文本教程基础sdn overview

1、SDN OverviewOutline What is SDN Why SDN Openflow How does it work Challenges What is NOT SDN SDN vs. Openflow SDN vs. NFV and NVWhat is SDN Software Defined Networking / 软件定义网络 问题? 什么叫做定义？ 运行在各种（硬件）设备中的不也是软件？ 区分 Protocol vs. (Software) Application Distributed vs. (Logically) Centralized 特性 Control p

2、lane 与Data plane 分离 Programmable APISoftware Defined Networkscontrol plane: distributed algorithmsdata plane: packet processingCopyright: Jennifer Rexford, Princeton Univ. CO4S 597ESoftware Defined Networksdecouple control and data planesCopyright: Jennifer Rexford, Princeton Univ. CO5S 597ESoftware

3、 Defined Networksdecouple control and data planes by providing open standard APICopyright: Jennifer Rexford, Princeton Univ. CO6S 597ESimple, Open Data-Plane API Prioritized list of rules Pattern: match packet header bits Actions: drop, forward, modify, send to controller Priority: disambiguate over

4、lapping patterns Counters: #bytes and #packets7Copyright: Jennifer Rexford, Princeton Univ. COS 597E1.src=1.2.*.*, dest=3.4.5.* à drop2.src = *.*.*.*, dest=3.4.*.* à forward(2)3.src=10.1.2.3, dest=*.*.*.* à send to controller(Logically) Centralized ControllerController PlatformCopyrig

5、ht: Jennifer Rexford, Princeton Univ. CO8S 597EProtocols è ApplicationsController Application Controller PlatformCopyright: Jennifer Rexford, Princeton Univ. CO9S 597EServer Load Balancing Pre-install load-balancing policy Split traffic based on source IP10.0.0.1src=0*,dst=1.2.3.410.0.0.2src=1*

6、,dst=1.2.3.4Copyright: Jennifer Rexford, Princeton Univ. COS 597EOutline What is SDN Why SDN Openflow How does it work Challenges What is NOT SDN SDN vs. Openflow SDN vs. NFV and NVThe Internet: A RemarkableStory Tremendous success From research experiment to global infrastructure Brilliance of unde

7、r-specifying Network: best-effort packet delivery Programmable hosts: arbitrary applications Enables innovation Apps: Web, P2P, VoIP, social networks, Links: Ethernet, fiber optics, WiFi, cellular, 12Inside the Net: A Different Story Closed equipment Software bundled with hardware Vendor-specific in

8、terfaces Over specified Slow protocol standardization Few people can innovate Equipment vendors write the code Long delays to introduce new features13Limitations of Current NetworksFeatureFeatureMany complex functions baked into infrastructureMillion of lines of source codeOperating SystemOSPF, BGP,

9、 multicast, differentiated services, Traffic Engineering, NAT, firewalls, Specialized Packet Forwarding HardwareBillions of gatesCannot dynamically change according to network conditions14OpenFlow/SDN tutorial, Srini Seetharaman, Deutsche Telekom, Silicon Valley Innovation CenterDo We Need Innovatio

10、n Inside?Many boxefirewalls, s (routers, switches,), with different interfaces.Do We Need Intellectual Progress? Lots of domain details Plethora of protocols Heaps of header formats Big bunch of boxes Tons of tools Teaching networking Practitioners: certification courses, on the job Undergraduates:

11、how the Internet works16II）启示MainframesAppSpecialized ApplicationsSpecialized Operating SystemSpecialized HardwareOpen InterfaceWindows (OS)Mac OSLinuxororOpen InterfaceMicroprocessorHorizontal Open interfacesRapid innovation Huge industryVertically integrated Closed, proprietary Slow innovation Sma

12、ll industryRouters/SwitchesAppOpen InterfaceSpecialized FeaturesSpecialized Control PlaneSpecialized HardwareControl PlaneControl PlaneControl PlaneororOpen InterfaceMerchant Switching ChipsHorizontal Open interfacesRapid innovationVertically integrated Closed, proprietary Slow innovationCritical ne

13、eds for cloud DC networks1.Tenant virtualizationTraffic isolation, prioritization and rate limitingOverlapping IP addressing, along with IPv6 support2.Speed up configuration to allow reduced time to revenue:Automatically create required network configs for new tenantsTransparently bridging a L2 netw

14、ork will help reduce timeVLAN-101-xVLAN-101-xVLAN-1Switch-1Switch-2VLAN-1VLAN-101-xVLAN-101-xSwitch-1Switch-2VLAVLAN-101-xVLAN-101-xVLAN-101-xVLAN-101-xVLAN-101-x3.Hybrid clouds with burstingAdding computational capacity (in the form of new VMs) as neededLossless live migrationWAN01-xSwitch-301-xSwi

15、tch-3N-101-xHost 1VMVMVMA1B1C1HypervisorThe Road to SDNOutline What is SDN Why SDN Openflow How does it work Challenges What is NOT SDN SDN vs. Openflow SDN vs. NFV and NVNorTthh-boeund“Software-definedUNncheantgewdmogmrtkAP”Iinterface APILBserviceFWserviceIP routing serviceNetwork OperatingSystemOp

16、enFlow APISimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareSimple Packet Forwarding HardwareHow does OpenFlow work?23Ethernet Switch24Control Path (Software)Data Path (Hardware)25OpenFlow ControllerOpenFlow Protocol (

17、SSL/TCP)Control PathOpenFlowData Path (Hardware)26OpenFlow usageAlices RuleControllerPCDecision?OpenFlow ProtocolAlices RulecAlices RuleOpenFlow offloads control intelligence to a remote softwareOpenFlow ExampleCluster of ControllersPCPCSoftware LayerOpenFlow Client (e.g., OVS)OpenFlow protocolFlow

18、TableHardware LayerSoftware HardwareOpenFlow-enabled hardwareOpenFlow-enabled hardwareport 2port 1port 3port 45.6.7.81.2.3.428*5.6.7.8*port 1MACsrcMACdstIPSrcIPDstTCPsportTCPdportActionOpenFlow BasicsFlow Table EntriesRuleActionStatsPacket + byte counters1.2.3.4.5.Forward packet to zero or more port

19、s Encapsulate and forward to controller Send to normal processing pipeline Modify FieldsAny extensions you add!Switch PortEthIPSrcIPDstIPToSIPProtL4L4dportVLANVLANMACMACtypesportIDpcpsrcdst+ mask what fields to match+ priority+ timeout (idle and hard)29ExamplesIP Routing service*5.6.7.8 *port6VLAN m

20、ulticast serviceport6, port7, port9vlan100:1f.*Firewall service*22drop30Switch PortMACsrcMACdstEth typeVLAN IDIPSrcIPDstIPProtTCPsportTCPdportActionSwitch PortMACsrcMACdstEth typeVLAN IDIPSrcIPDstIPProtTCPsportTCPdportActionSwitch PortMACsrcMACdstEth typeVLAN IDIPSrcIPDstIPProtTCPsportTCPdportAction

21、Form L1 to L4? PDU? Device?ForwardingOpenFlow benefits Hardware speed, scale, and fidelity for new services Made possible through unified API supported by hardware platforms from multiple vendors Flexibility and control of software and simulation Vendors dont need to expose implementation Leverages

22、hardware inside most switches today (ACL tables implemented using TCAMs(ternary content addressable memory)33Challenges Control Plane集中式大型网络带来可扩展性问题配置速度问题安全性问题 Data Plane设计TCAM容量限制多级支持协议无关的处理协议中的时序和同步Outline What is SDN Why SDN Openflow How does it work Challenges What is NOT SDN SDN vs. Openflow SDN vs. NFV and NVSDN vs. OpenFlowSDN vs. NFV and NV NV(Network virtualization) refers to the virtualization of network resources or pathways to achieve application or tenant isolation. Path isolation and network virtualization overlay network technologies such as VXLAN and NVGRE flow manipulation u