- Software-defined networking (SDN) technology is a novel approach to cloud computing that facilitates network management and enables programmatically efficient network configuration
to improve network performance and monitoring.in order
SDN is meant to address the fact that the static architecture of traditional networks is decentralized and complex while current networks require more flexibility and easy troubleshooting. SDN suggests to centralize network intelligence in one network component by disassociating the forwarding process of network packets (Data Plane) from the routing process (Control plane). - Software-Defined Networking (SDN) is an emerging architecture that is dynamic, manageable, cost-effective, and adaptable, making it ideal for the high-bandwidth, dynamic nature of today’s applications. This architecture decouples the network control and forwarding functions enabling the network control to become directly programmable and the underlying infrastructure to be abstracted for applications and network services. The OpenFlow® protocol is a foundational element for building SDN solutions.
- SDN allows network administrators to manage network services through abstraction of lower level functionality.
https://en.wikipedia.org/wiki/Software-defined_networking
https://www.opennetworking.org/sdn-definition/
underlying systems that forward traffic to the selected destination (the data plane).
End User Innovation
With Open Source Operating System Software control over the development and deployment of OS,
in the hands of the users.
If you need a new extension to Apache/BIND/MySQL/etc. then you can have
someone
What if you could do the same thing for all the features in your:
Switches
Routers
Load Balancers
Firewalls
Software Defined Networking Allows you to do just that
Separates control and data plane:
The open interface between the control and data plane (
Network control and management features in software
Layer 2
Network Virtualisation
Data Center
Multi Tennant
FlowVisor
Each customer not only gets their own ‘network’ they can control it with their own controller.
Layer 3
RouteFlow
What if you
Being able to add new features without waiting for vendor support
RPKI
Layer 4
Load Balancers need to take into account not only complex information about network latency,
congestion and performance, but also the load on each of the servers
Layer 4+ - Firewalls
What if we could somehow virtualize them and deploy them only where
https://ecs.victoria.ac.nz/foswiki/pub/Events/SDNWorkshop/VUW_SDNTutorial_with_logos.pdf
- Resource Public Key Infrastructure (RPKI), also known as Resource Certification, is a specialized public key infrastructure (PKI) framework designed to secure the Internet's routing infrastructure.
- A virtualized evolved packet core (
) is a mobile-core network system that accommodates LTE access systems. Powered by a carrier-grade virtualization platform and Software-Defined Networking (SDN) technology, NEC/Netcracker'svEPC optimizes mobile operators' TCO and service qualityvEPC
https://www.nec.com/en/global/solutions/tcs/vepc/index.html
- In contrast with PEN, software-defined networking offers improved programmability and flexibility to network administration and control as opposed to simple policy enforcement.
For a network system, two fundamental elements are critical: Network OS and Packet Forwarding (hardware & firmware)
In SDN,
Applications such as BGP, OSPF and what you haves can thus
Telecom Service providers seem to prefer a similar yet distinct instrument of virtualization, “NFV (Network Function Virtualization)” and for good reasons. The goal for NFV is to reduce CAPEX while making network functions flexible and scalable without having to relinquish entire control plane at end devices. Think of such solutions as a mix of SDN and traditional networking concept.
The Good
Academic and technology researchers are now less depended on hardware to conduct their technological experiments rather they could focus on their ingenuity without the impositions of hardware-based systems.
Third, it brings the ease of network virtualization and service provisioning at fingertips without having to discontent by impositions of proprietary network systems.
https://www.linkedin.com/pulse/20140925233657-2665170-sdn-the-good-bad-and-the-ugly/
control plane:
logic that controls forwarding behaviour
data plane:
forward traffic according to control plane
routing protocol functions that computes paths are control plane functionality
taking a packet on an input port and forwarding it to an output port is data plane function
why to seperate such as control and data plane ?
independent evolution
high level controlling
data centers:VM migration
routing: more control over decision logic
enterprise networks:SDN enables developing security applications, like software using NAC
research:
Networking Devices Planes of Operation
management plane
control plane
data plane
Introduction to SDN (Software-defined Networking)
open
programmable
SDN model vs Operating system model
SDN model
network applications
network operating system( NOS)
forwarding device
centralized NOS, SDN controller
Network applications
Application Interfaces:
JAVA API
northbound (RESTCONF): restful interface
SDN Controller/controller plane:
topology service
inventory service
statistics service
host tracking service
southbound interface:
openflow
OVSDB: management protocol
NETCONF
SNMP
forwarding devices, openflow , data planes
East/West Protocol
traditional network devices( nodes)
one physical system,data plane,control plane
traditional network devices( nodes) vs SDN
traditional network devices are proprietary large boxes
no direct access to data plane
what is available in the control plane already? what features do device include? CLI available, network operator's point of view
options are limited if new network behaviour is required
each network device( node) is configured individually, network operator's work load in a data center with 100 network device
SDN:
a logical centralized controller with global view of entire network
(ODL) is a modular open platform for customizing and automating networks of any size and scale. The OpenDaylight Project arose out of the SDN movement,OpenDaylight on network programmability.with a clear focus from the outset as a foundation for commercial solutions that address a variety of use cases inIt was designed network environments.existing
Automated Service Delivery: Providing on-demand services that may be controlled by the end user or the service provider. Examples include bandwidth scheduling (either calendared or on-demand) or dynamic VPN services.
Cloud and NFV: Agile service delivery on cloud infrastructure in either the enterprise or service provider environment. The underlay will frequently be OpenStack, and services may be implemented using Network Functions Virtualization (NFV).
Network Resources Optimization (NRO): Dynamically optimizing the network based on load and state. This is the most common carrier use case as it optimizes the network using the near-real-time state of traffic, topology and equipment. NRO uses a variety of southbound protocols (for example, NETCONF, BGP-LS or OpenFlow ) depending on the underlying network.
Visibility and Control: Centralized administration of the network and/or multiple controllers. This is sometimes used by carriers or enterprises as a precursor to NRO.
- ODL delivers the benefits of SDN and NFV
carriers, enterprises, research institutions, and other organizations such as cities and metropolitan areas. Some of the most common applications ofto technology are described below.OpenDaylight
- Open Source Mano is an ETSI-hosted initiative to develop an Open Source NFV Management and Orchestration (MANO) software stack aligned with ETSI NFV.
https://www.etsi.org/technologies-clusters/technologies/nfv/open-source-mano
Open Source MANO is an ETSI-hosted project to develop an Open Source NFV Management and Orchestration (MANO) software stack aligned with ETSI NFV.
https://osm.etsi.org/
- Open Platform for NFV (OPNFV) facilitates the development and evolution of NFV components across various open source ecosystems. Through system level integration, deployment and testing, OPNFV creates a reference NFV platform to
the transformation of enterprise and service provider networksaccelerate
https://wiki.opnfv.org/
- ONOS is the only SDN
platform that supports the transition from legacy “brown field” networks to SDN “green field” networkscontroller
https://onosproject.org/
- CORD (Central Office Re-architected as a Datacenter) combines NFV, SDN, and the elasticity of commodity clouds to bring data center economics and cloud
to the Telco Central Office. CORD lets the operator manage their Central Offices using declarative modeling languages for agile, real-time configuration of new customer services.agility
https://opencord.org/
- OPEN VIRTUAL NETWORK (OVN)
Open Virtual Network (OVN) is an Open
https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html/networking_with_open_virtual_network/open_virtual_network_ovn
- Open
is a production quality, multilayer virtual switch licensed under the open source Apache 2.0 license.vSwitch to enable massive network automation through programmatic extension, while still supporting standard management interfaces and protocols (e.g.It is designed ,NetFlow , IPFIX, RSPAN, CLI, LACP, 802.1ag). In addition,sFlow to support distribution across multiple physical servers similar toit is designed 'sVMware distributedvNetwork or Cisco's Nexus 1000Vvswitch
https://www.openvswitch.org
- Open
with SSLvSwitch
If you plan to configure Open
http://docs.openvswitch.org/en/latest/howto/ssl/
- How to Use the VTEP Emulator
This document explains how to use
http://docs.openvswitch.org/en/latest/howto/vtep/
Open
Security-Enhanced Linux (SELinux) is a Linux kernel security module that limits “the malicious things” that certain processes, including OVS, can do to the system in case they get compromised. In our case SELinux
http://docs.openvswitch.org/en/latest/howto/selinux/
- TOSCA (Topology and Orchestration Specification for Cloud Applications)
First, TOSCA is a specification that aims to standardize how we describe software applications and everything that
This means that TOSCA provides a way to describe not only an application, but also its dependencies and supporting (cloud) infrastructure.
There are two basic building blocks in TOSCA: nodes and relationships.
A node can be an infrastructure component, like a subnet, a network, a server (it can even represent a cluster of servers), or it can be a software component, like a service or a runtime environment.
For example, a “compute” node, which represents a resource with a CPU.These types can be used in “service templates”, or, as they are called in Cloudify, “blueprints”
Cloudify’s DSLis based on TOSCA’s YAML Simple Profile, which his a way of writing TOSCA blueprints in YAML. (Originally, TOSCA is written in XML, but since XML has lots of unnecessary punctuation, the YAML profile is easier to use.)
https://cloudify.co/2015/07/21/what-is-TOSCA-cloud-application-orchestration-tutorial-cloudify.html
https://www.sdxcentral.com/networking/sdn/definitions/what-is-overlay-networking/
The NWDAFis responsible for providing network analysis information upon request from network functions. For example, a network function may request specific analysis information on the load level of a particular network slice. Alternatively, the network function can use the subscribe service to ensure that it is notified by the NWDAF if the load level of a network slice changes or reaches a specific threshold.
https://www.mpirical.com/glossary/nwdaf-network-data-analytics-function
The NWDAF may serve use cases belonging to one or several domains, e.g. QoS, traffic steering, dimensioning, security.
Use case descriptions should include the following aspects:
1. General characteristics (domain: performance, QoS, resilience, security; time scale).
2. Nature of input data (e.g. logs, KPI, events).
3. Types of NF consuming the NWDAF output data, how datais conveyed and nature of consumed analytics.
4. Output data.
5.Possible examples of actions undertaken by the consuming NF or AF, resulting from these analytics.
6. Benefits, e.g. revenue, resource saving,QoE , service assurance, reputation.
https://mollydpowellusblog.wordpress.com /2018/07/29/automating-the-5g-core-using-machine-learning-and-data-analytics/
There are two basic building blocks in TOSCA: nodes and relationships.
A node can be an infrastructure component, like a subnet, a network, a server (it can even represent a cluster of servers), or it can be a software component, like a service or a runtime environment.
For example, a “compute” node, which represents a resource with a CPU.
Cloudify’s DSL
https://cloudify.co/2015/07/21/what-is-TOSCA-cloud-application-orchestration-tutorial-cloudify.html
- Overlay networking (aka SDN overlay) is a method of using software to create layers of network abstraction that can
run multiple separate, discrete virtualized network layers on top of the physical network, often providing new applications or security benefits.be used to
https://www.sdxcentral.com/networking/sdn/definitions/what-is-overlay-networking/
- NWDAF - Network Data Analytics Function
The NWDAF
https://www.mpirical.com/glossary/nwdaf-network-data-analytics-function
- Automating the 5G Core using Machine Learning and Data Analytics
The NWDAF may serve use cases belonging to one or several domains, e.g. QoS, traffic steering, dimensioning, security.
Use case descriptions should include the following aspects:
1. General characteristics (domain: performance, QoS, resilience, security; time scale).
2. Nature of input data (e.g. logs, KPI, events).
3. Types of NF consuming the NWDAF output data, how data
4. Output data.
5.
6. Benefits, e.g. revenue, resource saving,
https://mollydpowellusblog.
DCUS17 : Docker networking deep dive
OpenStack Reference Architecture For 1000 Nodes
Exploring container security: Isolation at different layers of theKubernetes stack
Virtualized Network Functions are tied with Software Defined Networks to boost the power of virtualization.
Red Hat SDN partner Neutron was highlighted as an option that is fully integrated into OpenStack development and maintenance tools and cycles. Neutron provides out-of-the-box support for VLAN, VxLAN and GRE overlays as well as open source that’s supported by the upstream and utilizes upstream components. Neutron’s SDN solution includes quality of service (QoS) and performance optimization.
Lefrere then walked through an overview of benefits NFV delivers:
OVN can be used with the OpenFlow protocol, which was created as a way of exploiting the capability to manipulate flow tables. Networks employ these to implement network services, such as quality-of-service (QoS) monitors, firewalls, and network address translation (NAT).
OVN can also be used in OpenStack-based networks, where Open vSwitch is the most popular virtual-switch option.
OpenStack Reference Architecture For 1000 Nodes
Exploring container security: Isolation at different layers of the
- SDN and NFV integrated OpenStack Cloud -
eye view on SecurityBirds
With NFV and SDN in place, Network Functions are virtualzied and network traffic is managed in separated control and data planes
https://www.openstack.org/videos/summits/sydney-2017/sdn-and-nfv-integrated-openstack-cloud-birds-eye-view-on-security
- Best practices for NFV deployment success
What does this "magical" concept of NFV really mean? The presenters defined NFV as "decoupling of network functions from underlying physical network infrastructure" and "move of traditional network functions usually deployed in proprietary hardware to software running in virtual machines (VM) on general-purpose hardware or cloud infrastructure."
Lowers costs: reduces CapEx to eliminate wasteful over-provisioning and reduces OpEx because many of the space, power and cooling costs go away with virtualization
Increases flexibility: management automation and reusable infrastructure
Empowers innovation
Easy to scale
Faster time-to-market
https://www.redhat.com/en/blog/best-practices-nfv-deployment-success
- Cha pter 1. Open Virtual Network (OVN)
Open Virtual Network (OVN) is an Open vSwitch -based software-defined networking (SDN) solution for supplying network services to instances. OVN provides platform -agnostic support for the full OpenStack Networking API. OVN allows you to programmatically connect groups of guest instances into private L2 and L3 networks.
https://access.redhat.com/documentation/en-us/red_hat_openstack_platform/13/html/networking_with_open_virtual_network/open_virtual_network_ovn
- What Is Open Virtual Network (OVN)? How It Works
The objective is to develop a single, standard, vendor-neutral protocol for the virtualization of network switching functions, still based on the functionality first created for VMware virtual networks.
OVN and Network Control
OVN’s main goal is to provide Layers 2 and 3 networking, which distinguishes it from general-purpose, software-defined networking (SDN) protocols and controllers.
OVN and OpenFlow
OVN and OpenStack Integration
https://www.sdxcentral.com/networking/virtualization/definitions/what-is-open-virtual-network-ovn-how-it-works/
: Self-service networksvSwitch
Open
This architecture example augments Open vSwitch : Provider networks to support a nearly limitless quantity of entirely virtual networks. Although the Networking service supports VLAN self-service networks, this example focuses on VXLAN self-service networks
https://docs.openstack.org/ocata/networking-guide/deploy-ovs-selfservice.html