WIXLIB

OpenDaylight Network Virtualizationand its Future DirectionMay 20, 2014Masashi KudoNEC Corporationwww.opendaylight.org

Table of Contents SDNMarket Overview OpenDaylight Network Virtual OpenVirtualizationTenant Network (VTN)DOVE FuturePage 2Topicsof Virtualization

AcknowledgementWe would like to extend our sincere thanks toAnees Shaikh @Google for his inputs on virtualization inOpenDaylight project and Open DOVE documents.

SDN Market OverviewPage 4

SDN marketSDN market estimation in Japan, 2012- 2017Note: Sum total of data center, enterprise network and carrier SDNSource: IDC Japan, 4/2014www.opendaylight.org5

SDN/OpenFlow Commercial DeploymentsVerticalIndustryCommercial Deploymentnetworkisolationnetwork selfmgmt.CAPEX,OPEXHospitalKanazawa University HospitalYesLogisticsNippon ExpressYesYesToyo Seikan Group HoldingsYesYesYesManufacturingNEC Software FactoryCarrierSIerYesCustomer AYesYesMinaminihon InformationProcessing CenterYesYesCustomer BYesNippon JimukiYesYeswww.opendaylight.org6

SDN market statusSalesChasmInnovatorEarlyadopterMain streamPush type One to Many strategyProduct life20132015 www.opendaylight.org

Expectations on OpenDaylightVendorAApplicationsSDN ControllerSDN HardwareVendor XVendorBOpenDaylight code ( Vendor C)VendorDVendorE OpenDaylight focuses on OSS based controller development Allows industry wide focus on application services whereSDN has competitive advantages Overcome the chasm by accelerating SDN deployment.8www.opendaylight.org

OpenDaylight TopicsPage 9

Topics OpenDaylight Hydrogen accomplished（Feb 4, 2014） OpenDaylight Summit (2/4-5 Santa Clara) First ever public event held by OpenDaylight About 600 participants Hydrogen won Grand Prix at Interop Las Vegas 2014 Best of Interop Grand Award and SDN Category Winnerwww.opendaylight.org10

OpenDaylight Sponsors Participating Organizations: 36 companies (as of May 12, 2014） Steady increase from the eighteen sponsors at the pendaylight.org11

Virtualization Editionwww.opendaylight.org12

Network VirtualizationPage 13

System VirtualizationTraditionalVirtualized ncevirtualizationVirtual SwitchVirtual SwitchSV SV SVSV SV FlowSwitchL2 SwitchLBL2 SwitchFWLBLB LBFWFWL2 14

Technology that underpins network rtualizationDomain-levelVirtualizationVirtual applianceVM connectivityTenant connectivityLBLBFWVirtual SwitchVMVMHypervisorVM associated tothe same tenant Hypervisor/vSwitch HW offload (EVB) Mobility management Tunnel technology Hop by hop packet fwd. Policy management Switch cluster Overlay network Hop by hop network Policy managementNetwork modelingPhysical network control(Topology detection, isolation of tenants, Traffic control )www.opendaylight.org15

Network virtualization to hide network variations Provide single network interfaces to upper layer applicationsor operators by hiding varied physical networks.Network ControlApplicationsCreate tenantAdd appliance .High-Value AddedApplicationsNetwork Abstraction LayerDecoupleNetwork Service LayerOpenFlowOpenFlowFabricOverlay(VXLAN, .)OverlaynetworkVLANOtherprotocolTraditionalIP network .Othernetworkwww.opendaylight.org16

Virtual Tenant Network (VTN)Page 17

VTN Project at OpenDaylight NEC contributed components at Hydrogen release. VTN Coordinator Virtual network model and APIVTN Manager Reactive control over OpenFlow network as underlay control.(PACKET IN, PACKET OUT, FLOW MODE)Based on NEC ProgrammableFlow GA productSDN ApplicationREST APIVTN CoordinatorREST APIREST APIVTN ManagerVTN ManagerOpenDaylight ControllerOpenDaylight .org18

VTN summary Network orchestration for: Multi data center Multi controller Multi network technology (Data plane independent) OpenFlow Overlay Etc VTN (Virtual Tenant Network) based NB-API for: OpenStack SDN Applicationswww.opendaylight.org19

VTN virtual network model Completely isolated virtual network with virtual uterVTN1VTN2vBypassvTEPComponentsVirtual node(vNode)vTEPDescriptionvBridgelogical representation of L2 switch function.vRouterlogical representation of L3 router function DHCP relay agent.vTeplogical representation of Tunnel End Point - TEP.vTunnellogical representation of Tunnel.vBypasslogical representation not coordinated by UNC.Virtual interfaceinterfacerepresentation of end point on the virtual node.Virtual LinkvLinklogical representation of connectivity between virtual interfaces.vBridgevBypassvRoutervTunnelvTepvBridge interfacevRouter interfacevLinkwww.opendaylight.org20

VTN Manager software configuration Implemented as OSGI bundle of Controller using AD-SALManages OpenFlow switches OpenFlow 1.0VTN ngRulesManagerNetworkConfig.NeutronAD-SAL (API-Driven Service Abstraction Layer)OpenFlow pluginMD-SAL App.MD-SAL(Model-Driven ServiceAbstraction Layer)OpenDaylight ControllerOpenFlow Switch (OpenFlow 1.0)www.opendaylight.org21

Multi-tenancy VTN (Virtual Tenant Network) Virtual network environment Each VTN network is isolated with each othervBridge (Virtual Bridge) Virtual L2 switch in VTN Construct virtual broadcast domain by associating the physical networkwith vBridgeAssociating virtual and physicalnetworksvBridgevBridgeVTNvBridgevBridgeVTN ManagerOpenDaylightControllerVTNVirtual NetworkPhysical Networkwww.opendaylight.org22

Physical topology detectionRouting5. Shortest path graph betweenswitches is updatedLink status change notification4. Link information betweenphysical switches isupdated1. OpenFlow plugin instructs eachphysical switch to transmit LLDPpackets from the specified ports2. Transmits LLDPpackets from each portTopology ManagerPACKET OUTLLDPLLDPLink status change notificationAD-SALPACKET INOpenFlow pluginOpenDaylight ControllerLLDPLLDP packets that are nottransmitted to switch aredropped.LLDPLLDPHost3. LLDP packet received byeach physical switch isnotified to controllerOpenFlow Switchwww.opendaylight.org23

Packet forwarding4. Searches MAC addresstable to determine theoutput destination3. Determines thevBridge to which thepacket is mapped2. Notifies unicast packet toVTN Manager1. Transmits unicastpacketsPACKET INMAC Address TableMAC Addr PortTo: MAC-2VTN ManagerTo: MAC-2Switch-BPort-1Untagged Search pathMAC-1Flow Entry settingsPACKET INnotificationFLOW MODRoutingvBridge5. Packet forwarding isinstructed to AD-SAL ifphysical network path ispresentPACKET OUTtransmissionForwardingRulesManagerAD-SAL7. Packets aretransmitted andflow entry is set6. Flow entrysettings areinstructedFLOW MODOpenFlow pluginPort-1OpenDaylight ControllerPACKET OUTTo: MAC-2MAC-2Switch-BTo: MAC-2www.opendaylight.org24

OpenStack (Neutron) integrationCreate networkNeutron APICreate vBridgeConfigure VLAN mappingVTN ManagerVLAN Mappingprovider.network type vlanprovider.segmentation id 1NetworkvBridgeNotify networkcreationModular Layer 2ML2 Driver forOpenDaylightOpenStack NVLAN: 1OpenDaylight ControllerOpenFlowSwitchwww.opendaylight.org25

Open DOVEPage 26

Open DOVE SummarySystem Networking Open DOVE is an overlay network virtualization platform for the data center logically isolated multi-tenant networks with layer-2 or layer-3 connectivity runs on any IP network in a virtualized data center based on IBM SDN-VE GA product and DOVE technology from IBM Research Open DOVE features full-function, ready for real deployments, incl. HA control plane implementation, incl. address, policy, and mobility management management interfaces for programmatic configuration, including OpenStackenablement open data plane implementation for Linux/KVM and VxLAN encapsulation software gateway for connecting to non-virtualized networks and externalhostswww.opendaylight.org27 2013 IBM Corporation

Multi-tenant network with overlaysSystem Networking provide each data center tenant with a single virtual networkabstraction SDN controller uses overlays to virtualize physical network infrastructure one-time deployment and configuration of the physical networkTenant 2Tenant 1VMVMVMVMVM SDNcontroller virtual network implementedpurely on end hosts bysoftware switches andencapsulationovercomes scaling limits ofphysical networkvirtualizationwww.opendaylight.org28 2013 IBM Corporation

Open DOVE ArchitectureOpen DOVEConnectivityServerOpen DOVEManagementConsoleAPIsVMOpen DOVEvirtual overlaysVMVMVMOpenStackRESTful, QuantumOpenDaylight controllerSystem Open DOVEvSwitchOpen DOVEvSwitchOpen al Network 1VMVirtual Network 2VMVirtual Network 3Virtual Network 1Virtual Network 2Virtual Network 3Open DOVEGatewayExisting IP NetworkVirtual Network 3Existing IP NetworkEndStationEndStationwww.opendaylight.org29 2013 IBM Corporation

DOVE virtual network model System NetworkingDOVE virtual networks are modeled as domains, virtual networks, subnets,policies, and rrtual network 1subnetZVirtual network 5Virtual network 3Virtual network 4domain Bdomain Agatewaywww.opendaylight.org30 2013 IBM Corporation

DOVE address discoveryServerOn VM activation, DOVEvSwitch detects VM’s IP /MAC@ and updates theDOVE ConnectivityService (DCS).VM1The DCS clusterednodes share theaddress HypervisorHypervisorA VM beginscommunicating with a VMon another Server. DOVEvSwitch requestsresolution from the DCS.DCSClustered DOVEConnectivity gementConsoleServerSystem NetworkingServerVMDCS4VMDOVEvSwitchThe DCS responds withHypervisorthe VM mappinginformation. VM mappinginformation is cached31locally at the DOVE www.opendaylight.orgvSwitch 2013 IBM CorporationOpenDaylight mini-summit September 2013

DOVE packets in virtual and physical networksSystem NetworkingSRCSRC DS - DST DSDOVE Switch(SRC DS)SRC- DSTDove EncapsulationIP CloudDOVE Switch(DST DS)DSTDOVE Header:RRRRIRDOVE VNID (24-bits)RRReserved (24-bits)Reserved (8-bits)www.opendaylight.org32 2013 IBM Corporation

DOVE packet forwardingHost 1VM1 attached tovSwitch by a vNICVM1 sends data toVM3 which enters thevSwitchVM1VM2VM1,3 & VM2,4belong to differenttenants and areisolated from oneanother.DOVE vSwitch 1Host 2VM3VM4vSwitch2 strips theencapsulationheaders and deliversthe packet to VM3DOVE vSwitch 2vSwitch1 determinesVM3 reachablethrough vSwitch2.Physical Networkdelivers theencapsulated packetto vSwitch2vSwitch1encapsulates thepackets for deliveryto vSwitch 2 usingPhysical NetworkvSwitches useOverlay ID in theencapsulationheader to keep trafficisolatedSystem NetworkingDCN(Physical Underlay)Physical Network isaware of vSwitches 1& 2, but is unawareof VMs 1.4www.opendaylight.org33 2013 IBM Corporation

DOVE GatewaySystem NetworkingDOVE Gateways allow VMs on a DOVE Network to connect to systems on a non-DOVENetwork.Two types of connections are supported: DOVE External Gateway Connects VMs on a DOVE Network with Systems on an External Network and viceversa. Supports for NAT or Pass-Thru connection to External Networks. DOVE VLAN Gateway Connects VMs on a DOVE Network to Systems74.125.227.96(google.com)on a VLAN Segment and vice-versa VMExternal / PhysicalNetworkDOVE GatewayDOVE Overlay NetworkDOVEDOVE Overlay NetworkVM10.1.2.6VM10.1.2.3VM10.1.2.8Encap /DecapExternalConnectionVLANConnectionVLAN SegmentServer /Server /VMVMwww.opendaylight.org10.1.2.103410.1.2.13 2013 IBM Corporation

Future of VirtualizationPage 35

Overlay & Hop by HopOverlayHop by HopProsEffectively use existing IP network resources In line with business needs like SLA, itEnable construction of a scalable end-to-end enables traffic control, includingvirtual networkbandwidth control etc., at a minute levelfor each flowConsTraffic quality and quantity, using only virtualswitches causes performance bottleneckBandwidth control for each nodeOpenFlow complaint switch neededPhysical specifications are a limitingfactor in scalabilityOpenDaylightOpen DOVEVTNOverlayApproachExisting assets,scalabilityHybridVirtualizationTE, QoSHop by Hop Approachwww.opendaylight.org36

Hybrid Virtualization OptionsPattern 1-1Pattern 1-2VerticalIntegrationVerticalIntegration(VTN as Network Model)(VTN as Underlay)VTNPattern 2Pattern lastic network control by flow controlEdge overlayGateway overlayOpenFlow networkTraditionalIP networkwww.opendaylight.org37