This document summarizes an SDN and cloud computing presentation given by Affan Basalamah and Dr.-Ing. Eueung Mulyana from Institut Teknologi Bandung. It discusses SDN and cloud computing research activities at ITB, including implementing OpenFlow networks, developing SDN courses, and student projects involving OpenFlow, OpenStack, and IPsec VPNs. It also describes forming an SDN research group at ITB to facilitate collaboration between academia, network operators, and vendors on SDN topics.

1. SDN & Cloud
Related Activities & Research
Affan Basalamah & Eueung Mulyana
Institut Teknologi Bandung

2. About the Presenter
• Affan Basalamah
• Head of Development, ICT Directorate
• affan@itb.ac.id
• Dr.-Ing. Eueung Mulyana
• Faculty, Telecommunication Engineering
• eueung@stei.itb.ac.id

3. tl;dr
• SDN & Cloud Computing adalah topik yang multidisiplin
• Tidak ada satu entitas yang bisa menguasai seluruhnya
• Perlunya sinergi antar:
• Akademik: Dosen dan Mahasiswa
• Operator: ISP dan Networkers secara umum
• Vendor: Principal dan System Integrator

4. About ITB

5. Institut Teknologi Bandung Aula Barat ITB

6. Campus Core Network

7. Brocade MLXe-8 Core Network

8. SDN & Cloud
in 5 minutes

9. Future Internet
• Rapid Innovation
• Rapid Deployment
• Flexible & Robust Underlying Networking Infrastructure

10. Cloud
• Virtualize Everything!
• Scalability, Virtual Assets Flexibility, Ease of Management,
and Provisioning
http://dilbert.com/strip/2011-01-07

11. DevOps (Simplified – Finch)
• It is not my job to build and manage servers.
• It is my job to build and maintain a system that builds and
manages servers.
• It is not my job to build and manage switches.
• It is my job to build and maintain a system that builds and
manages switches.
• Humans are good at strategy, but bad at repetitive tasks
• Computers are good at repetitive tasks
• https://speakerdeck.com/cfinch/sdn-devops-for-networks

12. What is Software Defined Networking?
Thomas D. Nadeau & Ken Gray,
SDN - Software Defined Networking, O’Reilly Media, 2013
Software-defined networks (SDN): an
architectural approach that optimizes and
simplifies network operations by more
closely binding the interaction (i.e.,
provisioning, messaging, and alarming) among
applications and network services and devices,
whether they be real or virtualized.

13. SDN Architectures
• Device Provisioning Systems
• Service Provisioning Systems
• Routing & Forwarding Adjustment Controllers
• Centralized Control Plane (e.g. OpenFlow)

14. Management, Control & Data Planes
14 © ipSpace.net 2013 SDN, OpenFlow and NFV for Skeptics
Management, Control and Data Planes
Adjacent routerAdjacent router Router
Control planeControl plane Control plane
Data plane Data planeData plane
OSPF OSPF
Neighbor
table
Link state
database
IP routing
table
Static routes
Forwarding table
Switching
Routing
OSPF
Management / Policy plane
Configuration / CLI / GUI
This material is copyrighted and licensed for the sole use by Affan Basalamah (affan@itb.ac.id [202.152.202.105]). More information at http://www.ipSpace.net/Webinars

15. SDN for Device Configuration
Controller
Router Access switch
Apps
Core switch
Distrib switch
Core switch
Core switch
Core switch
Core switch
Device
configuration

16. SDN for Service Configuration
Controller
Router
Hypervisor
Apps
Core switch
Multitenant
VM
Core switch
Core switch
Core switch
Core switch
Service
configuration
Hypervisor
ToR switch
. Storage node
Figure 1-6. Storage node
Example Component Configuration
Table 1-2 and Table 1-3 include example configuration and cons
third-party and OpenStack components:
Table 1-2. Third-party component configuration
Component Tuning Availability S
MySQL binlog-format
= row
Master/master replication. However, both nodes are
not used at the same time. Replication keeps all
nodes as close to being up to date as possible
(although the asynchronous nature of the replication
means a fully consistent state is not possible).
Connections to the database only happen through a
Pacemaker virtual IP, ensuring that most problems
that occur with master-master replication can be
avoided.
N
lo
in
s
c
o
b
Multitenant
VM

17. SDN for RIB/FIB Adjustments
Controller
Router Access switch
Access point
Hypervisor
Apps
Core switch
Distrib switch
Core switch
Core switch
Core switch
Core switch
Routing & Forwarding
Adjustment
BGP-LS, PCEP, Quagga
MPLS-TE automatic tunnel

18. Centralized Control Plane - OpenFlow
Router Access switch
Access point
Hypervisor
Apps
Core switch
Distrib switch
Core switch
Core switch
Core switch
Core switch
Forwarding flow
(e.g. 11-tuples)
OpenFlow

19. Existing toolbox for SDN
22 © ipSpace.net 2015 SDN – Four Years Later
SDN Toolbox: Existing Tools
Router
Control plane
Data plane
Neighbor
table
Link state
database
IP routing
table
Static routes
Forwarding table
OSPF
Management / Policy plane
Configuration / CLI / GUINETCONF
ForCES, BGP
Flowspec,
MPLS-TP
PCEP
BGP
SNMP
This material is copyrighted and licensed for the sole use by Affan Basalamah (affan@itb.ac.id [180.214.233.86]). More information at http://www.ipSpace.net/Webinars
22 © ipSpace.net 2015 SDN – Four Years Later
SDN Toolbox: Existing Tools
Router
Control plane
Data plane
Neighbor
table
Link state
database
IP routing
table
Static routes
Forwarding table
OSPF
Management / Policy plane
Configuration / CLI / GUINETCONF
ForCES, BGP
Flowspec,
MPLS-TP
PCEP
BGP
SNMP
This material is copyrighted and licensed for the sole use by Affan Basalamah (affan@itb.ac.id [180.214.233.86]). More information at http://www.ipSpace.net/Webinars

20. Emerging toolbox for SDN
23 © ipSpace.net 2015 SDN – Four Years Later
SDN Toolbox: Emerging Protocols
OF-Config,
XMPP, OVSDB,
Puppet/Chef
OpenFlow
I2RS, OVSDB
OnePK
Router
Control plane
Data plane
Neighbor
table
Link state
database
IP routing
table
Static routes
Forwarding table
OSPF
Management / Policy plane
Configuration / CLI / GUI
This material is copyrighted and licensed for the sole use by Affan Basalamah (affan@itb.ac.id [180.214.233.86]). More information at http://www.ipSpace.net/Webinars
3 © ipSpace.net 2015 SDN – Four Years Later
SDN Toolbox: Emerging Protocols
OF-Config,
XMPP, OVSDB,
Puppet/Chef
OpenFlow
I2RS, OVSDB
OnePK
Router
Control plane
Data plane
Neighbor
table
Link state
database
IP routing
table
Static routes
Forwarding table
OSPF
Management / Policy plane
Configuration / CLI / GUI
This material is copyrighted and licensed for the sole use by Affan Basalamah (affan@itb.ac.id [180.214.233.86]). More information at http://www.ipSpace.net/Webinars

23. SDN, Cloud & DevOps Tools
Mininet

24. Opensource SDN Process Simplified

25. Impact for
Networkers

26. Impact - New Ways of Doing Things
• Campus Network
• Datacenter Network
• Service Provider Network

27. Campus Network
• Old Way
• Manually provisioning network config to equipment
• Provision services via manually configuring equipment
• New Way
• Push configs to standardized equipment
• Simplified Network Access Control (NAC)
• Simplified DDoS mitigation

28. Datacenter Network
• Old Way
• Manually provisioning network config to equipment
• Provision services via manually configuring equipment
• New Way
• DevOps - automatic config/service provisioning
• OpenStack with SDN - multitenant private cloud

29. Service Provider Network
• Old Way
• Manually provisioning network config to equipment
• Provision services via manually configuring equipment
• New Way
• Automatic TE tunnels via PCEP
• Large-scale DDoS mitigation via BGP FlowSpec
• NFV - SP service chaining

30. Tiga Pertanyaan
1. Apakah Netadmin mengkonfigur device atau “network”?
2. Apakah Netadmin musti mengerti server dan aplikasi?
3. Apakah Netadmin bakal disuruh coding?

31. Tiga Pertanyaan - Jawaban
1. Apakah Netadmin mengkonfigur device atau “network”?
Ia harus memiliki device view dan network view
2. Apakah Netadmin musti mengerti server dan aplikasi?
Tidak perlu, tapi sebaiknya ia mengetahui dasar UNIX/Linux
3. Apakah Netadmin bakal disuruh coding?
Tidak, Netadmin hanya pengguna aplikasi, tapi sebaiknya ia
mengetahui hal dasar (web services & API)

32. Challenges
http://xkcd.com/1319/

33. Activities &
Research

34. SDN-ready Network in ITB
PAU Labtek V
Labtek VIII
CCAR
CRCS
OpenFlow
Juniper
MX80 Mikrotik
OpenWRT
OpenvSwitch
Apps

35. Implementing OpenFlow SDN
• Core network support OpenFlow v1.0
• Hybrid Port Mode with Protected & Unprotected VLANs
• Protected VLANs is not subject to defined OpenFlow flows
• Regular network can coexist with OpenFlow
• VPLS support on VLAN on OpenFlow Hybrid Mode
• L2 mode & L3 mode
• SDN Controller using OpenDaylight
• Ongoing

36. SDN Course in ITB
Telecommunication Engineering : EL5244 - Software Defined Networking
• Lectured by Dr.-Ing. Eueung Mulyana
Thesis/Final Projects:
• Design & Implementation of Multicast Streaming Application on A Local OpenFlow
Network
• Design & Implementation of MPLS Service on OpenFlow Network with Open vSwitch
• Implementation & Analysis of Elastic Load Balancing for DNS Service on OpenStack
Cloud
• Sustainable Campus-Scale OpenFlow Testbed at ITB
• Design & Implementation Site-to-Site IPsec VPN on OpenStack

37. Design & Implementation of Multicast Streaming
Application on A Local OpenFlow Network
Dummy%client
Streaming%server OpenFlow%Controller
Client%1 Client%2 Client%3
Design Multicast Video Streaming Application on Unicast Network Using Floodlight (OF1.0)

38. Design & Implementation Site-to-Site
IPsec VPN on Openstack

39. Design & Implementation Site-to-Site
IPsec VPN on Openstack
• Implement Site-to-Site IPsec VPN on OpenStack
• Performance evaluation :
• s2s IPsec VPN @Cisco routers
• s2s IPSec VPN @Openstack using Openswan in
Fedora Instance as VPN Gateway
• s2s IPSec VPN @Openstack using VPN as a Service
(Neutron)

40. Implementation of Elastic Load Balancing
in DNS Service on Openstack Cloud
internet
client
qrouter+xx
10.205.11.121
192.168.10.1
Virtual7distribution7switch
Network7DNS7Server
.3
.4
.5
(1)7request
(2)7rescheduling7&7
rewriting7packets
(3)7process7
request
(4)7rewriting7
replies
(5)7replies
Keepalived
Integrating LVS+Keepalived to load balance DNS request (UDP Traffic)
Implement elastic resource allocation based using Openstack Heat

41. Campus-Scale OpenFlow Testbed

42. Campus-Scale OpenFlow Testbed

43. Campus-Scale OpenFlow Testbed

44. Final Project Work In-Progress
• BGP over OpenFlow Network
• Dynamic Routing on OpenStack Neutron
• Implement VPN as a Service between Cloud & Existing IP
Network
• File Sharing Service over OpenStack Swift

45. What’s Next:
Collaboration

46. SDNRG ITB
• SDN Research Group at ITB
• http://sdnrg.itb.ac.id
• sdnrg@itb.ac.id
• twitter.com/sdnrgitb
• facebook.com/sdnrgitb
• Special Interest Groups on Networking and Connected
Services (e.g. OpenStack, Internet of Thing)

47. But why?
• SDN & Cloud Computing adalah topik yang multidisiplin
• Tidak ada satu entitas yang bisa menguasai seluruhnya
• Academic, Operator & Vendor saling memerlukan
• Academics need real use case for their research
• Operators need help for their problems
• Vendors need customers to propose their solutions

48. SDNRG ITB can bridge the gaps
• Academic can get real use case from practitioners
• Networkers can get help understanding SDN tech
• Vendors can promote SDN tech to educated community

49. After the gaps is small, whats next?
• Educated researchers can build SDN tech solutions for
practitioners that fit to the real use case
• Educated networkers can architect better SDN solutions
that leads to better network, with help from researchers &
vendors
• Educated vendors can propose SDN solutions to the
right customers

50. SDNRG 1st Meetup, Bandung 2014

51. OpenStack Mini Workshop, Bandung 2015

52. SDNRG ITB
• SDN Research Group at ITB
• http://sdnrg.itb.ac.id
• sdnrg@itb.ac.id
• twitter.com/sdnrgitb
• facebook.com/sdnrgitb

53. Let’s make it
happen!
Terima kasih!