Software Defined Networking Fundamentals

Part 1

Ananth Bettadapura Shankar Rao

10th May 2017
1. Control Plane vs Data Plane
2. Open SDN or Pure SDN
3. Open Flow with a Demo of ONOS (Setup your own Lab)
4. What is there in Part 2?

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 2
 2014 Cisco and/or its affiliates. All rights reserved. 3
 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 4
In a Router

Control Plane = Routing Information Base = RIB =Routing Table

Data Plane = Forwarding Information Base =FIB = CEF Table

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 5
 OSPF

R2
OSPF OSPF
RIB

R1 R3
FIB

RIB RIB
FIB
FIB

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 6
 Lo0 =2.2.2.0/24
R2
R1#sh ip route (R1s RIB) Control Plane
R1#sh ip route Fa1/0
2.0.0.0/24 is subnetted, 1 subnets
R2#sh ip cef
O 2.2.2.0 [110/2] via 12.1.1.2, 00:01:31, FastEthernet0/0
3.0.0.0/24 is subnetted, 1 subnets Fa0/0
3.0.0.0/24 is subnetted, 1 subnets
O
Prefix 3.3.3.0 [110/3]
Next Hop via 12.1.1.2, 00:01:00, FastEthernet0/0
Interface
O 3.3.3.0 [110/3] via 12.1.1.2, 00:01:00, FastEthernet0/0
23.0.0.0/24 is12.1.1.1
1.1.1.0/24 subnetted, 1 subnetsFastEthernet0/0
23.0.0.0/24 is subnetted, 1 subnets
O 23.1.1.0 [110/2]
3.3.3.0/24 23.1.1.3via 12.1.1.2, 00:01:00, FastEthernet0/0
FastEthernet1/0
O 23.1.1.0 [110/2] via 12.1.1.2, 00:01:00, FastEthernet0/0-- OSPF
----------------------------------------------------------------

R1#sh
R1#sh ip cef (R1s
ip cef (R1s FIB)
FIB) Data
Data Plane
Plane
Fa1/0
Fa0/0
Prefix
Prefix Next
Next Hop
Hop Interface
Interface
2.2.2.0/24
3.3.3.0/24 12.1.1.2
12.1.1.2 FastEthernet0/0
FastEthernet0/0
3.3.3.0/24
23.1.1.0/24 12.1.1.2
12.1.1.2 FastEthernet0/0
FastEthernet0/0
23.1.1.0/24 12.1.1.2 FastEthernet0/0 R1 R3
Lo0 =1.1.1.0/24 Lo0 =3.3.3.0/24

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 7
 MAC ADDRESS
STP TABLE

SW2 STP
STP

SW1
X SW3
MAC ADDRESS
MAC ADDRESS TABLE
TABLE

PC1 PC2

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 8
Control Plane controls the data plane.
Without control plane there cannot be a data plane.
In traditional networking every device has to have a control plane and data plane.
The devices interact with one and other to form a converged topology.
The devices also interact with one and other during the time of convergence

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 9
Distributed processing
Each device acts on its own and co-ordinates with other devices to form a converged
Infrastructure.
In other words each device has a Brain of its own
Let Visualize

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 10
 R2

RIB

R1 R3
FIB

RIB RIB
FIB
FIB

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 11
 MAC ADDRESS
TABLE

SW2

SW1
X SW3
MAC ADDRESS
MAC ADDRESS TABLE
TABLE

PC1 PC2

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 12
 2014 Cisco and/or its affiliates. All rights reserved. 13
 R2

R1 R3 Server/Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 14
.
LLDP =Link Layer Discovery Protocol (Ethertype:0x88CC)

LLDP which is similar to CDP

The devices send LLDP messages to the controller.

The controller will use these messages to discover the devices

Lets visualize

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 15
 R2
LLDP
R2

LLDP

R1 R3

R1 R3 Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 16
 CP

R2
R2

CP CP

R1 R3

R1 R3 Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 17
 CP

R2
R2 CP

CP

R1 R3

R1 R3 Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 18
 CP

R2
CP CP
R2

R1 R3

R1 R3 Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 19
 CP for all
the
routers
R2
R2

R1 R3

R1 R3 Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 20
 RIB
LLDP
RIB
R2
LLDP
R2 RIB

LLDP
RIB R3
R1

R1 R3

Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 21
In the controller model, the devices will not have the control plane.
The controller knows the device topology and link characteristics
The controller controls these devices or
The control plane is moved or shifted
The controller has a complete view of the topology

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 22
 FIB
RIB

RIB
R2
FIB R2 RIB

R1 RIB R3
FIB
R1 R3

Controller

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 23
 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 24
Lets put in a simple way

Interface to the application so that the developer can program the device

It is like function calls.

For example Youtube provides APIs and If I use them in the application I program then I
am making use of Youtube API

So the controller can also provide APIs

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 25
 RIB
API

R2

R2 API
RIB
R1
R3

RIB
RIB
API
R1 R3

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 26
 The APIs can provide information about the topology
Link Utilization
Hosts attached to a segment
Users attached to a segment
And
Can change the forwarding path or Data Plane on the devices

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 27
 RIB
API APPLICATION

R2

R2
API APPLICATION

R1
R3

RIB
RIB
API APPLICATION
R1 R3

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 28
These APIs are used by applications to interact with the controller to modify the behavior
of the networking devices
The Applications can be hosted on a separate server.

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 29
One of the applications can ask the controller to change the data plane according to the
load
Application will use the API provided by the controller
The controller will be monitoring the usage of the links
If the load reaches a certain value then
The controller will send instructions to the Devices
The Devices will change their forwarding plane of Data Plane accordingly

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 30
 Control Plane Change the
forwarding APPLICATION
Plane if
R2 Load > X

R2
API APPLICATION

R1
R3
Control Plane
Control Plane
API APPLICATION
R1 R3

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 31
 Change the
forwarding APPLICATION
Plane if
R2 Load > X

R2
API APPLICATION

R1
R3
Load Monitor : The controller will
continuously monitor the load and API APPLICATION
R1 R3 inform the Application about the
load

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 32
 Change the
forwarding APPLICATION
Plane if
R2 Load > X

R2
API APPLICATION

R1 R3
Load Monitor

The controller will send instructions

API APPLICATION
R1 R3 to the devices to change their
Forwarding tables

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 33
 Forwarding Plane
Change the
forwarding APPLICATION
Plane if
R2 Load > X

R2
API APPLICATION

R1 R3
R1 R3
Load Monitor

The controller will send instructions

API APPLICATION
to the devices to change their
FP FP Forwarding tables

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 34
 Forwarding Plane
Change the
forwarding APPLICATION
Plane if
R2 Load > X

R2
API APPLICATION

R1 R3
R1 R3
Load Monitor

The controller will send instructions

API APPLICATION
to the devices to change their
FP FP Forwarding tables

Controller
2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 35
In the world of SDN : Devices mean any infrastructure device
Like a Router,Switch,Load Balancer,Firewall
Routers,L2 or L3 switches,Load balancers and Firewalls are all devices or switches

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 36
 APPLICATIONS or APPLICATION LAYER

North Bound API

API Applications Modules

Controller

SDN South Bound API

Device

SDN
Device SDN Network Infrastructure Layer
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 37
This Architecture is called as Pure SDN or Open SDN
Separation of Control Plane and Data Plane
Different Controllers :

Opendaylight
RYU
Open Network Operating System (ONOS)

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 38
Openflow: Most widely used

NetConf,CLI,SNMP and many more

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 39
Not Standardized
Usually depends on the programming language used to implement Controller
REST API

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 40
 APPLICATIONS or APPLICATION LAYER

North Bound API

REST APIs Applications Modules

Controller

SDN OPENFLOW
Device

SDN
Device SDN Network Infrastructure Layer
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 41
 2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 42
Pure SDN or Open SDN The idea is to completely remove the control plane from the
device and place it on a server
The server can be in the same vlan or somewhere in the cloud
The server is called as Controller in the world of SDN
The controller will discover the devices and connections between them.
Now an application will interact with controller and inform the controller what it wants from
the network, the controller will then send the information to devices accordingly

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 43
 2014 Cisco and/or its affiliates. All rights reserved. 44
 APPLICATIONS or APPLICATION LAYER

North Bound API

APIs Applications Modules

Controller

SDN OPENFLOW
Device

SDN
Device SDN Network Infrastructure Layer
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 45
Openflow is a standardized protocol.(Open Networking Foundation)
Openflow is a South Bound API
The controller interacts with the networking Infrastructure using Openflow messages
The devices also interact with the controller using Openflow messages

Controller

SDN OPENFLOW
Device

SDN
Device SDN Network Infrastructure Layer
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 46
Flow can be
Source Mac Address + Destination Mac Address + Source IP + Destination IP + Source
Transport layer port + Destination Layer port
Can also include Vlan tag + MPLS tag
This is not an exhaustive list

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 47
Open flow does not modify the configuration of devices
The application informs the controller what it wants or intent
The controller then decides what needs to done to meet the requirement of the application
It modifies the data plane or forwarding path of the devices using open flow messages
Open flow messages are sent to the devices
The devices install flows in the flow table
Lets visualize

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 48
 APPLICATION

The Application instructs the controller to choose the path which has
the lowest utilization for HTTP flows

The controller chooses the path and modifies the flow entry using a open
flow message

OF message from The devices send utilization statistics using Openflow

Controller messages
SDN SDN
Device 2 Device 3

SDN
Device 1 The SDN Device 1 flow table is modified

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 49
For every flow the SDN device sends a PACKET IN message to the controller
The controller based on what applications needs sends a PACKET OUT message
This is how the controller changes the data plane or forwarding path on the device

Controller

SDN
Device
PACKET IN
Packet Out
SDN
Device SDN
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 50
The controller preprograms the forwarding table of devices according to the application
When the flow matching the preprogramed flow entry enters the device the controller is
NOT consulted

Controller

SDN
Device

SDN
Device SDN
Device
SDN
Device

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 51
Most Controllers and switches implement version 1.0
However there are many versions 1.1,1,2,1.3.x,1.4 and 1.5
Each version adds many features like pipelines, policing, better matching mechanism,
action set ,etc
Topics for a workshop some other time

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 52
Openflow Architecture

Openflow Controller
Northbound API
Openflow Device Agent
Openflow Protocol

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 53
Network Infrastructure layer Lets use Mininet
Using Mininet we can create a virtual network of many switches
We will use ONOS controller
The objective of the demo is to understand flows and flow table
DEMO PLEASE

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 54
There are hybrid switches which implement the usual processing and open flow
processing
If a flow entry does not match the flow table entry then controller might create a flow entry
to forward it to the normal port or usual processing

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 55
Advantages and Disadvantages of Pure or Open SDN
Different types of SDN
Understanding SDN via API
We will have deep dive sessions on Openflow, Network automation, Ansible ,Cisco APIC
EM and many other SDN related topics in coming GIPD weeks
Watch out for announcements

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 56
https://www.sdxcentral.com/directory/nfv-sdn/products/
http://onosproject.org/
https://www.opennetworking.org/about/onf-overview
www.cisco.com\go\sdn
http://flowgrammable.org/sdn/openflow/

2017 Cisco and/or its affiliates. All rights reserved. Cisco Confidential 57
Thank you.