Melanie Palmer, Rob Sullivan, John Bilberry LA-UR-13-25961
Overview Introduction Test Method and Materials Results Conclusion Future Work Questions LA-UR-13-25961
Software Defined Networking Separate the data plane and the control plane Software layer between hardware and admin Virtual networks within a physical network LA-UR-13-25961
OpenFlow Open source SDN Hardware management on a single platform Exploits a common set of functions found on most switches OpenFlow Protocol Flow table Actions LA-UR-13-25961
Controller Management software for network Communicates via a secure channel Push and remove flows Determine actions for undefined flows LA-UR-13-25961
Networks for Security Network 1 User Network 2 Switch Controller Security Node Rule 1 • User job in Node 1 Allow access to Network 1 • If User accesses Node 2 Rule 2 • Redirect to Security Redirect to Security Node if Node access to Network 2 is attempted LA-UR-13-25961
Networks for Security Network 1 User Network 2 Switch Controller Security Node Rule 1 Allow access to Network 1 Rule 2 Redirect to Security Node if access to Network 2 is attempted LA-UR-13-25961
Melanie Palmer LA-UR-13-25961
Objective Performance Reliability Scalability LA-UR-13-25961
Materials Our Cluster Floodlight 0.9 Seven node Open source CentOS 6.4 Widely used in industry Arista 7050S Java based OpenFlow 1.0 EOS 4.10.4 LA-UR-13-25961
Test Suite Load Test Performance Reliability LA-UR-13-25961
Test Suite Traffic Limit Load Test Timing Limit Start T Test Start Tr Traffic Fini nish h TCPDu Dump Tests Cha hang nge Start St Flo lows Increme Inc ment nt Start 1 10 Sections Sections ns Ping ngs/Sec Inc Increme ment nt Fini nish h Flo lows/Sec LA-UR-13-25961
Load Test Controller Node A Rule 1: Node B Connect A and B Switch Rule 2: Drop Anything to C Node C LA-UR-13-25961
Load Test Controller Node A Rule 1: Connect A and C Node B Switch Rule 2: Drop Anything to B Node C LA-UR-13-25961
Test Suite Load Test Speed Test Scalability Performance LA-UR-13-25961
Test Suite Load Test Speed Test Send TCPDump Change Traffic to Start Test to File Flow Node C LA-UR-13-25961
Speed Test Controller Node A Rule 1: Switch Connect A and C Node C LA-UR-13-25961
Speed Test Controller Node A Rule 1: Switch Drop Node C Node C LA-UR-13-25961
Test Suite Failure! Load Test Speed Test Analysis Program Expected Behavior LA-UR-13-25961
Test Suite Failure! Load Test Speed Test Analysis Program Stage 1 - Extracts ○ Error rate ○ Flow change speed Stage 2 - Analyzes ○ Averages data ○ Standard deviations LA-UR-13-25961
Rob Sullivan LA-UR-13-25961
Load Test Results Flow Push Error Rate 16 14 12 10 Error (%) 8 250 500 6 750 Pings/Second 4 2 0 0.1 0.2 0.3 0.6 1.2 2.3 4.3 7.9 13.9 21.9 31.4 40.0 45.8 51.2 53.5 Flows per Second LA-UR-13-25961
Speed Test Results 16 14 12 10 Milliseconds 8 6 4 2 0 200 pings/s 300 pings/s 400 pings/s 500 pings/s 600 pings/s 700 pings/s 800 pings/s 900 pings/s 1000 pings/s 100 pings/s LA-UR-13-25961
Problems OpenFlow 1.0 Imprecision of some test methods Volume and nature of data Meaningful packet redirection Human error LA-UR-13-25961
LA-UR-13-25961
Will OpenFlow Work? Allows software OpenFlow v. 1.0 reconfiguration of inadequacies networks Hardware specific Easy administration limits Flows can be reliably Potential security pushed up to a issues measurable rate Controller can get Flow push failure is overwhelmed low even at high push rates LA-UR-13-25961
Future Work OpenFlow 1.1 Security Controllers and hardware Scale LA-UR-13-25961
LA-UR-13-25961 Acknowledgements Instructors – Dane Gardner and Matthew Broomfield (T.A.) Mentors – Kyle Lamb (HPC-3) and Ben McClelland (HPC-5) Special Thanks: Los Alamos National Laboratory – Gary Grider, Josephine Olivas, Carolyn Connor, Scott Robbins and Carol Hogsett New Mexico Consortium – Ann Kuiper PRObE – Andree Jacobson Our Schools: University of Texas at El Paso New Mexico Institute of Mining and Technology Michigan Technological University
Your turn! LA-UR-13-25961
Recommend
More recommend
