The Key to Vendor Agnostic SDNOpen Flow Table

Is Networking a Single Vendor Play? ORCHESTRATION MANAGEMENT/ AUTOMATION CONTROL PLANE DATA PLANE ASICs Copyright © 2015 Pica 8 Inc. All Rights Reserved. Controller Openstack Chef Puppet STP/TRILL L 2 OSPF IPv 4/v 6 Custom MPLS Broadcom Tivoli EMS ISIS Multicast Cavium Tail-f API BGP WAN Mellanox Custom VPN PCEP Traffic Engineering Marvell Custom Qo. S Barefoot Security

The Network GAP Software Innovation Cloud Big Data Saa. S “The Network Gap” Value Paa. S Virtualization Multi-Core CPU L 2 -VPNs ASICs VLANs VPNs Fabrics Technology Evolution Copyright © 2015 Pica 8 Inc. All Rights Reserved. Overlays SD-WAN Controllers Network Innovation

Three Reasons For The Network Gap 1. Closed Systems 2. Protocol Overload BGP, OSPF, Qin. Q, IS-IS Open. FLow OVS, OVSDB Dev. Ops, CLI, Sys. Admin Copyright © 2015 Pica 8 Inc. All Rights Reserved. 3. Inertia

1 7. 2. Table Type Patterns (TTP): Unicast Routing Pipeline § Utilize all ASIC tables (VLAN+MAC+IP+TCAM) via Openflow § Enables flexible pipelines Group actions L 3 Ecmp (Select) L 3 FF (Fast Failover) • Choose between priority or LPM algorithms for lookups § Scale comparable to incumbent routers/switches Copyright © 2015 Pica 8 Inc. All Rights Reserved. Phy Port Ingress Port VLAN Termination MAC Unicast Routing Policy ACL Table 0 Table 10 Table 20 Table 30 Table 40 Color Based Actions L 3 Unicast Redirect L 2 interface (indirect) Meters L 2 Rewrite (indirect) Phy Port

TTP Closes Network Innovation Gap TTP Service Design Troubleshooting Operationalize Before Deployment Operations Provisioning Copyright © 2015 Pica 8 Inc. All Rights Reserved. Development Normalized ASIC Programming

OVS on Linux mode Multicast fabric Host/Service discovery Unicast routing SDN Controller Ovs-ofctl Ovs-dpctl Ovs-appctl command netlink ovs-vswitchd Save Apply Ovsdbclient Ovs-vsctl config Remote DB operation ovsdb-server ovsdb-tool First packet ovsdb Userspace Kernel ovs-kernel Port 1 Port 2 Copyright © 2015 Pica 8 Inc. All Rights Reserved.

Table Type Patterns Multicast fabric Host/Service discovery Unicast Routing SDN Controller Ovs-ofctl Ovs-dpctl Ovs-appctl command netlink Save ovs-vswitchd Apply Ovsdbclient Ovs-vsctl config Remote DB operation ovsdb-server ovsdb-tool Software Tables ovsdb Userspace SDK Hardware. Tables ASIC Copyright © 2015 Pica 8 Inc. All Rights Reserved. Port 1 Port 2

Application TTP Multicast fabric Host/Service discovery Unicast Routing SDN Controller Ovs-ofctl Remote Ovsdbclient Ovs-vsctl config Copy to CPU/Controller DB operation ovsdb-server config Apply ovsdb-tool TTP ovsdb Userspace SDK Hardware. Tables ASIC Copyright © 2015 Pica 8 Inc. All Rights Reserved. Port 1 Port 2

TTP Profiles Can Be Deployed in. . . Open Networking ü ü NOS ASIC Metal ü Any network locale Incumbent alternative ASIC choice Normalized network services Open shim layer Data Center Networks ü ü Scale-out spine and leaf Overlays SDN Solutions ü VTEP support ü Multi-tenant clouds ü Data center Network Virtualization Copyright © 2015 Pica 8 Inc. All Rights Reserved. Standard L 2/L 3 Scale out Automation-heavy Programmability with Dev. Ops tools interconnect ü Disaster recovery SDN App Store VPN Traffic Eng. Tap ü Custom solutions ü Ecosystem and controller integration ü OEM customers ü Open. Flow with L 2/L 3

Stacking It Together SDN Applications Tools BGP Firewall Services RESTful API NETWORK ORCHESTRATION RESTful API OSS/BSS ODL CONTROLLER Open. Flow OVSDB Data Plane (aka Network OS) TTP Pic. OS Merchant Silicon Broadcom Copyright © 2015 Pica 8 Inc. All Rights Reserved. Traffic Engineering Analytics

Benefits Realized Feature Improvement Grading Scale 1000 x (upto 2 M) over single table implementation (2 k) Comparable to incumbent equipment Performance Line-rate Comparable to incumbent equipment Security Linux security tools (Always) work-in-progress Interoperability Support for traditional pipelines and enhancements dynamically Onboarding SDN applications on production environments Works across multiple ASIC pipelines Better than incumbent equipment Simplicity Copyright © 2015 Pica 8 Inc. All Rights Reserved.

Case Studies Copyright © 2015 Pica 8 Inc. All Rights Reserved.

Case 1: Routing-a-a-s TOR (Leaf) TTP Core Router TTP Internet Core Network Data Center Edge Router TTP To. R Leaf TTP Virtualized Service Data center applications Copyright © 2015 Pica 8 Inc. All Rights Reserved. Data center applications Example TTP pipeline: - IPv 4 and IPV 6 - Unicast and multicast - Service chaining - Scale/performance = Trident 2

Case 2: WAN Service Border Leaf TTP Core Router TTP Example TTP pipeline: - IPv 4 and IPV 6 - Unicast and multicast - Scale/performance = Trident 2 Internet Core Network Data Center Border Leaf TTP To. R Leaf Virtualized Service Copyright © 2015 Pica 8 Inc. All Rights Reserved. Data center applications Example TTP pipeline: - VLAN translation - IPv 4 and IPV 6 - Unicast and multicast - NAT support - Scale/performance = Cavium

Thank You pica 8. com Copyright © 2015 Pica 8 Inc. All Rights Reserved.

Multicast fabric multicast-TTP Unicast Routing …. . SDN Controller Ovs-ofctl Openflow Controller Switch Open. Flow 1. 3/1. 4 Group actions L 3 Ecmp (Select) L 3 group_all (multicast) Phy Port L 3 FF (Fast Failover) Ingress Port VLAN Termination MAC Unicast Routing Policy ACL Table 0 Table 10 Table 20 Table 30 Table 40 Color Based Actions Copyright © 2015 Pica 8 Inc. All Rights Reserved. L 3 Unicast Redirect L 2 interface (indirect) Meters L 2 Rewrite (indirect) Phy Port

Factors affecting flow scale Factors Components TTP memory - SRAM/DRAM is cheaper than TCAM is embedded in ASIC and hence has a physical limit in terms of scale. Dedicated memory to store VLAN, L 2, L 3 entries for exact match. Lookup time - TCAM is a priority driven lookup. SRAM can be used with newer sophisticated lookup algorithms Uses SRAM for matching and TCAM for policies (qos, security, ACL) – enables N+N search tables - SRAM best suited for longest prefix matching TCAM best suited for wild card matching (first match) TCAM Enables User-Defined. Flows (UDF) – flows that capture a match on user defined pattern Distributed learning requires synchronization of information Programmable data paths enable deterministic forwarding Reduces broadcast traffic and allows exception based routing, traffic engineering and application based switching Scale-out vs scale-in data path - Copyright © 2015 Pica 8 Inc. All Rights Reserved.

Software vs Hardware § In hardware switches all packets are going through the ASIC. This is to avoid delay. § v. Switchd synchronize its state with the ASIC OVS-vswitchd User ASIC Copyright © 2015 Pica 8 Inc. All Rights Reserved. 16