Presentation is loading. Please wait.

Presentation is loading. Please wait.

ODL SFC, Implementing IETF SFC November 14, 2016

Published byPreston Fitzgerald Modified over 6 years ago

Similar presentations

Presentation on theme: "ODL SFC, Implementing IETF SFC November 14, 2016"— Presentation transcript:

1

2 ODL SFC, Implementing IETF SFC November 14, 2016
Seoul, South Korea ODL SFC, Implementing IETF SFC November 14, 2016 Brady Johnson ODL SFC Project Technical Lead

3 OpenDaylight SFC Data Model
Service Function Chain (SFC) Abstract, ordered list of Service Function Types ex: [DPI, FW, NAT, QoS] Service Function Path (SFP) Concrete, directional details about an SFC Specific transport details (VxLAN-GPE+NSH, Eth+NSH, etc) Optionally specify concrete Service Functions and Service Function Forwarders Rendered Service Path (RSP) The actual service chain, combining info from the SFC and SFP Includes dynamic runtime representation of SFP resulting from load balancing and/or failover Service Chaining Classification Map subscriber/tenant traffic flows to Service Chains Applies Service Chain Encapsulation (NSH) Uses IETF ACL matching for traffic flow matching SFP SFC SF-Type1 SF-Type2 SF-Type3 Concrete SF1 Concrete SF2 Concrete SF3 Classifier RSP Concrete SFF1 Concrete SFF2

4 OpenDaylight SFC Use Case: SF Reclassification and branching
P2P/BitTorrent ⇒ Blue HTTP ⇒ Red HTTP Header Enrichment P2P Rate Limiting SF-DPI SF-QoS SF-HTTP Re-Classify Feedback ODL-SFC Update/Create Service Chains SFF br-int Classifier Classifier Internet Classification Rules SDN Network

5 Service Chaining Encapsulation: Network Service Headers (NSH)
NSH-Aware Service Functions (decrement NSI on pkt egress) NSH encapsulated packets: NSP: NSH Path, Chain ID NSI: NSH index, Hop in chain The shown NSI is after being decremented by the SF SF-NAT NSH-UnAware Service Function SF-HTTP SF-NAT Original packets NSH Proxy Classify once: Encapsulate Chain info with every packet 1,253 7,254 1,254 7,253 SFF br-int SFF br-int Classifier Classifier 1,255 7,254 7,253 Host 2 Host 2 7,255 Host 1 1,253 Original packets SDN Network Original packets

6 NSH Header and transport details As supported in ODL SFC
Outer Eth hdr Outer IP hdr Outer UDP hdr VxLAN GPE Inner Eth hdr Inner IP hdr Payload Example 1: NSH encapsulated in VXLAN-GPE Network Services Header Service Path: The Service Chain ID NSH Base Header Index: The hop in the Service Chain Service Path (24 bit) / Index Optional Metadata Example 2: NSH encapsulated in Ethernet NSH Outer Eth hdr Inner Eth hdr Inner IP hdr Payload

7 OpenDaylight: Just 1 piece of the puzzle
ODL NFV OpenStack OVS fd.io Linux OPNFV: Integrating it all together

8 OPNFV SFC Compute Node Control Node OVS (br-int) OVS
VM VM VM VM Tacker Clients Servers SF1 SF2 ODL SFC Open Stack OVS (br-int) Ingress Classifier SFF Egress Classifier OVS Top Of Rack Switch Legend VxLAN tunnel SF/SFF OpenFlow 1.3/OVSDB Classifier encaps VxLAN-GPE NSH Original packets, no encap

9 IETF SFC RFC improvements
Terminating SFPs and how to handle SFP egress rfc Section 4.3, point 2 The specification mentions that the last SFF should remove the SFC encapsulation and send the packet back to the network. This can be done by any SFC egress boundary node, and shouldnt be required by the last SFF. Its not always feasible for the SFF to know what to do with the original packet. When using GBP and Netvirt classifiers, the egress classifier removes the SFC encapsulation, thus acting as an SFC egress boundary node If the packet is sent back to the network (OpenStack br-int bridge) without SFC encapsulation, and it enters the classifier again, then there will be a loop Reclassification Several use cases that can be problematic TCP proxy How to handle when the SF generates traffic, which SFP to use Symmetric classifier Should be more explicitly specified

Download ppt "ODL SFC, Implementing IETF SFC November 14, 2016"

Similar presentations

L3 + VXLAN Made Practical

L3 + VXLAN Made Practical
Introduction into VXLAN Russian IPv6 day June 6 th, 2012 Frank Laforsch Systems Engineer, EMEA

Introduction into VXLAN Russian IPv6 day June 6 th, 2012 Frank Laforsch Systems Engineer, EMEA
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
Network Service Header (NSH) draft-quinn-sfc-nsh IETF 90

Network Service Header (NSH) draft-quinn-sfc-nsh IETF 90
IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.

IPSec: Authentication Header, Encapsulating Security Payload Protocols CSCI 5931 Web Security Edward Murphy.
Introducing MPLS Labels and Label Stacks

Introducing MPLS Labels and Label Stacks
Report of Interconnectivity Testing of Service Function Chaining by Six Companies NTT Alaxala Networks Cisco Systems Hitachi Alcatel-Lucent Japan et al.

Report of Interconnectivity Testing of Service Function Chaining by Six Companies NTT Alaxala Networks Cisco Systems Hitachi Alcatel-Lucent Japan et al.
LISP, SDN, and OpenDaylight

LISP, SDN, and OpenDaylight
1Group 07 IPv6 2 1.ET/06/6472 2.ET/06/6487 3.ET/06/6491 4.EE/06/6393 5.EE/06/6455 6.EE/06/6473 Group 07 IPv6.

1Group 07 IPv6 2 1.ET/06/ ET/06/ ET/06/ EE/06/ EE/06/ EE/06/6473 Group 07 IPv6.
Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.

Security, NATs and Firewalls Ingate Systems. Basics of SIP Security.
Open vSwitch conference, November 2015 Franck Baudin

Open vSwitch conference, November 2015 Franck Baudin
Extending OVN Forwarding Pipeline Topology-based Service Injection

Extending OVN Forwarding Pipeline Topology-based Service Injection
Network Service Header (NSH) draft-quinn-sfc-nsh IETF 89 A. Chauhan Citrix U. Elzur Intel B. McConnell Rackspace C. Wright Red Hat Inc. P. Quinn J. Guichard.

Network Service Header (NSH) draft-quinn-sfc-nsh IETF 89 A. Chauhan Citrix U. Elzur Intel B. McConnell Rackspace C. Wright Red Hat Inc. P. Quinn J. Guichard.
Network Service Header (NSH) draft-ietf-sfc-nsh-04 IETF95, Buenos Aires, March 2016 Paul Quinn, Editor Uri Elzur, Editor.

Network Service Header (NSH) draft-ietf-sfc-nsh-04 IETF95, Buenos Aires, March 2016 Paul Quinn, Editor Uri Elzur, Editor.
Why Fabric? 1 Complicated technology/vendor/device specific provisioning for networks, especially heterogeneous network DC Network – STP, TRILL, SPB, VXLAN,

Why Fabric? 1 Complicated technology/vendor/device specific provisioning for networks, especially heterogeneous network DC Network – STP, TRILL, SPB, VXLAN,
Draft-maino-gpe-vpn F. Maino, V. Ermagan, J. Evans, H. Miclea IETF 95 – April 2016.

Draft-maino-gpe-vpn F. Maino, V. Ermagan, J. Evans, H. Miclea IETF 95 – April 2016.
Multi-protocol Label Switching (MPLS) RFC 3031 MPLS provides new capabilities: QoS support Traffic engineering VPN Multiprotocol support.

Multi-protocol Label Switching (MPLS) RFC 3031 MPLS provides new capabilities: QoS support Traffic engineering VPN Multiprotocol support.
J. Halpern (Ericsson), C. Pignataro (Cisco)

J. Halpern (Ericsson), C. Pignataro (Cisco)
Flow OAM Requirements Janardhanan Pathangi Balaji Venkat Venkataswami DELL Richard Groves – Microsoft Peter Hoose – Facebook

Flow OAM Requirements Janardhanan Pathangi Balaji Venkat Venkataswami DELL Richard Groves – Microsoft Peter Hoose – Facebook
SDN Controller/ Orchestration/ FastDataStacks Joel Halpern (Ericsson) Frank Brockners (Cisco)

SDN Controller/ Orchestration/ FastDataStacks Joel Halpern (Ericsson) Frank Brockners (Cisco)

Similar presentations

Ads by Google