Add to collection(s) Add to saved
  1. Engineering & Technology
  2. Computer Science
  3. Computer Networks

Action - McKeown Group

advertisement 
Software Defined Networking
Nick McKeown
Stanford University
(part 1)
Why I love my job
I work with people much smarter than me.
I get to work on intellectually interesting ideas.
… that might positively change the practice.
Then, we try to actually change the practice.
Whatever it takes
•
•
•
•
•
•
•
•
•
•
Prove a theorem
Write a paper
Build a demo
Talk to lots of industry people
Write a standard
Give lots of talks
Write a blog
Start a company
Build an open source tool
…
Choosing research projects
• Pick a problem that is intellectually interesting.
• And improves the practice.
• And industry doesn’t like (yet).
Ethane
Martin Casado et al [Sigcomm ‘07]
Policy
“Laptops can’t accept
incoming connections”
“A can’t talk to B”
Network Control Plane
Control
Packet
Forwarding
Control
Control
Packet
Forwarding
Control
Packet
Forwarding
Control
Packet
Forwarding
Packet
Forwarding
Microsoft: “Come on in….”
Cisco: “It will never work…”
Raw nerve.
We must be onto something.
Checklist
• Intellectually interesting.
• And improves the practice.
• And industry doesn’t like (yet).
Corollary: You can’t give stuff away
Example 1: Order of magnitude faster router (1997)
– Tried to give Tiny-Tera away for free.
– Industry wasn’t ready.
– Started Abrizio.
Example 2: Network Memory (2001)
– Tried to give it away for free, to save $500M per year.
– Industry wasn’t ready.
– Started Nemo.
Example 3: Ethane (2007)
– Tried to give it away for free; early stages of SDN.
– Industry wasn’t ready.
– Started Nicira.
I put everything in public domain
Industry
– Invests huge amounts to develop and sell products.
– Patents protect ideas, giving the confidence to invest.
University research
–
–
–
–
Serves society at large.
Stay ahead by running fast, not by protecting.
Makes it easier to work with industry.
If it’s good research, industry doesn’t see it yet.
Everything in public domain since 1999.
(part 2)
If you are in any doubt about whether
OpenFlow/SDN will be deployed in the WAN
Urs Hölzle (Google), ONS 2012
Software Defined Networks
Martin Casado
What is SDN?
(when we clear away all the hype)
SDN is the separation of the control plane
from the forwarding plane.
Software Defined Network (SDN)
f ( Map)
f ( Map)
f ( Map)
Control
Program
Control
Program
Control
Program
Global Network Map
Network OS
Abstract
Forwarding
Model
(e.g. OpenFlow)
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
The Technical Benefits (1)
Well-defined control abstraction
–
–
–
–
–
Control plane can run on modern servers
Can adopt software engineering best-practices
Easier to add new control programs
…or customize locally
Solve distributed systems problem once, rather
than for every protocol
OSPF
Dijkstra 5%
OSPF
Dijkstra
Global Network Map
Network OS
Network 95%
Map
OS
Specialized
Hardware
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
Packet
Forwarding
The Technical Benefits (2)
Well-defined forwarding abstraction
– e.g. OpenFlow
– Vendor-agnostic interface to forwarding plane
– Simpler, lower-cost, lower-power hardware
Match-Action Forwarding Abstraction
Action Primitives
1.
2.
3.
4.
5.
6.
“Plumbing primitives”
“Forward to ports 4 & 5”
“Push header Y after bit 12”
“Pop header bits 8-12”
“Decrement bits 13-18”
“Drop packet”
…
H’
H
Match Action
F
Action(F)
G
Action(G)
H
Action(H)
Multiple Table Match-Action
H
n
H’
H1
Match
Action
Match
Action
F1
Action(F)
Fn
Action(F)
G1
Action(G)
Gn
Action(G)
H1
Action(H)
Hn
Action(H)
OpenFlow Philosophy
Long-term, forwarding looking
Match: Very general, not protocol specific.
Action: Small instruction set, not protocol specific.
– Make it easy to add new headers and actions.
– Any network (packet, circuit, radio).
Short-term, backward looking
Match: include well-known header fields.
Action: necessary set for existing protocols.
– Support existing protocols on existing switch chips.
Match
Table
Recombine
Match
Table
Action
DataIn H
DATA
H
Action
HEADER
New switch chips emerging
Output
Queues
Data
H
Out
The Technical Benefits (3)
Well-defined forwarding behavior
– The forwarding tables capture the entire
forwarding behavior.
– Control plane writes the forwarding state.
– Therefore, we can verify its correctness.
Software Defined Network (SDN)
firewall.c
…
if( TCP_port == SMTP)
Control
dropPacket();
Program
…
Control
Program
Control
Program
Global Network Map
Network OS
Match
Action
Packet
A
Action(A)
Forwarding
Match
Action
Action(F)
Packet
Forwarding
G
Action(G)
F
H
Action(H)
B
Action(B)
Match
Action
C
Action(C)
X
Action(X)
Z
Action(Z)
Match
Action
A
Action(A)
D
Action(D)
Packet
G
Action(G)
Forwarding
Packet
Y
Action(Y)
Forwarding
Match
Action
A
Action(A)
H
Action(H)
Packet
G
Action(G)
Forwarding
Software Defined Network (SDN)
firewall.c
…
if( TCP_port == SMTP)
Control
dropPacket();
Program
…
Control
Program
Control
Program
Global Network Map
Network OS
Match
Action
Packet
A
Action(A)
Forwarding
Match
Action
Action(F)
Packet
Forwarding
G
Action(G)
F
H
Action(H)
B
Action(B)
Match
Action
C
Action(C)
X
Action(X)
Z
Action(Z)
Match
Action
A
Action(A)
D
Action(D)
Packet
G
Action(G)
Forwarding
Packet
Y
Action(Y)
Forwarding
Match
Action
A
Action(A)
H
Action(H)
Packet
G
Action(G)
Forwarding
Software Defined Network (SDN)
Policy
Control
Program
Control
Program
Control
Program
Global Network Map
Action
Packet
A
Action(A)
Forwarding
Match
Action
Action(F)
Packet
Forwarding
G
Action(G)
F
H
Action(H)
B
Action(B)
Match
Action
C
Action(C)
X
Action(X)
Z
Action(Z)
Match
Action
A
Action(A)
D
Action(D)
Packet
G
Action(G)
Forwarding
“Guests can’t reach
PatientRecords”
“No loops”
Network OS
Match
“A can talk to B”
Packet
Y
Action(Y)
Forwarding
Match
Action
A
Action(A)
H
Action(H)
Packet
G
Action(G)
Forwarding
Forwarding
Behavior
Networks notoriously hard to debug
Today, even simple questions hard to answer:
– Can host A talk to host B?
– What are all the packet headers from A that can
reach B?
– Are there any loops in the network?
– Is Group X provably isolated from Group Y?
– What happens if I remove a line in the config file?
28
Header Space Analysis
Header
L
01110011…1
Data
Header
111..100000
Data
Header Space Analysis
1
2
The set of packets from A that can reach B
All packets from A that can reach B
Header Space Analysis
[Kazemian NSDI ‘12]
Consequences
–
–
–
–
Abstract forwarding model; protocol independent
Finds all packets from A that can reach B
Find loops, regardless of protocol or layer
Can prove that two groups are isolated
Can verify if network adheres to policy
HSA as a “foundation”
HSA enables many tools and methods
–
–
–
–
Independent static checking
In-line in-controller invariance checking
Dynamic testing: Automatic test packet generation
Dynamic testing: Automatic performance monitoring
Analogy to Boolean algebra for logic design
SDN: Business Consequences
The Business Consequences
1. Vertical integration will finally be replaced by
a more competitive industry with a level
playing field.
2. Large growth in software industry for
networking. Faster innovation.
3. Hardware switches will focus on capacity,
fan-out and power. (Think Intel for
networking).
4. Multi $Bn tools industry will emerge.
Corollary
The customer and end-user will be better served
–
–
–
–
–
Networks will be cheaper.
Networks will be faster.
Networks will be (much) more reliable.
Networks will improve faster.
Networks will be in service of the owner, the
operator, the customer and the application rather
than just the high-margin vendor.
SDN is in the best interest of society at large.
To resist is to be protectionist and self-serving.
AppAppAppAppAppAppAppAppAppAppApp
Specialized
Applications
Specialized
Operating
System
Specialized
Hardware
Vertically integrated
Closed, proprietary
Slow innovation
Small industry
Open Interface
Windows
(OS)
or
Linux
or
Open Interface
Microprocessor
Horizontal
Open interfaces
Rapid innovation
Huge industry
Mac
OS
AppAppAppAppAppAppAppAppAppAppApp
Specialized
Features
Specialized
Control
Plane
Specialized
Hardware
Vertically integrated
Closed, proprietary
Slow innovation
Open Interface
Control
Plane
or
Control
Plane
or
Open Interface
Merchant
Switching Chips
Horizontal
Open interfaces
Rapid innovation
Control
Plane
Specialized
Features
Hundreds of protocols
6,500 RFCs
Specialized
Control
Plane
Tens of millions of lines of code.
Closed, proprietary, outdated.
Specialized
Hardware
Billions of gates.
Power hungry and bloated.
What SDN isn’t
Ram in even more lines of code…
“My box now has an
OpenFlow interface too!”
(part 3)
What’s new?
1. Separation of control from forwarding.
2. Programmatic control of forwarding by
writing entries into tables.
Transport networks have done this for decades!
Natural Evolution: Converged Control
Control
Program
Control
Program
Global Network Map
Control
Program
Network OS
Direct Control of
Hardware,
Controlor
Virtual transport network
Data
Center
MPLS
Transport
Network
MPLS
New ONF Working Group: Optical Transport
Data
Center
Match-Action Forwarding Abstraction
OpenFlow
OpenFlow
Packet flow
Packet flow
Packet flow
Circuit/channel
Match
Action
Match
Action
F
Action(F)
F
Action(F)
G
Action(G)
G
Action(G)
OpenFlow
Circuit/channel
Circuit/channel
Match
Action
F
Action(F)
G
Action(G)
Dynamic Circuit Switching
Packet
Network
UNI
Transport
Transport
Network
Network
UNI
Packet
Network
Why it was supposed to happen
Technology: High capacity optical crossconnects.
Aggregation: High capacity packet networks.
Cost: Circuit switches cost less; use less power.
Standard: GMPLS.
Why GMPLS failed
1. Router vendors prevented it.
2. GMPLS standard much too complicated.
Packet Network
Transport Network
IP/MPLS Control Plane
GMPLS Control Plane
OSPF-TE, RSVP-TE + many more
OSPF-TE, RSVP-TE
EMS
Proprietary Interface
EMS
EMS
Proprietary Interface
UNI
Vendor Islands
We Didn’t Make it Easy!
49
Packet Network
Transport Network
IP/MPLS Control Plane
GMPLS Control Plane
OSPF-TE, RSVP-TE + many more
OSPF-TE, RSVP-TE
OSPF-TE,
RSVP-TE
OSPF-TE, RSVP-TE
EMS
Proprietary Interface
EMS
EMS
Proprietary Interface
UNI
GMPLS
OSP
F
RSVP
Quagga
175k
Vendor Islands
50k
Linux
50
Good Architecture Simplifies
3% as much code!
Dynamic
Bandwidth
Global Network Map
Aggregation
Network OS
Recovery
NOX
Linux
4.7k
68k
GMPLS
OSP
F
RSVP
Quagga
Linux
Packet
Network
Transport
Network
Packet
Network
175k
50k
Conclusions
• SDN is here to stay: It introduces the right
abstractions into network control.
• It will sweep away protectionist practices, and
level the playing field.
• It will enable converged control of packet and
transport networks.
• I don’t recommend sitting on the sidelines.
Apps
Specialized
Features
Specialized
Control
Plane
Specialized
Hardware
Apps
Network OS
Specialized
Control
Plane
Specialized
Simpler
Hardware
Related documents
Thomas Edwards, Fox - Hollywood Post Alliance
Thomas Edwards, Fox - Hollywood Post Alliance
How SDN will shape networking - James Hongyi Zeng
How SDN will shape networking - James Hongyi Zeng
1. OpenFlow and SDN intro
1. OpenFlow and SDN intro
ppt
ppt
The Open Networking Foundation
The Open Networking Foundation
Fabric: A Retrospective on Evolving SDN
Fabric: A Retrospective on Evolving SDN
ppt - McKeown Group - Stanford University
ppt - McKeown Group - Stanford University
The NDN Forwarding Plane
The NDN Forwarding Plane
Carving out files from pcap - cyber
Carving out files from pcap - cyber
Download
advertisement