ITU Workshop on
Software Defined Networking (SDN)
Standardization Landscape
(Geneva, Switzerland, 4 June 2013)
"Deeply Programmable Network"
Emerging Technologies for Network Virtualization
and Software Defined Network (SDN)
Akihiro Nakao
Associate Professor
The University of Tokyo
nakao@nakao-lab.org
Geneva, Switzerland, 4 June 2013
Future Network Research
Proliferating...
•
•
•
•
•
Future Internet Architecture (FIA) in U.S.
Global Initiative in Network Innovations (GENI) in U.S.
Framework Programme 7 (FP7) in EU
Horizon 2020 (2014-) in EU
New Generation Network (NwGN) in Japan
The University of Tokyo Confidential
2
How can we resolve newly observed,
constantly arising problems in the
current Internet?
Network Services
Economic DDoS Attack
Sub-optimal
Data Center NW
SaaS
Cloud Computing Platform PaaS
Access
IaaS & Data
Convergence
Smartphones
Wired-Wireless
Convergence
Named Content
ID-Locator Separation
Content Oriented Access
Sensor Data
Processing
NetBooks/NetTops
Enterprises
Security
Vulnerability
Sensors
The University of Tokyo Confidential
3
Emerging Areas of Study
in Future Network Research
Introducing programmability into networking
to flexibly and dynamically resolve constantly
arising contemporary issues.
• Network Virtualization (NV)
• Software Defined Network (SDN)
• Network Functions Virtualization (NFV)
• And more?
The University of Tokyo Confidential
4
Network Virtualization
In computing, network virtualization is the process of
combining hardware and software network resources
and network functionality into a single, software-based
administrative entity, a virtual network. Network
virtualization involves platform virtualization, often
combined with resource virtualization.
http://en.wikipedia.org/wiki/Network_virtualization
.... the advanced network virtualization , govern a
collection of the resources ranging from links,
networks, and node-software as a slice and create a
virtualized network over the slice with dynamically
controllable and programmable links and nodes.
http://nvlab.nakao-lab.org/nv-study-group-white-paper.v1.0.pdf
The University of Tokyo Confidential
5
•
•
•
SDN
Software Driven Network (IETF BoF)
?
Software Defined Network
Some Definition Needed :-)
Software-defined networking (SDN) is an approach to building
computer networks that separates and abstracts elements of these
systems
SDN decouples the system that makes decisions about where traffic is
sent (the control plane) from the underlying system that forwards
traffic to the selected destination (the data plane)...
http://en.wikipedia.org/wiki/Software-defined_networking
SDN enables programmability for control-plane so that OPEX in network
operation and management can be reduced through automation...
Aki Nakao 2013
The University of Tokyo Confidential
6
Standardization Activities
•
•
•
•
•
•
•
ITU-T on Future Networks / Network Virtualization
ETSI on Network Functions Virtualization (NFV)
IETF BoF on Software Driven Networks (SDN)
IRTF BoF on Network Virtualization
IETF WG on Interface to Routing System (I2RS) (conceptually similar to SDN)
ONF (Open Networking Foundation) on
Software Defined Networks (SDN) /OpenFlow
OpenDaylight on Software Defined Networks (SDN)
The University of Tokyo Confidential
7
Deep Programmability within Network
• Application Programmability
OpenDaylight
DPN
Applications
OpenFlow
SDN
• Control-Plane Programmability
• Interfaces
• Functions
•
•
•
Applications
Interfaces
e.g, Northbound API
Control Plane
Route Control
Access Control
Control-Plane
Elements
e.g, OpenFlow Controller
Network Management
• Data-Plane Programmability
• Interfaces
• Functions
• Packet Data Processing
Network
NFV
•
•
•
Network Appliances (DPI, BRAS, EPC)
•
IPvN (N>6), New Layer2, CCN
Deeply
Programmable
Network
(DPN)
Data Plane
In-Network processing (Cache, Transcode)
Interfaces
e.g, Southbound API
Data-Plane
Elements
e.g, OpenFlow Switches
Wide-Area generic processing
• Handling New Protocols
The University of Tokyo Confidential
8
Discussions necessary at ITU-T
Existing standardization activities
•
•
•
Network Virtualization (NV)
Software Defined Network (SDN)
Network Functions Virtualization (NFV)
Further study and standardization needed at ITU-T (SG13, SG11 or FG-DPN)
•
•
Systematic view and organization of related technologies
(NV, SDN, NFV and DPN)
Deeply Programmable Network (DPN) Technologies
•
•
•
•
Programmability for in-network processing
Programmability for new (non-IP) protocols
Data-Plane Programmability Interfaces
Accommodation of multiple isolated programmable
environments
The University of Tokyo Confidential
These missing pieces
should be studied
among industries
and academia
(GENI, FIA, FP7
NwGN related
academia)
9
DPN Research:
FLARE
The University of Tokyo Confidential
10
FLARE
/!5(32'($0&$*3"0
&'()'*++*,4$42%
!&/!-010!*2*0&$*3"0
&'()'*++*,4$42%
!""#$%
&'()'*++*,$"
-(."
-"26('80
94'2:*$4;*<(3
-"60&'(2(7($0
5*#*,4$42%
The University of Tokyo Confidential
11
OpenFlow Switch
Applications
Northbound API
OpenFlow Controller (OFC)
OpenFlow API
(Southbound API)
Fixed Control Plane
Fixed Data Plane
Physical Ports
Flow Pattern Match
Actions
OpenFlow Switch (OFS)
Although flexible control is achieved to some extent...
Data-plane programmability
•Complex processing not supported
New protocols
•Non Internet protocols not supported
New classification
•L7 pattern match not suppoted
Proprietary actions
•Proprietary actions cannot be executed
Proprietary
APIs (re)definition
•Proprietary API cannot be added The University of Tokyo
Confidential
12
Fully Programmable Switch?
Applications
Northbound API
Controller
Southbound API
Programmable Control Plane
Programmable Data Plane
Physical Ports
Challenges:
Deeply
Programmable
Switch
•Tradeoff between performance and flexibility
•Ease of programming
•Supporting multiple protocols/instant switch/concurrent use
The University of Tokyo Confidential
13
Multiple Fully Programmable Layers (Slivers)
Programmable Control Plane
Virtualized
Resource
Layers
(Slivers)
Programmable Data Plane
Resource virtualization within a single node
enables multiple switching logics/controls
The University of Tokyo Confidential
14
FLARE Node Architecture
(multiple fully programmable slivers)
Fully
Programmable
Sliver N
.
.
FLARE
Central
Programmable Control Plane
Programmable Data Plane
Virtual Ports
Sliver 2
Sliver 1
Physical Ports
The University of Tokyo Confidential
Node
Manager
Packet Slicer
15
•
•
•
•
•
•
FLARE Node Implementation
Multiple, isolated, deeply programmable environments
OS Virtualization on many-core processor (D-plane)
and x86 processor (C-plane)
Multi 10Gbps ports
1U / 1U Mini Form Factor
Control Plane & Data Plane Linux Programmability
Flexible programmability and reasonable performance
The University of Tokyo Confidential
16
Roadmap of FLARE nodes
Capacity in Gbps
320
10GbE x32
FLARE-EX (1U)
2014 1Q
10GbE x8
40
FLARE-X (1U)
2013 4Q
10GbE x4
FLARE1
2012 4Q
4
GbE x8 + 10GbE x2
FLARE2
2013 1Q
10
32
The number of ports
The University of Tokyo Confidential
17
FLARE Programming Model in Sliver
Programmable Control Plane
ofprotocol
dpctl
Programmable Data Plane
FromIO
(xgbe1)
FromIO
(xgbe2)
NOX
Controller
tunnel
ToIO
(xgbe2)
OFSwitch
ToIO
(xgbe1)
Multi-Threaded Modular Programming
e.g., Click Software Modular Router (multi-threaded)
•Arbitrary switch logic(s) can be implemented
The University of Tokyo Confidential
19
Ethernet Switch
6+-./0
1.23$75
*%+,-./0
1.23$45
!"#$%
&'(")#
6+-./0
1.23$45
*%+,-./0
1.23$75
789/,:
&!#!
;#;
;#; ;#;
;#; ;#;
;#; ;#;
"'()*+,
-'()*+,
.'()*+,
$'()*+,
%#<
%#$
$#!
;#;
.#"
"#$
!
&'()*+
/012,34+5$&"6
/012,34+5&$&.6
Switching Performance
The University of Tokyo Confidential
20
OpenFlow
Control Plane
Data Plane
tunnel
FromIO
(xgbe1)
ToIO
(xgbe2)
OFSwitch
FromIO
(xgbe2)
789/,:
;#;
%#;
%#$
"#$
ToIO
(xgbe1)
;#;
&!#!
&#$
;#;
=#%
$#&
.#"
$#!
NOX
Controller
ofprotocol
dpctl
"#%
-#<
!
&'()*+
/012,34+5$&"6
/012,34+5&$&.6
"'()*+,
-'()*+,
.'()*+,
Switching Performance
The University of Tokyo Confidential
$'()*+,
21
What can we do with FLARE
that others cannot do
in a simple manner?
The University of Tokyo Confidential
22
Multiple SDN Logics
(OpenFlow 1.3 and OpenFlow 1.0)
FLARE2 1
OpenFlow1.0
NOX1
NOX2
OpenFlow1.3
IPv6
IPv6
video
client
IPv6
Client #1
video
client
IPv6
Client #2
GbE
IPv4
video
client
IPv4
Client #1
10GbE
IPv4
video
client
IPv4
Client #2
The University of Tokyo Confidential
IPv6
IPv4
video
server
VLC
Server
23
Multiple SDN Logics
Purpose:
Dynamically changing SDN control logics for different flow spaces
Benefit:
Instant upgrade/downgrade of switching software
Incremental upgrade while keeping compatibility with old technologies
Enable evolve-able network architecture
Solution:
FLARE can implement multiple SDN logics (southbound APIs) in slivers
The University of Tokyo Confidential
24
Window-based Arbitrary Bit Matching
Arbitrary bit matching as in openflow pattern matcher
is costly due to expensive memory operation per packet
!"#$%!
Set a window to minimize per-packet memory operations
Improve performance while keeping flexibility
Leon Lee, Ping Du and Akihiro Nakao, "Ouroboros: SDN Beyond Flow-Tuple Matching," IEICE NS Technical Report, Mar. 2013
The University of Tokyo Confidential
25
Window-based Arbitrary Bit Matching
e.g., RTP-SSRC Matching
Purpose:
Specific Real-time audio/video traffic control, based on stream , not flow
(e.g. based on RTP SSRC field to enable routing according to the
streaming-video IDs )
Benefit:
Application/Content specific routing
Solution:
Use window to extract information included in RTP headers
"0$
!!"#
$%&'(%)*+&,..//
The University of Tokyo Confidential
26
L7 Switching and In-Network Processing
Video Client
L7 Switching
Op
en
OpenFlow
Controller
Flo
w/
R
TP
L7
Switching
OFSW
/RTP
Video Server
RE
FLA
In-Network
Processing
Mux
RE
FLA
Trans
coder
RE
FLA
FLARE supports deeply programmable
SDN solutions such as arbitrary-bits and
arbitrary offset matching and definition
of proprietary APIs achieving both
flexibility and performance
In-Network Processing
Video transcoding can be preformed in
real time on either D-plane (many-cores
processor) or C-plane (Intel-CPU).
The University of Tokyo Confidential
27
Window-based Arbitrary Bit Matching
e.g., Trailer Matching
Purpose:
Device/application/content specific traffic engineering
Benefits:
More specific recognition for packets bound to overly used TCP port (e.g., 80)
Traffic engineering for data transmitted from specific devices
Network Virtualization for non-IP protocols!
Solution:
After attach/detach trailers, establish control in intermediate FLARE switches
##23
./
&'
100$
&'&'
The University of Tokyo Confidential
28
Window-based Arbitrary Bit Matching
e.g., Trailer Matching
Trailer is an extra section attached at the end of each packet
1-%)-45************************************$%67-+*6(8+-8+*************************************************04%9'-4
End/Edge nodes are responsible for attaching and detaching Trailers
(%)*+
(%)*,
$%67-+
$%67-+
!"#$%
/
$%67-+
/
$%67-+
/
$%67-+
/
Leon Lee, Ping Du and Akihiro Nakao, "Ouroboros: SDN Beyond Flow-Tuple Matching," IEICE NS Technical Report, Mar. 2013
The University of Tokyo Confidential
29
Network Virtualization with Trailer Slicing
SERVER1
!+,-+,.)
()
FLARE1
D51,+.)$
D51,+.*$
FLARE2
SERVER2
!+,-+,.*
!"#$$
%&'$
!"#$$
%&'$
-(*/
(*
SERVER3
!+,-+,.3
(3
D51,+.3$
+0%12
D51,+.4$
SERVER4
!+,-+,.4
+0%12
(3
5678$$
%69:;<=>
(4
SERVER6
!+,-+,.C
76E8=$
GH68>I
SERVER5
!+,-+,.?
76E8=$
F8:78:
-()/
@A8>$
B;9$
The University of Tokyo Confidential
30
Drastic Examples
The University of Tokyo Confidential
31
L2 Programmability
Extended (96bit) MAC switching
Traditional Ethernet Frame:
DMAC (48bits)
SMAC (48bits)
Type
IP PayLoad
Extended Ethernet Frame with Extended MAC:
DMAC (96bits)
SMAC (96bits)
Type
IP PayLoad
Prototype with Click
FromDevice
(tap0)
Strip(14)
ExEtherEncap
Strip(26)
EtherEncap
ToDevice
(tap0)
Strip(26)
EtherEncap
ToDevice
(tap1)
ExEtherSwitch
FromDevice
(tap1)
Strip(14)
ExEtherEncap
The University of Tokyo Confidential
32
L2 Programmability
Extended (96bit) MAC switching
6+-./0
1.23$75
*%+,-./0
1.23$45
!.89:
&'(")#
6+-./0
1.23$45
*%+,-./0
1.23$75
789/,:
%#$
$#!
;#;
;#%
&!#!
;#;
;#; ;#;
;#; ;#;
-'()*+,
.'()*+,
$'()*+,
<#%
=#&
-#"
"#$
!
&'()*+
/012,34+5$&"6
/012,34+5&$&.6
"'()*+,
Switch Performance
The University of Tokyo Confidential
33
L2 Programmability
Extended (96bit) MAC switching
Purpose:
•Demonstrating Clean-Slate programmability even for L2 protocols
•Possibly alternative to VXLAN for mitigating MAC address exhaustion
for supporting a large number of tenants in data center networks
Benefit:
MAC address extension keeping transparence for IP applications
Solution:
FLARE can literally provide deep programmability in data-plane,
even in L2.
The University of Tokyo Confidential
34
Non-IP protocol
Mobility First Network In Tokyo
Mobility First
US Backbone
MF
GNRS
RE
FLA
GBE
C-channel
MF
RE
FLA
MF
Sender
XGB
D-channel
FLARE
Testbed
(Japan)
The University of Tokyo Confidential
Mobility First
Network
In Utah
ProtoGENI
Testbed
(US)
35
Non-IP protocol
Purpose:
Develop and operate Non-IP protocols over a network
Benefit:
Enable non-IP protocol development for research community
Solution:
FLARE can be used to program data-plane as well as control-plane
for Non-IP protocols (that requires data-plane programming)
The University of Tokyo Confidential
36
FLARE at ITPro EXPO 2012
Beyond OpenFlow/SDN
The University of Tokyo Confidential
37
MPLS 2012
(with Cisco & Juniper)
The University of Tokyo Confidential
38
IM2013 Keynote
39
iPoP 2013 Business Session
Platinum Booth
40
LivingLab @ NakaoLab
Living with Deeply Programmable FLARE
$%&%'(#$)*#+,'-.,/#0/)'1#
8!3
9/:1#;<8"#=,.->#?+@A4B#
#
5
6
!"#"$%&!'(&)'*'&+,'$-&
E
D
C
2!3
!!"##
$3#DG#
E
.
2
!!"#
4/0
5"(-6&+76*&
&
0
.
./0
<
D
F
//1&
+'*89&
+'$-,&
5
E
5
0
5
E+
2!"
E
2
2!5
2!4
3
E
7
8
"
E
./1
4
2
3
.
5
5
5
D
./3
./2
0
.
0
.
0
5"(-6&+76*&
&
9/:1#;<8"#=,.->#?+@A4B#
#
The University of Tokyo Confidential
41
Conclusion
•
Deep Programmability refers to the extensive
programmability including Control-plane, Data-plane
(including non-IP handling), (re)defining APIs in SDN, etc.
•
Deeply Programmable Network research encourages
clean-slate thinking and redesigning the network and
lifts the limitation in traditional networking and even in
the current SDN
•
Standardization on deep programmability within the
network is yet to be done
The University of Tokyo Confidential
42
Credits
•
•
FLARE Project Team @ UTokyo
•
•
•
•
•
•
Aki Nakao
Shu Yamamoto
Ryota Ozaki
Ping Du
Eiji Miyagaki
Haruki Denpo
NICT & MIC for Funding the Project(s)
The University of Tokyo Confidential
43