Openflow Y SDN Fundamentos de Open Networking Soluciones

Openflow Y SDN Fundamentos de Open Networking. Soluciones Open Flow Miguel Angel Rodríguez Fernández marodriguez@juniper. net

Agenda ARQUITECTURA SDN INTRODUCCION a Openflow Casos Prácticos 2 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

ARQUITECTURA SDN 3 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

En la actualidad: Cajas cerradas y Protocolos distribuidos Ap p Operating System Ap p Specialized Packet Forwarding Hardware Ap p Operating System Specialized Packet Forwarding Hardware Ap p Operating System Ap p Ap p Specialized Packet Forwarding Hardware Operating System Specialized Packet Forwarding Hardware 4 Copyright © 2009 Juniper Networks, Inc. 4 www. juniper. net

Un Acercamiento a “Software Defined Networking” App App Network Operating System Ap p Operating System Ap p Specialized Packet Forwarding Hardware Ap p Operating System Specialized Packet Forwarding Hardware Ap p Operating System Ap p Ap p Specialized Packet Forwarding Hardware Operating System 5 Specialized Packet Copyright © 2009 Juniper Networks, Inc. Forwarding Hardware www. juniper. net 5

El Concepto “Software-defined Network” 3. Well-defined open API App 2. At least one good operating system Extensible, possibly open-source App Network Operating System 1. Open interface to hardware Simple Packet Forwarding Hardware 6 Simple Packet Forwarding Hardware Copyright © 2009 Juniper Networks, Inc. www. juniper. net 6

Software Defined Networking (SDN) § Los principales objetivos de SDN § Abstraer los elementos de la Red desde las Aplicaciones. § Control y Gestión centralizadad de los dispositivos de red de diferentes fabricantes. § Tener una Red abierta que permita ser programable y crear servicios de forma sencilla. § SDN es una arquitectura que divide el plano de conmutación y permite que sea programable de una forma directa. LAS REDES ABIERTAS ADOPTARAN MAYORES INNOVACIONES. 7 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Arquitectura SDN 8 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Introducción a Openflow 10 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Aproximación a openflow § § Plano de Control separado del plano de conmutación Plano de Control Centralizado. § Open. Flow controller(La plataforma). § Lógicamente centralizada y fisicamente distribuida. § Plano de conmutación distribuido. § Open. Flow switches (Pueden ser routers, firewalls). § No es necesario tener protocolos de routing. § Software (kernel, hypervisor, userspace), § Hardware (merchant silicon, ASICs, Open. Flow optimized ASICs) § Open. Flow es el protocolo entre el plano de control y de conmutación. 11 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Plano de Control centralizado y conmutación distribuido. Open. Flow controller Plano de control centralizado Open. Flow protocol Open. Flow switch Plano de conmutación 12 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Arquitectura de un openflow controller Applications Replication Scheduler Data Center Multi Tenancy Load Balancer API (not standard) Basic Services Inventory Topology discovery Infrastructure Path computation Event dispatching GUI Protocol Engines Open. Flow CLI OF-Config Flow. Visor (network partitioning) 13 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

EVOLUCION A OFN Open. Flow Controller Distributed control plane 14 Control Process Secure Channel Simple Controller Forwarding Table Forwarding/Flow Dispatch Table Traditional Router/Switch Copyright © 2009 Juniper Networks, Inc. www. juniper. net Open. Flow Router/Switch

Controller Ejemplo de Open. Flow PC Open. Flow Client Software Layer Flow Table Hardware Layer MAC src MAC IP dst Src IP Dst TCP Action sport dport * * 5. 6. 7. 8 * port 1 15 5. 6. 7. 8 * port 2 * port 3 Copyright © 2009 Juniper Networks, Inc. port 1 port 4 www. juniper. net 1. 2. 3. 4 15

TIPOS DE MENSAJES Tres tipos de mensajes y cada mensaje con múltiples subtipos. : , controller-to-switch, asynchronous y symmetric. § Controller-to-switch messages are initiated by the controller and used to directly manage or inspect the state of the switch. § Features (query capabilities), modify-state(add/delete/modify flow/group entry), read-state, packet-out § Asynchronous messages are initiated by the switch and used to update the controller of network events and changes to the switch state. § Such as flow-removed, packet-in, port-status § Symmetric messages are initiated by either the switch or the controller and sent without solicitation. § hello, echo (request/reply), experimenter 16 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Open. Flow Basics Flow Table Entries (1. 0) Rule Switch Port Action Stats Packet + byte 1. Forward packet to zero or counters more ports 2. Encapsulate and forward to controller 3. Send to normal processing pipeline 4. Modify Fields 5. Any extensions you add! VLAN ID VLAN MAC pcp src MAC dst Eth type IP Src IP Dst IP IP To. S Prot + mask what fields to match 17 Copyright © 2009 Juniper Networks, Inc. www. juniper. net 17 L 4 sport L 4 dport

Examples (1/2) Switching Switch MAC Port src * MAC Eth dst type 00: 1 f: . . * * VLAN IP ID Src IP Dst IP Prot TCP Action sport dport * * port 6 Flow Switching Switch MAC Port src MAC Eth dst type port 3 00: 20. . 00: 1 f. . 0800 VLAN IP ID Src vlan 1 1. 2. 3. 4 5. 6. 7. 8 4 17264 80 port 6 Firewall Switch MAC Port src * 18 * MAC Eth dst type * * VLAN IP ID Src IP Dst IP Prot TCP Action sport dport * * * Copyright © 2009 Juniper Networks, Inc. 22 www. juniper. net 18 drop

Examples (2/2) Routing Switch MAC Port src * * MAC Eth dst type * * VLAN IP ID Src IP Dst * 5. 6. 7. 8 * * VLAN IP ID Src IP Dst IP Prot vlan 1 * * * TCP Action sport dport 6, port 7, * * port 9 * IP Prot TCP Action sport dport * port 6 VLAN Switching Switch MAC Port src * 19 * MAC Eth dst type 00: 1 f. . * Copyright © 2009 Juniper Networks, Inc. www. juniper. net 19

Open. Flow v 1. 0 Switch sw Secure Channel Open. Flow Protocol SSL/TLS hw Flow Table 20 Copyright © 2009 Juniper Networks, Inc. www. juniper. net Open. Flow Controller

Open. Flow v 1. 1 Switch Open. Flow Protocol Secure Channel Flow Table … Flow Table SSL/TLS Group Table Pipeline 21 Copyright © 2009 Juniper Networks, Inc. www. juniper. net Open. Flow Controller

Open. Flow v 1. 1 Switch Open. Flow Protocol Secure Channel Flow Table … Flow Table SSL/TLS Group Table Pipeline 22 Copyright © 2009 Juniper Networks, Inc. www. juniper. net Open. Flow Controller

CASOS PRACTICOS 23 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Google § § § § § 24 Keynote at Open Networking Symposium 2012 Urs Hölzle, Senior Vice President Technical Infrastructure Google deployed Open. Flow in I-Scale network In production to connect all Google datacenters Replaced traditional routing protocols Google built Open. Flow switches themselves (but will buy if available) Cost savings (e. g. 100% link utilization, easier management) New opportunities http: //www. youtube. com/watch? v=VLHJUfgx. EO 4 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Data center interconnect wan Openflow instead of routing protocols Logically centralized Open. Flow controller Open. Flow switch no routing protocols 25 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Data center con Arquitectura de SDN Centralized Orchestration Virtualized storage Virtualized services Physical IP Fabric Virtualized Network Virtualized Compute 26 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Multi-tenancy using overlay networks Virtual machine Virtual switch Hypervisor Overlay tunnel 27 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

Virtualized services Virtual firewall service 28 Copyright © 2009 Juniper Networks, Inc. www. juniper. net

centralized orchestration OF compute, storage, and network Centralized Orchestration Compute Storage Network Open. Flow The IP fabric was not touched

Posicionamiento de SDN Juniper is the recognized leader of the network programmability movement, which is the conceptual foundation underlying the SDN approach. Long before the term “SDN” was coined, our disruptive network architectures were built on the premise of using innovative software to give customers unprecedented levels of flexibility and control, with an end goal of transforming the economics and experience of networking. By simultaneously simplifying and opening up the network, Juniper pioneered the core capabilities and concepts behind SDNs.

. . . Open network Technologies FOR Innovation Network-aware Apps OSS/BSS Topology Client Path Client Juniper and Custom Space UIs / Workflows SNMP NETCONF SYSLOG HTTP RESTful Web Services Juniper and Custom Application APIs Network Orchestration ALTO server Any OF controller Junos Space SDK Junos Space (Orchestration, Management, Monitoring Plane) BGP-TE Common Interfaces ALTO Open. Flow PCP Open. Flow (extensible) PCE Junos SDK: Automation Network Devices Junos Control Plane (Routing Engine) DMI Custom Apps + APIs Custom Packet Processing Apps + APIs Common APIs, RE APIs, Services APIs, Remote (VE) APIs Junos Service Plane (Service Engine) Junos Data Plane (Packet Forwarding Engine) Juniper Custom Silicon Juniper Platform Element Custom Apps + APIs on any OS Juniper Application Element Junos Virtual Plane (Virtual Engine Environment)

GRACIAS. PREGUNTAS