CSE6314: Special Topics in Systems

and Networks

Software Defined Networking (SDN)

Ketema Adere(PhD)
1
What is Software Defined Network (SDN)?
§ The researchers at a Stanford university introduced:
Virtualized networks (separating software from
hardware network)
A network in which the control plane is
physically separate from the data plane.
and
A single (logically centralized) control plane controls
several forwarding devices.

2
 ….
n Architecture of Difference between Traditional IP networks
and Software-Defined Network

3
 Software Defined Network (…)
n The physical separation of the network control plane from the
forwarding plane, and where a control plane controls several
devices.
n It is an emerging networking paradigm that greatly simplifies
network management tasks.
n It opens the door for network innovation through a programmable
flexible interface controlling the behavior of the entire network.

4
Software Defined Network (…)
q SDN is built around 3 main concepts:

n Programmable Networks

n Centralized Network Control

n Control & Data planes separation

5
Software Defined Network (SDN)

Control Control Control

Program Program Program

Global Network Map

Control Plane

Control
Packet
Forwarding Control
Packet
Forwarding
Control
Packet
Control Forwarding
Packet
Forwarding Control
Packet
Forwarding
n Layered architecture of an SDN network

7
SDN: Separation of Control and Data layer

q Features of SDN
n Makes networking and IP routing flexible

n Decoupling control and data plane

n Offloads brain to centralized controller

n Central view of resources

n Programmable network, centrally managed, agile for any need

 Current status of SDN
n Industry support
n Google built hardware and software based on the OpenFlow
protocol
n VMware purchased Nicira for $1.26 billion in 2012
n IBM, HP, NEC, Cisco and Juniper also are offering SDNs that
may incorporate OpenFlow, but also have other elements that
are specific to that vendor and their gear.

9
A Major Trend in Networking

Entire backbone

runs on SDN
Bought for $1.2 billion
(mostly cash)
10
The Networking “Planes”
n Data plane: processing and delivery of packets with local
forwarding state
n Forwarding state + packet header  forwarding decision
n Filtering, buffering, scheduling

n Control plane: computing the forwarding state in routers

n Determines how and where packets are forwarded
n Routing, traffic engineering, failure detection/recovery, …

n Management plane: configuring and tuning the network

n Traffic engineering, ACL config, device provisioning, …

11
Timescales

Data Control Management

Time- Packet Event (10 Human (min

scale (nsec) msec to sec) to hours)

Location Line card Router Humans or

hardware software scripts

12
 Data and Control Planes

control plane
data plane Processor

Line card Line card

Switching
Line card Line card
Fabric

Line card Line card

 Data Plane
n Streaming algorithms on packets
n Matching on some header bits

n Perform some actions

n Example: IP Forwarding

1.2.3.4 1.2.3.7 1.2.3.156 5.6.7.8 5.6.7.9

host host ... host host host ... host

LAN 1 LAN 2
router router router
WAN WAN

1.2.3.0/24
5.6.7.0/24

forwarding table 14
Control Plane
n Compute paths the packets will follow

n Populate forwarding tables

n Traditionally, a distributed protocol

n Example: Link-state routing (OSPF)

n Flood the entire topology to all nodes

n Each node computes shortest paths

n Dijkstra’s algorithm

15
16
 1. Figure out which routers and links are present.
2. Run Dijkstra’s algorithm to find shortest paths.

“If a packet is going to B,

then send it to output 3”

Data
2
1 “If , send to 3”

17
 Management Plane
n Traffic Engineering
n It is related to the dynamic monitoring & control of the network in order
to achieve high level design objectives such as satisfying differentiated
service delay requirements, fast failure recovery & maximizing the traffic
that could be served by the network.
n Setting the weights
n Inversely proportional to link capacity?
n Proportional to propagation delay?
n Network-wide optimization based on traffic?

2
3 1
1
3
2 3
1 5

4 3
18
Challenges

(Too) many task-specific control mechanisms

– No modularity, limited functionality

Indirect control
The network is
– Must invert protocol behavior, “coax” it to do what you want
• Hard to reason about
– Ex. Changing weights instead of paths for TE

• Hard
Uncoordinated control
to evolve
– Cannot • Expensive
control which router updates first

Interacting protocols and mechanisms

– Routing, addressing, access control, QoS
19
 How SDN Changes the Network

Feature Feature
Network OS

Feature Feature

OS
Feature Feature
Custom Hardware
OS
Feature Feature
Custom Hardware
OS
Feature Feature
Custom Hardware
OS

Feature Feature Custom Hardware

OS
Custom Hardware
20
 SDN
3. Consistent, up-to-date global network view 2. At least one Network OS
probably many.
Control Program 1 Control Program 2 Open- and closed-source

Network OS
1. Open interface to packet forwarding

Packet
Forwarding Packet
Forwarding

Packet
Packet Forwarding
Forwarding
Packet
Forwarding
21
Network OS
Network OS: distributed system that creates a consistent, up-to-
date network view

n Runs on servers (controllers) in the network

n NOX, ONIX, Floodlight, Trema, OpenDaylight, HyperFlow, Kandoo,

Beehive, Beacon, Maestro, … + more

Uses forwarding abstraction to:

n Get state information from forwarding elements

n Give control directives to forwarding elements

22
 SDN
Control Program A Control Program B

Network OS

Packet
Forwarding Packet
Forwarding

Packet
Packet Forwarding
Forwarding
Packet
Forwarding
Control Program
Control program operates on view of network
n Input: global network view (graph/database)
n Output: configuration of each network device

Control program is not a distributed system

n Abstraction hides details of distributed state

24
Forwarding Abstraction
Purpose: Standard way of defining forwarding state
n Flexible
n Behavior specified by control plane

n Built from basic set of forwarding primitives

n Minimal
n Streamlined for speed and low-power

n Control program not vendor-specific

n OpenFlow is an example of such an abstraction

25
 SDN

Virtual Topology

Network
ControlHypervisor
Program
Global Network View

Network OS

26
 Virtualization Simplifies Control Program
Abstract Network View
A
AB drop

B
Hypervisor then inserts flow entries as needed

A AB drop
Global Network View

AB drop

B 27
Does SDN Simplify the Network?

28
 Does SDN Simplify the Network?

Abstraction doesn’t eliminate complexity

- NOS, Hypervisor are still complicated pieces of code

SDN main achievements

- Simplifies interface for control program (user-specific)
- Pushes complexity into reusable code (SDN platform)

29
 The benefits of SDN
n While SDN is only a networking paradigm, the benefits of SDN
could be achieved through using the correct application.
n Several applications utilizing the benefits of SDN  Five major
application domains:
• Hybrid network control,
• Traffic Engineering,
• Data Center networking,
• Wireless networks &
• Network security applications

30
Why is SDN happening now?

31
The Road to SDN
n Active Networking: 1990s
- First attempt make networks programmable
- Demultiplexing packets to software programs, network
virtualization, …

n Control/Dataplane Separation: 2003-2007

- ForCes [IETF], RCP, 4D [Princeton, CMU],
SANE/Ethane [Stanford/Berkeley]
- Open interfaces between data and control plane, logically
centralized control

n OpenFlow API & Network Oses: 2008

- OpenFlow switch interface [Stanford]
- NOX Network OS [Nicira]

32
 SDN Drivers

n Rise of merchant switching silicon

- Democratized switching
- Vendors eager to unseat incumbents

n Cloud / Data centers

- Operators face real network management problems
- Extremely cost conscious; desire a lot of control

n The right balance between vision & pragmatism

- OpenFlow compatible with existing hardware

n A “killer app”: Network virtualization

33
Virtualization is Killer App for SDN
Consider a multi-tenant datacenter
- Want to allow each tenant to specify virtual topology
- This defines their individual policies and requirements

Datacenter’s network hypervisor compiles these

virtual topologies into set of switch configurations
- Takes 1000s of individual tenant virtual topologies
- Computes configurations to implement all simultaneously

This is what people are paying money for….

- Enabled by SDN’s ability to virtualize the network

34
 What is OpenFlow?
n OpenFlow is a Layer 2 communications protocol that gives access
to the forwarding plane of a network switch or router over the
network

Openflow does not

equal SDN

Openflow is one flavor, or a subset, of SDN

35
n A Comparison
between different
versions of
openflow protocol

36
 OpenFlow Basics

n OpenFlow:
n Interface between switches and controllers
n Enabling SDN
n “OpenFlow: Enabling Innovation in Networks”
n Like hardware drivers

– interface between switches and Network OS

37
 OpenFlow Basics

Control Program A Control Program B

Network OS

OpenFlow Protocol

Control Path OpenFlow

Data Path (Hardware)

 OpenFlow Basics

Control Program A Control Program B

Network OS
“If header = p, send to port 4”
Packet “If header = q, overwrite header with r,
Forwarding add header s, and send to ports 5,6”
“If header = ?, send to me”

Flow
Packet Table(s)
Forwarding Packet
Forwarding
 Primitives <Match, Action>

Match arbitrary bits in headers:

Header Data

Match: 1000x01xx0101001x
n Match on any header, or new header
n Allows any flow granularity

Action
n Forward to port(s), drop, send to controller
n Overwrite header with mask, push or pop
n Forward at specific bit-rate
OpenFlow Rules
Exploit the flow table in switches, routers, and chipsets

Flow 1. Rule
Action Statistics
(exact & wildcard)

Flow 2. Rule
Action Statistics
(exact & wildcard)

Flow 3. Rule
Action Statistics
(exact & wildcard)

Rule
Flow N. Default Action Statistics
(exact & wildcard)

41
 Practical Challenges
n Scalability
• Decision elements responsible for many routers
n Reliability
• Surviving failures of decision elements and routers
n Response time
• Delays between decision elements and routers
n Consistency
• Ensuring multiple decision elements behave consistently
n Security
• The centralized SDN controller presents a single point of failure
• Network vulnerable to attacks on decision elements
n Interoperability
• Legacy routers and neighboring domains

42
Thank You!

43