810 likes | 911 Views
Management in SDN/NFV. Network Management Spring 2018 Bahador Bakhshi CE & IT Department, Amirkabir University of Technology. Outline. Introduction What is the SDN? NM in SDN What is the NFV? NM in NFV Summary. Outline. Introduction What is the SDN? NM in SDN What is the NFV?
E N D
Management in SDN/NFV Network Management Spring 2018 Bahador Bakhshi CE & IT Department, Amirkabir University of Technology
Outline • Introduction • What is the SDN? • NM in SDN • What is the NFV? • NM in NFV • Summary
Outline • Introduction • What is the SDN? • NM in SDN • What is the NFV? • NM in NFV • Summary
Limitation of Existing Architectures • Lake of centralized global view • Protocols try to approximate an understanding of global network conditions based on local communication • Different protocols & mechanisms solve different parts of networking puzzle Complexity Fairly Static Network Contradiction with currently highly dynamic traffic (e.g., VM Migration) • Difficult to implement network wide consistent (e.g., security, QoS, …) policies • Complexity of scaling up the network in timely manner • Vendor dependency due to lake of standard open interfaces
SDN Main Idea • Collection of network embedded applicationsused to control the operation of the network • The architecture claims: • Adaptable agile: adjust network-wide traffic flow to meet changing needs • Manageable: logically centralized network state is managed automatically by programs • Cost-effective: Open standard based & vendor-neutral HW & SW • Through directly programmable control plane
SDN Concept Control Program Control Program Control Program Global Network Map Network OS Packet Forwarding Abstract Forwarding Model (e.g. OpenFlow) Packet Forwarding Packet Forwarding Packet Forwarding Packet Forwarding
NFV Main Idea • Abstraction of network functions (as software) from dedicated hardware • Traditional Model • Dedicated embedded system for each function • Long product cycle • Virtualizing network functionalities on standard servers
Management of SDN/NFV based Nets. • Technical aspects • New architectures new components • Management improvement • Management challenges • Business issues: Effect on OpEx and CapEx • Cost reduction is an objective of SDN & NFV • NM is service providers’ tool to success business Both have a objective in common
SDN Promise for Capex Reduction • Reduce the purchase cost of hardware • Reduced vendor lock-in and use of commodity hardware • Reduced cost of software • A single controller can steer multiple devices • Higher utilization rates of network • Effective traffic steering and open the network for other operators via network virtualization
SDN Promise for Opex Reduction • Lower maintenance and repair cost • SDN creates a single cohesive structure and better testing possibilities ahead of rollout • Lower service provisioning and management cost • SDN enables automated configuration of network • Lower energy cost • There is no more energy consumption by the control plane and better traffic steering
NFV Promise for Capex Reduction • Lower hardware purchase cost • Common hardware is cheaper then proprietary specialized hardware • Higher utilization of equipment • Physical resource sharing among virtualized functions
NFV Promise for Opex Reduction • Lower service provisioning cost • Automated service provisioning • Lower energy cost • Hardware sharing among functions • Lower maintenance cost • Common hardware is cheaper than dedicated one • Lower system/function upgrade • No need to hardware upgrade
Outline • Introduction • What is the SDN? • Big Picture • Technical Details • NM in SDN • What is the NFV? • NM in NFV • Summary
Implementation of the SDN idea • Remark: programmable control plane • Question: How to build programmable control plane? • Similar question: how to build a programmable computers? • Answer • Simple and general purpose hardware • Abstraction of HW resources • Variables are abstraction of main memory • Operators are abstraction of ALU • Answer: • Simple & general purpose network equipment • Abstraction of control plane
Implementation of the SDN idea • Question 1: What should the “Simple & general purpose network equipment” do? • Einstein: “as simple as possible, but no simpler” • As simple as possible Just forward packets • But no simpler But not blind!! Flow based • Answer: Forwards packets based on rules installed for flows by application • Similar to computer: Performs bit operations based on instructions by the programs • Question 2: What should be abstracted?
Control Plane Abstraction • Control plane must compute forwarding state. To accomplish its task, the control plane must: • Figure out what network looks like (topology) • Figure out how to accomplish goal on given topology • Tell switches what to do (configure forwarding state) • We view this as a natural set of requirements.... • It is similar to machine-level languages • Every program should management every details of hardware (RAM, console IO, …) • Solution • Abstract operation are compiled to machine level • Abstract resources by OS and libraries
The Control Plane Problem • These part of control plane can be abstracted • Determining the topology information • Configuring forwarding state on switches • SDN = Two Control Plane Abstractions • Abstraction: global network view • Provides information about current network • Implementation: “Network Operating System” • Runs on servers in network (replicated for reliability) • Abstraction: forwarding model • Provides standard way of defining forwarding state • An example is the OpenFlow protocol
SDN Example RFC 2328: 245 pp ~ 2-3 pp ~ 120 pp
Main Characteristics of SDN • The control and data planes are decoupled • Control functionality is removed from network devices that will become simple (packet) forwarding elements • Forwarding decisions are flow-based, instead of destination-based • Allows unifying the behavior of different types of network devices including router, firewall, … • Control logic is moved to an external entity, the so called SDN controller or Network Operating System (NOS) • The network is programmable through software applications running on top of the NOS
Outline • Introduction • What is the SDN? • Big Picture • Technical Details • NM in SDN • What is the NFV? • NM in NFV • Summary
OpenFlow based SDN OpenFlow Controller OpenFlow Protocol (SSL/TCP) Control Path OpenFlow Data Path (Hardware)
OpenFlow Protocol • OpenFlow is the de-facto protocol for south-band interface • Between controller and switches
Controller: The NOS!! • Do not control the network itself • Applications implemented on top of it would perform the actual management tasks • Provide a uniform and centralized programmatic interface to the entire network • Requirements • Present programs with a centralized programming • Centralizing Network State • Programs be written in terms of high-level abstraction
Controller Challenges • Generality • Wide range of functionalities • Reliability • Flexibility • Scalability • Support large # of switches • Control plane performance • Security
Controller Deployment • Physically centralized • Single Thread: NOX, POX, … • Multi Thread: Beacon, Maestro, Floodlight, Trema, … • Hierarchical • Global controller, with multiple local controllers • E.g., Kandoo, Helios, Midonet, Logical xBar… • Peers • Each handling different portions of the topology, flow space, slice, or applications • E.g., HyperFlow, Onix, SiBF, ONOS, Elasticon, … • Replicas • Master, with multiple slaves; Multiple active replicas
Outline • Introduction • What is the SDN? • NM in SDN • What is the NFV? • NM in NFV • Summary
NM in SDN?! • Different points of view about NM SDN • SDN is the new kind of NM • SDN controller is the NMS • SDN has no effect on NM • SDN is responsible for the control plane not the management plane • SDN improves NM while raising new challenges • NM include management of control plane too • Role & Responsibility overlap between the NMS and the Controller
SDN for NM: Current NM Challenges • Heterogeneity & Diversity • Vendor dependent management • Different MIB for different vendors • Device type dependent management • E.g., Firewall vs L2 switch?! • Function type dependency • E.g., Fault vs Performance management?! • Coarse-grained distributed traffic management • Agile & fined-grained flow controller needed in FCAPS
SDN Benefits for NM • Vendor independency • By OpenFlow, the standard protocol • Device type independency • Since all devices are OpenFlow switches • Common needs in all NM functions • Centralized view of network by the controller • Agile traffic management • By centralized controller • Policy automation • by “SDN Programming languages” (e.g., Frenetic)
SDN Management Challenges • Controller management • Fault, Security and Performance of the controller is vital for SDN operation • Application management • Most control plane and policies are implemented as application which are new in NM context • Northbound interface • There is not any standard controller dependency • Switch management • New kind of resources (Flow Table) and Protocol (OpenFlow) need new management requirements
FCAPS in SDN • Pros: Faster service restoration • Reactive: flow rerouting by an application • Proactive: backup path provisioning per flow • Shared & Dedicated paths • Realtime switching by Group tables • Cons: New kinds of failures • Switch, Controller, and application failures • South, West, North interfaces failure P. Fonseca , E. Mota, “A Survey on Fault Management in Software-Defined Networks,” IEEE Communications Surveys & Tutorials. 2017 Jun.
FCAPS in SDN • Pros: automated provisioning • Flow path is determined by applications • No need to think in flow-level, high-level programming languages are available • Cons: New kinds of configurations • How to configure applications, controller and switches • OF-Config is proposed for switch configuration C. Trois, MD. Del Fabro, LC. de Bona, M. Martinello M, “A survey on SDN programming languages: Toward a taxonomy,”IEEE Communications Surveys & Tutorials. 2016 Apr.
FCAPS in SDN • Pros: Fine-grained flow monitoring & engineering • Statistics of the Flow Table and the Meter Table • Better Network and SLA monitoring • Reactive & Proactive traffic engineering • SLA guarantee • Cons: New kinds of performance issues • The performance of Flow Table lookup • The performance of controller and applications IF. Akyildiz, A. Lee, P. Wang, M. Luo, W. Chou, “A roadmap for traffic engineering in SDN-OpenFlow networks,” Computer Networks. 2014 Oct
FCAPS in SDN • Pros: Fine-grained flow monitoring & control • Centralized view of the network • Complex and advanced traffic analysis • Fast network-wide reaction • E.g. DDoS protection • Cons: New kinds of security issues • The security of controller • The security of interfaces • The security of applications S. Scott-Hayward, S. Natarajan, S. Sezer, “A survey of security in software defined networks,”IEEE Communications Surveys & Tutorials. 2016 Mar;18(1):623-54.
SDN Management What are the management interfaces? Which Standard Protocols?
OF-Config: OpenFlow Configuration • OpenFlow determines how packets are forwarded but doesn’t provide the configuration and management functions likes IP addresses • OF-Config is used to manage physical and virtual switches in an OpenFlow environment • OF-CONFIG defines an OpenFlow switch as an abstraction called an OpenFlow Logical Switch • Which is contained by OpenFlow Capable Switch
OF-Config vs NETCONF • OF-Config is the NETCONF based configuration for OpenFlow switch • The OpenFlow Capable Switches MUST implement NETCONF • In fact, OF-Config defines the standard tags (the MIB) to manage OpenFlow specific resources • E.g., Ports, Flow Table, …
Outline • Introduction • What is the SDN • NM in SDN • What is the NFV • Big picture • Technical view • NM in NFV • Summary
What is the NFV? Remark • The main idea of Network Function Virtualization • A network service is a chain of networkfunctions • Routing, Firewall, NAT, Filtering, … • The functions are hardware appliances in the current architecture • Dedicated special purpose hardware • In NFV, the functions are software • Can be run on any general purpose hardware • Virtualization technologies are used to be completely hardware independent