© All Rights Reserved SDN for Communications Making the Network and Applications Smarter and Adaptable Terry Slattery Principal Architect NetCraftsmen CCIE #1026 1

© All Rights Reserved Agenda 2 Future Directions and Summary Where Are We Now? SDN and UC History of Traditional Networking

© All Rights Reserved Traditional Networking Complex configurations –Low-level CLI commands –Non-intuitive interactions –QoS example: 3 policy-map OUT-QUEUING-REMOTE1 description Outbound queuing and scheduling class OUT-LOW-LATENCY-DATA bandwidth percent 20 queue-limit 100 random-detect class-map match-any OUT-LOW-LATENCY-DATA description Low-Latency Data match access-group QOS-LOW-LATENCY-DATA match ip dscp af21 … With QoS ip access-list extended QOS-LOW-LATENCY-DATA remark Latency sensitive Data application traffic permit tcp host any any permit tcp host any any deny ip any any …

© All Rights Reserved Traditional Networking Relatively static configuration –Difficult to synchronize with business needs –Not responsive to applications –Encodes policy Forwarding based on destination address –Drives equal cost multi-path topologies –Complex policy routing configuration to implement policy routing 4 I-Net Remote Site UC Traffic Bulk Traffic

© All Rights Reserved Traditional Networking Low network utilization – 30-40% –Reserve bandwidth for traffic bursts –Unable to manage traffic with sufficient granularity Applications and the network don’t communicate –Apps can’t ask the network for special service –The network can’t inform apps of network changes –App and network teams often don’t work well together Config changes cause 40-80% of network problems –Network issues create 60-80% of QoE problems 5

© All Rights Reserved The Agility Mismatch Compute and storage are very agile –VMs can be created and moved within minutes –Containers (packaged apps) activate in seconds Network changes are slow –Change control systems induce delays –Manual processes –Network staff is often reluctant to use automation 6

© All Rights Reserved What About Orchestration? Orchestration improves agility –Is it sufficient? –How well has it worked so far? It doesn’t do many things –No simplification; adds complexity on top of the network –Doesn’t help with multi-tenancy designs –No improvements to security Applications and network still don’t communicate! 7

© All Rights Reserved We Need Something Better Bidirectional communications between applications and the network Faster configuration through automation Simplify configurations with powerful abstractions Better security (built-in and provable) New forwarding path selection mechanisms 8

© All Rights Reserved Agenda 9 Future Directions and Summary Where Are We Now? SDN and UC Traditional Networking

© All Rights Reserved What is Software Defined Networking? A new form of networking Decouples control from packet forwarding Software control of the network Abstractions hide details of the infrastructure layer Network and applications communicate with each other 10 Image: Open Networking Foundation

© All Rights Reserved The Advantages of SDN Applications and Network communicate Networks become more dynamic and agile Centralized control system makes better decisions –Programming is easily done across multiple devices Packet forwarding based on more than destination address –New path selection protocols 11

© All Rights Reserved Example: Endpoint Tracking and Security SDN Controller Medical Record System Second Floor Third Floor

© All Rights Reserved Endpoint Tracking and Security SDN Controller Medical Record System Second Floor Third Floor SDN Controller Detects Workstation Workstation on Wheels

© All Rights Reserved Endpoint Tracking and Security SDN Controller Virtual Net Instance Forwarding Table Updates Workstation on Wheels Medical Record System Second Floor Third Floor

© All Rights Reserved Endpoint Tracking and Security SDN Controller Workstation on Wheels Medical Record System Second Floor Third Floor SDN Controller Detects Workstation’s New Location

© All Rights Reserved Endpoint Tracking and Security SDN Controller VNI Forwarding Table Updates Workstation on Wheels Medical Record System Second Floor Third Floor

© All Rights Reserved Architecture of SDN for UC UC controller talks with QoS Service App QoS Service App talks with the SDN controller SDN controller creates a virtual network for the UC infrastructure 17

© All Rights Reserved Lync and SDN Integration Media Traffic Wanda Fred Lync SDN API SDN Controller QoE Services Set QoS DSCP Rules Call Start SDN Control Server Ringing… Call Initiated Lync tells SDN Controller SDN Controller Adds QoS Settings Traffic Flows Are Properly Handled

© All Rights Reserved Application-to-SDN Architecture 19 UC Application 2 (E.g., Collaboration) Network Element Network Element Network Element Network Element Network Element Network Element Network Element SDN Network Controller QoE Services Controller Admission Control Application Policy Network Controller North-Bound Interfaces Application Network Service North-Bound Interface (NBI) Administrator NBI Interface Flow Programming TopologyInventory Path Computation Statistics Dynamic QoS Marking Traffic Engineering CoS Optimization Traffic Engineering Path Selection South-Bound Interfaces (OpenFlow, etc) Network Policy SDN Solution UC Application 1 (E.g., Voice) IMTC Paper: “Automating UC Quality of Experience Using SDN, v2.02”

© All Rights Reserved QoE Service Functions Dynamic QoS –Apply QoS classification and marking at call setup Call Admission Control –Integrated across multiple applications Dynamic traffic engineering –Optimum path selection and Class of Service selection Application policy control –Central control of policy rules 20 QoE Services Controller Admission Control Application Policy Dynamic QoS Marking Traffic Engineering CoS Optimization Traffic Engineering Path Selection

© All Rights Reserved Dynamic QoS Classification and Marking UC controller identifies media traffic endpoints –Based on 5-tuple: Src IP+port, Dst IP+port, UDP/TCP Works with encrypted media traffic (Lync & Skype) Handles multiple UC systems –Lync + Polycom + Skype Consistent QoS 21 Media Traffic SDN Controller UC Controller

© All Rights Reserved Call Admission Control Wanda Fred UC Controller SDN API SDN Controller QoE Services Failed: 30Kbps Call Start Call Originate… UC tells SDN Controller SDN Controller Returns Error UC controller can: Return “Fast Busy” Force the call to G.729 codec and retry Fast Busy or change codec 30Kbps available

© All Rights Reserved Call Admission Control With SDN Policy: handling oversubscription –Deny the call – communicated back to the UC controller –Drop the traffic – but looks like a network failure –Mark down – to what class? –The UC controller makes room for the new call CAC across multiple UC systems –Multi-vendor (Cisco and Avaya due to a merger or acquisition) –Multiple media sources (e.g., Lync + Polycom + Skype) 23

© All Rights Reserved Handling Network Failures UC controller can make smart decisions –Change codecs –Reallocate bandwidth –Terminate calls (with message) Actions based on policy –Policy set by administrator 24 Wanda Fred UC Controller SDN API SDN Controller QoE Services Failed: 30Kbps

© All Rights Reserved Dynamic Traffic Engineering Dynamically select a media traffic path –Based on media traffic type –Driven by current network loading and characteristics Path selection protocols –IS-IS or OSPF – shortest path to the destination IP –Constraint-based SPF –Segment routing – source routing using MPLS tags –An area of research & development, ideally suited to SDN 25 Path 2 Path 1

© All Rights Reserved Example Policies Flexible oversubscription handling –Allow more calls when other traffic is light –Deny call or mark down media traffic –Move traffic to alternate paths –Lower BW codecs on all calls Resolve priority conflicts –UC vs healthcare traffic Dynamic path selection –Segregate realtime traffic 26 Media Traffic SDN Controller UC Controller Policy Definition

© All Rights Reserved Hybrid SDN: Legacy Core 27 SDN Controller UC Controller Core HQ Data Center R4 R2 R3 R1 TP-B TP-HQ RB SDN-enabled edge devices Legacy core devices Static QoS configurations Branch

© All Rights Reserved Call Start 28 Core Branch Data Center R4 R2 R3 R1 TP-B TP-HQ RB Best Effort UC-SDN Dialog SDN Controller UC Controller Call Initiation HQ

© All Rights Reserved Dynamic QoS 29 Core Branch Data Center R4 R2 R3 R1 TP-B TP-HQ RB Best Effort SDN Controller UC Controller HQ Push QoS Policy EF Egress: EF Ingress: BE Egress: EF Ingress: BE –QoS trust policy is enforced at the edge, per session –Policy is removed and BW reservation cleared when the call terminates

© All Rights Reserved Agenda 30 Future Directions and Summary Where Are We Now? SDN and UC Traditional Networking

© All Rights Reserved SD-WAN Products Traffic policies for multipath WAN –Smart WAN optimization for multiple paths –Selects the path appropriate for the traffic –Allows link bandwidth aggregation –Centralized policy definition system 31 Branch MPLS Internet LTE HQ LTE SD-WAN Controller

© All Rights Reserved API Maturity Most APIs are low-level –Some emulate CLI-level functionality –Higher-level abstractions are being developed Scope (tagging) and End-Point-Groups Abstract QoS definitions (hides details of classification/marking) –Documentation is often “early development” API Interfaces are maturing –Middleware is a valuable component (e.g., QoE Services) –Use-cases are helping define required functionality 32

© All Rights Reserved Management and Troubleshooting Existing tools may not work with dynamic networks –New sets of alerts Alert when the network can’t accept a flow Alert when the control system can’t talk with an element –Show troubleshooting information Path and configuration, including QoS, firewall, and load balancer Which app requested the change –Logging Record the time when changes were made API call tracing 33

© All Rights Reserved Device and Interface Tagging Group devices by function or role –Automation aid –Group configuration –Facilitates policy scopes Example –Core policy: efficient queuing and forwarding –Branch policy: dynamic classification, marking, and queuing Branch Core

© All Rights Reserved Staff Education Learn policy definition tools – Cisco’s ACI –Begin thinking at a higher-level Automation and scripting – Ansible, Chef, Python –Stop using manual change methods Learn the language of applications and servers –Integrate with the rest of IT New monitoring and troubleshooting tools 35

© All Rights Reserved Agenda 36 Future Directions and Summary REST API SDN and UC Traditional Networking

© All Rights Reserved Current State of SDN BigSwitch, Brocade, HP, and NEC are doing OpenFlow switches and controllers Many vendors in the OpenDaylight consortium –OpenFlow-based, open-source Cisco is doing several things –OpenDaylight member –Application Centric Infrastructure (proprietary) Monitoring Tool Networks (packet broker tools) –BigSwitch (BigTap) –NEC (PFTAP) –Basic function of an SDN

© All Rights Reserved Current State of SDN Currently in the early adopter phase –Many customers are interested in it (can it help me?) –Look to successful full-scale deployments –Many adopters benefit from operational efficiencies APIs are maturing –API use will bring additional benefits –Making it easier for apps to communicate with the network –Use-cases are helping define requirements –Middleware will add new interfaces and capabilities (QoE Service)

© All Rights Reserved Future Directions Network must communicate back to the application –Communicate bandwidth changes (failure or new capacity) –Handling oversubscription –Monitoring and diagnostics Smart policy engines –Help resolve conflicts between applications –Simplify policy creation mechanisms 39 SDN Controller UC Controller Healthcare Monitor Policy Definitions Network

© All Rights Reserved Adopting SDN: Three Approaches Proof of concept –Determine how SDN applies to your business –Identify a justification (app, operational efficiencies, etc) –Assemble an implementation team; learn the technology Cap and grow –Cap existing infrastructure –Install and grow SDN infrastructure, linked to the legacy network Full Deployment (see vendor case studies) –Complete replacement with SDN –Fastest way to achieve the benefits of SDN

© All Rights Reserved SDN Migration Deploy the SDN-capable edge –SD-WAN and LAN edge switches –Where dynamic policies are applied –Use static policies in the core –Advantage: incremental deployment Upgrade the core –Fast switches –High bandwidth links –Redundant connections to the existing network Leaf-Spine core network design

© All Rights Reserved Summary Need high level abstractions –Simplify how we think about networks –Device groups - use device tags –Interface groups – interface tags or End Point Groups (EPGs) –Device-independent QoS definitions –L3 forwarding domains (multi-tenancy) Prediction –Today: One application per VM –Future: One application per L3 network domain Simplify service chaining Branch Core

© All Rights Reserved Summary SDN is happening! –Progress has been rapid –Production rollout can be limited by equipment refresh –Significant operational benefits can be realized Learning about SDN – – It’s about the applications! –Easier to deploy –More agile –Easier to manage

© All Rights Reserved 44 Questions? SDN for Communications Making the Network and Applications Smarter and Adaptable Terry Slattery Principal Consultant NetCraftsmen CCIE #1026