Embed Size (px)
Citation preview
Control-Plane Slicing Methodsin Multi-Tenant Software Defined Networks
IFIP/IEEE International Symposium on Integrated Network ManagementMay 11, 2015
Ottawa, Canada
C. Argyropoulos, K. Giotis, G. Androulidakis, D. Kalogeras, V. Maglaris
Network Management & Optimal Design Laboratory (NETMODE)School of Electrical & Computer Engineering
National Technical University of Athens
S. Mastorakis
Computer Science DepartmentUniversity of California, Los Angeles (UCLA)
2
Virtualization in multi-tenant Networks
Large-scale multi-tenant environments rely on Network Virtualization technologies
Tenants request dedicated network slices Scalability issues are mitigated Widely-accepted and/or proprietary solutions include:
□ Layer 2/3 VPN□ VXLAN□ NVGRE□ STT
3
Network Virtualization in SDNs
Network virtualization is taking advantage of SDNs: Leverage on Control and Data-plane decoupling
□ OpenFlow protocol Tenants apply their own forwarding logic
□ ByoC – Bring your own Controller
Open issue: Efficient substrate slicing
amongst multiple tenants
4
OpenFlow-based Virtual Networks
5
Flow-grouping as a Virtualization method
Grouping of flows: VLAN-based (1 VLAN ID/tenant) MAC-based (in cloud infrastructures) to pinpoint the VMs
location Port-based for service-oriented networks
Network virtualization based on Flowspace assignment
Conflict resolution for tenant requests
Isolated virtual networks Prevent overlapping Flowspaces
6
Network Virtualization Architectures (1)
OF Proxy Controller
Flowspace Slicing Policy Engine: Policy-based flowspace slicing
Slicing Layer: Policy enforcement using flowspace rules
Tenant Layer: Forwarding Logic
7
Network Virtualization Architectures (1)
Network Hypervisor
Flowspace Slicing Policy Engine: Policy-based flowspace slicing
Slicing Layer: Policy enforcement using flowspace rules
Virtualization Layer: Delegate Slicing
Identifiers Abstraction Expose Virtual Topo
Tenant Layer: Forwarding Logic
8
Slicing Policies (1)
Domain-wide Slicing: {TenantID, VlanID} Vlan ID is considered to be the Network Slice Identifier All packets marked with a specific Vlan ID are forwarded to the respective
tenant’s Controller by the Proxy Controller
Switch-wide Slicing: {TenantID, VlanID, SwitchID} VlanID and SwitchID are used to identify packets belonging to a specific slice Requests are forwarded by the proxy Controller to the tenant, based on the
VlanID and the SwitchID
9
Slicing Policies (2)
Port-wide Slicing: {TenantID, VlanID, SwitchID, PortID} VlanID, SwitchID and PortID are used to match slices with a specific tenant Requests are forwarded according to the afformentioned identifiers Requires one flowspace rule for each port bounded to a specific tenant
Switch A
1 2
5 3
4
Tenant KVLAN i
Tenant KVLAN i Tenant L
VLAN i
Tenant LVLAN i
10
Evaluation Approach
We used real graphs from Internet2/OS3E and GÉANT We created Virtual Network requests, mapping:
Simple paths (case of Virtual Network providers) Disjoint paths Star topologies (case of CDN providers)
We created mixes of mapping requests: Mix1: 2% disjoint paths, 49% simple paths, 49% star topologies (bounded –
predefined Packet ID) Mix2: 2% disjoint paths, 29% simple paths, 69% star topologies (bounded) Mix3: 2% disjoint paths, 29% simple paths, 69% star topologies (bounded) Mix4: 2% disjoint paths, 29% simple paths, 69% star topologies (unbounded)
11
Evaluation (1)
4,000 requests
16,000 requests
Acceptance ratio of VN requests on Internet2
topologies
12
Evaluation (2)
• Acceptance ratio for Mix2 requests
• Switch-wide & port-wide number of rules,
normalized by the domain-wide rules
Flow
spac
e ru
les/
Dom
ain-
wid
e Fl
owsp
ace
rule
s
Number of nodes
Acceptance Ratio
13
Evaluation (3)Control Plane resource consumption(using FlowVisor OF proxy Controller)
GÉANT topology
Requests
(mix2)
Rules(port-wide)
Time (ms)Memory
(Mbytes)
1.000 17Κ 4.7 6722.000 45Κ 5.0 18524.000 100Κ 5.4 40506.000 150Κ 5.5 61027.000 180Κ 5.9 7500
