3. Open Systems gap in the tool space none have all the desired attributes! Performance Fidelity Scale Real User Traffic? Complexity Open Simulation medium medium no medium yes Emulation medium low no medium yes Software Switches poor low yes medium yes NetFPGA high low yes high yes Network Processors high medium yes high yes Vendor Switches high high yes low no
4. Current Internet Closed to Innovations in the Infrastructure Closed Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App
5. “ Software Defined Networking” approach to open it Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware App App App Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System App App App Network Operating System App App App
6. The “Software-defined Network” App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware App App Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source
10. Data Path (Hardware) Control Path OpenFlow OpenFlow Controller OpenFlow Protocol (SSL/TCP)
11. OpenFlow usage Controller OpenFlow Switch OpenFlow Switch OpenFlow Switch Alice’s code Decision? OpenFlow Protocol OpenFlow offloads control intelligence to a remote software PC Alice’s Rule Alice’s Rule Alice’s Rule
12. Controller PC Hardware Layer Software Layer Flow Table OpenFlow Client port 4 port 3 port 2 port 1 1.2.3.4 5.6.7.8 OpenFlow Example MAC src MAC dst IP Src IP Dst TCP sport TCP dport Action * * 5.6.7.8 * * * port 1
13.
14.
15. Examples Switching * * 00:1f:.. * * * * * * * port6 Flow Switching port3 00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 port6 Firewall * * * * * * * * * 22 drop Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
16. Examples Routing * * * * * * 5.6.7.8 * * * port6 VLAN Switching * * * vlan1 * * * * * port6, port7, port9 00:1f.. Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action
26. Current SDN hardware Ciena Coredirector NEC IP8800 More coming soon... Juniper MX-series HP Procurve 5400 Pronto 3240/3290 WiMax (NEC) PC Engines Netgear 7324
27.
28.
29. Growing Community Vendors and start-ups Providers and business-unit More... More... Note: Level of interest varies
31. Trend Computer Industry Network Industry Windows (OS) Windows (OS) Linux Mac OS x86 (Computer) Windows (OS) App App Linux Linux Mac OS Mac OS Virtualization layer App Controller 1 App App Controller 2 Virtualization or “Slicing” App OpenFlow Controller 1 NOX (Network OS) Controller 2 Network OS
32. Simple Packet Forwarding Hardware Network Operating System 1 Open interface to hardware Virtualization or “Slicing” Layer Network Operating System 2 Network Operating System 3 Network Operating System 4 App App App App App App App App Many operating systems, or Many versions Open interface to hardware Isolated “slices” Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware Simple Packet Forwarding Hardware
33. Switch Based Virtualization Exists for NEC, HP switches but not flexible enough Normal L2/L3 Processing Production VLANs Research VLAN 1 Research VLAN 2 Flow Table Controller Flow Table Controller
34. FlowVisor-based Virtualization OpenFlow Protocol Craig’s Controller Heidi’s Controller Aaron’s Controller OpenFlow Protocol Topology discovery is per slice OpenFlow Switch OpenFlow FlowVisor & Policy Control OpenFlow Switch OpenFlow Switch
35. OpenFlow Protocol Broadcast Multicast http Load-balancer FlowVisor-based Virtualization Separation not only by VLANs, but any L1-L4 pattern dl_dst=FFFFFFFFFFFF tp_src=80, or tp_dst=80 OpenFlow FlowVisor & Policy Control OpenFlow Protocol OpenFlow Switch OpenFlow Switch OpenFlow Switch
37. FlowVisor Message Handling Packet Exception Policy Check: Is this rule allowed? Policy Check: Who controls this packet? Full Line Rate Forwarding Rule Packet OpenFlow Firmware Data Path Alice Controller Bob Controller Cathy Controller FlowVisor OpenFlow OpenFlow
The next 3 slides are a set of animation to show how we enable innovation: - Infrastructure is closed to innovation and only driven by vendors. Consumers have little say - Business model makes it hard for new features to be added
How do we redefine the architecture to open up networking infrastructure and the industry! By bring to the networking industry what we did to the computing world
Switches, routers and other middleboxes are dumbed down The key is to have a standardized control interface that speaks directly to hardware
How the actual protocol works
Now I’ll describe the API that tries to meet these goals.
What is possible in the controller? Anything that needs intelligent routing of a flow At Stanford, we have even shown how OpenFlow may be used for: VM migration Power management Load balancing Network monitoring and debugging Easier network visualization
There are components at different levels that work together in making it work The commercial switch details will follow in next slide There are a plethora of applications possible. I only list those available at Stanford
All support ver 1.0 All have approx 1500 flow table entry limit
Hidden slide (just for backup reasons) Shows how far along we can go in opening up the network
Experiments running on PRODUCTION infrastructure Key to get scale, key to get traffic on the network (e.g. can’t just do a reset...)
![The Ossified Network 6000+ RFCs Barrier to entry Bloated Power Hungry ,[object Object],[object Object],[object Object],Million of lines of source code Billions of gates Specialized Packet Forwarding Hardware Operating System Feature Feature Routing, management, mobility management, access control, VPNs, …](data:image/gif;base64,R0lGODlhAQABAIAAAAAAAP///yH5BAEAAAAALAAAAAABAAEAAAIBRAA7)