한국통신학회 워크샵: sdn/nfv for secure services - understanding open source sdn...

최영락 (Ian Choi)

Manager / NAIM Networks [email protected]

Mar 27, 2014

Copyright ⓒ 2014 by NAIM Networks, Inc. All rights reserved. 2

Table of Contents

Open Source & SDN Controllers Open Source SDN Controllers – C & Python Open Source SDN Controllers – Java Comments on SDN Controllers

I II III

IV

Copyright ⓒ 2014 by NAIM Networks, Inc. All rights reserved.

I. Open Source Environment

4

SDN Controllers

SDN Related Open Sources

Enabling Specification / Organizations


I. Why Open Source with Community?

5

Open Source At A Glance !  600,000+ projects !   100+ Billion lines of code !   10 Million person-years of work

SDN innovation will come from open source like !  40% of cloud innovation !   15% of mobile enterprises !   19% of mobile apps

v  Free software tools and platforms accessible to all v  Support from passionate SDN experts v  Freedom to use, redistribute and modify without IP infringement

Empowered community and continuous improvement

Huge creative and diverse potential for unprecedented scale

Src.: ON.LAB


I. Unlocking Network Potential

6

Traditional Networking !  Control plane

embedded into the box !  Closed proprietary

with no open interface !  A big barrier to

innovation

The Promise of SDN !  Separation of forwarding

and control planes !  Open and vendor

agnostic interface (e.g. OpenFlow)

!  Well defined control plane abstractions to enable rapid innovation

Need to create new tools

Use them and

modify them freely to experiment new

possibilities

Exchange ideas and experience

Src.: ON.LAB


I. SDN Controller Overview – (1) v Applications for Network Devices

7

Network Device

Software

ASIC

TCAM TCAM TCAM TCAM TCAM

Low-Level ASIC Interface

TCAM TCAM

Operating System (OS)

App App App App App App


I. SDN Controller Overview – (2) v Separation of Applications

8

Controller (Openflow Controller / SDN Controller)

Network Device

Software

ASIC TCA

M TCA

M TCA

M TCA

M TCA

M


TCAM

TCAM



Network Device

Software

ASIC TCA

M TCA

M TCA

M TCA

M TCA

M


TCAM

TCAM



Network Device

Software

ASIC TCA

M TCA

M TCA

M TCA

M TCA

M


TCAM

TCAM






I. SDN Controller Overview – (3) v The All-Seeing Eye for Almighty

9

Network Device

Software

ASIC TCAM TCAM TCAM TCAM TCAM


TCAM TCAM

SDN Controller

Network Device

Software



TCAM TCAM

Network Device

Software



TCAM TCAM

Flow Flow Flow


Operating�� System�� (OS)��

Southbound •  OpenFlow •  NetConf

•  SNMP •  Node Aware

Northbound •  Code Base Automation

•  Controls vBRAS, vCDN, vADC

Northbound

Southbound

Agent

Agent Agent


I. Open Source + SDN Controllers

10

Vendors’ perspective

Source : HP Technical white paper

Need to create new tools

Use them and modify them freely to experiment new possibilities

Exchange ideas and experience

Open sources’ perspective

v API is an important part to compose SDN architecture with controllers and elements.


I. Open Source SDN Controllers

v Many Open Source SDN controllers!

11

SDN Controller Project Organization(s) Memo

Beacon Stanford University

Beacon is a fast, cross-platform, modular, Java-based controller that supports both event-based and threaded operation.

FloodLight Big Switch Networks

The Floodlight controller is an enterprise-class, Apache-licensed, Java-based OpenFlow Controller. It was forked from the Beacon controller, originally developed by David Erickson, and now is supported by a community of developers including a…

FlowER Travelping GmbH

FlowER is an open-source Erlang based OpenFlow controller. Its purpose is to provide a simplified platform for writing network control software in Erlang. Its still under development but Travelping, FlowER’s creator, is already using it in its…

OpenIRIS ETRI (Korea)

OpenIRIS (pronounced ai-ri-s) is the open source version of IRIS, a recursive SDN OpenFlow Controller created by IRIS Research Team in ETRI, Korea.

Jaxon University of Tsukuba

Jaxon is a Java-based OpenFlow Controller that provides a thin interface to NOX to bridge Java applications and the NOX controller.

Mul SDN Controller

Kulcloud (Korea)

MūL, is an OpenFlow (SDN) controller. It has a C based multi-threaded infrastructure at its core. It supports a multi-level north bound interface for hooking up applications.

NOX ICSI NOX was the first OpenFlow controller. It has been the basis for many and various research projects in the early exploration of the SDN space.

OpenContrail Juniper Networks

OpenContrail is an Apache 2.0-licensed project that is built using standards-based protocols and provides all the necessary components for network virtualization–SDN controller, virtual router, analytics engine, and published northbound APIs.

OpenDaylight Linux Foundation

The adoption of new technologies and pursuit of programmable networks has the potential to significantly improve levels of functionality, flexibility and adaptability of mainstream datacenter architectures. To leverage this abstraction to its fullest

POX ICSI POX is a Python-only version of NOX that provides controller functionality within a rapid prototyping environment.

Ryu Network Operation system

NTT Communications

Ryu is a network OS that integrates with OpenStack and supports OpenFlow. It provides a logically centralized controller and well-defined API that make it easy for operators to create new network management and control applications.

Trema NEC An Open Source modular framework for developing OpenFlow controllers in Ruby/C.

…


[Java]��

[Python]��

[C/C++]��

I. Pedigree Chart

12

Controller (Proprietary)

Big Network Controller (Proprietary)��

OPEN DAYLIGHT��

(nox-classic & nox)��

(Proprietary)��

1.  NOX 2.  POX 3.  Ryu 4.  MUL


II-1. NOX – (1)

v Two Versions of NOX !  NOX-classic

• Original NOX (now, officially deprecated) – https://github.com/noxrepo/nox-classic

• C++-based SDN controller, but applications can be developed using Python

• Provides graphical user interfaces !  NOX

• Separated from NOX-classic in 2012 – https://github.com/noxrepo/nox

• Only supports C++ for application development • Fewer default applications than NOX-classic

– But, much faster and has a much cleaner source base • No graphical user interfaces

14


II-1. NOX – (2)

v Original NOX (a.k.a., nox-classic) !  Multi-thread C++-based controller !  GNU GPL v3 license !  Written on top of Boost library

• Provides fast, asynchronous IO (Boost.Asio) !  Supported target system: Linux !  SDN applications can be developed with Python !  Documentation: doxygen, # of tutorials

15

Sample application written in C++ Sample application written in C++ and Python using SWIG library

Sample application written in Python

SWIG (Simplified Wrapper and Interface Generator): an open source software tool used to connect computer programs or libraries written in�� C or C++ with scripting languages such as Lua, Perl, PHP, Python, …


II-1. NOX – (3)

v Original NOX (a.k.a., nox-classic) !  Example: Switch application (C++, partial)

16


II-1. NOX – (4)

v Original NOX (a.k.a., nox-classic) !  Example: Switch application (Python, partial)

17


II-1. NOX – (5)

v Original NOX (a.k.a., nox-classic) !  Graphical user interfaces

18


II-1. NOX – (6)

19

v NOX (not nox-classic) !  Enhanced performance and better source

readability/maintenance structure !  Less active open source community than POX

• Only 28 source commits for the recent 2 years !  Documentation: poor (only doxigen)


II-1. NOX – (7)

20

v NOX (not nox-classic) !  Example: Switch application (C++, partial)

The use of Boost library (cf. nox-classic: libc++)

The same structure as nox-classic python code (better readability)


II-2. POX – (1)

v Overview !  A platform for rapid development and

prototyping of network control using Python !  Supports all the targets (Linux, Mac, Windows) !  Still active (# of commits, forum in noxrepo.org) !  Documentation; Wiki, comments on source files

21

Src.: noxrepo.org/pox (NOX-Python: pypy)


II-2. POX – (2)

v Example !  pox/forwarding/l2_learning.py

22


II-2. POX – (3)

v User interfaces (needs poxdesk) ! https://github.com/MurphyMc/poxdesk/

23


II-3. Ryu – (1)

v Overview !  Completely written in Python !  Apache 2.0 License !  Supports various OpenFlow versions

•  1.0, 1.2, 1.3, 1.4 !  No official graphical user interfaces

• Provided by another repo from Yamada Hideki !  Documentation

• Official Wiki: https://github.com/osrg/ryu/wiki • Some presentations & a book (English & Japanese)

!  Active maintenance !  Some sample apps

24


II-3. Ryu – (2)

v Example !  ryu/ryu/app/simple_switch.py (Python, partial)

25

simple_switch_13.py


II-4. MUL – (1)

v Overview – (1) !  Multi-threaded C code using pthread & libevent !  GNU GPL v2 license !  Supported target system: Linux !  No official graphical user interfaces !  Documentation: Wiki & Blog

• Wiki: http://sourceforge.net/p/mul/wiki/Home/ • Blog: http://kulcloud.wordpress.com/

– (Korean: kulcloudkr.wordpress.com)

!  (Relatively) a few default applications • Cli, fabric, l2switch

26


II-4. MUL – (2)

v Overview – (2) !  Less # of commits

• Total 77 commits (last: Dec 24, 2013) !  Some global interests

• Described in global homepages – http://www.sdncentral.com/projects/mul-sdn-controller/

• Referenced on several international papers – E.g., A. Shalimov et al, “Advanced study of SDN/OpenFlow

controllers”, CCC-SECR’ 13, 2013.

27


II-4. MUL – (3)

v Example !  application/l2switch/l2switch.c (C, partial)

28


II-4. MUL – (4)

v Execution

29

(terminal)

(OpenvSwitch)

1.  Beacon 2.  Floodlight 3.  OpenIRIS 4.  Opendaylight


III-1. Beacon – (1)

v Overview !  Java-based OpenFlow controller using java.nio

(channels & buffers) !  Supports OpenFlow 1.0 !  BSD License (as of version 1.0.4)

•  Previously: GNU GPL v2 license with Stanford University FOSS License Exception v1.0

!  Java projects can be open using Eclipse !  Following good software design patterns using

Spring Framework & OSGi !  Provides web-based user interfaces !  Good Documentation: tutorial, video & wiki !  (Relatively) a few default applications

• Hub, learningswitch, routing, topology (discovery)

31



v Example ! net.beaconcontroller.learningswitch (Java, partial)

32



v Development environment using Eclipse

33



v Web-based user interfaces

34


III-2. Floodlight – (1)

v Overview !  Java-based Open Source OpenFlow controller

made by Big Switch Networks !  Supports OpenFlow 1.0 !  Apache License !  Using Netty for network IO (ChannelBuffer, but

processes with a single thread) !  Java projects can be open using Eclipse !  Build environment: Apache ant !  Provides web-based user interfaces !  Well Documented: tutorial, javadoc, … !  Has active community, but no major version up

currently

35



v Example ! Main.java.net.floodlightcontroller.learningswitch

(Java, partial)

36




37


III-3. OpenIRIS – (1)

v Overview !  Java-based Open Source OpenFlow

controller made by ETRI, Korea !  Supports OpenFlow 1.0 & 1.3 !  Apache License !  Using Java.nio (channels & buffers) with Thread

programming model !  Java projects can be open using Eclipse !  Build environment: Apache ant !  Provides web-based user interfaces !  Controller DB can be stored to Database (MongoDB) !  Good Documentation in English: tutorial, javadoc, …

38

Src.: bjlee72, ETRI



v Example ! etri.sdn.controller.app.basic.BasicOFController

(Java, Partial)

39




40


III-4. Opendaylight – (1)

v Overview !  Java-based Open Source controller (Hydrogen) !  Supports OpenFlow 1.0, 1.3, and other multiple

protocols (OVSDB, NetConf, LISP, …) !  Using java.nio for OpenFlow controller (channels

& buffers) !  Eclipse license v1.0 !  Following (rather complex) software design

patterns using OSGi !  Provides web-based user interfaces !  Good Documentation: architecture, basic usage

41



v Architecture

42



v Example ! SwitchHandler (Java, Partial)

•  Location: controller/opendaylight/protocol_plugins/openflow/src/main/java/org/opendaylight/controller/protocol_plugin/openflow/core/internal

43




44


IV. Criteria for Open Source Controllers

v Many Criteria !  Interfaces (South bound, North bound)

•  Supported OpenFlow Version !  Well & Active Support (Documentation,

Community) !  Algorithm & Functionality (L2, L3, loop, failover, …) !  Easiness (GUI, Usage, Installation, Programming) !  Language Support (C/C++, Python, Java, …) !  Platform Support (Linux, Windows, …) !  3rd-party Application Support

•  REST API •  Integration to OpenStack Networking (Neutron)

!  Security

46


IV. Testing SDN Controllers

v WireShark ! http://www.wireshark.org

v Mininet ! http://mininet.org/

v Building with a real test bed !  SDN controllers can work on real hardware

switches (OpenFlow enabled switches)? !  Mix with OpenvSwitch & OpenFlow enabled

switches?

47


IV. Conclusion

v Various Open Source SDN controllers! v Need to choose a suitable Open Source SDN

controller based on your own criteria v Please actively participate in Open Source

activities. !  Questions: using groups or forums !  Commits (if possible)

48


Questions?

49

www.NAIMNetworks.com

한국통신학회 워크샵: sdn/nfv for secure services - understanding open source sdn...

Technology