Introduction to Software

Defined Network (SDN)

Hengky “Hank” Susanto, Sing Lab, HKUST
Outline
• Introduction.
• What is Software-Defined Network?
• OpenFlow.
• Research Problems in SDN.
 Once Upon a Time
• “AT&T Eyes Flexibility, Cost Savings With New Network Design”, Wall
Street journal, 2014.
• Upgrade their internal network infrastructure (routers and switches) every 18
months to keep up with the current demands for network.
• Cost Billions USD to upgrade.
• Cisco top of the line switch cost $27K USD
• Other high cost: Involved many men power to upgrade the network.
• In Summary: AT&T was eyeing for SDN capable switches (only $11K USD each).
 The Networking Industry (2007)
Routing, management, mobility management,
access control, VPNs, …

App App App

Million of lines Manage by 5400 RFCs
of source code
Operating
System

Specialized Packet 500M gates

Power Hungry
Forwarding Hardware 10Gbytes RAM

Many complex functions baked into the infrastructure

OSPF, BGP, multicast, differentiated services,
Traffic Engineering, NAT, firewalls, MPLS, redundant layers, …

An industry with a “mainframe-mentality”

 Reality…!!!! (As 2015)
App App App
App
App
App
Operating
System
Operating System
Specialized Packet Specialized Packet
Forwarding Hardware Forwarding Hardware

Closed equipment
• Software bundled with hardware. Operating a network is expensive
• Vendor-specific interfaces. • More than half the cost of a network.
• Yet, operator error causes most outages.
Over specified : Slow protocol standardization.
Buggy software in the equipment
Few people can innovate • Routers with 20+ million lines of code
• Equipment vendors write the code. • Cascading failures, vulnerabilities, etc.
• Long delays to introduce new features.
Traditional Network Router
• Router can be partitioned into control and data plane
• Management plane/ configuration
• Control plane / Decision: OSPF (Open Shortest Path First)
• Data plane / Forwarding

Adjacent Router Router Adjacent Router

Management/Policy plane
Configuration / CLI / GUI
Routing
Control plane Control plane Static routes Control plane
OSPF OSPF OSPF
Neighbor Link state IP routing
table database table
Switching
Data plane Data plane Data plane
Forwarding table
Traditional network Router In Summary
• Typical Networking Software
• Management plane
• Control Plane – The brain/decision maker
• Data Plane – Packet forwarder
 Imagine IF The Network is……..!!!
Control Plane SDN Concept:
Logically-centralized control Separate Control
Smart plane and Data
API to the data plane plane.
Separated

Dumb,
fast

Switches

Data Plane
 Software-Defined Network with key Abstractions
Network
Well-defined API Virtualization
Traffic Other
Application Plane Security Routing Engineering Applications
Network Map
Abstraction
Control Plane Network Operating System
Instructions

Instructions Instructions Instructions

Forwarding Separation of Data

and Control Plane
Forwarding
Data Plane Forwarding

Forwarding
SDN Basic Concept
• Separate Control plane and Data plane entities.
• Network intelligence and state are logically centralized.
• The underlying network infrastructure is abstracted from the
applications.
• Execute or run Control plane software on general purpose
hardware.
• Decouple from specific networking hardware.
• Use commodity servers and switches.
• Have programmable data planes.
• Maintain, control and program data plane state from a central
entity.
• An architecture to control not just a networking device
but an entire network.
SDN in Real World – Google’s Story
• The industries were skeptical whether SDN was possible.
• Google had big problems:
• High financial cost managing their datacenters: Hardware and software upgrade,
over provisioning (fault tolerant), manage large backup traffic, time to manage
individual switch, and a lot of men power to manage the infrastructure.
• Delay caused by rebuilding connections after link failure.
• Slow to rebuild the routing tables after link failure.
• Difficult to predict what the new network may perform.
• Google went a head and implemented SDN.
• Built their hardware and wrote their own software for their internal datacenters.
• Surprised the industries when Google announced SDN was possible in production.
• How did they do it?
• Read “B4: Experience with a Globally-Deployed Software Defined WAN”, ACM Sigcomm 2013.
 The Origin of SDN Martin Casado

• 2006: Martin Casado, a PhD student at Stanford and team propose a clean-slate
security architecture (SANE) which defines a centralized control of security (in stead of
at the edge as normally done). Ethane generalizes it to all access policies.
• The idea of Software Defined Network is originated from OpenFlow project (ACM
SIGCOMM 2008).
• 2009: Stanford publishes OpenFlow V1.0.0 specs.
• June 2009: Martin Casado co-founds Nicira.
• March 2011: Open Networking Foundation is formed.
• Oct 2011: First Open Networking Summit. Many Industries (Juniper, Cisco announced
to incorporate.
• July 2012: VMware buys Nicira for $1.26B.
• Lesson Learned: Imagination is the key to unlock the power of possibilities.
What is OpenFlow?

Application A Application B

Control Plane (Network OS)

OpenFlow Protocols

DataControl
PlanePath OpenFlow

Data Path (Hardware)

What is OpenFlow?
• Allow separation of control and data planes.
• Centralization of control.
• Flow based control.
• Takes advantage routing tables in Ethernet switches and routers.

• SDN is not OpenFlow.

• SDN is a concept of the physical separation of the network control plane from the
forwarding plane, and where a control plane controls several devices.
• OpenFlow is communication interface between the control and data plane of an SDN
architecture.
• Allows direct access to and manipulation of the forwarding plane of network devices such as
switches and routers, both physical and virtual.
• Think of as a protocol used in switching devices and controllers interface.
How is OpenFlow related to SDN in The Nut Shell?

OpenFlow allows you to do: SDN Concept

(Application Plane)

Separation of Data
and Control Plane
Basic OpenFlow: How Does it Work?
• Controller manages the traffic (network flows) by
manipulating the flow table at switches.
• Instructions are stored in flow tables.
• When packet arrives at switch, match the header
fields with flow entries in a flow table.
• If any entry matches, performs indicated actions
and update the counters.
• If Does not match, Switch asks controller by
Control Plane : sending a message with the packet header.

Flow Table (has 3 sections)

Communicate via
secure Channel

Flow table

Data Plane

Match the packet header

The Actual Flow Table Looks Like

Protocol QoS
 OpenFlow Table: Basic Actions
• All: To all interfaces except incoming interface.
• Controller: Encapsulate and send to controller.
• Local: send to its local networking stack.
• Table: Perform actions in the next flow table (table chaining or multiple
table instructions).
• In_port: Send back to input port.
• Normal: Forward using traditional Ethernet.
• Flood: Send along minimum spanning tree except the incoming interface.
OpenFlow Table: Basic Stats
• Provide counter for
incoming flows or
packets.
• Information on
counter can be
retrieved to control
plane.
• Can be used to
monitor network
traffic.
Additional Feature to Rules and Stats

Threshold
Switches That Support OpenFlow
Available OpenFlow Switches as 2014.
Juniper MX-series NEC IP8800 WiMax (NEC)

HP Procurve 5400 Netgear 7324 PC Engines

Pronto 3240/3290 Ciena Coredirector

More coming
21
soon...
 OpenFlow Switch Software
• Indigo: Open source implementation that runs on Mac OS X.
• LINC: Open source implementation that runs on Linux, Solaris, Windows,
MacOS, and FreeBSD.
• Pantou: Turns a commercial wireless router/access point to an OpenFlow
enabled switch. OpenFlow runs on OpenWRT. Supports generic Broadcom
and some models of LinkSys and TP-Link access points with Broadcom and
Atheros chipsets.
• Of13softswitch: User-space software switch based on Ericsson TrafficLab
1.1 softswitch.
• Open vSwitch: Open Source and popular as 2014.
Open Vswitch Switch Software
• Open Source Virtual Switch
• Based on Nicira Concept.
• Can Run as a stand alone hypervisor switch or as a distributed switch
across multiple physical servers.
• Default switch in XenServer 6.0, Xen Cloud Platform and supports
Proxmox VE, VirtualBox, Xen KVM.
• Integrated into many cloud management systems including OpenStack,
openQRM, OpenNebula, and oVirt.
• Distributed with Ubuntu, Debian, Fedora Linux. Also FreeBSD.
 Controller Plane Software
• POX: (Python) Out of Date.
• IRIS: (Java) Scalability and High Availability
• MUL: (C) MūL, is an openflow (SDN) controller. It has a C based multi-threaded infrastructure at its core.
• NOX: (C++/Python) NOX was the first OpenFlow controller.
• Jaxon: (Java) Jaxon is a NOX-dependent Java-based OpenFlow Controller.
• Trema: (C/Ruby) Trema is a full-stack framework for developing OpenFlow controllers in Ruby and C.
• Beacon: (Java) Beacon supports both event-based and threaded operation.
• Floodlight: (Java) It was forked from the Beacon controller, originally developed by David Erickson at
Stanford.
• And many more.
 Basic OpenFlow Recap
SDN Concept: OpenFlow:
(Application Plane) • Support different applications: routing, load balancers, monitoring,
security, etc.
• Programmable: Modify and interact with the network model in control
Plane.

• Global view of the entire network (the network model).

• Centralized per flow based control.
• Distributed system that creates a consistent, up-to-date network view (real time).
• Runs on servers (controllers) in the network.
• Uses an open protocol to:
• Get state information from switch.
• Give control directives to switch.

Data and Control plane communicate via secure Channel

• Packet forwarding according to instruction stored in flow Tables.

• Provide statistic on network traffic to controller.
• Hardware: (Dump) Switches.
OpenFlow: More Details
SDN Concept Different layers in OpenFlow Discussed

(Application Plane) Routing, load balancers, security, etc.

Make decisions and instructions

Firmware handling instructions from control

plane (e.g Open Vswitch) via flow tables.

Hardware (switches)
Network Hypervisor (Virtualization)
• Hide complexity (Dump it down)
• Present only the necessary information and avoid too many details.
• Network operators “Delegate” control of subsets of network hardware
and/or traffic to other network operators or users
• Multiple controllers can talk to the same set of switches.
• Allow experiments to be run on the network in isolation of each other
and production traffic.
• Virtualized network model (topology, routing, etc.).

Multiple Controllers scenario is possible

OpenFlow
Switch
Controller 1

OpenFlow Controller 2
Switch

OpenFlow
Switch
Network Hypervisor (software): FlowVisor
• A network hypervisor developed by Stanford.
• A software proxy between the forwarding and control planes of
network devices.
• Allow resources to be sliced (shared) according to defined policies.
• The policy language specifies the slice’s resource limits, flowspace, and
controller’s location in terms of IP and TCP port-pair.
• FlowVisor enforces transparency and isolation between slices by inspecting,
rewriting, and policing OpenFlow messages as they pass.
 Network Hypervisor: Slicing Resources (FlowVisor)
Assigns hardware resources to “Slices”
Topology http
Network Device or Openflow Instance (DPID) Multicast Load-balancer
Broadcast
Physical Ports.
Bandwidth
Each slice can be assigned a per port queue with a
fraction of the total bandwidth.
CPU
Employs Course Rate Limiting techniques to keep new
flow events from one slice from overrunning the CPU. dl_dst=FFFFFFFFFFFF OpenFlow tp_src=80, or
Forwarding Tables Protocol tp_dst=80
Each slice has a finite quota of forwarding rules per
device.
OpenFlow OpenFlow
Switch FlowVisor & Policy Control

OpenFlow
Protocol

OpenFlow OpenFlow
Switch Switch
Northbound Interface

• API (interface) to management

plane or applications.
• Open issue.
• No Standardization.
• Software based ecosystem.
• Considered new theme in SDN as
2015.
Language-based Virtualization

• The capability of expressing modularity.

• Allowing different levels of abstractions
while still guaranteeing desired
properties such as protection.
• Application developers do not need to
think about the sequence of switches
where forwarding rules, but rather see
the network as a simple ‘‘big switch.’’
Programming Language
• Programing language, abstraction,
and interfaces to implement SDN.
• Ensure multiple tasks of a single
application do not interfere with
others.
• Checking conflicted rules.
• Provide higher level programming
interface to avoid low level
instructions and configuration.
• Special abstraction for
management requirements (e.g
monitoring).
• Regular expressions.
• Etc.
Network Applications: Software for Data
Center Networking
• Big Data Apps: Optimize network Utilization.
• CloudNaaS: Networking primitives for cloud
apps, NOX controller.
• FlowComb: Predict Apps workload, uses NOX.
• FlowDiff: Detects Operational Problems,
FlowVisor Controller.
• LIME: Live Network migration, FloodLight
Controller.
• NetGraph: Graph Queries for network
management, uses its own controller.
• OpenTCP: Dynamic and programmable TCP
adaptation, uses its own controller.
• All of them employ OpenFlow to communicate
with switches, except OpenTCP.
More Applications for Data Center Networking
• Vello Systems:
• Allow overriding layer 2 and layer 3. Live VM migration within and across DCNs.
• Provide view and global cloud for WAN.
• Provide network automation for LAN and WAN connectivity and provisioning.

• Mininet (Stanford Univ.)

• Realistic (Realtime) virtual network, running real kernel, switch and application
code, on a single machine (VM, cloud or native), in seconds, with a single
command.
Research Problems
• Scalability:
• Control plane bottleneck.
• Single controller is not sufficient to manage large scale network.
• How many controllers are needed to support large scale network?
• When to scale down?
• Multi Controllers.
• Each controller is responsible to a subset of the network.
• Concern with synchronization and communication between controllers.
• How to slice the resources among controllers?
• Latency between controllers and switches.
• Less accurate decision?
Research Problems
• Slicing Resources (CPU, bandwidth, etc).
• How to allocate resources to different controllers and users?
• Formulated to optimization and fairness problems.

• Using SDN to achieve more green DCN.

• No substantial works in this area.
• As 2015, few publications on this subject are published in IEEE ICC and IEEEE
Globecom.
• Some software may provide measurement on power usage or capability to turn
on/off switches.
• NetFPGA, Mininet and OpenFlow?
Research themes
in SDN, as 2015.
Software-Defined Datacenter
• No Clear definition.
• Everyone (in industries) has its own definition.
• Bust words from storage related industries.
• Everyone claims has Software-Defined Datacenter product.
• My guess is that it is a combination of virtual machine and SDN.
• Servers, storages, and network virtualization.
• Management plane with global view of every component involving datacenter.
• Marketing gimmick
• Academic work.
• Just found out: Master thesis by Ville Törhönen, “Designing a Software-Defined
Datacenter”. No significant contributions.
Conclusion
• Key ideas of SDN:
• Dynamic programmability in forwarding packets.
• Decoupling control and data plane.
• Global view network by logical centralization in control plane.
• Applications can be implemented on top of the control plane.
• SDN is a concept to manage network that leverages OpenFlow protocols.
References:
• Sources:
• “Software-Defined Networking: A Comprehensive Survey”, D. Kreutz, F. Ramos, et el.
2015.
• “Survey on Software-Defined Networking”, W. Xia, Y. Wen, et el. 2015.
• Lecture notes : Jennifer Rexford, Scot Shenker, Raj Jain, Bruce Maggs (Duke
University), Xenofontas Dimitropoulos (ZTH), Marco Canini (UCL), and unknown
Taiwanese scholar.

• Supplement Documents:
• “Software-Defined Networking: State of the Art and Research Challenges”, M.
Jammal, T. Singh, et el.
• “The Road to SDN: An Intellectual History of Programmable Networks”, N. Feamster,
Jenniger Rexford, E. Zegura.
• “A Survey of Software-Defined Networking: Past, Present, and Future of
Programmable Network”, B. Astuto, et el.
Question????
• Thank you