9 Software Defined Networks Flashcards
Why is configuration hard?
- Defining correctness is hard
- Interactions between protocols -> unpredicatability
- Operators make mistakes
What do SDNs provide
Network wide views (Topology and Traffic)
Network level objectives (Load balance, Security)
Direct control
High level sdn
Remove routing from routers and perform routing computation at the logically centralized controller
SDN Advantages
Coordination
Evolve
Reasoning is easier
All of these stem from a separate control plane which allow us to apply CS techniques we couldn’t before
Control plane
software program written in a high level language
Logic that controls forwarding behavior
Data plane
programmable hardware controlled by control plane
forwarding traffic according to control plane logic
SDN applications
data centers backbone networks enterprise networks interent exchange points home networks
Routing protocols that compute path belong in the _____
control plane
Forwarding table entries belong in the _____
data plane
Why do we separate the data and control planes?
Independent evolution (separate hardware and software) Control from high level program
SDN Benefits for: Data centers
VM Migration
SDN Benefits for: Routing
more control over decision logic
SDN Benefits for: Enterprise networks
security
SDN Benefits for: Research
coexist with production
Data center SDNS
Problem: Provisioning/migration in response to load
Solution: Program switch state from a central DB
Backbone Security and SDNs
Attacker sending traffic to victim, so controller sees this and responds with something like a null route that “blocks” traffic from attacker
Challenges of SDN
Scalability - hundreds to thousands of switches
Consistency - Ensure different replicas see same view
Security/Robustness - failure/ compromised, system must still work
Different SDN Controllers
NOX Ryu Floodlight Pyretic Frenetic Procera Routeflow Trema
NOX Overview
open source
stable
widely used
Classic nox
c++/python
new nox
c++ only, fast
Nox architecture
Components: Switches, Network attached servers
Abstraction: Switch control (open flow is default)
Control: Flow granularity
Nox flow
10-tuple: statistics, things to do to packets that match this flow definition
Nox flow actions
forward
drop
send to controller
Nox controller programmatic interface
based on events (packet receive, switch join/leave)
keeps track of network view (underlying network topology)
speaks control protocol to switches in network that allows it to update state in switches
Nox characteristics
c++
openflow 1.0
model: event based
NOX benefits/downfalls
Good Performance
Requires you to be familiar with low level of openflow
Requires c++ development
Pox
easy to use, read, write
performance sucks though
Ryu characteristics
Python
open flow 1.0, 1.2, 1.3
OpenStack
Ryu downside
performance sucks
floodlight characteristics
java
openflow 1.0
fork from beacon
floodlight advantages
documentation
REST compatability
performance
floodlight disadvantage
hard to learn
Pox algorithm for switch
- Update address/port table
- if multicast, flood
- if no table entry, flood
- if src == dst, drop
- install flow table entry
