realize sfc using onos sdn controller
play

Realize SFC Using ONOS SDN Controller Mohan Kumar, Senior Software - PowerPoint PPT Presentation

Realize SFC Using ONOS SDN Controller Mohan Kumar, Senior Software Engineer, Huawei Indian Cathy Zhang, Principal Architect, Huawei USA 1. Understand OpenStack Neutron SFC Feature: Its Flexible Architecture to Integrate with Multiple SDN


  1. Realize SFC Using ONOS SDN Controller Mohan Kumar, Senior Software Engineer, Huawei Indian Cathy Zhang, Principal Architect, Huawei USA

  2. 1. Understand OpenStack Neutron SFC Feature: Its Flexible Architecture to Integrate with Multiple SDN Controllers, Its APIs, Its Code Status, Second Phase Roadmap. 2. Understand ONOS Controller (Open Network Operating System) Distributed Architecture For Scalability Support 3. Undertand How Openstack Integrates with ONOS SDN Controller to Realize the SFC Functionality.

  3. OpenStack Service Chain Overview

  4. What is Service Function Chain ? Service Chain Management and Control Platform NAT FW IDS Video LB NAT FW LB WOC Load QoS Balancer FW SF SF Traffic IDS Classifier Forwarder Forwarder Traffic Destination (vSwitch) (vSwitch) Source Cache

  5. OpenStack Neutron Service Chain Architecture OpenStack Server OpenStack Server OpenStack API for Service Chain (C1) OpenStack API for Service Chain (C1) Service Chain Driver Manager Service Chain Driver Manager Common Service Chain Driver API (C2) Common Service Chain Driver API (C2) ODL Service ONOS Service Chain ODL Service OVS Service Dragonflow OVS Service ONOS Service Chain Dragonflow OVN Service OVN Service Chain Driver Chain Driver Driver Chain Driver Service Chain Chain Driver Driver Service Chain Chain Driver Chain Driver Driver Driver ODL Controller ONOS Controller ODL Controller ONOS Controller OVSDB ETCD Cassandra RamCloud OVSDB ETCD Cassandra RamCloud OVN/Dragonflow Distributed DB OVN/Dragon Dragonflow Compute Node Compute Node Compute Node flow Controller Controller OVS OVS Swtich OVS Swtich(Classifier) (Classifier) Swtich(Classifier) Traffic Traffic Traffic Traffic Source Service Source Service Service Service Service Service Destination Destination VM (NAT) VM VM (LB) VM (FW) VM (IDS) VM(Web)

  6. OpenStack Service Chain API Overview OpenStack Neutron Service Chain API Flow Classifier Flow Classifier Flow Classifier Port-Pair-Group2 Port-Pair-Group1 Port-Pair-Group3 Neutron Port Neutron Port Port Pair for IPS1 for FW1 for Video Destination Source N- Optimizer1 N-Tuple Tuple Neutron Port Port Pair for IPS2 for FW2 Neutron Port for Video Optimizer2 Neutron Port for FW3 Traffic FW Video Traffic IPS Destination Optimizer Source

  7. Networking-sfc Project Information ● First Release in Feb 2016 ● Architecture and API Specification Link: ● http://docs.openstack.org/developer/networking-sfc/ ● Project Wiki Page: ○ https://wiki.openstack.org/wiki/Neutron/APIForServiceChaining ● Weekly IRC Meeting: ○ Thursday 1700 UTC on #openstack-meeting-4 ○ https://wiki.openstack.org/wiki/Meetings/ServiceFunctionChainin gMeeting

  8. Second Phase Road Map of Networking-SFC • Add Support for a Chain of SFs Hosted on Container • Add Support for a Chain of SFs Hosted on Physical Device • Integrate with VNFM Tacker • Add ODL SFC Driver, OVN SFC Driver, Dragonflow SFC Driver to Support the Implementation path on these Open Source SDN Controllers. • Support for IETF NSH Encapsulation • Support for Symmetric SFC Path

  9. ONOS for Openstack

  10. SDN Archit itectu ture OpenStack Networking-SFC ONOS Controller vSwitch, Service Function VM/Container/ Physical Device

  11. What is Modular ONOS? A new carrier-grade SDN network operating system designed for  high availability  performance  scale-out. Mission: “to produce the Open Source Network Operating System that will enable service providers to build real Software Defined Network”

  12. SFC in ONOS Architecture APP OpenStack Networking-SFC Apps (ONOS SFC Driver) RESTful Vendor Specific ONOS NBI for SFC Northbound NB API functions Agent Core ONOS SFC Manager ONOS Flow Host VTN Device Config Subsystem Subsystem Manager Subsystem Driver SB API for SFC provisioning on SB API the device Net OVSDB Southbound Host Provider DEV Link Flow PCEP conf Provider Agent Switches and Service functions on the Network Data Plane

  13. Demo Topology VM1 VM4 VM2 (SF1) VM3 (SF2) (Source) (Destination) egress ingress egress egress ingress ingress egress ingress P3 P6 P2 P4 P5 P1 OVS Packet path before installing SFC Packet path after installing SFC VM1 -> VM4 VM1 -> VM2 -> VM3 -> VM4 In our demonstration we have source VM, destination VM and a set of ● service functions VM's spawned using openstack network API We use ping packet as data transfer between source and destination. ● Before installing SFC, the packet will directly go to the destination ● After installing SFC the packet will take the defined SFC path and is ● processed at each service function before reaching destination.

  14. Scenario 1 20.0.0.3 20.0.0.8 VM1 VM4 VM2 (SF1) VM3 (SF2) (Source) (Destination) egress ingress ingress egress ingress egress ingress egress P1 P3 P6 P2 P4 P5 OVS Test : Ping from VM1 to VM4 Packet path before installing SFC, VM1 -> VM4

  15. Creating port Use neutron networking CLI to create ports on OVS (All ports are ● created on the same network) neutron port-create --name p1 net1 ● neutron port-create --name p2 net1 ● neutron port-create --name p3 net1 ● neutron port-create --name p4 net1 ● neutron port-create --name p5 net1 ● neutron port-create --name p6 net1 ● neutron port-create --name p7 net1 ● neutron port-create --name p8 net1 ● P3 P6 P1 P2 P4 P5 OVS

  16. Spawning VM's Spawn the VM's with the created ports ● Use nova CLI to spawn the VM's ● nova boot --image cirros-0.3.4-x86_64-uec --flavor m1.small --nic ● port-id=<ingress port> --nic port-id=<egress port> <vm name> VM1 VM4 VM2 (SF1) VM3 (SF2) (Source) (Destination) egress egress ingress egress ingress egress ingress ingress P3 P2 P4 P5 P OVS P1 6

  17. Ping from VM1 to VM4 Without SFC 20.0.0.3 20.0.0.8 VM1 VM4 VM2 (SF1) VM3 (SF2) (Source) (Destination) egress ingress ingress egress ingress egress ingress egress P1 P3 P6 P2 P4 P5 OVS Packet path before installing SFC VM1 -> VM4

  18. Scenario 2 Packet path after installing SFC(Create port chain) VM1 -> VM2 -> VM3 -> VM4 20.0.0.3 20.0.0.8 VM1 VM4 VM2 (SF1) VM3 (SF2) (Source) (Destination) egress ingress egress ingress egress ingress egress ingress P1(27) P2(25) P3(26) P6(30) P4(28) P5(29) OVS Test : Ping from VM1 to VM4 Note: 5, 6, 7, 8.. are the OVS ports on which the VM's tap interfaces are created

  19. Creating SFC Port pair Use Networking-SFC CLI to create port pairs ● neutron port-pair-create <port pair name> --ingress <port id> -- ● egress <port id> When a port pair is successfully created, neutron SFC will send a ● create request to ONOS rest API. ONOS will store the respective port pair details in its DB ● Create Create Port pair PP2 Port pair PP1 with ports with ports P4 and P5 P2 and P3 P P3 P2 P4 P5 P1 OVS 6

  20. Creating Port pair group Use Networking-SFC CLI to create port pair group ● neutron port-pair-group-create --port-pairs <port pair name> <port ● pair group name> Once the port pair group is successfully created, neutron will send a ● create request to ONOS rest API for port pair group. ONOS will store the respective port pair details in its DB ● Create port pair group Create port pair group PPG1 with port pair PP1 PPG2 with port pair PP2 Create Port pair PP1 Create Port pair PP2 with ports P2 and P3 with ports P5 and P6 P3 P2 P4 P5 P6 P1 OVS

  21. Create flow classifier Use Networking-SFC CLI to create flow classifier. ● Classifier rule is used to select traffic that originates from source with ● IP prefix 20.0.0.3/32 and goes to destination with IP prefix 20.0.0.8/32 (Source and destination with in the same network), and the chain ingress port is set as the Source VM’s neutron port p1 neutron flow-classifier-create --source-ip-prefix 20.0.0.3/32 -- ● destination-ip-prefix 20.0.0.8/32 – logical-source-port p1 FC1 Once the flow classifier is successfully created, neutron will send a ● create request to ONOS rest API ONOS will store the respective flow classifier details in its DB ●

  22. Create Port chain Use Networking-SFC CLI to create port chain ● Create port chain with VM2 as SF1 and VM3 as SF2 ● neutron port-chain-create --port-pair-group PPG1 --port-pair- ● group PPG2 --flow-classifier FC1 <port chain name> Once the port chain is successfully created, neutron will send a chain ● creation request to ONOS rest API for port chain. ONOS will store the respective port chain details in its DB and ● initiates event to generate and download required flow rules to the switches for setting up the SFC traffic steering path. SFC VM2 (SF1) VM3 (SF2) Create Create Port pair PP1 Port pair PP2 with ports with ports P4 P2 and P3 and P5 egress egress ingress ingress P3 P2 P4 P5 OVS Create port pair group Create port pair group PPG2 with port pair PP2 PPG1 with port pair PP1

Recommend


More recommend