SDN-OpenFlow原版完整课件.pptx

OpenFlow:Enabling Innovation in Campus NetworksNick McKeown,Tom Anderson,Hari Balakrishnan,Guru Parulkar,Larry Peterson,Jennifer Rexford,Scott Shenker,Jonathan Turner,SIGCOMM CCR,2008Presented by Ye Tian for Course CS05112About OpenFlowOpenFlow a protocol that structures communication between the control and data planes under the context of software defined network.A specification for a switch that can function as an OpenFlow switch.Proposed by Open Networking Foundation(ONF)White paper:Software-Defined Networking:The New Norm for NetworksCurrent version:OpenFlow 1.6OverviewBackgroundSoftware Defined NetworkingThe OpenFlow ProtocolUsing OpenFlowReviewNew Computing Trends Changing traffic patterns:A flurry of“east-west”machine-to-machine traffic before returning data to the end user device in the classic“north-south”traffic pattern.Private/public cloud,resulting in additional traffic across the wide area network.The“consumerization of IT”:IT needs to accommodate various personal devices while protecting corporate data and intellectual property and meeting compliance mandates.New Computing Trends The rise of cloud services:Elastic scaling of computing,storage,and network resources,ideally from a common viewpoint and with a common suite of tools.“Big data”means more bandwidth:The rise of mega datasets is fueling a constant demand for additional network capacity in the data center.The Conventional NetworkHierarchical with tires of Ethernet switches Tree structureLimitations of Current Networking TechnologiesComplexity that leads to stasis Protocols tend to be defined in isolation,with each solving a specific problem and without the benefit of any fundamental abstractions.This has resulted in one of the primary limitations of todays networks:complexity.The static nature of networks is in stark contrast to the dynamic nature of todays server environment.Applications are distributed across VMs.Many operate an IP converged network for voice,data,and video traffic.While existing networks can provide differentiated QoS levels for different applications,the provisioning of those resources is highly manual.Limitations of Current Networking TechnologiesInconsistent policies:To implement a network-wide policy,IT may have to configure thousands of devices and mechanisms.Take hours.Difficult to apply a consistent set of policies due to complexity.Limitations of Current Networking TechnologiesInability to scale:The network becomes vastly more complex with the addition of hundreds or thousands of network devices that must be configured and managed.Mega-operators,such as Google,Yahoo!,and Facebook,need so-called hyperscale networks that can provide high-performance,low-cost connectivity among hundreds of thousands potentially millionsof physical servers.Such scaling CANNOT be done with manual configuration.Limitations of Current Networking TechnologiesVendor dependence:Carriers and enterprises seek to deploy new capabilities and services in rapid response to changing business needs or user demands.Vendors equipment product cycle:3 or more years.Lack of standard,open interfaces limits the ability of network operators to tailor the network to their individual environments.OverviewBackgroundSoftware Defined NetworkingThe OpenFlow ProtocolUsing OpenFlowReviewSoftware Defined NetworkingNetwork control is decoupled from forwarding and is directly programmable.Control planeData planeSoftware Defined NetworkingNetwork operators and administrators can programmatically configure this simplified network abstraction.They can write these programs themselves and not wait for features to be embedded in vendors proprietary and closed software environments.SDN architectures support a set of APIs that make it possible to implement common network services,Routing,multicast,security,access control,bandwidth management,traffic engineering,quality of service,custom tailored to meet business objectives.OverviewBackgroundSoftware Defined NetworkingThe OpenFlow ProtocolUsing OpenFlowReviewOpenFlow SwitchesOpenFlow provides an open protocol to program the flow table in different switches and routers.An OpenFlow Switch consists of at least three partsA Flow Table,with an action associated with each flow entry,to tell the switch how to process the flow,A Secure Channel that connects the switch to a remote control process(called the Controller),allowing commands and packets to be sent between a controller and the switch using The OpenFlow Protocol,which provides an open and standard way for a controller to communicate with a switch.OpenFlow SwitchesWhat is a flow?A flow could be a TCP connection,or all packets from a particular MAC or IP address,or all packets with the same VLAN tag,or all packets from the same switch port.Each flow-entry has a simple action associated with it.At least three basic actionsForward:send this flows packets out to a given port(or ports).Packet-In:Report this flows packets to a controller.Drop:drop this flows packets.OpenFlow SwitchesAn entry in the Flow-Table has three fields:A packet header that defines the flow,The action,which defines how the packets should be processed,Statistics,which keep the number of packets and bytes for each flow,and the time since the last packet matchA 10-tuple packet headerOpenFlow ControllerAdds and removes flow-entries from the Flow Table on behalf of application.Benefit of Openflow-based SDNCentralized control of multi-vendor environmentsNo need Cisco certification Reduced complexity through automation Higher rate of innovation Increased network reliability and securityCan ensure that access control,traffic engineering,quality of service,security,and other policies are enforced consistently across the wired and wireless network infrastructures,More granular network control Per address block per flowBetter user experience For example,automatic video resolution adaptionOverviewBackgroundSoftware Defined NetworkingThe OpenFlow ProtocolUsing OpenFlowReviewUsing OpenFlowExample 1:Network Management and Access ControlEthane:The basic idea is to allow network managers to define a network-wide policy in the central controller,which is enforced directly by making admission control decisions for each new flow.A controller associates packets with their senders by managing all the bindings between names and addressesit essentially takes over DNS,DHCP and authenticates all users when they join,keeping track of which switch port(or access point)they are connected to.Using OpenFlowExample 2:VLANsThe simplest approach is to statically declare a set of flows which specify the ports accessible by traffic on a given VLAN ID.A more dynamic approach might use a controller to manage authentication of users and use the knowledge of the users locations for tagging traffic at runtime.VLANUsing OpenFlowMobile wireless VoIP clients.Support call-handoff mechanism for WiFi-enabled phones.A controller is implemented to track the location of clients,re-routing connections by reprogramming the Flow Tables as users move through the network,allowing seamless handoff from one access point to another.Using OpenFlowAn non-IP networkThere are several ways an OpenFlow-enabled switch can support non-IP traffic.For example,flows could be identified using their Ethernet header.What is going on?Protocol Independent Packet ProcessorProtocol Oblivious Forwarding Using OpenFlowExample 5:Processing packets rather than flows.Approach 1:force all of a flows packets to pass through a controller by default.More flexible,at the cost of performance.Approach 2:route them to a programmable switch that does packet processing.ReviewHow SDN works?Three layers in SDNWhere OpenFlow is located?How to user SDN?Nick McKeowns talk on SDN