Network Management
Process of configuring network to achieve a variety of tasks
- load balance
- security
- business relationships
Configuring net ]work mistakes lead to:
- Oscillation
- loops
- partitions
- black-holes
Why is configuration hard?
- Defining correctness is hard
- Interactions between protocols->unpredictability
- Operators make mistakes
Device-level configuration SDN changes this
What operators need (and what SDN provides)
- Network-wide views
- topology
- traffic - Network-level objectives
- load balance
- security - Direct Control
- > direct manuplation of data plane
Routers should (to make network operations easier) …
+ Forward packets
+ Collect measurements
- Compute Routes -> can be (logically) centralized
Software Defined Networking == “Remove Routing from Routers”
What is an SDN?
Data Plane: forward traffic
Control Plane: Compute routing tables
Today: Control + Data on routes
SDN: 1. Logically centralized control 2. network-wide control
Advantages of SDN
- Coordination
- Evolve
- Reasoning
All of these characteristics are rooted in the fact that the control plane is separate from the data plane
This allows to provide CS techniques to networking problems
SDN infrastracture
Control Plane: Software Program (Python, C)
Data Plane: Programmable hardware (“switch”)
SDN Applications
Data centers Backbone networks Enterprise networks Internet Exchange Points (IXPs) Home Networks
Job of Control Plane
To compute state that ultimately ends up in the data plane
Control Plane
Logic that controls forwarding behavior
Examples: routing protocols, configuration for network middleboxes
Data Plane
Forward traffic according to control plane
Examples: forwarding, switching
Why is separating data and control a good idea
- Independent evolution
- > software & hardware can evolve independently - Control from high-level program
- > debug/check behavior more easily
Opportunities for better network management (separation of control and data plane)
- Data centers: VM migration
- Routing: More control over decision logic
- Enterprise networks: security
- Research: coexistence w/production
Reasons for separating data and control
- Independent evolution of data and control plane
- Separating vendor hardware from control logic
- Easier reasoning about network behavior
Example of where SDN can provide huge wins
Data Centers
Problem: Provisioning/migration in response to load
Solution: Program switch state from a central database
How does control/data separation make managing data centers easier?
- Monitoring/control of routes from a central point
- Migrating VMs without renumbering host addresses
Challenges with SDN
- Scalability: Hundreds to thousands of switches
- Consistency: Ensuring different replicas see same view
- Security/Robustness: Failure or compromise?
Ways to cope with scalability challenges
- Eliminate redudant data structures
- Only perform control-plane operations for a limited # of operations
- Cache forwarding decisions in switches
- Run multiple controllers
Different SDN Controllers
- Nox
- Ryu
- Floodlight
- Pyretic
- Frenetic
- Procera
- RouteFlow
- Trema
NOX
- First-generation OpenFlow controller
- -> open-source, stable, widely used
- Two flavors
- “Classic”: C++/Python
- “New NOX”: C++ only, fast, clean
Characteristics:
C++
OpenFlow 1.0
Model Event-based -> event handlers
+Performance
- Low level open flow commands
- C++
NOX Architecture
Components
- Switches
- Network-attached servers
Abstraction: Switch Control
Control: flow granularity
flow
header is 10-tuple
Actions might include Forward, drop, send to controller
When a switch receives a packet:
- Updates counters for counting packets that belong to that flow
- Applies corresponding actions
Basic Programmatic Interface for the NOX Controller
Based on events, such as a switch join/leave, packet in or receive method, stats etc
Controller keeps track of network view which includes a view of the underlying network topology
also speaks control protocol to the switches in the network
That control protocol effectively allows controller to update the state in the network switches
The NOX controller implements the OpenFlow protocol
When to use Pox
Class project and university research
Does not perform as well as other controllers
