4. Motivation
Problem Statement
• Complex carrier networks
• with a large variety of proprietary nodes and hardware appliances.
• Launching new services is difficult and takes too long
• Space and power to accommodate
• requires just another variety of box, which needs to be integrated.
• Operation is expensive
• Rapidly reach end of life
• due to existing procure-design,-
integrate-deploy cycle.
Network functionalities are based on specific HW&SW
One physical node per role
Traditional Network model
5. Sisyphus on Different Hills
Telco Operators
Equipment
Vendors
SDOs
2-6 Years
Demand
Drive
Standardise
Implement
Sell
Deploy
Critical mass of
supporters
Develop Deploy Publish
2-6 Months
Telco Cycle Service Providers Cycle
2-6 years 2-6 months
Service Providers
AVAILABLE AVAILABLE
Idea !! Idea !!
Source: Adapted from D. Lopez Telefonica I+D, NFV
6. • Very intensive
in hardware
• Software not at
the core
• Very intensive
in software
• Hardware is a
necessary base
x
HARDWARE SOFTWARE+
-
+
-
Traditional telcos Internet players
Adapt to survive: Telco evolution focus shifting from hardware to software
Source: Adapted from D. Lopez Telefonica I+D, NFV
Enter the Software-Defined Era
Google, FacebookAT&T, Telefonica,
Telebras
7. Trends
• High performance industry
standard servers shipped in very
high volume
• Convergence of computing,
storage and networks
• New virtualization technologies
that abstract underlying hardware
yielding elasticity, scalability and
automation
• Software-defined networking
• Cloud services
• Mobility, explosion of devices and
traffic
Challenges
• Huge capital investment to deal with
current trends
• Network operators face an increasing
disparity between costs and revenues
• Complexity: large and increasing
variety of proprietary hardware
appliances in operator’s network
• Reduced hardware lifecycles
• Lack of flexibility and agility: cannot
move network resources where &
when needed
• Launching new services is difficult and
takes too long. Often requires yet
another proprietary box which needs to
be integrated
Source: Adapted from D. Lopez Telefonica I+D, NFV
8. A means to make the network more flexible and simple by
minimising dependence on HW constraints
v
Network Functions are SW-based over well-known HW
Multiple roles over same HW
ORCHESTRATION, AUTOMATION
& REMOTE INSTALL
DPI
BRAS
GGSN/
SGSN
Firewall
CG-NAT
PE Router
VIRTUAL
APPLIANCES
STANDARD
HIGH VOLUME
SERVERS
Virtualised Network Model:
VIRTUAL APPLIANCE APPROACHv
Network Functions are based on specific HW&SW
One physical node per role
DPI
BRAS
GGSN/SGSN
Session Border
ControllerFirewall CG-NAT
PE Router
Traditional Network Model:
APPLIANCE APPROACH
The NFV Concept
Source: Adapted from D. Lopez Telefonica I+D, NFV
9. BRAS
FirewallDPI
CDN
Tester/QoE
monitor
WAN
Acceleration
Message
Router
Radio Access
Network Nodes
Carrier
Grade NAT
Session Border
Controller
Network Virtualisation Approach
PE RouterSGSN/GGSN
Independent Software Vendors
Standard High Volume
Ethernet Switches
Standard High Volume Storage
Standard High Volume Servers
Orchestrated,
automatic &
remote install.
• Fragmented non-commodity hardware.
• Physical install per appliance per site.
• Hardware development large barrier to entry for new
vendors, constraining innovation & competition.
Classical Network Appliance Approach
Target
Source: NFV
10. Network Functions Virtualization
• Network Functions Virtualization is about implementing network
functions in software - that today run on proprietary hardware -
leveraging (high volume) standard servers and IT virtualization
• Supports multi-versioning and multi-tenancy of network functions, which
allows use of a single physical platform for different applications, users
and tenants
• Enables new ways to implement resilience, service assurance, test and
diagnostics and security surveillance
• Provides opportunities for pure software players
• Facilitates innovation towards new network functions and services that
are only practical in a pure software network environment
• Applicable to any data plane packet processing and control plane
functions, in fixed or mobile networks
• NFV will only scale if management and configuration of functions can be
automated
• NFV aims to ultimately transform the way network operators architect and
operate their networks, but change can be incremental
Source: Adapted from D. Lopez Telefonica I+D, NFV
11. Benefits & Promises of NFV
• Reduced equipment costs (CAPEX)
• through consolidating equipment and economies of scale of IT industry.
• Increased speed of time to market
• by minimising the typical network operator cycle of innovation.
• Availability of network appliance multi-version and multi-tenancy,
• allows a single platform for different applications, users and tenants.
• Enables a variety of eco-systems and encourages openness.
• Encouraging innovation to bring new services and generate new
revenue streams.
Source: NFV
12. Benefits & Promises of NFV
• Flexibility to easily, rapidly, dynamically provision and
instantiate new services in various locations
• Improved operational efficiency
• by taking advantage of the higher uniformity of the physical network
platform and its homogeneity to other support platforms.
• Software-oriented innovation to rapidly prototype and test
new services and generate new revenue streams
• More service differentiation & customization
• Reduced (OPEX) operational costs: reduced power, reduced
space, improved network monitoring
• IT-oriented skillset and talent
Source: Adapted from D. Lopez Telefonica I+D, NFV
13. So, why we need/want NFV(/SDN)?
1. Virtualization: Use network resource without worrying about where it is
physically located, how much it is, how it is organized, etc.
2. Orchestration: Manage thousands of devices
3. Programmable: Should be able to change behavior on the fly.
4. Dynamic Scaling: Should be able to change size, quantity
5. Automation
6. Visibility: Monitor resources, connectivity
7. Performance: Optimize network device utilization
8. Multi-tenancy
9. Service Integration
10. Openness: Full choice of modular plug-ins
Note: These are exactly the same reasons why we need/want SDN.
Source: Adapted from Raj Jain
14. NFV and SDN
• NFV and SDN are highly complementary
• Both topics are mutually beneficial but not dependent on each other
Network
Functions
Virtualization
Software
Defined
Networking
Open
Innovation
Creates competitive
supply of innovative
applications by third
parties
Creates network
abstractions to
enable faster
innovation
Reduces CAPEX, OPEX,
Space & Power
Consumption
Source: NFV
15. NFV vs SDN
• NFV: re-definition of network equipment architecture
• NFV was born to meet Service Provider (SP) needs:
• Lower CAPEX by reducing/eliminating proprietary hardware
• Consolidate multiple network functions onto industry standard
platforms
• SDN: re-definition of network architecture
• SDN comes from the IT world:
• Separate the data and control layers,
while centralizing the control
• Deliver the ability to program network behavior using well-
defined interfaces
16. Network equipment as
Black boxes
Open interfaces (OpenFlow) for
instructing the boxes what to do
SDN
Boxes with autonomous
behaviour Decisions are taken out of the box
FEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWAREFEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWARE
FEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWAREFEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWARE
SDN
Adapting OSS to manage black boxes
Simpler OSS to manage the SDN
controller
SDN
FEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWAREFEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWARE
FEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWAREFEATURE FEATURE
OPERATING SYSTEM
SPECIALIZED PACKET
FORWARDING HARDWARE
Software Defined Networking
Source: Adapted from D. Lopez Telefonica I+D, NFV
19. (Network Virtualization)2 = SDN + NFV
SDN: Software Defined
Networking
NFV: Network Functions
Virtualisation
Source: Adapted from D. Lopez Telefonica I+D, NFV
20. Some Use Case Examples
…not in any particular order
• Switching elements: BNG, CG-NAT, routers.
• Mobile network nodes: HLR/HSS, MME, SGSN, GGSN/PDN-GW.
• Home networks: Functions contained in home routers and set top boxes to create virtualised
home environments.
• Tunnelling gateway elements: IPSec/SSL VPN gateways.
• Traffic analysis: DPI, QoE measurement.
• Service Assurance: SLA monitoring, Test and Diagnostics.
• NGN signalling: SBCs, IMS.
• Converged and network-wide functions: AAA servers, policy control and charging platforms.
• Application-level optimisation: CDNs, Cache Servers, Load Balancers, Application Accelerators.
• Security functions: Firewalls, virus scanners, intrusion detection systems, spam protection.
Source: NFV
21. The ETSI NFV ISG
• Global operators-led Industry
Specification Group (ISG) under the
auspices of ETSI
– ~150 member organisations
• Open membership
– ETSI members sign the “Member
Agreement”
– Non-ETSI members sign the
“Participant Agreement”
– Opening up to academia
• Operates by consensus
– Formal voting only when required
• Deliverables: White papers
addressing challenges and operator
requirements, as input to SDOs
– Not a standardisation body by itself
• Currently, four WGs and two EGs
– Infrastructure
– Software Architecture
– Management & Orchestration
– Reliability & Availability
– Performance & Portability
– Security
Source: Adapted from D. Lopez Telefonica I+D, NFV
27. Limitations of Current Networks
• Enterprise networks are difficult to manage
• “New control requirements have arisen”:
• Greater scale
• Migration of VMS
• Implement new ideas
• How to easily configure huge networks?
27
28. • Old ways to configure a network
Limitations of Current Networks
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
App App App
28
29. Limitations of Current Networks
29
Million of lines
of source code
Billions of gates
Many complex functions into
infrastructure
OSPF, BGP, multicast,
differentiated services,
Traffic Engineering, NAT,
firewalls, …
Specialized Packet
Forwarding Hardware
Operating
System
Feature Feature
Cannot dynamically change according to network conditions
30. • No control plane abstraction for the whole network!
• It’s like old times – when there was no OS…
Limitations of Current Networks
Wilkes with the EDSAC, 1949
30
31. Cisco, IBM, Alcatel, Juniper Networks,
Broadcom, Citrix, Dell, Google, HP,
Intel, NEC,vmWare and Verizon
Cisco ONE
NSX
32. Idea: An OS for Networks
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
App App App
Closed
32
33. Idea: An OS for Networks
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
App App App
Specialized Packet
Forwarding Hardware
Operating
System
Operating
System
Operating
System
Operating
System
Operating
System
App App App
Network Operating System
Control Programs (Route,Forwarding,VPN,LB,..)
33
34. Idea: An OS for Networks
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware
Simple Packet
Forwarding
Hardware Simple Packet
Forwarding
Hardware
Network Operating System
Control Programs (Route,Forwarding,VPN,LB,..)
34
OpenFlow Protocol (SSL/TCP)
Port 6633
37. OpenFlow
Defines the part of the router architecture that decides what to do with
packets arriving on an inbound interface.
that gives access to the forwarding
plane of a network switch or router over the network.
OpenFlow is a communications protocol
Forwarding Plane
In routing, the Forwarding Plane, sometimes called the Data Plane
41. • OpenFlow
41
Data Path (Hardware)
OpenFlow
OpenFlow Controller
OpenFlow Protocol (SSL/TCP)
POX,Ryu,Pyretic,…
Control Path(os)
42. • OpenFlow Switching
42
Controller
Server Controller
(Linux ubuntu)
Hardware
Layer
Software
Layer
OpenFlow Table
MAC
src
MAC
dst
IP
Src
IP
Dst
TCP
sport
TCP
dport
Action
OpenFlow Client
**5.6.7.81.2.3.4** port 1
port 4port 3port 2port 1
1.2.3.45.6.7.8 42
5.6.7.8 port 11.2.3.4
43. • OpenFlow Table Entry
43
Switch
Port
MAC
src
MAC
dst
Eth
type
VLAN
ID
IP
Src
IP
Dst
IP
Prot
TCP
sport
TCP
dport
Rule Action Stats
+ mask
Packet + byte counters
1.Forward packet to port(s)
2.Encapsulate and forward to controller
3.Drop packet
4.Send to normal processing pipeline
5.…
46. MiniNet
The main difference between simulation and emulation is
that simulation is done all in software and emulation is done
in hardware and software.
Emulation allows developers to see the real-time interactions
between different hardware and software models.
Mininet is a Software Emulator for prototyping a large network on a single machine
Enter to mininet.org
47. داریم نیاز پروژه این برای که هایی برنامه اکثر:
Linux Windows
1- A Linux Distribution (in my project Ubuntu)
2- Mininet
3- Controller (pox,nox,Ryu,Pyretic,…)
4- Wireshark (more information)
5- X11 Client (Xinit,xview-clients)
1- Virtualization Product (VirtualBox,vmWare)
2- SSH Client (Putty.exe)
3- X11 Server (Xming Server for windows)
sdn-sadri.ova
Download
48. لینوکس با کار شروع برای کاربردی دستورات:
Command Description
1 Pwd جاری دایرکتوری مسیر نمایش
2 Ls نمایشجاری مسیر فایلهای و ها پوشه لیست
3 Ifconfig تنظیمات نمایششبکه کارت
4 Ping
5 Apt-get نصب،حذف،بروزرسانینیاز مورد های برنامه
6 Poweroff,shutdown,init 0
7 Reboot,init 6
8 Su Switch User | by default su mean switch user to Root (superuser)
9 Passwd Change password current user
10 sudo Switch User and Doing | by default sudo in Root
11 Vi,nano Text Editor
12 Man Manual (Help) | Help Command, Ex: man pwd
13 Service Services manager | Ex: service
14 dhclient DHCP Client | -r option for Release interface
65. sudo mn --topo linear,3
mininet> net
h1 h1-eth0:s1-eth1
h2 h2-eth0:s2-eth1
h3 h3-eth0:s3-eth1
s1 lo: s1-eth1:h1-eth0 s1-eth2:s2-eth2
s2 lo: s2-eth1:h2-eth0 s2-eth2:s1-eth2 s2-eth3:s3-eth2
s3 lo: s3-eth1:h3-eth0 s3-eth2:s2-eth3
• Linear A serial connection with N switches and N hosts
66. sudo mn --topo tree,3
mininet> net
h1 h1-eth0:s3-eth1
h2 h2-eth0:s3-eth2
.
.
.
• Tree A multiple level topology with N levels and TWO hosts per switch
67. • Custom Topologies Using a simple Python API
Cd /home/mininet/mininet/custom/mininet@mininet:~$
README topo-2sw-2host.py
mininet@mininet:~$ ls
Python API
mininet@mininet:~$ Vi topo-2sw-2host.py
# Add links
self.addLink( leftHost, leftSwitch )
self.addLink( leftSwitch, rightSwitch )
self.addLink( rightSwitch, rightHost )
# Add hosts and switches
leftHost = self.addHost( 'h1' )
rightHost = self.addHost( 'h2' )
leftSwitch = self.addSwitch( 's3' )
rightSwitch = self.addSwitch( 's4' )
topos = { 'mytopo': ( lambda: MyTopo() )
68. • To start up a mininet with the provided custom topology, do:
sudo mn --custom custom_example.py --topo mytopo
sudo mn --custom /home/mininet/mininet/custom/topo-2sw-2host.py --topo mytopo
70. Name Versions Language Description
NOX 1.0 C++ The original OpenFlow controller. Developed by Nicira and donated to research in 2008.
POX 1.0 Python POX is NOX's Python-only younger sibling and is designed for rapid prototyping.
Open
Daylight
1.0, 1.3 Java
Industry supported (Cisco, Brocade, etc) Linux Foundation project. OpenDaylight has
attracted considerable attention over the past year.
Beacon 1.0 Java
Written by David Erickson at Stanford in 2010, Beacon is one of the most widely cited
OpenFlow controllers and served as the basis of Floodlight.
Flowvisor 1.0 C
Special purpose controller that acts as transparent proxy for multiple controllers and enables
rich network slicing.
Floodlight 1.0 Java
Open source core of the commercial controller product made by Big Switch Networks, forked
from Beacon but without OSGI.
Trema 1.0 C and Ruby Formerly known as Helios, this controller came from research efforts at NEC.
Ryu
1.0, 1.2, and
1.3
Python
Started by NTT Labs, Ryu is one of the more complete and easy to integrate OpenFlow
controllers with open source today.
Pyretic
1.0, 1.2, and
1.3 Python Pyretic is one member of the Frenetic family of SDN programming languages.
Scott Shenker
72. • Choose Controller in Mininet
http://sdnhub.org/tutorials/ryu/
$ sudo mn --topo single,3 --controller remote --switch ovsk
Ovsk ( Open vSwitch in Kernel ) = support for both OpenFlow ver 1.0 and 1.3
--controller remote Run Local Controller 127.0.0.1
--controller=remote=192.168.1.200,port=6633
Controller = Default Controller “OVSC”
$ sudo ovs-vsctl set bridge s1 protocols=OpenFlow13 Force a switch to support OpenFlow 1.3
75. • Upgrade Ubuntu Open vSwitch 1.4 to 2.3 using packages in Mininet VM
1 Remove old Open vSwtich (1.4):
sudo apt-get remove openvswitch-common openvswitch-datapath-dkms
openvswitch-controller openvswitch-pki openvswitch-switch
Download the new Open vSwtich source tarball:2
mkdir openvswitch
cd openvswitch
wget http://openvswitch.org/releases/openvswitch-2.3.0.tar.gz
tar zxvf openvswitch-2.3.0.tar.gz
cd openvswitch-2.3.0
ovs-vswitchd –version
ovs-vswitchd (Open vSwitch) 1.4.0+build0
76. • Upgrade Ubuntu Open vSwitch 1.4 to 2.3 using packages in Mininet VM
3
4
Install all the dependencies that will be needed:
sudo apt-get update
sudo apt-get -y install build-essential fakeroot debhelper autoconf
automake libssl-dev pkg-config bzip2 openssl python-all procps python-qt4
python-zopeinterface python-twisted-conch
Build the Debian packages:
DEB_BUILD_OPTIONS='parallel=2 nocheck' fakeroot debian/rules binary
Install the packages:5
cd ..
sudo dpkg -i openvswitch-common*.deb openvswitch-datapath-dkms*.deb openvswitch-
controller*.deb openvswitch-pki*.deb openvswitch-switch*.deb
77. • Upgrade Ubuntu Open vSwitch 1.4 to 2.3 using packages in Mininet VM
6 Open vSwitch Controller from starting automatically on boot:
sudo /etc/init.d/openvswitch-controller stop
sudo update-rc.d openvswitch-controller disable
sudo /etc/init.d/openvswitch-switch start
ovs-vswitchd –version
ovs-vswitchd (Open vSwitch) 2.3.0
79. Repository
A software repository is a storage location from which software packages may be retrieved and installed
on a computer.
یکمخزنافزارینرمکاربران که جاییست ،آن از را افزارهانرم توانندمیدریافت مخزنخو کامپیوتر روی بر سپس و کردهنصب د
کنندباشیم داشته دسترسی ها افزار نرم آپدیت آخرین به تا کنیم می آپدیت را مخزن این معموال ما.
More information (Click Here)
Back to Previous Slide
80. Putty.exe
PuTTY is a free implementation of Telnet and SSH for Windows and Unix platforms, along with an xterm
terminal emulator. It is written and maintained primarily by Simon Tatham.
پوتی(Putty)نامرایگان افزار نرم مجموعه یکSSH Client/Serverدرمحیطwindowsتوانید می آن از استفاده با که باشد می
های پروتکل طریق ازRaw،RloginوSSHمتصل لینوکس سرور یک بهشوید.
Download Link
Back to Previous Slide
81. Ubuntu
Ubuntu is an open source software platform that runs everywhere from the smartphone, the tablet and the
PC to the server and the cloud.
اوبونتو(بهانگلیسی:Ubuntu)یکتوزیعلینوکستوزیع مبنای بر که استدبیاندار تفاوت آن با اما است؛شده گذاریپایهد.نام
از یکی از اوبونتومفاهیمجنوبی آفریقایمعنی به«دیگران به نسبت انسانیت».
Ubuntu Site
Back to Previous Slide
Ubuntu 14.10 Desktop
82. Wireshark
Wireshark is a free and open-source packet analyzer. It is used for network troubleshooting, analysis,
software and communications protocol development, and education.
Wiresharkیکآنالیزگراست شبکه در پکت.یکپکت آنالیزگراند دام به را شوند می وبدل رد شبکه در که هایی پکت ،آنها و اخته
دهد می نمایش را آن جزئیات امکان صورت در و دهد می قرار پردازش مورد را.
درمی قرار برسی مورد و انداخته دام به را گذرد می کابل طریق از که را آنچه دقیق طور به افزار نرم این واقعدهد.
Wireshark Site
Back to Previous Slide
83. SDN_tutorial_VM_32bit
Back to Previous Slide
•SDN Controllers: OpenDaylight, RYU, Floodlight, POX, and Pyretic
•Example code for a hub, L2 learning switch, and other applications
•Open vSwitch 2.1.0 with support for Openflow 1.2, 1.3 and 1.4
•Mininet to create and run example topologies
•Wireshark 1.11.3 with native support for OpenFlow parsing
•X11 Display
•Firefox
•JDK, Eclipse, and Maven