Reinventing Internet Infrastructure with OpenFlow and Software Defined Networking Stanford Clean Slate Program Funded by Cisco, Deutsche Telekom, DoCoMo, Ericsson, Google, LightSpeed, MDV, NEC, NSF, Xilinx Guru Parulkar

OpenFlow Team at Stanford With Martin Casado and Scott Shenker And contributions from many others 2

OpenFlow: Three Stories A platform for innovations within –Enterprise, backbone, & data center networks An architecture direction for Future Internet – Unifying packet and circuit networks An architecture providers like for their own reasons –Enabling an ecosystem

Internet has many problems Plenty of evidence and documentation Internet’s “root cause problem” It is Closed for Innovations 4

Million of lines of source code 500M gates 10Gbytes RAM 5400 RFCs BloatedPower Hungry Many complex functions baked into the infrastructure OSPF, BGP, multicast, differentiated services, Traffic Engineering, NAT, firewalls, MPLS, redundant layers, … An industry with a “mainframe-mentality” We have lost our way Specialized Packet Forwarding Hardware Operating System Operating System App Routing, management, mobility management, access control, VPNs, … 5

6 Controller OpenFlow Switch Flow Table Flow Table Secure Channel Secure Channel PC OpenFlow Protocol SSL hw sw OpenFlow: Enable Innovations “within” the Infrastructure Add/delete flow entries Encapsulated packets Controller discovery API Net Services

OpenFlow Enabled Switches/Routers/APs Cisco Catalyst 6k NEC IP8800 HP Procurve 5400 Juniper MX-series WiMax (NEC) WiFi Quanta LB4G More to follow... Cisco Catalyst 3750 (Fall 2009) Arista 7100 series (Fall 2009) 7 Ciena CoreDirector

OpenFlow Protocol C CC FLOWVISOR OpenFlow Protocol Research Team A Controller Research Team B Controller Production Net Controller Isolated Network Slices Physical Infrastructure Packet & Circuit Switches: wired, wireless, optical media Sliced and Virtualized OpenFlow Infrastructure Control Plane API 8

Example Network Services Static “VLANs” New routing protocol: unicast, multicast, multipath, load-balancing Network access control Mobile VM management Mobility and handoff management Energy management Packet processor (in controller) IPvX Network measurement and visualization … 9

OpenFlow Deployments Stanford Deployments –Wired: CS Gates building, EE CIS building, EE Packard building (soon) –WiFi: 100 OpenFlow APs across SoE –WiMAX: OpenFlow service in SoE Other deployments –Internet2 –JGN2plus, Japan –10-15 research groups have switches Research and Production Deployments on commercial hardware 10

OpenFlow as GENI Networking Substrate Eight universities and two national research backbones

OpenFlow Deployment in Japan NEC and JGN2Plus (NICT) 12 Network virtualization and slicing HD video distribution in different slices –Baseball game –Snow festival

European Deployment 13  L2 Packet  Wireless  Routing Pan-European experimental facility  L2 Packet  Optics  Content delivery  L2 Packet  Shadow networks  L2 L3Packet  Optics  Content delivery  L2 Packet  Emulation  Wireless  Content delivery

OpenFlow Deployments Outside US Several smaller scale efforts already on going Interest in Korea, China, Brazil, … 14

OpenFlow: A Hack to Experiment? Is there a bigger architecture story? 15

16 Controller OpenFlow Switch Flow Table Flow Table Secure Channel Secure Channel PC OpenFlow Protocol SSL hw sw OpenFlow: Enable Innovations “within” the Infrastructure Add/delete flow entries Encapsulated packets Controller discovery API Net Services

App Simple Packet Forwarding Hardware App Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source Architecturally what It Means 17

OpenFlow: Architecture Concepts Separate data from control –A standard protocol between data and control Define a “generalized flow” based data path –Very flexible and generalized flow abstraction –Delayer or open up layers1-7 Hierarchically centralized “open” controller with API –For control and management applications Virtualization of data and control planes Backward compatible –Though allows completely new header

Flow Table Entry OpenFlow Protocol Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport RuleActionStats 1.Forward packet to port(s) 2.Encapsulate and forward to controller 3.Drop packet 4.Send to normal processing pipeline + mask what fields to match Packet + byte counters

Building Larger Internet Arch Inter-domain routing framework Network access and authentication Security architectures Mobility management Packet and circuit unification –Traffic engineering … 20

21 OpenFlow and Circuit Switches Exploit the cross-connect table in circuit switches Packet Flows Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot TCP sport TCP dport Action Circuit Flows Out Port Out Lambda Starting Time-Slot Signal Type VCG In Port In Lambda Starting Time-Slot Signal Type VCG Flow abstraction applies to packet and circuits

Simple Unified Control Plane OpenFlow Networks … that switch at different granularities: packet, time-slot, lambda & fiber Packet and Circuit Flows Commonly Controlled & Managed

Congestion Control Example Innovation: Dynamic Circuits

OpenFlow Demo at SC09

Other Packet Circuit Convergence Example Capabilities Dynamic packet and circuit aggregation Slicing of packet and circuit networks –For benefit of ISP and transport service providers MPLS capabilities on OpenFlow 25

Why new generation providers like it and want to build an ecosystem? 26

New Generation Providers Already Buy into It In a nutshell –Driven by cost and control –Started in data centers…. 27

Example: New Data Center Cost 200,000 servers Fanout of 20  10,000 switches $5k commercial switch  $50M $1k custom-built switch  $10M Savings in 10 data centers = $400M Control 1.Optimize for features needed 2.Customize for services & apps 3.Quickly improve and innovate 28 The value prop applies to enterprise and service provider networks

What New Generation Providers have been Doing Within the Datacenters Buy bare metal switches Write their own control/management applications on a common platform Another way to look at it …

Specialized Packet Forwarding Hardware Ap p Specialized Packet Forwarding Hardware Ap p Specialized Packet Forwarding Hardware Ap p Specialized Packet Forwarding Hardware Ap p Specialized Packet Forwarding Hardware Operating System Operating System Operating System Operating System Operating System Operating System Operating System Operating System Operating System Operating System Ap p Network Operating System App What New Generation Providers have been Doing Within the Datacenters 30

App Simple Packet Forwarding Hardware App Simple Packet Forwarding Hardware Network Operating System 1. Open interface to hardware 3. Well-defined open API 2. At least one good operating system Extensible, possibly open-source “Meeting of Minds” with Providers 31

Interest is Much Broader Datacenter operators also operate WAN infrastructures –They want to cut cost and get more control Legacy network operators learning from new providers –They also want to cut cost and get more control –Be more innovative and competitive Convergence of cellular and Internet infrastructure – Another big impetus Net result: the change may come to all parts of the Internet infrastructure – sooner than you would think 32

Consequences More innovation in network services –Owners, operators, 3rd party developers, researchers can improve the network –E.g. energy management, data center management, policy routing, access control, denial of service, mobility Lower barrier to entry for competition –Healthier market place with reducing Capex & OpEx 33

Ecosystem Coming Together Role for Everyone to Contribute Researchers and R&E Networks Providers: old and new –Google, Amazon, Yahoo!, (Microsoft, Facebook), –DT, DoCoMo, (Level3, BT, Verizon, …) Box vendors –Enterprise and backbone –Packet and circuit (electronic and photonics) –Incumbents and startups Chip vendors –Broadcom, Dune, Marvell, …. 34 The Value Chain

OpenFlow/SDN As Networking Substrate A platform for innovations –Within enterprise, backbone, & data center networks Providers buy into the architecture –For their own reasons Ecosystem is coming together 35

The Stanford Clean Slate Program The 40year old Internet is showing its age: –Infrastructure not economically sustainable –Untrustworthy, unreliable and unpredictable –Does not support architectural innovations –Ill-suited for emerging technologies and applications e.g., ubiquitous computing with mobile wireless devices, web based computing, sensorized networked physical world, … Bring together Stanford’s world-class breadth & depth Research with emphasis on fundamental change and impact on real practice of networking Create and Distribute “Platforms for Innovations” Funding: NSF, Cisco, Deutsche Telekom, DoCoMo, Ericsson, Google, NEC, Xilinx The Problem Our Approach Handheld OS Browser UI HW Applications Data Substrate Computation Substrate Network Substrate Radio technology Economics

37 Vision: Three tiers of computing PC,TV at home, on the road, in hotels, on the plane Borrow the display, keyboard, memory, etc Internet servers data My window into the Internet. My cache of personal data. The key to my online data. Will identify me to others. Make payments, open physical locks. Great opportunities  Revolution in Mobile Computing will change our field.  Opportunity to bring change before ossification.

38 Today Where we will end up otherwise Vision Barriers 1.Big-brother portals will own our data 2.We will be locked-in to applications 3.Wireless capacity will stay closed 4.Network will stay ossified  Big-brother portals luring us to their repository  We have to provide an alternative  Healthcare, Financial: May never take off  Big-brother portals luring us to their repository  We have to provide an alternative  Healthcare, Financial: May never take off  When they’ve got our data, they’ve got us!  Surrounded by capacity we can’t use  Inefficient: Costs more, poorer quality  We need an alternative  Surrounded by capacity we can’t use  Inefficient: Costs more, poorer quality  We need an alternative  Problem with the network.  3G: Cellular networks  IP  IP: Bad for mobility, security, management  Need a network that continually evolves  Problem with the network.  3G: Cellular networks  IP  IP: Bad for mobility, security, management  Need a network that continually evolves

The Big Picture Handheld Energy aware secure OS Secure mobile browser UI HW Platform Applications PocketSchool, Image WEB, Augmented Reality Data Substrate PRPL Virtual Data System Computation Substrate Network of VMs, Mobile VMs Fiz web services environment Network Substrate OpenFlow Radio technology Multi-Gb/s, 99% coverage Economics

Stanford Clean Slate Team Networking Radio Economics Languages OS Security HCI Applications Architecture Education Dan Boneh Monica Lam David Mazieres Mendel Rosenblum Phil Levis Roy Pea Scott Klemmer Arogyaswami Paulraj Nick McKeown Ramesh Johari John Mitchell Christos Kozyrakis Fouad Tobagi Paul Kim Distributed Systems Guru Parulkar Balaji Prabhakar John Ousterhout + 40 graduate students and 6 staff engineers Departments of EE, CS, MS&E and School of Education

Thank You!! 41