Cisco Open Network Environment Webinar Series
An Introduction to OpenFlow:
February 2013
© 2012 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
1
Industry’s Most Comprehensive Networking Portfolio
Hardware + Software
Physical + Virtual
Network + Compute
Applications
Platform
APIs
Network
Overlays
a
Controllers
and Agents
“OpenFlow”
www.cisco.com/go/one
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
2
An Introduction to OpenFlow
Early Perspectives: Indiana University & NTT communications
OpenFlow @Cisco
Q&A
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
3
David Ward
CTO, Cisco Engineering
and Chief Architect
Chair, Technology
Advisory Group – Open
Networking Foundation
© 2011 Cisco and/or its affiliates. All rights reserved.
Matt Davy
(Former) Executive
Director, InCNTRE and
Chief Network Architect,
Indiana University
Yuichi Ikejiri
Director, Technology
Department, Network
Services Division
NTT Communications
Corporation
Cisco Confidential
4
Board of
Directors
Chairs Council of Chairs
Council
of Chairs
Technical
Working Group
Technical
Advisory Group
Technical
Working Group
Market
Education
Activities
Executive
Director
Regional
Activities
Source: www.opennetworking.org – January 2013
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
5
Architecture
and
Framework
Extensibility
Configuration
and
Management
Security
Forwarding
Abstractions
Migration
Market and
Education
Hybrid
© 2011 Cisco and/or its affiliates. All rights reserved.
Testing and
Interoperability
Transport
Cisco Confidential
6
802.1 Overlay Networking Projects
SDN WG
Open Network Research
Center at Stanford University
Technical Advisory
Group, Working Groups:
Config, Extensibility,
Futures/FPMOD/OF2.0
Initiatives:
Quantum (Folsom release)
Donabe
Open Source Cloud
Computing project
ETSI SGI on “Network
Function Virtualization”
© 2011 Cisco and/or its affiliates. All rights reserved.
Overlay Working Groups:
NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3
API Working Groups/BOFs
NETCONF, ALTO, CDNI, XMPP, SDNP, I2AEX
Controller Working Groups:
PCE, FORCES
Protocol Working Groups:
IDR, IS-IS, OSPF, MPLS, CCAMP, BFD
New working group:
I2RS – Interface to the Routing System
Cisco Confidential
7
OpenFlow Approach
Applications
“Northbound Interface”
APIs
Controller
OpenFlow
Configuration Protocol
OpenFlow
Protocol
“Southbound Interface”
Data Plane
Simpler Provisioning, Topology Abstraction
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
8
Basics
• OpenFlow Components
Application Layer Protocol: OF-Protocol
Device Model: OF-Device Model (abstraction of a device
with Ethernet interfaces and a set of forwarding capabilities)
Transport Protocol: Connection between
OF-Controller and OF-Device*
• Observation
OpenFlow
Controller
OpenFlow Config.
Point
OpenFlow
Protocol
OF-CONFIG
Data Plane
Group
Table
OF-Controller and OF-Device need
pre-established IP-connectivity
Flow
Table
* TLS, TCP – OF 1.3.0 introduces auxiliary connections,
which can use TCP, TLS, DTLS, or UDP
Flow
Table
Pipeline
OpenFlow Switch
Source: OpenFlow 1.3.0 specification, figure 1
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
9
9
OpenFlow
Configuration Point(s)
OpenFlow
Controller(s)
OpenFlow
Controller(s)
OF-Config
OpenFlow
OpenFlow
OpenFlow Capable Switch
OF Logical Switch
OF
Resources
(e.g. Port)
OF
Resources
(e.g. Port)
OF Logical Switch
OF
Resources
(e.g. Port)
OF
Resources
(e.g. Port)
Figure 2: Relationship between components defined is this specification, the OF-CONFIG protocol and the OpenFlow protocol
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
10
• Single table
• L2, IPv4 focused
matching
• IPv6
• Flexible TLV matching
• Multiple controllers
• Bug fixes
DEC 2009
FEB 2011
DEC 2011
APR 2012
JUN 2012
SEP 2012
OF 1.0
OF 1.1
OF 1.2
OF 1.3.0
OF 1.0.1
OF 1.3.1
•
•
•
•
Multiple Tables
MPLS, VLAN matching
Groups: {Any-,Multi-}cast
ECMP
• 802.1ah PBB
• Multiple parallel channels
between switch and
controller
• Bug fixes
“Working code before new standards”
“ONF should not anoint a single reference implementation but
instead encourage open-source implementations”; ONF board
encourages multiple reference implementations
OpenFlow 1.0.X : no work planned
OpenFlow 1.3.X: long term support
OpenFlow 1.4: extensibility, incremental improvements
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
11
• Configuration and
management protocol
for OpenFlow switches
• Consolidation of ver 1.1
• Fixing small inconsistencies
JAN 2012
MAY 2012
JAN 2013
PROPOSED
OF Config v1.0
OF Config v1.1
OF Config v1.1.1
OF Config v1.2
• Capability discovery
• Tunnel configuration
• Error handling
Under discussion, candidates include:
• Assigning resources to logical
switches
• Simple topology detection
• Event notification
Discussions led by the ONF
Configuration and
Management Working Group
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
12
Packet in
Start at Table 0
Yes
Yes
Main in
Table n?
Update Counters Execute
Instructions:
•
•
•
No
Table-miss
Flow Entry
Exits?
Updated action set
Updated packet/match set fields
Update metadata
Yes
Goto-Table
n?
No
Execute Action
Set
No
Drop Packet
Figure 3: Flowchart detailing packet flow through an OpenFlow switch
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
13
OpenFlow Capable Switch
Packet In
Ingress
Port
Action
Set = {}
Table
0
Packet +
Ingress
Port +
Metadata
Action
Set
Table
1
Table
n
Packet
Action
Set
Execute
Action
Set
Packet Out
(a) Packets Are Matched Against Multiple Tables in the Pipeline
{Any,Multi}cast (1.1)
ECMP (1.1)
MPLS (1.1, note push/pop, .1q)
IPv6 (1.2)
© 2011 Cisco and/or its affiliates. All rights reserved.
•
(1.3.X) introduces per flow meters, IPv6 extension header
•
handling, flexible table miss support, enhanced/refactored
capability negotiation, multipart requests, MPLS BoS matching,
push/pop for PBB, tunnel-ID meta-data, cookies for packet_in
messages, augmented flow table entry (adds cookie), among
others
Configuration Protocol under co-development
Cisco Confidential
14
Making of OF Functionality Complete
Examples of Ongoing Work
• Hardware friendly switch model negotiations (“typed tables”) (→ Forwarding Abstractions WG)
• Configuration Management (→ OF Config WG)
• Security model (granular access control) (→ Architecture and Framework WG)
• HA-model for device and controller (state re-sync etc.),
Controller peering (→ Architecture & Framework WG)
• Integration with Existing Networks; Integrate SDN Controllers and SDN Control Plane capabilities
in Network Devices (formerly covered by “Hybrid WG”) (→ Architecture and Framework WG)
• OF Protocol Extensibility (→ Extensibility WG)
• …
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
15
Early Perspectives: Indiana
University & NTT
communications
© 2011 Cisco and/or its affiliates. All rights reserved.
16
Indiana University
© 2011 Cisco and/or its affiliates. All rights reserved.
17
Interoperability Testing
Dynamic
Control
via SDN
Scalable, Flexible
L4–7 Service
Insertion
Layer-3
Fabric
Virtualized,
Unified
Access Layer
Building A
Building B
Network Slicing Use Case
Internet
NTT
© 2011 Cisco and/or its affiliates. All rights reserved.
20
NTT Communications Whole picture of the Cloud Vision
<Partners>
<NTT Communications Group>
Consulting
and others
Consulting/Individual Applications
Security
Managed Security Services
SaaS
Mail, Desktop, VoIP etc.
PaaS
/
IaaS
Access
Network/
Terminals
Partnering
Hybrid Cloud
Private Cloud
Provide
Hybrid Cloud
Public Cloud
Network
Controller
Virtualized Network
Data Center
Arcstar Universal One
Multi network/
Direct Access to Cloud
Data
Center
Physical
Network
SaaS Vendor
Portal
Cloud
Controller
Direct Access to Cloud
Virtualized
Network
Integrated
Control
/Visualization
Partnering
Hybrid Cloud
Consulting firm/
Application Vendor
Other Cloud
Hybrid
Cloud
Customer’s
System
PC,
Global Total Management
OSS
Partnering
One-Stop Operation
Smartphone, Tablet PC, etc.
Global ICT Partner
Innovative. Reliable. Seamless.
Copyright © 2012 NTT Communications Corporation and/or its affiliates. All right reserved.
21
Expected expansion of application of OpenFlow/SDN technology
Data Center
Network Virtualization
Expand
DC-VPN
Interconnection
OAM
Function
Network Edge
Global ICT Partner
Innovative. Reliable. Seamless.
22
Copyright © 2012 NTT Communications Corporation and/or its affiliates. All right reserved.
[email protected]
© 2011 Cisco and/or its affiliates. All rights reserved.
23
2Q13
Enabling Application Ecosystem through an Extensible Architecture
Cisco Apps
Customer Apps
REST
ISV Apps
JAVA
Open Src Apps
More
Coming
Cisco Advanced Functions
OpenFlow
for Popular Languages and
Software (Eg: OpenStack)
Modular Architecture
Allows Rapid Adoption of Evolving
Controller Functionality While
Minimizing Operational Disruption
Core Functionality
onePK
Published APIs
More
Coming
Extensible Protocol Support
Network
Infrastructure
© 2011 Cisco and/or its affiliates. All rights reserved.
Ensures Continuous Adoption
of Emerging Standards
Cisco Confidential
24
Extending and Customizing with Cisco ONE Portfolio
Previously Announced
Phase 2 Apps
Network Slicing
Network Tapping
Custom Forwarding
Dynamic network partitioning
of the network using logical
associations provided
by ONE Controllers
centralized view
Ability to monitor, analyze,
and debug network flows
using conventional
network switches
Using unique parameters
such as low latency to
program specific forwarding
rules across the network
All Controller Apps Are in Customer PoC
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
25
Expanded Platform Support
Platform APIs
Controller/Agents
onePK Platforms
ONE Controller
•
•
•
•
•
OpenFlow Agents
1H13
ISR G2
ASR 1000 1H13
ASR 9000*
Nexus 3000 1H13
Nexus 7000*
1H13
• Catalyst 3000*
• Catalyst 6500*
• Nexus 3000
1H13
• Nexus 7000*
• ASR 9000*
Overlay Networks
CSR 1000V
1Q13
Nexus 1000V Updates
• N1KV Hyper-V 1H13
• N1KV KVM*
• VXLAN Gateway 1H13
• Service Chaining
(w/ vPath)
Cisco Edition of
OpenStack
N1KV InterCloud
2Q13
Virtual NAM (vNAM)*
© 2011 Cisco and/or its affiliates. All rights reserved.
*Customer PoC: on-going or in 1H13
Cisco Confidential
26
Enabling Specific Solutions/Protocols (OpenFlow, IRS,…) on Top of onePK
Application Framework / Controller
Agent Communication Component
Solution Defined Protocol
(e.g. OpenFlow)
Agent Implementation (e.g. OpenFlow)
onePK APIs Presentation
Agent Framework
onePK API Infrastructure
IOS / XE
© 2011 Cisco and/or its affiliates. All rights reserved.
NX-OS
IOS-XR
Cisco Confidential
27
“Ships-in-the-night”
“Integrated”
(aka “Vertical Partitioning”*)
(aka “Horizontal Partitioning”)
Control
Plane
OpenFlow
Router
• A subset of ports controlled by OF, another
subset controlled by router’s native CP –
physical resources are partitioned
• Some level of integration: “OF_NORMAL”:
Implementer free to define what “normal” is
May or may not be what router normally does
© 2011 Cisco and/or its affiliates. All rights reserved.
Control Plane
OpenFlow
Router
• Use OF for feature definition – augment
the native control plane
• No longer partitioning of resources
• Can operate at different abstraction levels
(low-level like OF1.0 or higher level)
Cisco Confidential
28
• Installing ephemeral routes in the RIB
Install routes in RIB subject to admin distance or …
Moral equivalent of static routes, but dynamic
May require changes to the OF protocol/model
• Edge classification
Basically use the OF as an API used to install ephemeral classifiers at the edge
Moral equivalent of … ‘ip set next-hop <addr>’ (PBR)
Use case: Service Engineered Paths/Service Wires
Program switch edge classifiers to select set of {MPLS, GRE, …} tunnels
Core remains the same
• Programmable Service Chaining
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
29
• VIRL is a multi-purpose network virtualization platform
• Brings virtual machines running Cisco Network Operating Systems to the customer
The same operating systems as used on physical Cisco products
• Virtual Machine orchestration capabilities enables:
Creation of highly-accurate models of real-world or future networks – scales to thousands of virtual network devices
SP / Enterprise
VIRL
Virtual Internet Routing Lab
© 2011 Cisco and/or its affiliates. All rights reserved.
Production Network
Modeling
‘What-if’ Analysis
Test Lab
Virtualization
Partner Community
Training and
Education
Cisco Onepk
Virtual Testbed
Test Lab
Virtualization
University and Education
Networking
Research
Rapid
Prototyping
Network
Education
Cisco Confidential
30
IOS XR
VM-based tool: XR VR
IOS XE
VM-based tool: CSR1000v
© 2011 Cisco and/or its affiliates. All rights reserved.
NXOS
VM-based tool: vNXOS
IOS
VIRL
VM-based tool: vIOS
Cisco Confidential
31
• VIRL virtual networks enable building,
testing, learning and experimenting
with Cisco open networking
technologies
• E,g. OnePK-enabled virtual Openflow
switches and routers in a mixed
Openflow and MPLS-TE topology
• Virtual-machine based Cisco ONE
and PCE controllers drive traffic
through the network
• OnePK developers are able to test
and validate applications against
virtual devices before deploying to the
real network
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
32
Demo:
© 2011 Cisco and/or its affiliates. All rights reserved.
33
App
App
App
Cisco ONE Controller
OpenFlow Support on
the Industry’s Most
Extensible Controller
onePK
OpenFlow
Cisco Network Device
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
34
Cisco Open Network Environment
www.cisco.com/go/one
Questions?
[email protected]
Open Network Foundation
www.opennetworking.org
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
35
• An Introduction to onePK
• An Introduction to Overlay Networks
• An Introduction to the Cisco ONE controller architecture
• Security in Open Network Environments
• And more!
www.cisco.com/go/onewebcasts
© 2011 Cisco and/or its affiliates. All rights reserved.
Cisco Confidential
36
Descargar

Industry Standards & Forums