A Crash Course in OpenFlow 1.1. Rob Sherwood August 2011

Similar documents
SDN Workshop. Contact: WSDN01_v0.1

OpenFlow Ronald van der Pol

SDN Workshop. Contact: TSDN01_v0.1. [xx] Revision:

These slides contain significant content contributions by

Configuring OpenFlow 1

11/30/16. Game Plan. OpenFlow 1.3: Protocol, Use Cases, And Building a Fault Tolerant Application. Up Next. Before We Get Started

OpenFlow 1.3: Protocol, Use Cases, and Controller Writing. Ryan Izard

OpenFlow Performance Testing

OpenFlow Switch Errata

Lesson 9 OpenFlow. Objectives :

OpenFlow 1.3: Protocol, Use Cases, And Building a Fault Tolerant Application

OpenFlow. Finding Feature Information. Prerequisites for OpenFlow

OpenFlow. Finding Feature Information. Prerequisites for OpenFlow

Overview of the Cisco OpenFlow Agent

How SDN Works Introduction of OpenFlow Protocol

Slicing a Network. Software-Defined Network (SDN) FlowVisor. Advanced! Computer Networks. Centralized Network Control (NC)

H3C S7500E Switch Series

Configuring OpenFlow. Information About OpenFlow. This chapter contains the following sections:

CSCI-1680 Network Layer:

OPENFLOW & SOFTWARE DEFINED NETWORKING. Greg Ferro EtherealMind.com and PacketPushers.net

SDN AND NFV SECURITY DR. SANDRA SCOTT-HAYWARD, QUEEN S UNIVERSITY BELFAST COINS SUMMER SCHOOL, 23 JULY 2018

Comparison of Maxwell Family of Network Emulators. Kings Village Center #66190 Scotts Valley, CA iwl.com

Programmable Dataplane

Huawei SX700 Switches. SDN Technology White Paper. Issue 01. Date HUAWEI TECHNOLOGIES CO., LTD.

Software Defined Networks and OpenFlow. Courtesy of: AT&T Tech Talks.

Packet Header Formats

The KMAX Network Emulator

Managing and Securing Computer Networks. Guy Leduc. Chapter 2: Software-Defined Networks (SDN) Chapter 2. Chapter goals:

CS 5114 Network Programming Languages Data Plane. Nate Foster Cornell University Spring 2013

Layering for the TSN Layer 2 Data Plane

Working with Contracts

H3C S5130-EI Switch Series

Decision Forest: A Scalable Architecture for Flexible Flow Matching on FPGA

P4 for an FPGA target

Design principles in parser design

Advanced Computer Networks. Network Virtualization

Configuring IP Version 6

Centec V350 Product Introduction. Centec Networks (Suzhou) Co. Ltd R

Table of Contents 1 QinQ Configuration 1-1

Lecture 2: Basic routing, ARP, and basic IP

HEADER SPACE ANALYSIS

Programmable Software Switches. Lecture 11, Computer Networks (198:552)

H3C S5130-EI Switch Series

H3C S6800 Switch Series

Configuring IP ACLs. About ACLs

Routing without tears: Bridging without danger

SDN QoS. Yatish Kumar - CTO Corsa

Configuring Flexible NetFlow

Multi-site Datacenter Network Infrastructures

Header Space Analysis: Static Checking For Networks

Configuring Flexible NetFlow

2D1490 p MPLS, RSVP, etc. Olof Hagsand KTHNOC/NADA

APG4 APG8 APG200 APG208

MPLS Segment Routing in IP Networks

K2289: Using advanced tcpdump filters

CSE/EE 461 The Network Layer. Application Presentation Session Transport Network Data Link Physical

Single VID ECMP Frame Format Considerations

Communications Software. CSE 123b. CSE 123b. Spring Lecture 2: Internet architecture and. Internetworking. Stefan Savage

Access Rules. Controlling Network Access

Single VID ECMP Frame Format Considerations

NAT, IPv6, & UDP CS640, Announcements Assignment #3 released

Software Defined Networks and OpenFlow

SDN Lecture 2. Layer I: Infrastructure Layer II: Southbound Interfaces

Charter: Forwarding Abstractions Working Group

Implementing Open Flow Agent

Configuring Open Flow Agent

Internet Layers. Physical Layer. Application. Application. Transport. Transport. Network. Network. Network. Network. Link. Link. Link.

100 GBE AND BEYOND. Diagram courtesy of the CFP MSA Brocade Communications Systems, Inc. v /11/21

Advanced Computer Networks Exercise Session 7. Qin Yin Spring Semester 2013

Chapter 4 Network Layer: The Data Plane

So#ware- Defined Networks

Telecom Systems Chae Y. Lee. Contents. Overview. Issues. Addressing ARP. Adapting Datagram Size Notes

Network Myths and Mysteries. Radia Perlman Intel Labs

Configuring Port Channels

Abstractions and Open APIs in Networking

Hybrid OpenFlow Switch

Gigabit Ethernet XMVR LAN Services Modules

Gigabit Ethernet XMVR LAN Services Modules

lecture 18: network virtualization platform (NVP) 5590: software defined networking anduo wang, Temple University TTLMAN 401B, R 17:30-20:00

ELEC / COMP 177 Fall Some slides from Kurose and Ross, Computer Networking, 5 th Edition

EC441 Fall 2018 Introduction to Computer Networking Chapter4: Network Layer Data Plane

Can the Production Network Be the Testbed?

HP 5920 & 5900 Switch Series

IPv4 ACLs, identified by ACL numbers, fall into four categories, as shown in Table 1. Table 1 IPv4 ACL categories

Internet Engineering Task Force (IETF) Request for Comments: 8431 Category: Standards Track ISSN:

IP - The Internet Protocol. Based on the slides of Dr. Jorg Liebeherr, University of Virginia

Configuring SPAN. About SPAN. SPAN Sources

Challenges for the success of SDN and NFV (from a standardization perspective)

Hands-On Network Security: Practical Tools & Methods

Software Defined Networking Data centre perspective: Open Flow

OVS Acceleration using Network Flow Processors

RBRIDGES/TRILL. Donald Eastlake 3 rd Stellar Switches AND IS-IS.

Multi Protocol Label Switching (an introduction) Karst Koymans. Thursday, March 12, 2015

Software Defined Networking

Lecture 10: Internetworking"

Configuring IP ACLs. About ACLs

Network Security Fundamentals. Network Security Fundamentals. Roadmap. Security Training Course. Module 2 Network Fundamentals

DD2490 p Layer 2 networking. Olof Hagsand KTH CSC

Implementing Inter-VLAN Routing. 2003, Cisco Systems, Inc. All rights reserved. 2-1

Lessons from the OpenFlow experience. CEF 2017 Simeon Miteff

Transcription:

A Crash Course in OpenFlow 1.1 Rob Sherwood August 2011 rob.sherwood@bigswitch.com

Talk Summary Background and Assumptions OpenFlow 1.1 is for WANs Delta between 1.0 and 1.1 New features, clarifications, spec changes Adoption (or lack thereof) Known issues Next steps towards OpenFlow 1.2+

Background Assumes: familiar with OpenFlow 1.0 OpenFlow 1.0 was developed for campus networks, e.g., GENI with slicing OpenFlow 1.1 was targeted at WANs Took over a year to specify Driven by a small but influential group Backwards compatibility was NOT a goal

Target Use Cases Better flow table usage n routes * m policies == too many flow_mods Fast failover (faster than controller latency) Multi-path forwarding, e.g., ECMP Support for new match types Litany of smaller features/concerns Large audience requires better overall spec clarity

OpenFlow 1.0 to 1.1 This talk divides the differences into: Complex new features Simple new features Various sundry changes Spec clarifications What was not added (... and why)

Complex New Features: Summary Multiple tables Instructions vs. actions sets Group table Action buckets Match is now an extensible TLV (sort of)

Multiple Tables: Goals ASICs have multi-stage processing pipelines OF1.0 abstracts this all away to one table As a result, most firmware implementations only a small subset of hardware, e.g., TCAM Goal: better expose underlying hardware Give programmer more precise control Solve: Cartesian product of flow entries

Multi-Table: Challenges Need a simple model to describe all ASICs Diverse capabilities # pipeline stages state between stage, legal transitions support resubmit? (for tunnel decap) Feature negotiation is pathological intra-asic loops; depends on actions

Multi-Table: Solution Switch exposes n tables n could equal one! Incomplete online negotiation: too hard! Assumes controller writer has OOB info Switch can always say unsupported Per-table miss and match capabilities Introduce instructions and action set

Multi-Table: Instructions Instructions: goto-table n, record metadata, change action set, apply current actions set to packet Instructions affect processing pipeline, state actions only affect the packet (as in 1.0) Actions are now a set, not a list only one action of each type is allowed per packet -- closer to ASIC capabilities use group table (next) to send multi-port

Multi-Table: Packet Flow Packet In Start at table 0 Yes Match in table n? Yes Update counters Execute instructions: update action set update packet/match set fields update metadata Goto- Table n? No No Based on table configuration, do one: send to controller drop continue to next table Execute action set Figure 3 from OF1.1 spec

Group Tables Short story: actions indirection layer Added a send to group XXX action Each group is a list of action buckets Action bucket: a list of actions or groups Can create chains of action buckets e.g., ECMP across links with fast failover...or even action bucket loops (!!)

Group Table: Example Uses Type all: execute all buckets in list e.g., multi-cast groups, Spanning Tree port lists Type select: execute a single bucket, chosen by switch computed selection algorithm e.g., a hash on packet 5-tuple for ECMP Type fast-failover: execute first live bucket as managed by the switch via, e.g., BFD Selection algorithm, liveness criteria configured out-of-band

ofp_match is now a TLV Allows adopters to define new match fields e.g., IPv6, FiberChannel, etc. Type=0 is a OF1.0-like fixed-length block added support for MPLS, metadata, etc. No other types defined :-( But: can t mix official+non-standard types and assert() s in openflow.h are wrong Likely addressed in OF1.2: e.g., NXM proposal

Simple New Features Maskable ethernet src/dst addresses e.g., for PortLand-like addressing schemes MPLS support: match + push/pop/swap/ttl VLAN QinQ support Can only match outer tag IP TTL decrement + ECN actions added Maskable cookies

Litany of Other Changes Port IDs are now 32-bit fields NO_FLOOD bit can t be controlled (!!) VLAN actions rewritten: push/pop/swap s/vendor/experimenter/g Lots of constants renamed, reordered Many messages re-factored e.g., flow_mod takes a list of instructions

Spec Clarifications Explicit packet processing model (next) (Partial) definition of hybrid switch OFPC_MODIFY vs. OFPC_ADD modify is no longer an implicit add SSL/TLS control channel optional better match to de facto use

Figure 4: Initialize Match Fields Use input port, Ethernet source, destination, and type from packet; initialize all others to zero; move to the next header decision yes no How to map a packet to an Is the next header a VLAN tag? (Ethertype = 0x8100 or 0x88a8?) Use VLAN ID and PCP. Use Eth type following last VLAN hdr for next Eth type check Skip over remaining VLAN tags ofp_match: Does switch support MPLS processing? Is the next header an MPLS shim header? (Ethertype = 0x8847 or 0x8848?) Use MPLS label and TC. Skip remaining MPLS shim headers Main point: lots of overloaded Does switch support ARP processing? Is the next header an ARP header? (Ethertype = 0x0806?) Use IP source, destination, and ARP opcode from within ARP packet fields to work around Is the next header an IP header? (Ethertype = 0x0800?) Use IP source, destination, protocol, and ToS fields Not IP Fragment? IP Proto = 6, 17 or 132? Use UDP/ TCP/SCTP source and destination for L4 fields inflexible match. IP Proto = 1? Use ICMP type and code for L4 fields Packet Lookup Use assigned header fields

Figure 4: Initialize Match Fields Use input port, Ethernet source, destination, and type from packet; initialize all others to zero; move to the next header decision yes no How to map a packet to an Is the next header a VLAN tag? (Ethertype = 0x8100 or 0x88a8?) Use VLAN ID and PCP. Use Eth type following last VLAN hdr for next Eth type check Skip over remaining VLAN tags ofp_match: Does switch support MPLS processing? Is the next header an MPLS shim header? (Ethertype = 0x8847 or 0x8848?) Use MPLS label and TC. Skip remaining MPLS shim headers Main point: lots of overloaded Big source of contention for 1.2+: Is the next Use IP source, Does switch header an ARP destination, and support ARP header? ARP opcode processing? (Ethertype = from within ARP duplicates 0x0806?) and packet contradicts fields to work around inflexible Is the next header an IP header? (Ethertype = 0x0800?) existing standards. Use IP source, destination, protocol, and ToS fields Not IP Fragment? IP Proto = 6, 17 or 132? Use UDP/ TCP/SCTP source and destination for L4 fields match. IP Proto = 1? Use ICMP type and code for L4 fields Packet Lookup Use assigned header fields

Not Added to OF1.1 Tunneling: use virtual ports instead configure out-of-band Configuration protocol active debate in ONF working group Per-flow rate limiter action personal pet peeve - hardware support exists! really useful for OFPP_CONTROLLER

Adoption OF reference switch did not implement 1.1 code too complex to be a reference, too slow to be deployable Ericsson just released OF1.1 reference (yay!) No OVS support (not even planned?) OFPS: implemented all features but group table EZChip NPU has an 1.1 implementation Python-based switch by Dan Talayco and myself AFAIK, only public hardware -based 1.1 switch

Known Issues (1/2) Full multi-tables unimplementable on existing hardware Most tables have limited capabilities e.g., L2-only table Big increase to controller complexity...don t even get me started on FlowVisor Extensible part of match unspecified still no IPv6! planned fix in OF1.2

Known Issues (2/2) No controller support for 1.1 openflow.jar would need a rewrite hacked nox support from Ericsson Still very ethernet-centric No way to describe MPLS or IP-only box Too many things punted to OOB configuration protocol

Conclusions OpenFlow 1.1 solves real issues from 1.0 Efficient table use, ECMP, fast-failover MPLS-support, VLAN QinQ Not (yet?) adopted for a variety of reasons reasons still being debated... OF1.2 will hopefully address some issues

2024 © technodocbox.com Privacy Policy | Terms of Service | Feedback