Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks
Uploaded by Mostafa Aly

SDN-Presentation

advertisement 
management plane
-The management plane is responsible
for managing a device through its
connection to the network
• Network administrators use
applications such as Secure Shell
(SSH), Trivial File Transfer Protocol
(TFTP), Secure FTP, and Secure
Hypertext Transfer Protocol (HTTPS)
to access the management plane and
configure a device.
• .
Control plane
•
Control plane - This is typically
regarded as the brains of a device. It
is used to make forwarding decisions.
The control plane contains Layer 2
and Layer 3 route forwarding
mechanisms, such as routing protocol
neighbor tables and topology tables,
IPv4 and IPv6 routing tables, STP,
and the ARP table. Information sent
to the control plane is processed by
the CPU.
Data plane
Data plane - Also called the forwarding
plane, this plane is typically the switch
fabric connecting the various network
ports on a device. The data plane of
each device is used to forward traffic
flows. Routers and switches use
information from the control plane to
forward incoming traffic out the
appropriate egress interface.
Information in the data plane is typically
processed by a special data plane
processor without the CPU getting
involved.
• In a traditional router or switch
architecture, the control plane and
data plane functions occur in the
same device. Routing decisions and
packet forwarding are the
responsibility of the device
operating system.
In SDN, management of the control
plane is moved to a centralized SDN
controller. The figure compares
traditional and SDN architectures
Layers of SDN
•
Now we will talk about the layers of SDN .
• There are three layers in SDN Architecture ,
and the links between them is APIs ,Northbound API and Southbound API.
• First layer is Application Layer , it’s a software that has the
configurations and orders we will set on the controller ,and the controller
takes this configurations and instructions to execute it on the network
devices ,like a software for routing , another one for switching ,and this
applications some of them are appliance ,and the other is being
programmed by Admins .
• And the Second Layer is The Controller Layer ,it’s our control plane
,and this layer as we said that it takes the configurations and the
instructions from the Applications and execute it on the network devices.
•
In the end of Architecture ,there’s the Infrastructure Layer,
• That contains the network devices ,in SDN we will only use OpenFlow
Switches, there will be no more routers or switches ,and no more mactable for switching or routing table for routing ,there will be flow table for
forwarding the data .
APIs
• Before we talk about the APIs, we will talk about
Northbound and Southbound.
• Northbound and Southbound are the links that
link controller layer between Application Layer and
Infrastructure Layer .
• Application ,is software that sends instructions to
controller into programming codes that controller
doesn’t understand ,so, northbound solve this
problem ,that it sends the data to controller into a
language that its os understands, and this API like
Postman ,it developed by Google.
• Controller takes the instructions from Application
layer to execute it on the network devices ,so in
Southbound Api we just need a protocol that
exchange data between controller and network
devices , like OpenFlow, and Opflex for cisco.
Why OpenFlow is the best ?!
• As we said that OpenFlow is the
Southbound Api between
controller and infrastructure layer
, it’s a protocol used for
exchanging data between
controller and the switches.
• Why it’s the best?
• because first, it writes in
forwarding without Operation
system .
• And it completely removed the
control plane feature from the
devices .
Controllers
SDN Controller and Operations
• Within each switch, a series of tables implemented in
hardware or firmware are used to manage the flows of packets
through the switch. To the switch, a flow is a sequence of
packets that matches a specific entry in a flow table.
• The three table types shown in the previous figure are as
follows:
• Flow Table
• Group Table
• Meter Table
Controllers
SDN Types (Cont.)
• 1:Device-based SDN
• 2:Controller-based SDN
• 3:Policy-based SDN
Cisco ACI
What is Cisco ACI ?
• Network automation framework based on policy model
• I.e. Cisco’s software defined networking (SDN) Technology
• A purpose-built hardware solution for integrating cloud computing and data center management.
Core Components of ACI
•There are three core components of the ACI architecture:
• Application Network Profile (ANP) - An ANP is a collection of end-point groups (EPG), their
connections, and the policies that define those connections.
• Application Policy Infrastructure Controller (APIC) - APIC is a centralized software controller that
manages and operates a scalable ACI clustered fabric. It is designed for programmability and
centralized management. It translates application policies into network programming.
• Cisco Nexus 9000 Series switches - These switches provide an application-aware switching fabric
and work with an APIC to manage the virtual and physical network infrastructure.
Cisco application
policy
infrastructure
controller (APIC) is
a ucs centralized
server that
manages network
• Control plane and management plane decisions
controlled by APIC
• Forwarding and filtering policies pushed from APIC
to fabric switches
• Switches are configured as a whole by APIC instead
of individually through CLI
• Data plane forwarding controlled by managed by
switches
• Endpoint Grouping and segmentation is managed
by (APIC) as well as filtration
•
•
•
•
•
•
•
•
•
•
•
Endpoint Group (EPG):
Grouping of devices with the same policy, e.g. “servers”
Contract:
Filtering policy for the group of endpoints, equals to an access list
Bridge Domain (BD):
Layer 2 forwarding domain , similar to a VLAN
Can contain one or more subnets
Private Network / VRF:
Logical routing table instance , same as Routers
Tenant:
Logical separation of customer configuration for multi-tenancy, e.g. “production ’’ “test Environment”
Spine-Leaf Topology
• The Cisco ACI fabric is composed of the
APIC and the Cisco Nexus 9000 series
switches using two-tier spine-leaf
topology, as shown in the figure. The leaf
switches attach to the spines, but they
never attach to each other. Similarly, the
spine switches only attach to the leaf and
core switches (not shown). In this twotier topology, everything is one hop from
everything else.
• When compared to SDN the APIC
controller does not manipulate the data
path directly. Instead, the APIC
centralizes the policy definition and
programs the leaf switches to forward
traffic based on the defined policies.
APIC-EM Features
• Cisco APIC-EM provides a single
interface for network management
including Discovering and
accessing device and host
inventories. Viewing the topology
(as shown in the figure).Tracing a
path between end points. Setting
policies.
• The APIC-EM Path Trace tool
allows the administrator to easily
visualize traffic flows and discover
any conflicting, duplicate, or
shadowed ACL entries.
Who Are Using
SDN
Nowadays?
Related documents
Presentation1
Presentation1
iSTAMP
iSTAMP
1-1 and 1-2 Study Guide
1-1 and 1-2 Study Guide
Fit-plane-through-data-points
Fit-plane-through-data-points
Download
advertisement