnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J.
Turneron, H. Balakris ACM Computer Communication Review, Vol. 38,
Issue 2, pp. 69-74 April 2008
● http://www.openflow.org/
● https://www.opennetworking.org/
● https://www.opennetworking.org/membership/member-listing
 62

Thank You