Transcript OpenFlow : Enabling Innovation in Campus Networks

OpenFlow : Enabling Innovation
in Campus Networks
SIGCOMM 2008
Nick McKeown, Tom Anderson, et el.
Stanford University California, USA
2011. 04. 11
Presented by Hyogi Jung
1/17
Contents
• Internet Closed for Innovations
• OpenFlow
– Goals
– Concepts
– Architecture
– Flow Table Structure
– Controller
• Summary
2/17
Innovations in Legacy Internet
• Experiments we’d like to do new
–
–
–
–
Mobility management
Network-wide energy management
New naming/addressing schemes
Network access control
• Problem with our network
–
–
–
–
Paths are fixed
IP-only
Addresses dictated by DNS, DHCP, etc
No means to add our own processing
3/17
Why Internet Closed for Innovations?
• Commercial Vendor won’t open software and
hardware development environment
– Complexity of support
– Market protection and barrier to entry
• Hard to build my own
– Prototypes are unstable
– Software only : Too slow
– Hardware/Software : Fanout too small
(need>100 ports for wiring closet)
4/17
Experimenter’s Dream
(Vendor’s Nightmare)
Standard
StandardUsersw NetworkNetworkdefined
Processing
Processing
hw Processing
Experimenter writes
experimental code
on switch/router
5/17
OpenFlow’s Goal
• Put an open platform
– researchers/students to test new ideas at scale
through production networks
– without requiring vendors to expose internal
workings
• Bring Future Internet to legacy Internet
• An open development environment for all
researchers(e.g. Linux, Verilog, etc)
6/17
OpenFlow Concept
OpenFlow Controller
OpenFlow Protocol (SSL/TCP)
Ethernet
Switch
Control
Control
Path
Path (Software)
OpenFlow
Data Path (Hardware)
7/17
OpenFlow Network Architecture
Controller
OpenFlow Switch specification
OpenFlow Switch
PC
sw Secure
Channel
hw
Flow
Table
8/17
Operation Step
New
function!
If header = x, send to port 4
If header =y, overwrite header with z,
send to ports 5,6
If header = ?, send to me
Flow
OpenFlow
Table
Switch
PC
Controller
Flow
OpenFlow
Table
Switch
Flow
OpenFlow
Table
Switch
Flow
OpenFlow
Table
Switch
9/17
Packet Processing
• OpenFlow SW’s Packet Processing
– Search a matched entry of flow table with arriving
packet’s information
Packet
in from
Network
No match
Send to secure
channel
Match
Apply actions
Flow lookup
10/17
Flow Table Structure
• Exploit flow table in switches, routers, and
chipsets
11/17
Flow Table Entry
Rule
Action
Stats
Packet + byte counters
1.
2.
3.
4.
Switch
Port
MAC
src
MAC
dst
Forward packet to port(s)
Encapsulate and forward to controller
Drop packet
Send to normal processing pipeline
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
+ mask
12/17
Flow Table Entry Examples
(OpenFlow is Backward Compatible)
• Ethernet Switching
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
00:1F:.
*
*
*
*
*
*
*
port6
• IP Routing
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
*
*
*
*
5.6.7.8
*
*
*
port6
Action
• Application Firewall
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
*
*
*
*
*
*
*
*
*
22
drop
13/17
Flow Table Entry Examples
(OpenFlow allows layers to be combined)
• Flow Switching
Switch
Port
MAC
src
MAC
dst
port3 00:2E:.. 00:1F:.
Eth
type
VLAN
ID
0800
vlan1
IP
Src
IP
Dst
1.2.3.4 5.6.7.8
IP
Prot
TCP
sport
TCP
dport
Action
4
17264
80
port6
• VLAN + App
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Action
*
*
*
*
vlan1
*
*
*
*
80
port6
Action
• Port + Ethernet + IP
Switch
Port
MAC
src
port3 00:2E:..
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
*
0800
*
*
5.6.7.8
4
*
22
drop
14/17
OpenFlow Controller
• Centralized Intelligential agency for entire
OpenFlow network
• NOX is an open-source OpenFlow Controller
• Researchers can insert their software code
into NOX controller for testing their idea
Nox Controller
OpenFlow Switch
OpenFlow Switch
OpenFlow Switch
15/17
OpenFlow Hardware (Switches)
• NEC
• HP
• Pronto
16/17
Summary
• OpenFlow
– Standard way to control flow-tables in commercial
switches and routers
– Put an open platform
– An open development environment for all
researcher
– Test Environment for Future Internet Technologies
17/17