Cisco SDN Overview Flashcards
3 Planes of Interest
Data Plane
Control Plane
Management Plane
Data Plane Actions
Tasks done to forward a message
Control Plane Actions
Any action that controls the data plane
Management Plane Actions
Protocols that allow network engineers to manage the devices
Traditional Switch Data Plane
Use a purpose-built ASIC for the forwarding logic, and TCAM to store the required tables for fast table lookups.
SBI
Southbound Interface
NBI
Northbound Interface
API
Application Programming Interface
[Interface to an application program]
3 Separate SBIs
- OpenFlow
- OpFlex (Cisco; used with ACI)
- CLI (Telnet / SSH) and SNMP (from Cisco; used with APIC-EM)
Function of Java API
Interface between Java applications and controller
Describes a type of API that allows applications to sit on different hosts
REST API
Representational State Transfer
How does REST transfer data?
REST uses HTTP messages to transfer data over the API.
Why are REST APIs needed?
When the application runs on a different system somewhere else in the network other than running on the controller, the API needs a way to send the data back and forth over an IP network.
RESTful APIs meet that need.
What identifies an object on the controller, typically a structure that the application needs to learn and then process?
URI
Step 1 in a RESTful App / Controller Transaction
- App sends an HTTP GET request to a particular URI.
When an app sends an HTTP GET request to a particular URI via a REST API, what is the URI for?
Not a web page URI, but a URI for an object on the controller, typically a data structure that the application needs to learn and process.
Step 2 in a RESTful App / Controller Transaction
- Controller sends back an HTTP GET response message with the object.
What do most REST APIs ask for and receive?
Structured Data
What does the HTTP GET response typically contain?
Variable names and their values, in a format that can be easily used by a program.
Common Formats for Data Used for Network Programmability
JSON (JavaScript Object Notation)
XML (eXtensible Markup Language)
Step 3 in a RESTful App / Controller Transaction
- Application takes HTTP GET response structured data and populates local variables.
3 Cisco SDN / Network Programmability Solutions
- Open SDN Controller & OpenFlow (as SBI)
- Cisco Application Centric Infrastructure (ACI) and OpFlex (as SBI)
- Cisco APIC Enterprise Module (APIC-EM)
What two primary things does OpenFlow define?
- An IP-based protocol used between the controller and the network devices.
- A standard idea of what a switch’s capabilities are, based on the ASICs and TCAMs commonly used in switches today.
A standard idea of what a switch’s capabilities are, based on the ASICs and TCAMs commonly used in switches today.
Switch Abstraction
SDN model which centralizes most control plane functions
Open SDN Model
Functions of an OpenFlow Switch
Layer 2 Switch Functions
Layer 3 Switch Functions
Different functions with great flexibility beyond the traditional model of a Layer 2/3 switch.
Control of the Network in the Open SDN Model
Done by the controller PLUS any applications that use the controller’s NBIs.
Open source controller from the Linux Foundation
Open Daylight (ODL) Controller
In a generalized ODL architecture, what NBI is used by an external application to talk to the ODL controller?
REST API
Internal controller applications in an ODL controllers use what API to talk to core features?
Java API
Internal controller applications in an ODL controllers are programming in what language?
Java
Southbound Interfaces (SBIs) in a generalized ODL architecture
OpenFlow NetConf PCEP BGP-LS OVSDB Etc.
Typical instantiation of a generalized ODL architecture
Take the ODL controller, use the parts that make sense for a particular project, add to it, and create a commercial ODL controller.
Number of commercial SDN controllers based on ODL as of early 2016
15 (including the Cisco Open SDN Controller (OSC))
Which controller has the longer list of features - the ODL controller or the ODL-based Cisco Open SDN Controller (OSC)?
ODL Controller
How does Cisco support OpenFlow and ONF model of OpenFlow?
Through the Cisco Open SDN Controller (OSC) and a small portion of the Cisco router and switch product line.
Cisco products which support OpenFlow via OSC
Nexus 3000, 4500x switches
ASR 9000 routers
Is Cisco migrating its entire product line to support OpenFlow?
No
Cisco’s data center SDN solution
Cisco Application Centric Infrastructure (ACI)
Endpoints in the ACI architecture
VMs and traditional servers
Two key concepts in ACI
Endpoints and Policies
In ACI, policies are applied to what?
Endpoint Groups (EGs)
What has to happen prior to the ACI controller directing the network as to what needs to be in the forwarding tables to make it all happen - and to more easily react when the VMs start, stop, or move?
All of the endpoints, policies, and related details must be defined.
Controller used by ACI
Application Policy Infrastructure Controller (APIC)
In the Cisco ACI data center SDN solution, what controller creates application policies for the data center infrastructure?
Application Policy Infrastructure Controller (APIC)
What software applications talk to the APIC controller via NBIs?
- Virtualization software
- Cloud software
- Automation software
- GUI or scripts
What type of control plane does ACI / APIC have?
Partially centralized control plane
What is the southbound interface (SBI) for ACI / APIC?
OpFlex
What NBI APIs are used in ACI / APIC?
RESTful and native APIs
Allows software control from outside the controller
Northbound Interfaces (NBIs)
To what extent does ACI centralize the control plane?
ACI centralized much but not all of the control plane.
Some of the control plane is left in the switches (newer models).
What does Cisco’s APIC Enterprise Model (APIC-EM) bring to the table?
APIC-EM keeps the same traditional switches and routers and adds the benefits of network programmability.
Cisco’s SDN offer for the Enterprise
Application Policy Infrastructure Controller - Enterprise Model (APIC-EM)
SBI Protocols Used by APIC-EM
CLI (Telnet, SSH)
SNMP
Cisco-supplied applications which reside on the APIC-EM controller
Topology Visualization
Path Trace
Plug n Play
iWAN
How would a customer / external application interact with the APIC-EM?
Via the a REST API as the NBI API.
What sits between the NBI and the SBI of the APIC-EM controller?
Core Features of APIC-EM
What does the RESTful Northbound API make available to an external application?
Collected information about the entire network over an easy-to-use API.
What happens to the control and data planes of the network devices in the APIC-EM architecture?
Nothing. The control and data planes of the network devices remain unchanged.
Describe network programmability in the first version of APIC-EM.
APIC-EM 1.0 enabled network programmability with a centralized controller model - without changing the data and control plane concepts and configuration.
Data Plane and Control Plane of Network Devices in APIC-EM
Do not change (as of early 2016; for all routers and switches).
How is APIC-EM likely to change over time?
Support for more SBIs.
Does the APIC-EM controller program flows into tables?
No
Does the APIC-EM controller ask the control plane in the network devices to change how it operates?
No
How does APIC-EM enable easier network automation for customers?
By gathering information about the network over the SBI.
What information does APIC-EM gather over the SBI?
Topology Devices Interfaces Operational Status Conbfiguration
How does APIC-EM make information gathered about the network available to applications (external or built-in)?
Through extensive NBI APIs
Does APIC-EM normalize data about devices?
Yes. APIC-EM makes the data about devices CONSISTENT to a great extent - even if the devices use different operating systems.
How can APIC-EM change how network devices operate?
By changing the configuration of the devices.
How does APIC-EM use the CLI of network devices?
APIC-EM can use Telnet and SSH to log into a device, reconfigure the device, etc.
How does APIC-EM use SNMP?
Using SNMP as the SBI, APIC-EM can configure the network devices with SNMP Set commands.
Changes how the device control plane works vs. traditional networking
Open SDN: Yes
ACI: Yes
APIC Enterprise: No
Creates centralized point from which humans and automation control the network
Open SDN: Yes
ACI: Yes
APIC Enterprise: Yes
Degree to which the architecture centralizes the control plane
Open SDN: Mostly
ACI: Partially
APIC Enterprise: N/A. Control plane remains the same in the networking devices, so in that sense the control plane is not centralized at all.
SBIs used by Open SDN, ACI, and APIC-EM
Open SDN: OpenFlow
ACI: OpFlex
APIC-EM: CLI, SNMP
Controllers used by OpenSDN, ACI, and APIC Enterprise
OpenSDN: Open Daylight (ODL), Cisco OSC
ACI: APIC
APIC Enterprise: APIC-EM
Organization that is the primary definer / owner of OpenSDN
ONF
Organization that is the primary definer / owner of ACI
Cisco
Organization that is the primary definer / owner of APIC Enterprise
Cisco
Does OpenSDN change how the device control plane works vs. traditional networking?
Yes
Does ACI change how the device control plane works vs. traditional networking?
Yes
Does APIC Enterprise change how the device control plane works vs. traditional networking?
No
True or False: OpenSDN creates a centralized point from which humans and automation control the network.
True
True or False: ACI creates a centralized point from which humans and automation control the network.
True
True or False: APIC Enterprise creates a centralized point from which humans and automation control the network.
True
Degree to which the OpenSDN architecture centralizes the control plane.
Mostly
Degree to which the ACI architecture centralizes the control plane.
Partially
Degree to which the APIC Enterprise architecture centralizes the control plane.
N/A. The control plane remains in the same in the networking devices, so in that sense the control plane is not centralized at all.
Cisco DevNet URL
https://developer.cisco.com
SDN Skills Blog
www.sdnskills.com
2 Categories of Applications in the APIC-EM Controller
- Basic Applications
2. Solution Applications (Require Purchase of Additional License)
Primary purpose / function of the APIC-EM Path Trace Tool
Predicts what happens in the data plane of the various devices in the network.
From a user interface perspective, how do applications appear in the APIC-EM controller?
From a user interface perspective, applications appear as just another feature in the UI.
From an architectural perspective, how do applications appear in the APIC-EM controller?
Applications are separate from the base controller and may even be developed by different groups within Cisco.
In the APIC-EM controller, where do applications run?
Applications run natively on the controller.
The applications do not run elsewhere in the network but are installed as part of the controller.
Which APIC-EM applications determines the network topology?
The Discovery application in APIC-EM.
What happens before the Path Trace application can be used?
Another APIC-EM application called Discovery discovers the network topology.
What does the user provide to the Path Trace application / GUI?
Source and destination address of a packet
How does Path Trace analyze where an imaginary packet would flow if sent in the network right now?
By examining the information pulled by APIC-EM from the devices in the network - MAC tables, IP routing tables, and other forwarding details in the devices
What is the output of Path Trace?
The Path Trace GUI displays the path of an imaginary / hypothetical packet, with notes, overlaid on a map of the network.
What is the function of the APIC-EM ACL Analysis Tool?
Examines the chosen path as determined by the Path Trace Tool but it looks for any enabled ACLs and analyzes and then characterizes (with notes) what packets sent from source to destination would be filtered as it traveled along that path.
Upon which application is the ACL Analysis tool dependent?
The Path Trace Tool
