Software-Defined Network for Enterprise - pas…pas.csie.ntu.edu.tw/SDN2015Workshop/SDN_info/講員_林志哲_E... · 94% time on Trouble-shooting ... 13B in 2020. L4-L7 Network Function

A Professional Company in

Software-Defined Networking (SDN) Copyright 2000 - 2015, EstiNet Technologies Inc. All Rights Reserved.

1

Software-Defined Network for Enterprise

July , 2015

EstiNet TechnologiesAn SDN Solution Company


Software-Defined Networking (SDN) 2

Agenda

Brief Introduction to EstiNet

Market Trend of SDN

Introduction to SDN

Public/Private Cloud Networking for Enterprise

SDN + Light-Weight NFV – EstiNet’s Trial

Summary



Introduction to EstiNet (1/2)Vision Leading SDN solution company in East Asia

Found Feb., 2011

Head Quarter Hsinchu Science Park, Taiwan

Major Funder MediaTek

Realtek

Institute for Information Industry (III)

Hsinchu HQ

Hsinchu HQ

Xiamen Office (Planned)

Beijing Office

(Planned)



Introduction to EstiNet (2/2)Chairman Ken Lu

• Co-funder of Accton (leading OEM/ODM manufacturer in Taiwan) since 1988

• R&D Vice President of Accton

• President of Accton

Employee 52 (70% of personnel are R&D)

Hsinchu HQ

Hsinchu HQ

Xiamen Office (Planned)

Beijing Office

(Planned)



Corporate Milestone

Network Simulator• From Incubation Center

of National Chiao-Tung University

• EstiNet 8.0 Network Simulator Product Released

Virtual SDN EstiNet 9 OpenFlow Network Simulator Product Released

• Receive 2011 National Outstanding IT Application/Product Award

• Publicly introduced by 2013 IEEE Communication Magazine

• Join ONF (as the first batch Taiwan companies joining ONF)

• Selected by MediaTeK to co-develop SDN OpenFlow Chip Simulator

• MediaTek invested in EstiNet as a major Board member

Cloud SDNSDN Networking Solutions for Enterprise and Data Center

• Receive National IDB Project「Development of Leading New Product」Award – Switch NOS

• Work with Realtek 「A+ Enterprise Innovation and R&D」Project – Switch SDN Agent

• Work with MediaTek to develop Open Network Platform for SDN Switches – NOS for Hybrid-mode Switch

• Registration to Taiwan GISA (Go Incubation Board for Startup and Acceleration Firms) gets approved

Start Up 2011 2011 - 2013 Today



EstiNet Network Simulator Core Technology

Support real-life network applications such as Skype, VLC

Utilize real Linux kernel TCP/IP Protocol Stack

Simulation results can be repeatable. The only network simulator product achieves both fidelity and accuracy.

Has developed/evolved for 15 years and becomes a stable tool Linux Operating System

Simulation Engine



SDN Product Roadmap

Network Simulator2011

SDN Network Simulator

2013

SDN Networking Solution2015 • MediaTek (SDN Chip Design)

• ITRI (LTE + SDN)• ETRI (SDN)• Academia Sinica (Sensor Network)• National Taiwan Univ. (LTE + SDN)• National Tsing Hua Univ. (SDN)• National Chiao Tung Univ. (SDN)• National Cheng Kung Univ. (Vehicular

Network)• Beijing JiaoTong Univ. (Vehicular

Network)• Beijing Univ. of Posts and Telecom

(Education)

• NCTU/SDN Industry-Academia Alliance (Controller+Switch)

• NCSIST (Controller)• Alcatel Lucent (Controller)• Far Eastone Telecom (Controller)• Taiwan Government Public Cloud

(Controller + Switch)

SDN Simulation Cloud2016

Customer

Partner

INTERNET+

• 20000 users from 144 countries

User

Target: Lecturers and researchers on networking education/R&D worldwide

Customer



Technology and Applications Supported by EstiNet Network Simulator

Kernel Re-entering Technology

Real TCP/IP Protocol Stacks

Simulation Engine

Applications(QQ, PPS, WeChat, …)

GUI

802.11 a/g/n LTE VANET802.11p/1609.x

OpenFlow Network

EmulationPlatform

SDNData Center



What is Software-Defined Network (SDN)

SDN:

Programmable

Central-managed

Hardware-decoupled

Flow-based traffic manipulation

Software Defined Data Center Trend

Software-defined network

SDN

Software-defined compute/storage

Cloud OS

Source: VMWare Blog



SDN Benefit: Reduction CAPEX/OPEX (1/3)

SDN saves US$ 39 Billion per year for European Operators (ZDNET)

SDN helps AT&T reduce service test time: from 18 months to 18 mins

Service redeployment per Customers’ requests

within 1.5 mins



SDN helps AT&T reduce 40~50% time on maintenance and 94% time on Trouble-shooting

SDN helps ALU reduce 58% time overheads、56% resource, increase 24%profitable bandwidth

SDN Benefit: Reduction CAPEX/OPEX (2/3)



SDN Benefit: Create Profitable New Services (3/3)

Case:

ChungHwa Telecom International adopts SDN-based BoD (Bandwidthon Demand) Application to allow its clients to reserve bandwidthaccording to time slots/path/bandwidth needs

中華電信國際分公司於2014年8月進行以SDN技術開發新應用服務BOD(Bandwidth on Demand) 之第一階段驗證 :

過去客戶只能月租固定頻寬

中華電信與客戶都能更彈性調度與節省頻寬



SDN Market Size Cloud/Enterprise/Telco SDx Data Center market could exceed $65 Billions by 2018 Total Market Size exceeds $105B by 2020 CAGR : 30% in next 5 years

Source: SDx Central Market Report 2015



Expected Growth on Software-Defined X

In SDx Trend, L2/L3 Hardware will be replaced by Software, will reach 13B in 2020.

L4-L7 Network Function Software Market will reach 35B in 2020

Source: SDx Central Market Report 2015



Customers

SW ProviderSystem Provider

Manufacturer

Technology Provider

- Whitebox Switch- Brand Switch

- Switch ASIC

- SDN Apps- SDN Controller - SDN ONP

- Cloud Services

EstiNet’s Role in SDN Eco-system

https://www.opennetworking.org/member-profile/1042-big-switch-networks

https://www.opennetworking.org/member-profile/1042-big-switch-networks

https://www.opennetworking.org/member-profile/744-pica8

https://www.opennetworking.org/member-profile/744-pica8



Basics

Linux-based Open-architecture Switch Network OS

Support Legacy network and SDN

Co-develop with MediaTek for the bare-metal market

Receive National IDB Project「Development of Leading New Product」Award in March, 2015

Feature

Allow clients to develop their own software

Adopt open architecture with Forwarding Abstraction Layer (FAL) and Linux-style network interface, directly supporting 3rd-party open-source program such as Quagga

Provide unified architecture and support multiple ASIC vendors

Software on ONP remains unchanged when underlying hardware/device is changed, minimizing OPEX

Advantage

Support both Legacy network and SDN

The first open-architecture Switch NOS supporting both Legacy and SDN networks

Cost-Effective

Will provide 20~30% more features than competitors with 20% less price

Estinet SDN Open Network Platform (ONP) for Switches



Estinet SDN ONP Architecture



CLOUD NETWORKING SOLUTION FOR ENTERPRISE



Traditional Multi-Tenant Public Cloud

Load Balancer

Fire Wall

Virtual MachineVirtual Machine

Load Balancer OS

Application OS

Application

LBFW Web

OS

Application OS

Application

ERP

IP-basedDisadv:

1. Network Virtualization- limited by IP networking, flows are established by tunneling

Complex flow establishment process with high overheads2. Network Function Virtualization (NFV)

- limited by IP networking, complex flow chainingbetween serversDifficult to distribute Network functionsamong servers flexibly and thus difficult to scale-up

3. Tree topologyUplink bottleneck due to East-West traffic

4. Require many different level of switches with different settings, increasing OPEX

NFV



SDN Public Cloud Networking Solution

ERP

OpenFlow-based

EstiNet provides SDN System Software• SDN Controller (EstiNet Commercial-grade ODL/ONOS Network Orchestrator), SDN ONP, Apps.

Adv:1. Network Virtualization

- Programmable flow setting over logic virtual networksEasy to Configure and Flexible

2. Network Function Virtualization (NFV) - Firewall, Load Balancer can be run on VMs in

server farms, decreasing CAPEX- Openflow-based programmable Service

Function Chaining (SFC), easy to form servicedomainsEasy to Expand and Flexible

3. Support different topologies (tree-based, mesh-based) More links can be used for East-WestTraffic, offloading traffic of uplink bottlenecks

4. Use of bare-metal switchesReduction of Initial Capital investment

Load Balancer Fire Wall

Virtual MachineVirtual Machine

・・・

LB FW

SDN Controller

Web AAA

Network pool

OS

Application

OS

Application

Server poolNFV pool

Internet

ERP


Software-Defined Networking (SDN) 21Page

21

Traditional Enterprise Network Architecture

Disadv:1. IP-based2. Require many different level of switches with different

settings, increasing OPEX3. Expensive Firewall, Load Balancer devices, increasing CAPEX4. Difficult to expand the scale 5. Inflexible to dynamically adjust resources

・・・

Internet

BW BW

LB

BW control

L2SW

FW

L2SW

Sever

ERP AAA Web

L2SW

Core SW



SDN Enterprise Private Cloud Networking Integrated SDN/NFV networking solution:

- Integrate strategic partners switch solutions and NFV platform

- Flexible mesh-like topologies as a scalable switch pool, no need to differentiate Core/Aggregation/Edge switch

- No dedicated hardware device for Firewall/Load Balancer/Bandwidth Controller Realizing these services as NFVs. Increasing processing capacity by increasing NFV servers and VMs

・・・

Internet

BW BW

LB

BW control

L2SW

FW

L2SW

Sever

ERP AAA Web

L2SW

Core SW

Load Balancer

Fire WallVirtual MachineVirtual Machine

・・・

LB FW

SDN Controller

Web AAA

Network pool

OS

Application

OS

Application

Server poolNFV pool

Internet

ERP



EstiNet SDN Data Center Architecture

Server Storage

Cloud OS (OpenStack, Open Cloud, etc.)

ODL Controller + Apps

Hardware

SDN Switch

ASIC

/ NPU

ServerController

StorageController

Switch / NetworkController

Software

SDN Switch

ONOS Controller

OpenVirtex

Network Orchestrator

OS and software running in hardware

SDN switches

Virtual SDN switches

emulated in a network emulator

Service Orchestrator

• Integrated 3S (Server/Storage/SDN) Data Center Solution with partners• suitable for both Public Cloud and Enterprise Private Cloud

http://www.google.com.tw/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=nQvaGBKsRiwSkM&tbnid=bj4k18hVD1mM5M:&ved=0CAUQjRw&url=http://arquitecturadecomputadorasa.blogspot.com/2012/01/chipset-el-chipset-es-el-conjunto-de.html&ei=2UDrUr6-CMSmlQXV5IDoAQ&psig=AFQjCNGI1xR2Cf8RKgUUXbQBkTebAe8ppQ&ust=1391235449455680

http://www.google.com.tw/url?sa=i&rct=j&q=&esrc=s&frm=1&source=images&cd=&cad=rja&docid=nQvaGBKsRiwSkM&tbnid=bj4k18hVD1mM5M:&ved=0CAUQjRw&url=http://arquitecturadecomputadorasa.blogspot.com/2012/01/chipset-el-chipset-es-el-conjunto-de.html&ei=2UDrUr6-CMSmlQXV5IDoAQ&psig=AFQjCNGI1xR2Cf8RKgUUXbQBkTebAe8ppQ&ust=1391235449455680



Storage

TOR Switch

CoreSwitch

Server

Server

Server

Server

Rack

TOR Switch

Server

Server

Server

Server

Rack

TOR Switch

Server

Server

Rack

Storage

CoreSwitch

Switch Configuration, Management and Control Network

DataForwarding

Network

Server/Storage Configuration and Management Network

NetworkOrchestrator

CloudOrchestrator Internet

KVMSwitch

KVMSwitch

KVMSwitch

GW

Operations of EstiNet SDN Data Center Networking Solution

ODL Controller + Apps

ONOS Controller

OpenVirtex

Network Orchestrator

Cloud OS

ServerCtl

StorageCtl

Service Orchestrator

1.Run up services in VM

2.Set up flow forwarding

rules in switches to

form service-chaining

paths

3.Traffic from Internet is

directed to each

service orderly.

NF WEB DB

SA

VM

VM

VM

VS

Firewall

LoadBalance

Web HTML

DB



EstiNet SDN Product Line

Public/Enterprise Cloud MarketEducation/Research Market

Public /Enterprise Cloud

Networking Solution

SDN R&D Platform

EstiNet SDN Controller

EstiNet Commercial-grade ODL/ONOS Network Orchestrator

EstiNet SDN Switches / ONP

EstiNet SDN Edge/Access/Aggregate Switches

EstiNet 10

Network Simulator

EstiNet Cloud OSPlug-in

EstiNet SDN Core Network Orchestrator Dashboard

EstiNet NFV/SFCResearch Kit

Service/App PrototypeService OrchestratorOpenStack/Cloud OS



SDN WITH LIGHT-WEIGHT NFV

Virtual application server (VAS) architecture



OF Switch1

SDN ControllerWith VAS

End Terminal1

File Server1

File Server2

End Terminal2

File Server3

Mirror Server

OF Switch4

Legacy Switch1

Control Plane

Data Plane

Router1

OF Switch2

OF Switch3

192.168.200.0/24

192.168.100.0/24

192.168.10.0/24

192.168.1.0/24192.168.2.0/24

Example Enterprise Network with SDN



SDN with Light-weight NFV Trial

Combining SDN with Docker



Example Physical Topology

VAS Server

192.168.100.0/24

192.168.10.0/24

eth2

eth3:

192.168.10.254/24

eth4: 192.168.100.1/24

• Interface, IP, and VLAN ID are just examples, you can change them as you

want. In this slide, all the settings will use the above figure as the example.

Controller

192.168.100.254/24



Example Physical Topology Setting

Server

eth2: To inside SDN LAN

＃ifconfig eth2 0.0.0.0

eth3: To Controller


eth4: To WAN


So far, network communication should work normally in this stage. You can check the connectivity first in this step before we run Docker containers.



Virtual Network Topology on VAS Server

Server

OVS Bridge: ovs_lan

eth2eth3eth4

WAN Gateway

Docker Image: router• iproute• vlan• iptables• ebtables• isc-dhcp-relay

Docker Image: isc-dhcp-server• isc-dhcp-server

port2

port2.101 port2.102

port2

port2.101 port2.102

port4 port3

OVS Bridge: ovs_ctrlOVS Bridge: ovs_wan

port3

L3 L3L3L3 L3 L3L3



Test Topology

Server

192.168.100.0/24

192.168.10.1/24

eth2

eth3:

192.168.10.254/24

eth4:

192.168.100.1/24

Controller

WAN Simulation Node

10.0.200.1/24192.168.100.254/24

Switch

tagged (trunk)

Node 1(VLAN 101)

Node 2(VLAN 102)

untagged (access)

VLAN 102untagged (access)

VLAN 101

Test:

1. DHCP Client: Node 1 and Node 2 => PASS

1. Node 1: Expect IP in 192.168.1.0/24

2. Node 2: Expect IP in 192.168.2.0/24

2. Routing:

1. Node 1 to 10.0.200.1 => PASS

2. Node 2 to 10.0.200.1 => PASS

3. Controller to Server

=> PASS

4. Node 1 to Node 2 => PASS



Introduction to Basic Docker Settings



Core

Core Technique

net namespace

System

Container - pid: NSPID

eth0

eth

Namespace created

by docker.



Add NIC

Step 1

ip link add name LOCAL_VETH type veth peer name CONTAINER_VETH

System


CONTAINER_VETH

veth

LOCAL_VETH

veth

eth0

eth



Add NIC

Step 2 (Optional)

brctl addif docker_IF LOCAL_VETH

System


CONTAINER_VETH

veth

Bridge docker_IF

LOCAL_VETH

veth

eth0

eth



Add NIC

Step 3

ip link set LOCAL_VETH up

System


CONTAINER_VETH

veth

Bridge docker_IFLOCAL_VETH

veth

eth0

eth



Add NIC

Step 4

ip link set CONTAINER_VETH netns NSPID

System


CONTAINER_VETH

veth Bridge docker_IFLOCAL_VETH

veth

eth0

eth



Add NIC Step 5

ip netns exec NSPID ip link set CONTAINER_VETH name CONTAINER_ETH

System


CONTAINER_ETH

veth

Bridge docker_IF

LOCAL_VETH

veth

eth0

eth



Default Settings

NAT

By default, Docker sets host system to use iptables and NAT tables to perform NAT so that container can connect to Internet.

System


CONTAINER_ETH

veth

Bridge docker_IF

LOCAL_VETH

veth

eth0

eth

1. ip_forward

2. Netfilter - NAT



Other Usage

Idea 1: testing or Simulator

ip link set LOCAL_VETH netns NSPID2

ip netns exec NSPID2 ip link set LOCAL_VETH name LOCAL_ETH

System

Container - pid: NSPID1(Quagga)

CONTAINER_ETH

veth

Container 2 - pid: NSPID2

LOCAL_ETH

veth

eth0

eth



Other Usage

Idea 2: Packet Handling

tcpdump -i LOCAL_VETH -n

Of course, write a program or kernel module to pass frames from this interface to controller is doable.

System

Container - pid: NSPID1(NOS)

CONTAINER_ETH

veth

LOCAL_VETH

veth

eth0

eth



Summary

Enterprise Network could leverage MTN services from large-scale public cloud or create their own small-scale private cloud

Integrated 3S (Server, Storage, SDN) Product Solution is trend for future Data Center

While NFV architecture can be realized on Cloud Orchestrator such as OpenStack, light-weight NFV can be realized on container-level virtualization architecture such as Docker.



EstiNet SDN Lab.

Inherited facilities of Hsinchu Science Park Si-Soft Business Center, building Enterprise-level Data Center Deploy EstiNet’s SDN product solution for FOT

Now serving clients on video-streaming, video-conferencing, and MOOC education platform with small-scale FOT, collecting more video streaming，behavioral insights in data centers

Will deploy partners’ OpenStack system with EstiNet SDN system for SDN/NFV R&D, building an SDN Private Cloud solution research facility



EstiNet SDN Research & Experiment Platform

Education/Research Market

SDN R&E Platform

Open-Source ODL Controller

for research

EstiNet SDN

Research Switches

EstiNet 10

Network Simulator

EstiNet SDN R&E Dashboard

EstiNet NFV/SFCResearch Kit

NCTU Research Apps

Docker-based NFV Env.

SFC module integrated with R&E Dashboard

RTK 24 1G port Education/Research Switch

MTK 48 10G port Dual-pipeline Switch

Documents

Software-Defined Network for Enterprise - pas…pas.csie.ntu.edu.tw/SDN2015Workshop/SDN_info/講員_林志哲_E... · 94% time on Trouble-shooting ... 13B in 2020. L4-L7 Network Function