Chapter 5 Network Layer: The Control Plane

Similar documents
Network Layer: The Control Plane

Chapter 5 Network Layer: The Control Plane

CSC 401 Data and Computer Communications Networks

COMP211 Chapter 5 Network Layer: The Control Plane

Chapter 5 Network Layer: The Control Plane

Chapter 4 Network Layer: The Data Plane

COMP211 Chapter 4 Network Layer: The Data Plane

CSC 4900 Computer Networks: Network Layer

Chapter 4 Network Layer: The Data Plane

Chapter 5 Network Layer: The Control Plane

Chapter 5 Network Layer: The Control Plane

Chapter 5 Network Layer: The Control Plane

Chapter 4 Network Layer: The Data Plane. Part A. Computer Networking: A Top Down Approach

Software Defined Networking

Chapter 4 Network Layer: The Data Plane

Chapter 5 Network Layer: The Control Plane

Network Layer: Chapter 4. The Data Plane. Computer Networking: A Top Down Approach

Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

CS 3516: Advanced Computer Networks

Chapter 3 Transport Layer

5.1 introduction 5.5 The SDN control 5.2 routing protocols plane. Control Message 5.3 intra-as routing in Protocol the Internet

CSC358 Week 6. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

NETWORK LAYER CONTROL PLANE

Chapter 4. Computer Networking: A Top Down Approach 5 th edition. Jim Kurose, Keith Ross Addison-Wesley, sl April 2009.

Outline. Traditional computer networks. Software Defined Networking - 3 (SDN) Pag. 1 SDN. Openflow protocol Some issues Advances

Chapter 5 Network Layer: The Control Plane

Chapter 1 Introduction

CS 3516: Computer Networks

HW3 and Quiz. P14, P24, P26, P27, P28, P31, P37, P43, P46, P55, due at 3:00pm with both soft and hard copies, 11/11/2013 (Monday) TCP), 20 mins

CSC 4900 Computer Networks: Routing Protocols

So#ware Defined Networking

CS 4226: Internet Architecture

Chapter 4 Network Layer: The Data Plane

CS/ECE 438: Communication Networks Fall Network Layer

Software Defined Networking

Software Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.

Summary Chapter 4. Smith College, CSC 249 March 2, q IP Addressing. q DHCP dynamic addressing

Chapter 4 Network Layer: The Data Plane

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

CMPE 150/L : Introduction to Computer Networks. Chen Qian Computer Engineering UCSC Baskin Engineering Lecture 14

Chapter 4 Network Layer: The Data Plane

Software-Defined Networking (SDN) Overview

Introduction to Software-Defined Networking UG3 Computer Communications & Networks (COMN)

Chapter 8 Network Security

Topic 4a Router Operation and Scheduling. Ch4: Network Layer: The Data Plane. Computer Networking: A Top Down Approach

IPv4 addressing, NAT. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley.

Managing and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

Software Defined Networking

Lecture 16: Network Layer Overview, Internet Protocol

Lecture 17: Network Layer Addressing, Control Plane, and Routing

Chapter 4: Network Layer

Chapter 6 The Link Layer and LANs

Last time?! MPLS! Label distribution protocols! Multi Protocol Label Switching! Layer 2.5 protocol! LDP! RSVP!

CSCE 463/612 Networks and Distributed Processing Spring 2018

Agenda. distance-vector (what you invented last Friday) hierarchical routing routing in the Internet. v DNS assignment Q&A v Routing Algorithms

CSC 401 Data and Computer Communications Networks

Network Virtualization Based on Flows

Chapter 4: network layer. Network service model. Two key network-layer functions. Network layer. Input port functions. Router architecture overview

CSC 401 Data and Computer Communications Networks

ONOS OVERVIEW. Architecture, Abstractions & Application

Chapter 3 Transport Layer

Chapter 6 The Link Layer and LANs

Gerência SDN. Baseado em slides do Nick McKeown e Survey disponível em:

Chapter 4 Network Layer

Chapter 9. Multimedia Networking. Computer Networking: A Top Down Approach

Chapter 4 Network Layer

Initial motivation: 32-bit address space soon to be completely allocated. Additional motivation:

Computer Network Architectures and Multimedia. Guy Leduc. Chapter 2 MPLS networks. Chapter 2: MPLS

Chapter 3 Transport Layer

Telecomunicazioni. Docente: Andrea Baiocchi DIET - Stanza 107, 1 piano palazzina P. Piga Via Eudossiana 18

Quality of Service (QoS)

Software Defined Networks

Cloud Networking (VITMMA02) Software Defined Networking (SDN) in the Cloud

Chapter 3: Transport Layer. Chapter 3 Transport Layer. Chapter 3 outline. Transport services and protocols

CSCI Computer Networks Fall 2016

Chapter 4 Network Layer

OPENFLOW & SOFTWARE DEFINED NETWORKING. Greg Ferro EtherealMind.com and PacketPushers.net

CS 3516: Computer Networks

Chapter 7: Multimedia Networking

Inter-AS routing. Computer Networking: A Top Down Approach 6 th edition Jim Kurose, Keith Ross Addison-Wesley

Software-Defined Networking (Continued)

Software Defined Networks and OpenFlow

Lecture 8. Network Layer (cont d) Network Layer 1-1

CSC 401 Data and Computer Communications Networks

Lecture 19: Network Layer Routing in the Internet

EC441 Fall 2018 Introduction to Computer Networking Chapter 5: Network Layer Control Plane

Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS

internet technologies and standards

Chapter 4 Network Layer: The Data Plane

Hands on SDN and BRO

SDN Applications and Use Cases. Copyright 2015 ITRI

Network Layer: Routing. Routing. Routing protocol. Graph abstraction for routing algorithms: graph nodes are routers graph edges are physical links

Network Layer: ICMP and Network Management

internet technologies and standards

Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017

Chapter 4 Network Layer

Transcription:

Chapter 5 Network Layer: The Control Plane A note on the use of these Powerpoint slides: We re making these slides freely available to all (faculty, students, readers). They re in PowerPoint form so you see the animations; and can add, modify, and delete slides (including this one) and slide content to suit your needs. They obviously represent a lot of work on our part. In return for use, we only ask the following: If you use these slides (e.g., in a class) that you mention their source (after all, we d like people to use our book!) If you post any slides on a www site, that you note that they are adapted from (or perhaps identical to) our slides, and note our copyright of this material. Thanks and enjoy! JFK/KWR All material copyright 1996-2016 J.F Kurose and K.W. Ross, All Rights Reserved Computer Networking: A Top Down Approach 7 th edition Jim Kurose, Keith Ross Pearson/Addison Wesley April 2016 5-1

Chapter 5: outline 5.1 introduction 5.2 routing protocols link state distance vector 5.3 intra-as routing in the Internet: OSPF 5.4 routing among the ISPs: BGP 5.5 The SDN control plane 5.6 ICMP: The Internet Control Message Protocol 5.7 Network management and SNMP 5-2

Software defined networking (SDN) Internet network layer: historically has been implemented via distributed, per-router approach monolithic router contains switching hardware, runs proprietary implementation of Internet standard protocols (IP, RIP, IS-IS, OSPF, BGP) in proprietary router OS (e.g., Cisco IOS) different middleboxes for different network layer functions: firewalls, load balancers, NAT boxes,.. ~2005: renewed interest in rethinking network control plane 5-3

Recall: per-router control plane Individual routing algorithm components in each and every router interact with each other in control plane to compute forwarding tables Routing Algorithm control plane data plane 5-4

Recall: logically centralized control plane A distinct (typically remote) controller interacts with local control agents (CAs) in routers to compute forwarding tables Remote Controller CA CA CA CA CA control plane data plane 5-5

Software defined networking (SDN) Why a logically centralized control plane? easier network management: avoid router misconfigurations, greater flexibility of traffic flows table-based forwarding (recall OpenFlow API) allows programming routers centralized programming easier: compute tables centrally and distribute distributed programming: more difficult: compute tables as result of distributed algorithm (protocol) implemented in each and every router open (non-proprietary) implementation of control plane 5-6

Analogy: mainframe to PC evolution * Specialized Applications Specialized Operating System Specialized Hardware Ap App p Ap p Windows (OS) Ap p Ap p Ap p Ap p Ap p Ap p Open Interface or Linux or Open Interface Ap p Microprocessor Ap p Mac OS Vertically integrated Closed, proprietary Slow innovation Small industry Horizontal Open interfaces Rapid innovation Huge industry * Slide courtesy: N. McKeown 5-7

Traffic engineering: difficult traditional routing 5 u 1 2 v x 2 3 1 3 w y 1 5 2 z Q: what if network operator wants u-to-z traffic to flow along uvwz, x-to-z traffic to flow xwyz? A: need to define link weights so traffic routing algorithm computes routes accordingly (or need a new routing algorithm)! Link weights are only control knobs : wrong! 5-8

Traffic engineering: difficult 5 u 1 2 v x 2 3 1 3 w y 1 5 2 z Q: what if network operator wants to split u-to-z traffic along uvwz and uxyz (load balancing)? A: can t do it (or need a new routing algorithm) 5-9

Traffic engineering: difficult Networking 401 5 u 1 2 v v x x 2 3 1 3 w w y y 1 5 2 z z Q: what if w wants to route blue and red traffic differently? A: can t do it (with destination based forwarding, and LS, DV routing) 5-10

Software defined networking (SDN) 4. programmable control applications routing access control Remote Controller load balance 3. control plane functions external to dataplane switches control plane data plane CA CA CA CA CA 2. control, data plane separation 1: generalized flowbased forwarding (e.g., OpenFlow) 5-11

SDN perspective: data plane switches Data plane switches fast, simple, commodity switches implementing generalized data-plane forwarding (Section 4.4) in hardware switch flow table computed, installed by controller API for table-based switch control (e.g., OpenFlow) defines what is controllable and what is not protocol for communicating with controller (e.g., OpenFlow) routing network-control applications access control load balance northbound API SDN Controller (network operating system) southbound API control plane data plane 5-12 SDN-controlled switches

SDN perspective: SDN controller SDN controller (network OS): maintain network state information interacts with network control applications above via northbound API interacts with network switches below via southbound API implemented as distributed system for performance, scalability, fault-tolerance, robustness routing network-control applications access control load balance northbound API SDN Controller (network operating system) southbound API control plane data plane 5-13 SDN-controlled switches

SDN perspective: control applications network-control apps: brains of control: implement control functions using lower-level services, API provided by SND controller unbundled: can be provided by 3 rd party: distinct from routing vendor, or SDN controller routing network-control applications access control load balance northbound API SDN Controller (network operating system) control plane southbound API data plane 5-14 SDN-controlled switches

Components of SDN controller Interface layer to network control apps: abstractions API Network-wide state management layer: state of networks links, switches, services: a distributed database communication layer: communicate between SDN controller and controlled switches routing network graph Network-wide distributed, robust state management Link-state info statistics OpenFlow access control RESTful API host info load balance Interface, abstractions for network control apps flow tables SNMP intent switch info Communication to/from controlled devices SDN controller 5-15

OpenFlow protocol OpenFlow Controller operates between controller, switch TCP used to exchange messages optional encryption three classes of OpenFlow messages: controller-to-switch asynchronous (switch to controller) symmetric (misc) 5-16

OpenFlow: controller-to-switch messages Key controller-to-switch messages features: controller queries switch features, switch replies configure: controller queries/sets switch configuration parameters modify-state: add, delete, modify flow entries in the OpenFlow tables packet-out: controller can send this packet out of specific switch port OpenFlow Controller 5-17

OpenFlow: switch-to-controller messages Key switch-to-controller messages packet-in: transfer packet (and its control) to controller. See packetout message from controller flow-removed: flow table entry deleted at switch port status: inform controller of a change on a port. OpenFlow Controller Fortunately, network operators don t program switches by creating/sending OpenFlow messages directly. Instead use higher-level abstraction at controller 5-18

SDN: control/data plane interaction example network graph statistics Link-state info s1 Dijkstra s link-state Routing 3 4 5 OpenFlow 1 2 RESTful API host info s3 s2 flow tables SNMP s4 intent switch info 1 2 3 4 S1, experiencing link failure using OpenFlow port status message to notify controller SDN controller receives OpenFlow message, updates link status info Dijkstra s routing algorithm application has previously registered to be called when ever link status changes. It is called. Dijkstra s routing algorithm access network graph info, link state info in controller, computes new routes 5-19

SDN: control/data plane interaction example Dijkstra s link-state Routing network graph statistics 3 Link-state info 4 5 2 OpenFlow RESTful API host info flow tables SNMP intent switch info 5 6 link state routing app interacts with flow-table-computation component in SDN controller, which computes new flow tables needed Controller uses OpenFlow to install new tables in switches that need updating 1 s1 s3 s2 s4 5-20

OpenDaylight (ODL) controller Network service apps Access Control Traffic Engineering REST API Basic Network Service Functions topology manager forwarding manager switch manager host manager Service Abstraction Layer (SAL) stats manager ODL Lithium controller network apps may be contained within, or be external to SDN controller Service Abstraction Layer: interconnects internal, external applications and services OpenFlow 1.0 SNMP OVSDB 5-21

ONOS controller Network control apps REST hosts devices API Intent statistics device link host flow packet OpenFlow Netconf OVSDB northbound abstractions, protocols paths flow rules topology links ONOS distributed core southbound abstractions, protocols control apps separate from controller intent framework: high-level specification of service: what rather than how considerable emphasis on distributed core: service reliability, replication performance scaling 5-22

Chapter 4: outline 4.1 Overview of Network layer data plane control plane 4.2 What s inside a router 4.3 IP: Internet Protocol datagram format fragmentation IPv4 addressing network address translation IPv6 4.4 Generalized Forward and SDN match action OpenFlow examples of match-plus-action in action Network Layer: Data Plane 4-23

Generalized Forwarding and SDN Each router contains a flow table that is computed and distributed by a logically centralized routing controller logically-centralized routing controller control plane data plane local flow table headers counters actions 0100 1101 3 2 1 values in arriving packet s header Network Layer: Data Plane 4-24

OpenFlow data plane abstraction flow: defined by header fields generalized forwarding: simple packet-handling rules Pattern: match values in packet header fields Actions: for matched packet: drop, forward, modify, matched packet or send matched packet to controller Priority: disambiguate overlapping patterns Counters: #bytes and #packets Flow table in a router (computed and distributed by controller) define router s match+action rules Network Layer: Data Plane 4-25

OpenFlow data plane abstraction flow: defined by header fields generalized forwarding: simple packet-handling rules Pattern: match values in packet header fields Actions: for matched packet: drop, forward, modify, matched packet or send matched packet to controller Priority: disambiguate overlapping patterns Counters: #bytes and #packets * : wildcard 1. src=1.2.*.*, dest=3.4.5.* drop 2. src = *.*.*.*, dest=3.4.*.* forward(2) 3. src=10.1.2.3, dest=*.*.*.* send to controller

OpenFlow: Flow Table Entries Rule Action Stats Packet + byte counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller 3. Drop packet 4. Send to normal processing pipeline 5. Modify Fields Switch Port VLAN ID MAC src MAC dst Eth type IP Src IP Dst IP Prot TCP sport TCP dport Link layer Network layer Transport layer

Examples: Forwarding Functionality Destination-based layer 3 (router) forwarding: Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * * * * * * 51.6.0.8 * * * port6 IP datagrams destined to IP address 51.6.0.8 should be forwarded to router output port 6 Destination-based layer 2 (switch) forwarding: Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action * 22:A7:23: 11:E1:02 * * * * * * * * port3 layer 2 frames from MAC address 22:A7:23:11:E1:02 should be forwarded to output port 3

Examples: Firewall Functionality Firewall: Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Forward * * * * * * * * * 22 drop do not forward (block) all datagrams destined to TCP port 22 Switch Port * MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Forward * * * * 128.119.1.1 * * * * drop do not forward (block) all datagrams sent by host 128.119.1.1

OpenFlow abstraction match+action: unifies different kinds of devices Router match: longest destination IP prefix action: forward out a link Switch match: destination MAC address action: forward or flood Firewall match: IP addresses and TCP/UDP port numbers action: permit or deny NAT match: IP address and port action: rewrite address and port Network Layer: Data Plane 4-30

OpenFlow example match IP Src = 10.3.*.* IP Dst = 10.2.*.* action forward(3) Host h5 10.3.0.5 2 3 1 s3 4 Host h6 10.3.0.6 controller Example: datagrams from hosts h5 and h6 should be sent to h3 or h4, via s1 and from there to s2 match ingress port = 1 IP Src = 10.3.*.* IP Dst = 10.2.*.* Host h1 10.1.0.1 action forward(4) 2 1 3 s1 4 Host h2 10.1.0.2 1 2 Host h3 10.2.0.3 3 s2 4 match ingress port = 2 IP Dst = 10.2.0.3 ingress port = 2 IP Dst = 10.2.0.4 Host h4 10.2.0.4 action forward(3) forward(4)

SDN: selected challenges hardening the control plane: dependable, reliable, performance-scalable, secure distributed system robustness to failures: leverage strong theory of reliable distributed system for control plane dependability, security: baked in from day one? networks, protocols meeting mission-specific requirements e.g., real-time, ultra-reliable, ultra-secure Internet-scaling 5-32