Embed Size (px)
Citation preview
Slide 1Slide 1
Panel: Reality Check on Implementing SDN
Kuang-Ching (KC) Wang, Clemson University
William Brockelsby, North Carolina State University
Tripti Sinha, University of Maryland
Slide 2
Introductions
• Moderator: KC Wang, Clemson University– Associate Professor and Networking CTO– Director, Center of Excellence for Next Generation
Computing & Creativity
• William Brockelsby, NC State University– Lead Network Architect
• Tripti Sinha, University of Maryland– Assistant VP and CTO– Executive Director, MAX
Slide 3
Panel Discussion Questions
• Is SDN ready for production deployment on university campuses?
• How do you see SDN, once mature and in place, impact university faculty, students, staff, and IT?
• Where, if any, should further investment be to further SDN deployment on university campuses?
Slide 4
Clemson UniversityCC-NIE: Clemson NextNet
Slide 5
Clemson NextNet – a Campus Wide Science DMZ• Big Switch Controller (partnership)• Dell/Force10, Pica8• 20 buildings 40/10 Gbps• I2 AL2S via Brocade MLXe32
Slide 6
Our Proposed Focus
• Production acquisition, deployment, operation
• Build campus “SDN Team” (IT + faculty + students)
• Focus on science use cases– Bioengineering – Transfer HPC overlay for da Vinci surgical robots– Genomics – Transfer large data sets from NCBI/NIH– Social Media – Transfer cross-country search results– Visualization/Video – Transfer large graphic/video data
Slide 7
What Worked, What Did Not Up and running – mixed vendor HW + Big Switch Controller
Brings faculty, students, and IT, across universities, closer than ever – new partnerships are here to stay
Showed what’s possible – new NSF projects proposed/funded in multiple domains
I2 AL2S (also a SDN) is heavily used
X Painful for engineers – switch firmware bugs, vendor-dependent OpenFlow behavior, no production-grade campus SDN controller, limited demand – witness growth over 3 years, not “production ready”
X What’s available with SDN today has not physically benefited science not yet, but significant progress already though, getting close Other than network researchers, science users care about
speed (SDN or not) workflow (SDN to be developed & requires inter-campus SDN coordination/federation)
Slide 8
Most Significant Benefits of CC-NIE:Bringing People, Schools, Research Areas Closer
Slide 9
Production SDN Indeed is ComingUniversity IT is Transforming
• While deployed CC-NIE network needed lots of “care”, network engineers accumulated lots of insights of SDN realities & gotchas.
• In parallel, IT satisfactorily evaluated and adopted vendor white-box SDN data center fabric and monitoring fabric
– production experience, fast feature speed, close vendor relationship
– BUT completely new model for network planning, provisioning, security
– breaking silos, shift of responsibilities
• SDN is still useful to sustain innovations already underway, even if it may be in smaller footprint, less than abundant traffic, and remains painful for network engineers for a while.
– New mindset on campus – researchers + engineers as day-to-day norm
Slide 10
North Carolina State University
CC-NIE: Data Intensive e-Science and SDN
Slide 11
Goals
•Eliminate bandwidth bottlenecks that hinder the success of researchers across many different disciplines in several physical locations on campus
•Leverage SDN functionality of new hardware to develop a virtual science DMZ
•Connect our SDN environment to the regional SDN environment being developed by MCNC (provides access to I2 AL2S)
Slide 12
Eliminate Bandwidth Bottlenecks
•Upgrade research building uplinks from 1Gb/s to 10Gb/s and deploy 10Gb/s aggregation switches where needed
•Deploy 1Gb/s switches with 10Gb/s uplinks to replace legacy 10/100 Mb/s switches
•Make direct 10Gb/s connections available where needed (research specific server rooms)
Slide 13
Deploy a Hybrid Architecture
•New switches can operate in “classic” mode for typical use cases
•Specific ports can operate in SDN/OpenFlow mode to permit development of new use cases (virtual science DMZ)
•Hybrid architecture allows experimentation with new technology with lower risk
Slide 14
SDN Application
•Permit dynamic virtual circuit provisioning on ports participating in SDN on hybrid switches
•Leverage Q-in-Q and MPLS L2 VPNs to connect “islands of SDN” transparently on campus in hardware at line rate
•Develop a virtual science DMZ by deploying dedicated “friction free” paths by utilizing SDN in buildings and Q-in-Q and MPLS on the backbone
Slide 15
Slide 16
Current Status
•Procured 48 1Gb/s switches with 10Gb/s ports; 4 10Gb/s aggregation switches
•All but 3 switches are physically deployed, continuing to patch researchers into infrastructure
•In process of deploying SDN based virtual circuit controller for virtual science DMZ use case
•Working with regional network provider to prepare for integration into regional SDN (access to I2 AL2S)
Slide 17
Project Review
•Developed excellent opportunities to start and continue discussions between faculty, staff and students•Hybrid architecture permits immediate benefit with low risk adoption of SDN based use cases•Minor difficulty with SDN/OpenFlow: Some hardware and software challenges•Overall an excellent opportunity for our campus:
Thank You!
Slide 18Slide 18
University of Maryland
Tripti Sinha
Slide 19
SDN focused work sponsored by:
NSF Award No: 1246386
CC-NIE Integration: SDNX - Enabling End-to-End Dynamic Science DMZ
Lead Organization: UMD
Co-PIs: GW
NSF Award No: 1340984
CC-NIE Integration: High Performance Computing with Data and Networking Acceleration (HPCDNA)
Lead Organization: UMD
Slide 20
Reality Check on Implementing SDN: SDN’s Play
Commercial Infrastructures
R&E Infrastructures, Science DMZs
Creative One-offs
Slide 21
Reality Check on Implementing SDN
• Commercial Infrastructures– SDN in commercial datacenters– SDN in private self-built custom networks (Google)– Next: SDN in commercial service providers– Future: SDN in the Enterprise
• R&E Infrastructures, Science DMZ– Internet2's nationwide Openflow network and their OESS/FSFW software
suite– ESnet and their dynamic provisioning system OSCARS– Some regional networks have deployed the same or similar technologies – Campus ScienceDMZs – Campus core networks and datacenters (in support of ScienceDMZs)
Slide 22
How Maryland and MAX are employing SDN
Slide 23
UMD and MAX SDN Focus Areas• SDN across the MAX regional and inside the “ScienceDMZ Facility”
– SDN as an enabling function to coordinate and orchestrate access to compute and storage services in user specific ways
• Creative One-offs in managing security– Applying new approaches to threat identification and response – SDN controller being used as a “more flexible policy based router”
(allowing access to trusted flows and denial to untrusted flows)– SDN technologies have a more palatable cost in keeping up with higher
network speeds compared to expensive proprietary hardware based security appliances
• Adoption of SDN across the core enterprise will likely be slow– Campus networks are complex environments serving multiple needs
quite well – Adoption rate will only increase when compelling use cases see SDN as
an enabler (like the ScienceDMZ). No compelling forcing function yet.
Slide 24
Reality Check on Implementing SDN
• Some unexpected positive byproducts of SDN work
– Bringing communities together (scientists and information technologists)
– Recognizing that enablers need a closer coupling with domain experts
– Being creative with SDN -- looking beyond datacenters and Science DMZs
