Openflow
Y SDN
Fundamentos
de Open Networking.
Soluciones
Open Flow
Miguel Angel
Rodr
íguez
Fernández
marodriguez@juniper.net
2
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Agenda
ARQUITECTURA SDN
INTRODUCCION a
Openflow
Casos
Prácticos
3
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
ARQUITECTURA SDN
4
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
Ap
p
Ap
p
Ap
p
4
En la
actualidad:Cajas
cerradas
y
Protocolos
distribuidos
5
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding
Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
Ap
p
Ap
p
Ap
p
Network Operating System
App
App
App
Un
Acercamiento
a “Software
Defined Networking
”
5
6
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
App
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
App
App
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Network Operating System
1. Open interface to
hardware
3. Well
-
defined open API
2. At least one good operating system
Extensible, possibly open
-
source
El
Concepto
“Software
-
defined Network”
6
7
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Software Defined Networking (SDN)
Los
principales
objetivos
de SDN
Abstraer
los
elementos
de la Red
desde
las
Aplicaciones
.
Control y
Gestión
centralizadad
de los
dispositivos
de red de
diferentes
fabricantes
.
Tener
una
Red
abierta
que
permita
ser
programable
y
crear
servicios
de forma
sencilla
.
SDN
es
una
arquitectura
que
divide el
plano
de
conmutación
y
permite
que
sea
programable
de
una
forma
directa
.
LAS REDES ABIERTAS ADOPTARAN
MAYORES INNOVACIONES.
8
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Arquitectura
SDN
10
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Introducción
a
Openflow
11
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Aproximación
a
openflow
Plano de Control
separado
del
plano
de
conmutación
Plano de Control
Centralizado
.
OpenFlow
controller(La
plataforma
).
Lógicamente
centralizada
y
fisicamente
distribuida
.
Plano de conmutación distribuido.
OpenFlow switches (
Pueden
ser
routers,firewalls
).
No
es
necesario
tener
protocolos
de routing .
Software (kernel, hypervisor,
userspace
),
Hardware (merchant silicon, ASICs, OpenFlow optimized ASICs)
OpenFlow
es
el
protocolo
entre el
plano
de control y de
conmutación
.
12
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Plano de Control
centralizado
y
conmutación
distribuido
.
OpenFlow controller
Plano de control
centralizado
OpenFlow protocol
OpenFlow switch
Plano de
conmutación
13
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Arquitectura
de un
openflow
controller
Protocol Engines
OpenFlow
OF
-
Config
Basic Services
API (
not
standard)
Topology
discovery
Path
computation
Inventory
Infrastructure
Event dispatching
GUI
CLI
FlowVisor
(network partitioning)
Applications
Replication
Scheduler
Data Center
Multi Tenancy
Load
Balancer
14
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
OpenFlow
Controller
Traditional Router/Switch
OpenFlow
Router/Switch
Control Process
Forwarding
Table
Secure Channel
Simple Controller
Forwarding/Flow
Dispatch Table
Distributed control plane
EVOLUCION A OFN
15
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Controller
PC
Hardware
Layer
Software
Layer
Flow Table
MAC
src
MAC
dst
IP
Src
IP
Dst
TCP
sport
TCP
dport
Action
OpenFlow
Client
*
*
5.6.7.8
*
*
*
port 1
port 4
port 3
port 2
port 1
1.2.3.4
5.6.7.8
Ejemplo
de
OpenFlow
15
16
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
TIPOS DE MENSAJES
Tres
tipos
de
mensajes
y
cada
mensaje
con
múltiples
subtipos
.:,
controller
-
to
-
switch, asynchronous y symmetric.
Controller
-
to
-
switch
messages are
initiated by the controller
and
used to directly manage or inspect the state of the switch.
Features (query capabilities), modify
-
state(add/delete/modify flow/group
entry), read
-
state, packet
-
out
Asynchronous
messages are
initiated by the switch
and used to
update the controller of network events and changes to the switch
state.
Such as
flow
-
removed, packet
-
in, port
-
status
Symmetric
messages are
initiated by either the switch or the
controller
and sent without solicitation.
hello, echo (request/reply), experimenter
17
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
OpenFlow
Basics
Flow Table
Entries (1.0)
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
L4
sport
L4
dport
Rule
Action
Stats
1.
Forward packet to zero or more
ports
2.
Encapsulate and forward to
controller
3.
Send to normal processing pipeline
4.
Modify Fields
5.
Any extensions you add!
+ mask what fields to match
Packet + byte counters
17
VLAN
pcp
IP
ToS
18
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Examples (1/2)
Switching
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
00:1f:..
*
*
*
*
*
*
*
port6
Flow Switching
port3
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
00:20..
00:1f..
0800
vlan1
1.2.3.4
5.6.7.8
4
17264
80
port6
Firewall
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
*
*
*
*
*
*
22
drop
18
19
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Examples (2/2)
Routing
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
*
*
*
5.6.7.8
*
*
*
port6
VLAN Switching
*
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
vlan1
*
*
*
*
*
port6,
port7,
port9
00:1f..
19
20
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Secure
Channel
Flow Table
OpenFlow
Controller
OpenFlow
Protocol
SSL/TLS
OpenFlow
v1.0 Switch
sw
hw
OpenFlow v1.0 Switch
21
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Secure Channel
Flow
Table
OpenFlow
Controller
OpenFlow
Protocol
SSL/TLS
OpenFlow
v1.1 Switch
Flow
Table
…
Pipeline
Group
Table
OpenFlow v1.1 Switch
22
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Secure Channel
Flow
Table
OpenFlow
Controller
OpenFlow
Protocol
SSL/TLS
OpenFlow
v1.1 Switch
Flow
Table
…
Pipeline
Group
Table
Table
OpenFlow v1.1 Switch
23
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
CASOS PRACTICOS
24
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Google
Keynote at Open Networking Symposium 2012
Urs
Hölzle
, Senior Vice President Technical Infrastructure
Google deployed OpenFlow in I
-
Scale network
In production to connect all Google datacenters
Replaced traditional routing protocols
Google built OpenFlow switches themselves (but will buy if available)
Cost savings (e.g. 100% link utilization, easier management)
New opportunities
http://www.youtube.com/watch?v=VLHJUfgxEO4
25
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Data center interconnect wan
Openflow
instead of routing protocols
OpenFlow
switch
no routing protocols
Logically centralized
OpenFlow
controller
26
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Data center con
Arquitectura
de SDN
Physical
IP Fabric
Virtualized
Network
Virtualized
Compute
Virtualized
storage
Virtualized
services
Centralized
Orchestration
27
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Multi
-
tenancy using overlay networks
Hypervisor
Virtual switch
Virtual machine
Overlay tunnel
28
Copyright
© 2009 Juniper Networks, Inc. www.juniper.net
Virtualized services
Virtual firewall service
centralized orchestration
OF compute, storage, and network
Centralized
Orchestration
Compute
Storage
Network
The IP fabric
was not touched
OpenFlow
Juniper is the
recognized
leader
of the network
programmability
movement, which is the conceptual
foundation underlying the SDN approach.
Long
before
the term “
SDN
” was coined, our disruptive
network architectures were built on the premise of using
innovative
software
to give customers unprecedented
levels of
flexibility
and
control
, with an end goal of
transforming
the
economics
and
experience
of networking.
By simultaneously simplifying and opening up the network,
Juniper
pioneered
the
core capabilities
and
concepts
behind SDNs.
Posicionamiento de SDN
Open network
Technologies FOR Innovation
Network
Orchestration
Network Devices
Junos
SDK
: Common
APIs, RE APIs, Services APIs, Remote (VE) APIs
Juniper Custom Silicon
Junos Data Plane (Packet Forwarding Engine)
Junos Control Plane
(Routing Engine)
Junos Service
Plane
(Service Engine)
Junos Virtual Plane
(Virtual Engine
Environment)
OpenFlow
(extensible)
Junos Space (Orchestration, Management, Monitoring
Plane)
Custom
Apps +
APIs
Custom Packet
Processing Apps +
APIs
Custom Apps + APIs
on any OS
Juniper and Custom Application APIs
Junos Space SDK
Any OF
controller
Automation
ALTO
ALTO
server
PCE
Common
Interfaces
OSS/BSS
Network
-
aware Apps
Juniper and Custom Space UIs /
Workflows
Topology
Client
Path
Client
...
SNMP
NETCONF
SYSLOG
HTTP
RESTful
Web Services
DMI
OpenFlow
BGP
-
TE
ALTO
PCP
Juniper Platform Element
Juniper Application Element
GRACIAS.
PREGUNTAS
- Αρχική
- Περιήγηση
- Όλες οι Κατηγορίες
- Internet και Εφαρμογές Web
- Αποθήκευση
- Ασφάλεια
- Βιοτεχνολογία
- Δίκτυα και Επικοινωνίες
- Διακομιστές
- Διαχείριση
- Διαχείριση Δεδομένων
- Επιχειρησιακές Εφαρμογές
- Ηλεκτρονική - Συσκευές
- Ημιαγωγοί
- Κινητά – Ασύρματες Τεχνολογίες
- Λογισμικό & κατασκευή λογ/κού
- Μηχανική
- Περιβαλλοντική Τεχνολογία
- Πετρελαϊκά και Εξόρυξη
- Πολεοδομικά Έργα
- Τεχνίτη Νοημοσύνη και Ρομποτική
- Τηλεπικοινωνίες
- Ψυχαγωγία
- Κοινότητα
- Μεταφόρτωση
Σχόλια 0
Συνδεθείτε για να κοινοποιήσετε σχόλιο