Software defined networks and openflow protocol

Software Defined Networks and Open flow Protocol

Mahesh M

11/27/2015Software Defined Networks and Open Flow Protocol

1

Introduction to SDN

An innovative approach to network architecture that provides the ability to create a whole new class of functionality

Experimental

Separates the data plane and the control plane of nodes

Nodes will only be forwarding the information


2

Why SDN? Network – Core element of an organization’s technology service

Current Scenario

Several discrete network devices require manual configuration and management

These devices will be closed, proprietary units that limit innovation

Hence extensibility close to zero

Need for a New network?

Change in traffic patterns

The “consumerisation of IT”

Rise of cloud services

Big Data => requirement of more bandwidth


3

Transition to SDN…


4

Features Features

Operating System

Specialized packet

forwarding hardware

Features Features

Operating System

Specialized packet

forwarding hardware

Features Features

Operating System

Specialized packet

forwarding hardware

Transition to SDN…


5

packet forwarding

Features Features

Network Operating System

Control Plane

Data Plane

Open Flow Protocol

packet forwarding

packet forwarding

What is SDN?

A flexible network architecture

Control plane and Data plane – core components of a network switch

Current devices have both control and data plane residing on the physical switch

SDN - Control plane separated from the data plane and placed on a server

Software application – provides direction to data plane

Interaction between controller and data plane – using Open Flow protocol


6

Open Flow Protocol

TCP based

Maintained by the open networking foundation

Provides numerous functions and commands for

Communication of data

Status and management of the devices


7

Open Flow Protocol

Basic idea – use of flow tables as in Ethernet switches

Flow Tables – vendor specific

OFP : provides an open protocol to program the flow table in different switches

and routers

In a OFP : data path consists of flow table

An action will be associated with a flow entry

Set of actions supported by the open flow is extensible


8

The Open Flow Switch Consists of at least 3 parts

A flow table – an action associated with each flow entry

A secure channel – connects the switch to a remote control process(controller)

Open Flow Protocol – Open and standard way for a controller to communicate with a switch

Types

Dedicated OF switches

Open Flow Enabled switches


9

OFP – How it works?


10

Controller

Node 4Node 2

Node 3

Flow Table

If matchfield : forward message to node 4

If matchfield : change header and forward to node 2

Flow Table

Consists of flow entries

Each flow entry has

Match fields

Counters – update the number of matching packets

Set of instructions to apply to matching packets

Matching starts from 1st flow table and may continue to other flow tables

Matching done in priority order – first match is used

If no match – may continue to next flow table or may be forwarded to the controller via OFP or packet can be dropped – depends on the switch configuration


11


12

Flowchart detailing packet flow through an Open Flow switch

Instructions

Each flow entry include set of instructions that are executed when a packet matches the entry

Supported instructions

Apply-Actions action

Clear-Action

Write-Action actions


13

Open Flow Channel

Connects each open flow switch to the controller

Usually encrypted using TLS, but may be run directly over TCP

PROTOCOL OVERVIEW

Support 3 messages

Controller to switch

Asynchronous

symmetric


14

Controller to Switch

Initiated by the controller

Message types

Features : Controller may request for the features of the switch – expects a features reply with available capabilities of the switch

Configuration : controller set/query conffig parameters

Modify State : manages state on the switches – mainly to add/delete/modify flow entries

Read State : to collect sttistics from the switch

Packet-out : used to send packets out of a specied port on the switch, and to forward packets received via Packet-in messages

Barrier : to ensure message dependencies have been met or to receive notications for completed operations


15

Asynchronous

Switches send these to indicate packet arrival, switch state change or error

Message types:

Packet In : For all packets that do not have a matching row entry, a packet-in event may be sent to the controller

Flow removed

Port status

Error


16

Synchronous

sent without solicitation, in either direction

Hello: Hello messages are exchanged between the switch and controller upon connection startup

Echo : used to measure the latency or bandwidth of a controller-switch connection, as well as verify its liveness


17

Open Flow Channel Connection setup

Switch must be able to connect to a known IP via a user specified port

If IP is known – switch initiates a TLS or TCP connection to the controller

After connection is established each side should send a OFTP_Hello message with the version number

If version supported connection proceeds

Else – reply OFPT_Error with

with a type field of OFPET_HELLO_FAILED,

a code field of OFPHFC_COMPATIBLE, and

optionally an ASCII string explaining the situation in data,

And terminate the connection


18

Connection Interruption

Switch may lose connection due to

Echo request timeout

TLS session timeout

Or other disconnections

Switch should contact one or more backup controllers – not specified in the protocol

Two modes

Fail Secure – packets and messages destined to current controller is dropped

Fail standalone – Switch act as a legacy Ethernet switch or router – processes all the packets by itself


19

Encryption and Message Handling

Encryption

Communication through TLS connection

TLS initiated by switch during the startup

Controller and switch mutually authenticate using certificates

Controller Certificate

Switch Certificate

Message Handling

OFP provide reliable message delivery and processing

Does not provide automatic acknowledgements


20

Benefits of Open flow SDN

Centralized control of multi-vendor environments

Reduced complexity through automation

Higher rate of innovation

Increased network reliability and security

More granular network control

Better user experience


21

Summary

Current networks - less extensible

Solution - Software Defined Networking and Open Flow protocol

SDN – Emerging technology

Separates data and control planes

Makes the network control centralized

Network devices are only packet forwarding objects


22

References

OpenFlow Switch Specication, Version 1.1.0 Implemented (Wire Protocol 0x02 ), February 28, 2011 – The Open Networking Foundation

Software-Defined Networking: The New Norm for Networks, ONF White Paper, April 13, 2012

Zanna, P.; Hosseini, S.; Radcliffe, P.; O'Neill, B., "The challenges of deploying a software defined network," in Telecommunication Networks and Applications Conference (ATNAC), 2014 Australasian , vol., no., pp.111-116, 26-28 Nov. 2014doi: 10.1109/ATNAC.2014.7020883URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7020883&isnumber=7020854

Jian-Quan Wang; Haijing Fu; Chang Cao, "Software defined networking for telecom operators: Architecture and applications," in Communications and Networking in China (CHINACOM), 2013 8th International ICST Conference on , vol., no., pp.828-833, 14-16 Aug. 2013doi: 10.1109/ChinaCom.2013.6694710 URL: http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6694710&isnumber=6694549


23

http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=7020883&isnumber=7020854

http://ieeexplore.ieee.org/stamp/stamp.jsp?tp=&arnumber=6694710&isnumber=6694549


24

Technology

Software defined networks and openflow protocol