Contents
• Software-Defined Networking (SDN)• Overview of OpenFlow• Experiment with OpenFlow
2/24
Software Defined Networking
“.. decoupling the network control and data planes, and putting the former under the control of software running in a (logically) central location”
from Verivue blog posing by Larry Peterson
3/24
ONF’s View of SDN
• Open Networking Foundation (ONF)’s View
4/24
ONF’s View of SDN
• The SDN architecture is– Directly programmable– Agile– Centrally managed– Programmatically configured– Open standards-based and vendor-neutral
5/24
OpenFlow Overview
• a communications protocol that gives access to the forwarding plane of a network switch or router over the network
6/24
OpenFlow (v1.0) Switch
• Flow table– packet lookup and forwarding
• Secure channel– the controller manages the switch over the
secure channel using the OpenFlow protocol
7/24
Flow Table
8/24
Flow Table
• Actions– required actions
• forward– all, controller, local, table, in_port
• drop
– optional actions• forward
– normal, flood
• enqueue• modify-field
9/24
Flow Table
• Counters– they are maintained per-table, per-flow, per-
port and per-queue
10/24
Matching
• Packet flow in an OpenFlow switch
11/24
Matching Examples
• Ethernet Switching
• IP Routing
• Application Firewall
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
** ** 00:1F:.00:1F:. ** ** ** ** ** ** ** Fwd to port6Fwd to port6
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
** ** ** ** ** ** 5.6.7.85.6.7.8 ** ** ** Fwd to port6Fwd to port6
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
** ** ** ** ** ** ** ** ** 2222 dropdrop12/24
Mathcing Examples
• Flow Switching
• VLAN + App
• Port + Ethernet + IP
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
port3port3 00:2E:..00:2E:.. 00:1F:.00:1F:. 08000800 vlan1vlan1 1.2.3.41.2.3.4 5.6.7.85.6.7.8 44 1726417264 8080 Fwd to port6Fwd to port6
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
** ** ** ** vlan1vlan1 ** ** ** ** 8080 Fwd to port6Fwd to port6
SwitchPortSwitchPort
MACsrcMACsrc
MACdstMACdst
EthtypeEthtype
VLANID
VLANID
IPSrcIPSrc
IPDstIPDst
IPProtIPProt
TCPsportTCPsport
TCPdportTCPdport ActionAction
port3port3 00:2E:..00:2E:.. ** 08000800 ** ** 5.6.7.85.6.7.8 44 ** 2222 dropdrop13/24
Secure Channel
• Controller-to-Switch– features, configuration, modify-state, read-
state, send-packet, barrier
• Asynchronous– packet_in, flow-removed, port-status, error
• Symmetric– hello, echo, vendor
14/24
OpenFlow Controller
• The OpenFlow ecosystem has seen rise to numerous controllers in multiple languages (C, C++, Java, Python and Ruby for starters)– NOX, Beacon, Maestro, Floodlight, etc.
15/24
OpenFlow Switches
• NEC
• HP
• Pronto
16/24
Experiment with OpenFlow• Emulation tool
– Mininet‐HiFi• Mininet‐HiFi creates scalable (up to hundreds of nodes) software‐defined (e.g. OpenFlow) networks on a single PC
• Handigol, N., Heller, B., Jeyakumar, V., Lantz, B., and McKeown, N. Reproducible network, experiments using container-based emulation, 2012.
• http://mininet.org/• OpenFlow switch
– Open vSwitch• Multilayer virtual switch
• Controller– one of many OpenFlow controllers– NOX, floodlight, ..
17/24
Mininet: Sample Workflow
• creating a network
• interacting with a network
• using custom topology
18/24
Mininet: Custom Topologies
• Define using a simple Python API
19/24
Mininet: xTerm Display
- Host(Client and Server) Nodes’ terminal
h3
h4
h1
20/24
Mininet – Flow table list
Switches’ flow entry info.
- Normal switch on route (i.e. s16)1. output : forward to output port
- First and last switch on route (i.e. s18)1. mod_nw_src or mod_nw_dst : change IP header2. output : forward to output port
21/24
WireShark
22/24
Mininet: Connecting Controller
• Any OpenFlow controller can be used in mininet
• using a remote controller
• Example
23/24
References• https://www.opennetworking.org/• http://openflow.org• Materials at ONS 2011/2012
– http://opennetsummit.org/ – N. Mckeown, “Making SDNs Work” – B. Heller et al., “Tutorial 1: SDN for Engineers”
• IETF materials on SDN– http://www.ietf.org/proceedings/82/sdn.html
• Materials at Krnet 2012– Sangheon Pack, “Software-Defined Networking (SDN):
Concept, Control, and Applications”– Jeongkeun Lee, “Controller-based Networking and SDN
development”
24/24
25