SDN白皮书：wp-sdn-newnorm.pdf

Software-Defined Networking: The New Norm for Networks 2 of 12 Open Networking Foundation. All rights reserved. Executive Summary Traditional network architectures are ill-suited to meet the requirements of todays enterprises, carriers, and end users. Thanks to a broad industry effort spearheaded by the Open Networking Foundation (ONF), Software- Defined Networking (SDN) is transforming networking architecture. In the SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications. As a result, enterprises and carriers gain unprecedented programmability, automation, and network control, enabling them to build highly scalable, flexible networks that readily adapt to changing business needs. The ONF is a non-profit industry consortium that is leading the advancement of SDN and standardizing critical elements of the SDN architecture such as the OpenFlow protocol, which structures communication between the control and data planes of supported network devices. OpenFlow is the first standard interface designed specifically for SDN, providing high-performance, granular traffic control across multiple vendors network devices. OpenFlow-based SDN is currently being rolled out in a variety of networking devices and software, delivering substantial benefits to both enterprises and carriers, including: Centralized management and control of networking devices from multiple vendors; Improved automation and management by using common APIs to abstract the underlying networking details from the orchestration and provisioning systems and applications; Rapid innovation through the ability to deliver new network capabilities and services without the need to configure individual devices or wait for vendor releases; Table of Contents 2 Executive Summary 3 The Need for a New Network Architecture 4 Limitations of Current Networking Technologies 7 Introducing Software-Defined Networking 8 Inside OpenFlow 10 Benefits of OpenFlow-Based Software-Defined Networks 12 Conclusion ONF WHITE PAPER Software-Defined Networking: The New Norm for Networks 3 of 12 Open Networking Foundation. All rights reserved. Programmability by operators, enterprises, independent software vendors, and users (not just equipment manufacturers) using common programming environments, which gives all parties new opportunities to drive revenue and differentiation; Increased network reliability and security as a result of centralized and automated management of network devices, uniform policy enforcement, and fewer configuration errors; More granular network control with the ability to apply comprehensive and wide-ranging policies at the session, user, device, and application levels; and Better end-user experience as applications exploit centralized network state information to seamlessly adapt network behavior to user needs. SDN is a dynamic and flexible network architecture that protects existing investments while future-proofing the network. With SDN, todays static network can evolve into an extensible service delivery platform capable of responding rapidly to changing business, end-user, and market needs. The Need for a New Network Architecture The explosion of mobile devices and content, server virtualization, and advent of cloud services are among the trends driving the networking industry to reexamine traditional network architectures. Many conventional networks are hierarchical, built with tiers of Ethernet switches arranged in a tree structure. This design made sense when client-server computing was dominant, but such a static architecture is ill-suited to the dynamic computing and storage needs of todays enterprise data centers, campuses, and carrier environments. Some of the key computing trends driving the need for a new network paradigm include: Changing traffic patterns: Within the enterprise data center, traffic patterns have changed significantly. In contrast to client-server applications where the bulk of the communication occurs between one client and one server, todays applications access different databases and servers, creating a flurry of “east-west” machine-to-machine traffic before returning data to the end user device in the classic “north-south” traffic pattern. At the same time, users are changing network traffic patterns as they push for access to corporate content and applications from any type of device (including their own), connecting from anywhere, at any time. Finally, many enterprise data centers managers are contemplating a utility computing model, which might include a private cloud, public cloud, or some mix of both, resulting in additional traffic across the wide area network. ONF WHITE PAPER Software-Defined Networking: The New Norm for Networks 4 of 12 Open Networking Foundation. All rights reserved. The “consumerization of IT”: Users are increasingly employing mobile personal devices such as smartphones, tablets, and notebooks to access the corporate network. IT is under pressure to accommodate these personal devices in a fine-grained manner while protecting corporate data and intellectual property and meeting compliance mandates. The rise of cloud services: Enterprises have enthusiastically embraced both public and private cloud services, resulting in unprecedented growth of these services. Enterprise business units now want the agility to access applications, infrastructure, and other IT resources on demand and la carte. To add to the complexity, ITs planning for cloud services must be done in an environment of increased security, compliance, and auditing requirements, along with business reorganizations, consolidations, and mergers that can change assumptions overnight. Providing self-service provisioning, whether in a private or public cloud, requires elastic scaling of computing, storage, and network resources, ideally from a common viewpoint and with a common suite of tools. “Big data” means more bandwidth: Handling todays “big data” or mega datasets requires massive parallel processing on thousands of servers, all of which need direct connections to each other. The rise of mega datasets is fueling a constant demand for additional network capacity in the data center. Operators of hyperscale data center networks face the daunting task of scaling the network to previously unimaginable size, maintaining any-to-any connectivity without going broke. Limitations of Current Networking Technologies Meeting current market requirements is virtually impossible with traditional network architectures. Faced with flat or reduced budgets, enterprise IT departments are trying to squeeze the most from their networks using device-level management tools and manual processes. Carriers face similar challenges as demand for mobility and bandwidth explodes; profits are being eroded by escalating capital equipment costs and flat or declining revenue. Existing network architectures were not designed to meet the requirements of todays users, enterprises, and carriers; rather network designers are constrained by the limitations of current networks, which include: Complexity that leads to stasis: Networking technology to date has consisted largely of discrete sets of protocols designed to connect hosts reliably over arbitrary distances, link speeds, and topologies. To meet business and technical needs over the last few decades, the industry has evolved networking protocols to deliver higher performance and reliability, broader connectivity, and more stringent security. ONF WHITE PAPER Software-Defined Networking: The New Norm for Networks 5 of 12 Open Networking Foundation. All rights reserved. Protocols tend to be defined in isolation, however, with each solving a specific problem and without the benefit of any fundamental abstractions. This has resulted in one of the primary limitations of todays networks: complexity. For example, to add or move any device, IT must touch multiple switches, routers, firewalls, Web authentication portals, etc. and update ACLs, VLANs, quality of services (QoS), and other protocol-based mechanisms using device-level management tools. In addition, network topology, vendor switch model, and software version all must be taken into account. Due to this complexity, todays networks are relatively static as IT seeks to minimize the risk of service disruption. The static nature of networks is in stark contrast to the dynamic nature of todays server environment, where server virtualization has greatly increased the number of hosts requiring network connectivity and fundamentally altered assumptions about the physical location of hosts. Prior to virtualization, applications resided on a single server and primarily exchanged traffic with select clients. Today, applications are distributed across multiple virtual machines (VMs), which exchange traffic flows with each other. VMs migrate to optimize and rebalance server workloads, causing the physical end points of existing flows to change (sometimes rapidly) over time. VM migration challenges many aspects of traditional networking, from addressing schemes and namespaces to the basic notion of a segmented, routing-based design. In addition to adopting virtualization technologies, many enterprises today operate an IP converged network for voice, data, and video traffic. While existing networks can provide differentiated QoS levels for different applications, the provisioning of those resources is highly manual. IT must configure each vendors equipment separately, and adjust parameters such as network bandwidth and QoS on a per-session, per-application basis. Because of its static nature, the network cannot dynamically adapt to changing traffic, application, and user demands. Inconsistent policies: To implement a network-wide policy, IT may have to configure thousands of devices and mechanisms. For example, every time a new virtual machine is brought up, it can take hours, in some cases days, for IT to reconfigure ACLs across the entire network. The complexity of todays networks makes it very difficult for IT to apply a consistent set of access, security, QoS, and other policies to increasingly mobile users, which leaves the enterprise vulnerable to security breaches, non- compliance with regulations, and other negative consequences. ONF WHITE PAPER Software-Defined Networking: The New Norm for Networks 6 of 12 Open Networking Foundation. All rights reserved. Inability to scale: As demands on the data center rapidly grow, so too must the network grow. However, the network becomes vastly more complex with the addition of hundreds or thousands of network devices that must be configured and managed. IT has also relied on link oversubscription to scale the network, based on predictable traffic patterns; however, in todays virtualized data centers, traffic patterns are incredibly dynamic and therefore unpredictable. Mega-operators, such as Google, Yahoo!, and Facebook, face even more daunting scalability challenges. These service providers employ large- scale parallel processing algorithms and associated datasets across their entire computing pool. As the scope of end-user applications increases (for example, crawling and indexing the entire world wide web to instantly return search results to users), the number of computing elements explodes and data-set exchanges among compute nodes can reach petabytes. These companies need so-called hyperscale networks that can provide high-performance, low-cost connectivity among hundreds of thousands potentially millionsof physical servers. Such scaling cannot be done with manual configuration. To stay competitive, carriers must deliver ever-higher value, better- differentiated services to customers. Multi-tenancy further complicates their task, as the network must serve groups of users with different applications and different performance needs. Key operations that appear relatively straightforward, such as steering a customers traffic flows to provide customized performance control or on-demand delivery, are very complex to implement with existing networks, especially at carrier scale. They require specialized devices at the network edge, thus increasing capital and operational expenditure as well as time-to-market to introduce new services. Vendor dependence: Carriers and enterprises seek to deploy new capabilities and services in rapid response to changing business needs or user demands. However, their ability to respond is hindered by vendors equipment product cycles, which can range to three years or more. Lack of standard, open interfaces limits the ability of network operators to tailor the network to their individual environments. This mismatch between market requirements and network capabilities has brought the industry to a tipping point. In response, the industry has created the Software-Defined Networking (SDN) architecture and is developing associated standards. ONF WHITE PAPER Software-Defined Networking: The New Norm for Networks 7 of 12 Open Networking Foundation. All rights reserved. Introducing Software-Defined Networking Software Defined Networking (SDN) is an emerging network architecture where network control is decoupled from forwarding and is directly programmable. This migration of control, formerly tightly bound in individual network devices, into accessible computing devices enables the underlying infrastructure to be abstracted for applications and network services, which can treat the network as a logical or virtual entity. Figure 1 depicts a logical view of the SDN architecture. Network intelligence is (logically) centralized in software-based SDN controllers, which maintain a global view of the network. As a result, the network appears to the applications and policy engines as a single, logical switch. With SDN, enterprises and carriers gain vendor-independent control over the entire network from a single logical point, which greatly simplifies the network design and operation. SDN also greatly simplifies the network devices themselves, since they no longer need to understand and process thousands of protocol standards but merely accept instructions from the SDN controllers. APPLICATION LAYER CONTROL LAYER INFRASTRUCTURE LAYER SDN Control Software Network Device Network DeviceNetwork Device Network DeviceNetwork Device Business Applications Network Services Control Data Plane interface (e.g., OpenFlow) APIAPIAPI Perhaps most importantly, network operators and administrators can programmatically configure this simplified network abstraction rather than having to hand-code tens of thousands of lines of configuration scattered among thousands of devices. In addition, leveraging the SDN cont