Software-Defined Networking (Continued)

Similar documents
Software Defined Networking

Software Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.

CSC 4900 Computer Networks: Network Layer

CS 5114 Network Programming Languages Data Plane. Nate Foster Cornell University Spring 2013

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

Application of SDN: Load Balancing & Traffic Engineering

Software Defined Networking

Software-Defined Networking (SDN) Now for Operational Technology (OT) Networks SEL 2017

Chapter 4 Network Layer: The Data Plane

Languages for SDN (Frenetic)

Software Defined Networking

Network Protocols - Revision

COMP211 Chapter 4 Network Layer: The Data Plane

Informatica Universiteit van Amsterdam. Distributed Load-Balancing of Network Flows using Multi-Path Routing. Kevin Ouwehand. September 20, 2015

OpenFlow Ronald van der Pol

Chapter 5 Network Layer: The Control Plane

SDN-based Network Obfuscation. Roland Meier PhD Student ETH Zürich

Assignment 5: Software Defined Networking CS640 Spring 2015

Internetworking/Internetteknik, Examination 2G1305 Date: August 18 th 2004 at 9:00 13:00 SOLUTIONS

Lesson 9 OpenFlow. Objectives :

CSC358 Week 6. Adapted from slides by J.F. Kurose and K. W. Ross. All material copyright J.F Kurose and K.W. Ross, All Rights Reserved

ECPE / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Chapter 3 Part 2 Switching and Bridging. Networking CS 3470, Section 1

Design and development of the reactive BGP peering in softwaredefined routing exchanges

CSC 401 Data and Computer Communications Networks

Finish Network Layer Start Transport Layer. CS158a Chris Pollett Apr 25, 2007.

b. Suppose the two packets are to be forwarded to two different output ports. Is it

OPENFLOW & SOFTWARE DEFINED NETWORKING. Greg Ferro EtherealMind.com and PacketPushers.net

Cybersecurity Threat Mitigation using SDN

EXAM TCP/IP NETWORKING Duration: 3 hours

CS 356: Computer Network Architectures. Lecture 15: DHCP, NAT, and IPv6. [PD] chapter 3.2.7, 3.2.9, 4.1.3, 4.3.3

Chapter 4 Network Layer: The Data Plane

A NetFlow/IPFIX implementation with OpenFlow

Configuring Different Modes of Operation

DevCentral Basics: Application Delivery Services PRESENTED BY:

Lecture 16: Network Layer Overview, Internet Protocol

Summary Chapter 4. Smith College, CSC 249 March 2, q IP Addressing. q DHCP dynamic addressing

Vorlesung Kommunikationsnetze

Lecture 12: Link-state Routing. Lecture 12 Overview. Router Tasks. CSE 123: Computer Networks Chris Kanich. Routing overview

Chapter 4 Network Layer: The Data Plane

Chapter 4 Network Layer: The Data Plane

Web-Based User Interface for the Floodlight SDN Controller

Computer Network Fundamentals Spring Week 4 Network Layer Andreas Terzis

Network Configuration Guide

MikroTik RouterOS Training. Routing. Schedule. Instructors. Housekeeping. Introduce Yourself. Course Objective 7/4/ :00 10:30 Morning Session I

CS164 Final Exam Winter 2013

Missing pieces + Putting the pieces together

CSE 461 Midterm Winter 2018

Lecture 17: Network Layer Addressing, Control Plane, and Routing

Professor Yashar Ganjali Department of Computer Science University of Toronto

Da t e: August 2 0 th a t 9: :00 SOLUTIONS

Hands on SDN and BRO

OTSDN What is it? Does it help?

Using SDN and NFV to Realize a Scalable and Resilient Omni-Present Firewall

So#ware Defined Networking

Networking Potpourri: Plug-n-Play, Next Gen

Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA

Managing and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:

Introduction to Internetworking

SDN Applications and Use Cases. Copyright 2015 ITRI

Communication Networks

Virtual Link Layer : Fundamentals of Computer Networks Bill Nace

First Exam for ECE671 Spring /22/18

Introduction to MPLS APNIC

Homework 3 Discussion

GoCertify Advanced Cisco CCIE Lab Scenario # 1

CS4450. Computer Networks: Architecture and Protocols. Lecture 20 Pu+ng ALL the Pieces Together. Spring 2018 Rachit Agarwal

Typhoon: An SDN Enhanced Real-Time Big Data Streaming Framework

Introduction to MPLS. What is MPLS? 1/23/17. APNIC Technical Workshop January 23 to 25, NZNOG2017, Tauranga, New Zealand. [201609] Revision:

Flow-Based per Port-Channel Load Balancing

Examination 2D1392 Protocols and Principles of the Internet 2G1305 Internetworking 2G1507 Kommunikationssystem, fk SOLUTIONS

Interconnecting Cisco Networking Devices Part 1 (ICND1) Course Overview

Configuring Firewall Filters (J-Web Procedure)

Computer Science 461 Final Exam May 22, :30-3:30pm

EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions

ECPE / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

Taxonomy of SDN. Vara Varavithya 17 January 2018

Network Basic v0.1. Network Basic v0.1. Chapter 3 Internet Protocol. Chapter 3. Internet Protocol

network security s642 computer security adam everspaugh

Realtime Multimedia in Presence of Firewalls and Network Address Translation

Review. Error Detection: CRC Multiple access protocols. LAN addresses and ARP Ethernet. Slotted ALOHA CSMA/CD

Internet Protocol Addressing and Routing. Redes TCP/IP

Networking: Network layer

SD-WAN Deployment Guide (CVD)

CS 356: Computer Network Architectures. Lecture 14: Switching hardware, IP auxiliary functions, and midterm review. [PD] chapter 3.4.1, 3.2.

Realtime Multimedia in Presence of Firewalls and Network Address Translation. Knut Omang Ifi/Oracle 9 Nov, 2015

Application Delivery Using Software Defined Networking

OpenFlow Performance Testing

Agenda L2 versus L3 Switching IP Protocol, IP Addressing IP Forwarding ARP and ICMP IP Routing First Hop Redundancy

Programmable Software Switches. Lecture 11, Computer Networks (198:552)

Configuring ARP attack protection 1

Software-Defined Networking (SDN)

Communication Networks

Configuring ARP CHAPTER4

BIG-IQ Centralized Management: ADC. Version 5.0

Device Interface IP Address Subnet Mask Default Gateway. Ports Assignment Network

CIT 380: Securing Computer Systems. Network Security Concepts

EXAM TCP/IP NETWORKING Duration: 3 hours With Solutions

Switching and Routing projects description

Chapter 4: network layer. Network service model. Two key network-layer functions. Network layer. Input port functions. Router architecture overview

Transcription:

Software-Defined Networking (Continued) CS640, 2015-04-23 Announcements Assign #5 released due Thursday, May 7 at 11pm Outline Recap SDN Stack Layer 2 Learning Switch Control Application Design Considerations Challenges and Ongoing Research Recap: SDN Motivation **What were the key limitations of traditional networks? Distributed routing decisions > difficult to debug; maybe suboptimal decisions Distributed policy > prone to inconsistencies Policies defined over subnets > cannot customize forwarding per application Closed software stack > limited flexibility **How does SDN address this issues? Centralized control Global view to make optimal decisions Theoretically, avoid the complexities of distributed algorithms Operator provided control applications Can control forwarding however you want e.g., implement IETF April Fool s RFC for green routing Flexible forwarding decisions Match on 10 packet header fields (arbitrary byte matching in newest OpenFlow) Forward, drop, modify, or send packets to the controller (for arbitrary processing) **Problems with SDN? Central controller can become bottleneck, and is single point of failure OpenFlow Flow Table Traditional route table Flow table Iface Subnet Mask Gateway Interface Src MAC Dst MAC VLAN Ether Type Src IP Ds t IP Proto Src Port Dst Port Actions Actions: forward to port(s), drop, rewrite header field(s), send to controller Rules can have timeouts Soft timeout switch removes rule if no packet matches it for some period of time Hard timeout switch removes rule after some period has elapsed since it was added Rules can have priorities Switch also maintains statistics (packet and byte counters) for each rule 1

**What rule should we install if we want to Forward all HTTP traffic out iface 3? Forward SSH traffic from a host with IP 10.0.0.5 out iface 4? Do network address translation (NAT)? Forward HTTP GET requests out iface 1? Packet sent to controller if no forwarding entry matches Controller passes packet to control app(s) Control app decides whether to: Add a new rule(s) in one or more switches Modify or drop packet Have switch send packet out specific iface Switch also sends messages to controller when: Switch starts Switch port goes up/down Receives a request for statistics SDN Stack 2

Layer 2 Forwarding Hello world of SDN apps **What options do we have? Flood Learn about locations of hosts Look at network topology and find the path A traditional L2 switch cannot do this, but we can do this with SDN **What is the psuedo code for flooding? When get packet from switch, send it back to the switch and tell it to flood Or, install a rule for each input port to flood any packets **What is the psuedo code for learning? if (source mac address is new) record the source mac and input port mapping if (destination mac address is known) install a flow table rule forward the packet to the destination else FLOOD the packet Look at network topology and find the path this is what you will do for assign #5 Motivating Applications Dynamic access control Seamless mobility 3

Server load balancing Google uses SDN in their WAN Control App Design Considerations Per flow vs. coarser rules Per flow (flow=tcp connection) rules allow fine grained control of network traffic E.g., network address translation for each flow E.g., round robin load balancing of flows across links and/or servers Requires as many flow entries as flows! Border of college of engineering network has 300 new flows per second flow table of 1500 entries (capacity of first generation OpenFlow switches) is exhausted in about 5 seconds Combat flow table size limits with very short timeouts Coarser rules require less resources at switches, but are less flexible Per src/dst host pair, per dst host, per dst subnet, per dst TCP port, etc. 4

Proactive vs. reactive rule installation Proactive installs rules ahead of time Usually based on observing the topology E.g., install paths between all switches when hosts start Reactive installs rules when packets arrive Usually based on the first packet of every flow (flow = TCP connection) E.g., install paths for specific flow between hosts when flow starts 5

Challenges and Ongoing Research 6

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback