Workshop on Software Defined Networks Spring 2014.

Slides:



Advertisements
Similar presentations
CCNA3 v3 Module 7 v3 CCNA 3 Module 7 JEOPARDY K. Martin.
Advertisements

Internetworking II: MPLS, Security, and Traffic Engineering
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Implement Inter- VLAN Routing LAN Switching and Wireless – Chapter 6.
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
Internet Control Protocols Savera Tanwir. Internet Control Protocols ICMP ARP RARP DHCP.
OpenFlow Switch Specification-v part1 Speaker: Hsuan-Ling Weng Date: 2014/12/02.
Switching Topic 4 Inter-VLAN routing. Agenda Routing process Routing VLANs – Traditional model – Router-on-a-stick – Multilayer switches EtherChannel.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
Ranges & Cross-Entrance Consistency with OpenFlow Liron Schiff (TAU) Joint work with Yehuda Afek (TAU) Anat Bremler-Barr (IDC) Israel Networking Day 2014.
Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Module 8: Concepts of a Network Load Balancing Cluster
COS 420 Day 16. Agenda Assignment 3 Corrected Poor results 1 C and 2 Ds Spring Break?? Assignment 4 Posted Chap Due April 6 Individual Project Presentations.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
WAN Technologies.
(part 3).  Switches, also known as switching hubs, have become an increasingly important part of our networking today, because when working with hubs,
1 Semester 2 Module 6 Routing and Routing Protocols YuDa college of business James Chen
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.
ICMP (Internet Control Message Protocol) Computer Networks By: Saeedeh Zahmatkesh spring.
InterVLAN Routing Design and Implementation. What Routers Do Intelligent, dynamic routing protocols for packet transport Packet filtering capabilities.
Chapter 4: Managing LAN Traffic
Module 13: Network Load Balancing Fundamentals. Server Availability and Scalability Overview Windows Network Load Balancing Configuring Windows Network.
OpenFlow: Enabling Technology Transfer to Networking Industry Nikhil Handigol Nikhil Handigol Cisco Nerd.
70-291: MCSE Guide to Managing a Microsoft Windows Server 2003 Network Chapter 12: Routing.
Software-Defined Networks Jennifer Rexford Princeton University.
Common Devices Used In Computer Networks
1/28/2010 Network Plus Network Device Review. Physical Layer Devices Repeater –Repeats all signals or bits from one port to the other –Can be used extend.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Copyright © Lopamudra Roychoudhuri
ORange: Multi Field OpenFlow based Range Classifier Liron Schiff Tel Aviv University Yehuda Afek Tel Aviv University Anat Bremler-Barr Inter Disciplinary.
© 2002, Cisco Systems, Inc. All rights reserved..
© 2006 Cisco Systems, Inc. All rights reserved.Cisco PublicITE I Chapter 6 1 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) Sriram Gopinath( )
Switch Features Most enterprise-capable switches have a number of features that make the switch attractive for large organizations. The following is a.
Switching Topic 2 VLANs.
1 Version 3.0 Module 7 Spanning Tree Protocol. 2 Version 3.0 Redundancy Redundancy in a network is needed in case there is loss of connectivity in one.
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
NETGEAR CONFIDENTIAL FVS338 ProSafe VPN Firewall 50.
© 2006 Cisco Systems, Inc. All rights reserved.Cisco Public 1 Version 4.0 Filtering Traffic Using Access Control Lists Introducing Routing and Switching.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Programming Languages COS 597E: Software Defined Networking.
OpenFlow MPLS and the Open Source Label Switched Router Department of Computer Science and Information Engineering, National Cheng Kung University, Tainan,
Brocade Flow Optimizer
+ Routing Concepts 1 st semester Objectives  Describe the primary functions and features of a router.  Explain how routers use information.
RIP Routing Protocol. 2 Routing Recall: There are two parts to routing IP packets: 1. How to pass a packet from an input interface to the output interface.
Software Defined Networking and OpenFlow Geddings Barrineau Ryan Izard.
SDN and Beyond Ghufran Baig Mubashir Adnan Qureshi.
This courseware is copyrighted © 2016 gtslearning. No part of this courseware or any training material supplied by gtslearning International Limited to.
Assignment 1  Chapter 1:  Question 11  Question 13  Question 14  Question 33  Question 34  Chapter 2:  Question 6  Question 39  Chapter 3: 
InterVLAN Routing 1. InterVLAN Routing 2. Multilayer Switching.
Yotam Harchol The Hebrew University of Jerusalem
Instructor Materials Chapter 7: Access Control Lists
SECURITY ZONES.
Virtual Local Area Networks or VLANs
Link Layer 5.1 Introduction and services
Forwarding and Routing IP Packets
Chapter 4 Data Link Layer Switching
Yotam Harchol The Hebrew University of Jerusalem
Introduction to Networking
Virtual LANs.
Load Balancing Memcached Traffic Using SDN
Chapter 5 The Network Layer.
Software Defined Networking
70-293: MCSE Guide to Planning a Microsoft Windows Server 2003 Network, Enhanced Chapter 4: Planning and Configuring Routing and Switching.
Chapter 10 IGMP Prof. Choong Seon HONG.
Implementing an OpenFlow Switch on the NetFPGA platform
Programmable Networks
Yotam Harchol The Hebrew University of Jerusalem
Delivery, Forwarding, and Routing of IP Packets
Chapter 4: outline 4.1 Overview of Network layer data plane
Presentation transcript:

Workshop on Software Defined Networks Spring 2014

Groups group idgroup membersex1 last sub.project nameproject sel. date 1Liza Mash, Kostya Berestizhevsky, Idan Shaby Firewall רועי לוי, רועי כהן, חוסאם אבו מערוף firewall4.5 3 שי פינסקר, בועז חמו, מוריה אהרון Or Keret, Ofir Shohet, Gal Bitensky Nir Avnon, Chen Shoval, Roi Klien Ori Lentzitzky, Guy Engel ירדן מרטון, בן שרפי Elad levi, Hanan Rofe Haim Roy Moyal, Liraz Segal5.5.14Load Balancer5.5 10Michal Shagam, Dekel ?8.5.14

OpenFlow Switch Specification Flow-Table entry: Possible Actions: – Forward packet to a given port (or ports) – Encapsulate packet and forward to controller – Drop packet Packet Header Action Statistics

OpenFlow Switch Specification The header fields matched in OpenFlow switch (Type0): Support for normal traffic is achieved by: – A 4 th action; forward packet through normal pipeline – Dedicated VLANs

OpenFlow1.3 Specification A pipeline of forwarding tables: – Aggregated Action Set – Internal metadata – optional group classification

OpenFlow1.3 Specification Extended match header fields:

OpenFlow1.3 Specification Extended match header fields:

OpenFlow1.3 Specification Counters:

OpenFlow1.3 Specification Each packet carries an Action set. – Empty at the start – Updated while packet is processed – Executed at the end. Each Forwarding table entry is associated with an Instruction Set – Predefined (updated by controller) – Executed when entry is matched – Influences packet processing course and updates its action set. More actions: – Update TTL – Tag push – Tag pop – Set field – QoS

OpenFlow1.3 Groups Groups can be applied on a packet while processed Groups are defined in the group table Group ID Bucket Group ID Instruction Out port

OpenFlow1.3 and RYU

PROJECTS

Router User input: – Routers addresses – Subnets assignments MAC: A * Port:1 VLAN: *.* Port:2 VLAN: * MAC: B * Port:1 VLAN: 3 MAC: D MAC: C MAC: E

Router Network input: – Links MAC: A * Port:1 VLAN: *.* Port:2 VLAN: * MAC: B * Port:1 VLAN: 3 MAC: D MAC: C MAC: E Port:3 VLAN: 4 Port:2 VLAN: 4

Router Objective: – Shortest path routes MAC: A * Port:1 VLAN: *.* Port:2 VLAN: * MAC: B * Port:1 VLAN: 3 MAC: D MAC: C MAC: E Port:3 VLAN: 4 Port:2 VLAN: 4

Load balancer Split clients to servers ActionEndStart Server r Server r Server r Drop ……………….. Source IP Address replicas Internet …

Load balancer Avoid rule expansion ActionEndStart Server A Server B ActionPattern Server A [00111***] Server A [*1******] Server A [10******] Server A 125. [ ].*.* Server A 125. [000111**].*.* Server A 125. [001000**].*.* Server A 125.[ ].*.* Server A 125.[ ] Server B 125.[ ]. 255.* Server A 125.[ ]. *.* Server B 125.[001*****].*.* Server B *.* Server B [00******].* Server B [010*****].* Server B [011000**].* Server B [0010****] Server B [ ] Server B [ ]

Load balancer Add/remove servers when needed Source IP Address replicas Internet …

Firewall Manage sessions Internet Intranet DMZ ActionConstraints Allow Allow + Log

Firewall Consider rule expansion ActionEndStart Server A Server B ActionPattern Server A [00111***] Server A [*1******] Server A [10******] Server A 125. [ ].*.* Server A 125. [000111**].*.* Server A 125. [001000**].*.* Server A 125.[ ].*.* Server A 125.[ ] Server B 125.[ ]. 255.* Server A 125.[ ]. *.* Server B 125.[001*****].*.* Server B *.* Server B [00******].* Server B [010*****].* Server B [011000**].* Server B [0010****] Server B [ ] Server B [ ]

Firewall Manage sessions Features: – Actions are Allow, Allow+Log, Block, Block+Log – Statefull – Consistency models (per flow/packet) – FIN detection Internet Intranet DMZ

Multicast Traffic

Input – Routers – Links – User location and request – Link and server cost Objective – Route streams (optimally) – Assign servers (optimally)

Distributed controller

Controller state is saved in distributed storage. Handling an event is a transaction. Prevent dead-locks and live-locks. Use a simple application as an example. Based on paper “Towards an Elastic Distributed SDN Controller” by Dixit et. al. appeared in HotSDN2013.

Hierarchical controller controller Sub SDN controller

Hierarchical controller controller Sub SDN controller

Fault tolerant SDN Without the controller, an OpenFlow switch forwards packets according to: – Static configuration – Links status – Packet header – Input port We want to ensure that if the network is physically connected then any packet will reach its destination (eventually). We prefer one instance of the packet at all time (without broadcast).

Fault tolerant SDN Non Fault tolerant solutions: – Source and destination based rules – Port based rules Our approach: – Use packet header for storing state Algorithms: – Module (Naïve) – DFS – BFS (very complicated)

Module Algorithm

DFS Algorithm

Feedback: Privacy Policy Feedback
Do Not Sell My Personal Information
About project: SlidePlayer Terms of Service

© 2024 SlidePlayer.com. Inc. All rights reserved.