Presentation is loading. Please wait.

Presentation is loading. Please wait.

虛擬化技術 Virtualization Techniques

Published byNathan Curtis Modified over 9 years ago

Similar presentations

Presentation on theme: "虛擬化技術 Virtualization Techniques"— Presentation transcript:

1 虛擬化技術 Virtualization Techniques
Network Virtualization Software Defined Netwrok

2 Software defined network
Introduction Motivation Concept Character Open Flow Software defined network

3 Network Protocol and Model

4 Network Topologies Topologies
Topology refers to the physical or logical layout of the computers in a particular network. Commonly used topologies are star, bus and ring.

5 Network Virtualization
What is network virtualization ?

6 Network Virtualization
What is network virtualization ? In computing, Network Virtualization is the process of combining hardware and software network resources and network functionality into a single, software-based administrative entity, a virtual network. Two categories : External network virtualization Combining many networks, or parts of networks, into a virtual unit. Internal network virtualization Providing network-like functionality to the software containers on a single system.

7 Network Virtualization
Desirable properties of network virtualization : Scalability Easy to extend resources in need Administrator can dynamically create or delete virtual network connection Resilience Recover from the failures Virtual network will automatically redirect packets by redundant links Security Increased path isolation and user segmentation Virtual network should work with firewall software Availability Access network resource anytime

8 Network Virtualization
External network virtualization in different layers : Layer 1 Seldom virtualization implement in this physical data transmission layer. Layer 2 Use some tags in MAC address packet to provide virtualization. Example, VLAN. Layer 3 Use some tunnel techniques to form a virtual network. Example, VPN. Layer 4 or higher Build up some overlay network for some application. Example, P2P.

9 Network Virtualization
Internal network virtualization in different layers : Layer 1 Hypervisor usually do not need to emulate the physical layer. Layer 2 Implement virtual L2 network devices, such as switch, in hypervisor. Example, Linux TAP driver + Linux bridge. Layer 3 Implement virtual L3 network devices, such as router, in hypervisor. Example, Linux TUN driver + Linux bridge + iptables. Layer 4 or higher Layer 4 or higher layers virtualization is usually implemented in guest OS. Applications should make their own choice.

10 Network Virtualization
Protocol approach Protocols usually used to approach data-path virtualization. Three implementations 802.1Q – implement hop to hop data-path virtualization MPLS ( Multiprotocol Label Switch ) – implement router and switch layer virtualization GRE (Generic Routing Encapsulation ) – implement virtualization among wide variety of networks with tunneling technique.

11 Network Virtualization
802.1Q Standard by IEEE 802.1 Not encapsulate the original frame Add a 32-bit field between MAC address and EtherTypes field ETYPE(2B): Protocol identifier Dot1Q Tag(2B): VLAN number, Priority code CE: Customer Edge router PE: Provider Edge router

12 Network Virtualization
Example of 802.1Q VN 1 Source destination Physical Network VN 2 Source destination

13 Network Virtualization
MPLS ( Multiprotocol Label Switch ) Also classified as layer 2.5 virtualization Add one or more labels into package Need Label Switch Router(LSR) to read MPLS header

14 Network Virtualization
Example of MPLS VN 1 5 4 2 7 9 8 LSR Physical Network LER LER CE LSR CE LER CE VN 2 5 4 2 7 9

15 Network Virtualization
GRE ( Generic Routing Encapsulation ) GRE is a tunnel protocol developed by CISCO Encapsulate a wide variety of network layer protocol Stateless property This means end-point doesn't keep information about the state Built Tunnel

16 Internal Network Virtualization
A single system is configured with containers, such as the Xen domain, combined with hypervisor control programs or pseudo-interfaces such as the VNIC, to create a “network in a box”. This solution improves overall efficiency of a single system by isolating applications to separate containers and/or pseudo interfaces. Virtual machine and virtual switch : The VMs are connected logically to each other so that they can send data to and receive data from each other. Each virtual network is serviced by a single virtual switch. A virtual network can be connected to a physical network by associating one or more network adapters (uplink adapters) with the virtual switch.

17 Software defined network
Introduction Motivation Concept Character Open Flow Software defined network

18 Problem with Internet Infrastructure
Routing, management, mobility management, access control, VPN,…. Feature Feature Million of lines of source code Operating System Specialized Packet Forwarding Hardware Billions of gates Bloated Vertically integrated, complex, closed, proprietary Not suitable for experimental ideas Not good for network owners & users; Not good for researchers.

19 Problem: No Abstractions for Control Plane
Addition of a new function to the network Highly complex distributed system problem Networks too difficult to program and to reason about No good abstractions and interfaces Forwarding OS Distributed Network Functions Forwarding OS Router/Switch/Appliance Forwarding OS Router/Switch/Appliance Router/Switch/Appliance

20 Software-Defined Network with key Abstractions in the Control Plane
Network Virtualization Well-defined API Routing Traffic Engineering Other Applications Network Map Abstraction Network Operating System Forwarding Separation of Data and Control Plane Forwarding Forwarding Forwarding

21 Software defined network
Introduction Motivation Concept Character Open Flow Software defined network

22 Concept In SDN architecture, the control and data planes are decoupled, network intelligence and state are logically centralized, and the underlying network infrastructure is abstracted from the applications. By Open Networking Foundation white paper

23 Traditional network node: Router
Router can be partitioned into control and data plane Management plane/ configuration Control plane / Decision: OSPF (Open Shortest Path First) Data plane / Forwarding Adjacent Router Router Management/Policy plane Configuration / CLI / GUI Static routes Control plane OSPF Neighbor table Link state database IP routing table Forwarding table Data plane Routing Switching

24 Traditional network node: Switch
Typical Networking Software Management plane Control Plane – The brain/decision maker Data Plane – Packet forwarder

25 SDN entity SDN Protocol – Open Flow
A commonly protocol used to manage software defined network

26 SDN Software Defined Networking SDN Principles
Separate Control plane and Data plane entities Execute or run Control plane software on general purpose hardware Decouple from specific networking hardware Use commodity servers Have programmable data planes Maintain, control and program data plane state from a central entity An architecture to control not just a networking device but an entire network

27 Software defined network
Introduction Motivation Concept Character Open Flow Software defined network

28 Key Characters for SDN Success
Architecture for a Network Operating System with a service/application oriented namespace Resource virtualization and aggregation pooling to achieve scaling Appropriate abstractions to foster simplification Decouple topology, traffic and inter-layer dependencies Dynamic multi-layer networking

29 Software defined network
Introduction Motivation Concept Character Open Flow Software defined network

30 What is OpenFlow OpenFlow is like an x86 instruction set for the network Provides open interface to “black box” networking node (ie. Routers, L2/L3 switch) to enable visibility and openness in network Separation of control plane and data plane. The datapath of an OpenFlow Switch consists of a Flow Table, and an action associated with each flow entry The control path consists of a controller which programs the flow entry in the flow table OpenFlow is based on an Ethernet switch, with an internal flow-table, and a standardized interface to add and remove flow entries

31 Components of OpenFlow Network
Controller OpenFlow Protocol Messages Controlled channel Flow Table Flow entry Processing Pipeline Processing Packet Matching Instructions & Action Set

32 Controller: Centralized V.S. Distributed

33 OpenFlow Protocol Messages
Controller-to-Switch : initiated by the controller and used to directly manage or inspect the state of the switch EX: Features, Config, Modify State, Read-State, Packet-Out, Barrier. Asynchronous : Asynchronous messages are sent without the controller soliciting them from a switch EX: Packet-in, Flow Removed / Expiration, Port-status, Error Symmetric: Symmetric messages are sent without solicitation, in either direction EX: Hello, Echo, Experimenter / Vendor

34 Secure Channel (SC) SC is the interface that connects each OpenFlow switch to controller A controller configures and manages the switch via this interface. Receives events from the switch Send packets out the switch SC establishes and terminates the connection between OpneFlow Switch and the controller using the procedures Connection Setup Connection Interrupt The SC connection is a TLS connection. Switch and controller mutually authenticate by exchanging certificates signed by a site-specific private key.

35 Flow Table / Entry A flow table consists of flow entries Match fields
to match against packets. These consist of the ingress port and packet headers, and optionally metadata specified by a previous table Counters to update for matching packets instructions to modify the action set or pipeline processing Match Fields Counters Instructions In Port Src MAC Dst MAC Eth Type Vlan Id IP Tos IP Proto IP Src IP Dst TCP Src Port TCP Dst Port Layer 2 Layer 3 Layer 4 Forward packet to port(s) Encapsulate and forward to controller Drop packet Send to normal processing pipeline 1. Packet 2. Byte counters

36 Matching Fields & List of Counters
Figure From OpenFlow Switch Specification

37 Pipeline Processing

38 Packet Matching

39 Flowchart how to parsed for matching
Eth Type (commonly) Vlan: 0x88a8, 0x8100 MPLS: 0x8847, 0x8848 ARP: 0x0806 IP: 0x0800

40 Instructions & Action Set
Each flow entry contains a set of instructions that are executed when a packet matches the entry An Action set is associated with each packet. Its empty by default Action set is carried between flow tables A flow entry modifies action set using Write Action or Clear-Action instruction Processing stops when the instruction does not contain Goto-Table and the actions in the set are executed

41 Dynamic load balancing
Usage: Load Balancing Current methods use uniform distribution of traffic Not based on network congestion and server load More adaptive algorithms can be implemented by using OpenFlow Monitor the network traffic Program flows based on demand and server capacity Network Operating System Program Flow Entries Data Forwarding (OpenFlow Switch) Collect Statistics Observe load patterns Dynamic load balancing using Open Flow

42 Summary SDN is an architecture of which OpenFlow is just a part
Clearly separation of control and data plane functionalities Provides high level abstractions Network topology Application API Standard vendor-agnostic interface to program the hardware Scalability concerns SDN is not a magic wand to solve the current problems Many vendors are evaluating the direction SDN will take

43 References "OpenFlow: Enabling Innovation in Campus Networks“ N. McKeown, T. Andershnan, G. Parulkar, L. Peterson, J. Rexford, S. Shenker, and J. Turneron, H. Balakris ACM Computer Communication Review, Vol. 38, Issue 2, pp April 2008 OpenFlow Switch Specication V Richard Wang, Dana Butnariu, and Jennifer Rexford OpenFlow-based server load balancing gone wild, Workshop on Hot Topics in Management of Internet, Cloud, and Enterprise 66 IP Infusion Proprietary and Confidential, released under Customer NDA , Roadmap items subject to change without notice © 2011 IP Infusion Inc. gone wild, Workshop on Hot Topics in Management of Internet, Cloud, and Enterprise Networks and Services (Hot-ICE), Boston, MA, March 2011. Saurav Das, Guru Parulkar, Preeti Singh, Daniel Getachew, Lyndon Ong, Nick McKeown, Packet and Circuit Network Convergence with OpenFlow, Optical Fiber Conference (OFC/NFOEC'10), San Diego, March 2010 Nikhil Handigol, Srini Seetharaman, Mario Flajslik, Nick McKeown, Ramesh Johari, Plug-n-Serve: Load-Balancing Web Traffic using OpenFlow, ACM SIGCOMM Demo, Aug 2009. NOX: Towards an Operating System for Networks

44 Q & A

Download ppt "虛擬化技術 Virtualization Techniques"

Similar presentations

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.

Transitioning to IPv6 April 15,2005 Presented By: Richard Moore PBS Enterprise Technology.
OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.

OpenFlow overview Joint Techs Baton Rouge. Classic Ethernet Originally a true broadcast medium Each end-system network interface card (NIC) received every.
Implementing Inter-VLAN Routing

Implementing Inter-VLAN Routing
虛擬化技術 Virtualization Techniques

虛擬化技術 Virtualization Techniques
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
OpenFlow Costin Raiciu Using slides from Brandon Heller and Nick McKeown.

OpenFlow Costin Raiciu Using slides from Brandon Heller and Nick McKeown.
Software-Defined Networking, OpenFlow, and how SPARC applies it to the telecommunications domain Pontus Sköldström - Wolfgang John – Elisa Bellagamba November.

Software-Defined Networking, OpenFlow, and how SPARC applies it to the telecommunications domain Pontus Sköldström - Wolfgang John – Elisa Bellagamba November.
OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA 2011. 04. 11 Presented.

OpenFlow : Enabling Innovation in Campus Networks SIGCOMM 2008 Nick McKeown, Tom Anderson, et el. Stanford University California, USA Presented.
Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.

Multi-Layer Switching Layers 1, 2, and 3. Cisco Hierarchical Model Access Layer –Workgroup –Access layer aggregation and L3/L4 services Distribution Layer.
SDN and Openflow.

SDN and Openflow.
Networking Technologies for Cloud Computing USTC-INY5316 Instructor: Chi Zhang Fall 2014 Welcome to.

Networking Technologies for Cloud Computing USTC-INY5316 Instructor: Chi Zhang Fall 2014 Welcome to.
Scalable Network Virtualization in Software-Defined Networks

Scalable Network Virtualization in Software-Defined Networks
Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.

Flowspace revisited OpenFlow Basics Flow Table Entries Switch Port MAC src MAC dst Eth type VLAN ID IP Src IP Dst IP Prot L4 sport L4 dport Rule Action.
Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung(1203584897) SriramGopinath(1203800749)

Traffic Management - OpenFlow Switch on the NetFPGA platform Chun-Jen Chung( ) SriramGopinath( )
雲端計算 Cloud Computing Network Virtualization. Agenda Introduction External network virtualization  What to be virtualized ? Network device virtualization.

雲端計算 Cloud Computing Network Virtualization. Agenda Introduction External network virtualization  What to be virtualized ? Network device virtualization.
An Overview of Software-Defined Network

An Overview of Software-Defined Network
1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.

1 25\10\2010 Unit-V Connecting LANs Unit – 5 Connecting DevicesConnecting Devices Backbone NetworksBackbone Networks Virtual LANsVirtual LANs.
Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.

Jennifer Rexford Princeton University MW 11:00am-12:20pm SDN Software Stack COS 597E: Software Defined Networking.
An Overview of Software-Defined Network Presenter: Xitao Wen.

An Overview of Software-Defined Network Presenter: Xitao Wen.
Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Virtual LANs. VLAN introduction VLANs logically segment switched networks based on the functions, project teams, or applications of the organization regardless.

Similar presentations

Ads by Google