Introduction to

Software-Defined Networking
(SDN)
and Network Programmability
Davin Gibb, Technical Solutions Architect
BRKRST-1014
Agenda

• What is SDN & Network Programmability

• What are the Use Cases and Problems Solved with SDN?
• An Overview of OpenFlow
• An Overview of Network Controllers
• How to Get Ready
What Problem Are You Trying to Solve?
Changing Nature of IT Ops with SDN led Management
Traditional Management SDN Led Management

Customer input on business /

service intent
Customer developed
provisioning tools, manual CLI
changes, and run book
automation for IT Operations
Automation
support (Workflow / Orchestration)
Feature Policy
Management
Configuration Automation
(Provisioning and Assurance)
Management Controller
(NMS) (APIC-EM)

NE NE NE NE NE NE NE NE
What is SDN & Network
Programmability
What is Software-Defined Networking (SDN)?
• An approach and architecture in networking where control and data
planes are decoupled and intelligence and state are logically
centralised

• Enablement where underlying network infrastructure is abstracted from

the applications [network virtualisation]

• A concept that leverages programmatic interfaces to enable external

systems to influence network provisioning, control and operations
SDN is…
…a new approach at network transformation
…empowering external influencers to network design and operations
…impacting the networking industry - challenging the way we think about
engineering, implementing and managing networks
…providing new methods to interact with equipment/services via controllers, APIs
…normalizing the interface with equipment/services
…enabling high-scale, rapid network and service provisioning/management
…generating a LOT of ‘buzz’ and attention
…providing a catalyst for traditional Route/Switch engineers to branch-out
SDN is not…
…an easy button (someone has to build the easy button)
…a panacea or end-state
…narrowly defined
…meaning the death of network engineers
…a mandate for all network engineers to become C and Java programmers

…a new attempt at network evolution…

 Overlays / Encapsulations
Have We Seen This Before?
MPLS
VPLS
VPN
GRE Tunnels
LISP
Control Plane / Data Plane
Separation –
Centralized Control

SS7 Management and

ATM LANE Programmatic Interfaces
Wireless LAN Controller
GMPLS
SNMP
NETCONF
EEM
Where Did SDN Come From?

http://cleanslate.stanford.edu/ 2008
The Traditional Network…
Control Plane (CP)
Control and Data
Plane resides within CP DP CP DP
Physical Device

Data Plane (DP)

CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane learns/computes forwarding decisions

Data plane acts on the forwarding decisions
The Network As It Could Be…to an SDN ‘Purist’

CP DP CP DP

CP
CP DP CP DP

CP DP CP DP CP DP CP DP

Control plane becomes centralised

Physical device retains Data plane functions only
The Network As It Could Be…In a ‘Hybrid SDN’

CP DP CP DP

CP CP DP CP DP
Controller

CP DP CP DP CP DP CP DP

A Controller is centralised and separated from the Physical Device,

but devices still retain a localised Control plane intelligence
 What are the Use Cases
and Problems Solved with
SDN?
Why Change?
• Familiar Manual, CLI-driven, device-by-device approach is inefficient
• Increased need for programmatic interfaces which allow faster and
automated execution of processes and workflows with reduced errors
• Need for a ‘central source of truth’ and touch-point
Your Challenges
• Complexity
• Pace of Change – Technology & Competition
• Consistent Pressure for Improved Operational Efficiency
• IT Budgets, Staffing and Resources
• Accelerated Pace of Cloud, Virtualisation and XaaS Options
• Consumption Economics
SDN Addresses Needs for…
• Centralised configuration,
management/control, monitoring of
network devices (physical or virtual)
• Ability to override traditional
forwarding algorithms to suite unique
business or technical needs
• Allowing external applications or
systems to influence network
provisioning and operation
• Rapid and scalable deployment of
network services with life-cycle
management
An Overview of OpenFlow
What is OpenFlow?

API
Application

OF
OF Controller AGENT

…a Layer 2 communications protocol that gives access to the

forwarding plane of a network device,
…a specification for building switches conforming to the protocol
 Deutsche Telekom : Facebook : Goldman Sachs : Yahoo
Google : Microsoft : NTT Communications : Verizon
OPEN NETWORK FOUNDATION Stanford : UC Berkeley ONF Board

ONF Members
3TEN8 Cisco Systems Hitachi Metaswitch Networks Samsung
6WIND Citrix Systems HP Midokura Sanctum Networks Ltd
A10 Networks Colt Technology Services Huawei MRV Communications SDN Essentials
Active Broadband Networks Coriant IBM NAIM Networks SDN Solutions
ADVA Optical Networking Corsa Technology Infinera NCL Communication SK Telecom
Alcatel-Lucent Criterion Networks (I) Pvt Ltd Infoblox NEC Spirent
Alibaba Group Holding Ltd Cyan Institute for Information Industry (III) Netgear Swisscom
Applied Micro Circuits Dell/Force10 Networks Intel Netronome Tail-f Systems
Aricent Group Digital China Networks Ltd (DCN) Intelliment Security NetScout Tallac Networks
Arista Networks ECI Telecom Intune Networks NoviFlow Inc. Tata Communications
Aruba Networks Equinix IP Infusion NSN Tekelec (Acquired by Oracle)
ATTO Research Korea Ericsson Itential NTT Data Telecom Italia
Auvik Networks EstiNet Technologies Inc. ITRI (Industrial Technology Research OKI Electric Industry Telefonica
Baidu Online Network Technology Co ETRI (Electronics and Institute) Optelian Telekom Malaysia - TM Research &
Ltd. Telecommunications Research Ixia Oracle Development
Barefoot Networks Institute) Juniper Networks Orange Telesoft
Beijing Internet Institute (BII) Extreme Networks KDDI Overture Networks Tellabs
Big Switch Networks F5 Kemp Technologies PCCW Global Ltd. Tencent, Inc.
BISDN Fiberhome Technologies Konodrac Pertino Texas Instruments
Blue Ocean Networks Pty LTD FishNet Security KT Corp. (Korea Telecom) Pica8 Thales
Broadcom Freescale Semiconductor Inc L3 Communications Systems - East Plexxi Inc Tilera
Brocade Communication Systems Friesty Lancope, Inc. PMC-Sierra Inc. Transmode
BTI Systems Fujitsu Level 3 Procera Networks TW Telecom
Centec Networks Gencore Systems LSI Corporation Qosmos UBIqube Solutions
Ceragon Networks Gigamon Luxoft Rackspace Vello Systems
China Mobile Research Center GlimmerGlass Marvell Radware Verizon
China Telecom GuardiCore Ltd. MediaTek Riverbed Technologies
Ciena H3C Technologies Mellanox Technologies Saisei Networks

http://opennetworking.org
 What Makes OpenFlow Different?
Flow Table
Ingres Source Dest Ether VLAN VLAN IP IP IP IP TCP/U TCP/U Action Priority Counter
s Port MAC Priorit Protoco
MAC Type ID SRC DEST l
TOS DP DP
y SRC DEST

Fwd Port 100

* * * *
Switching * * * * * * * 10
3c:07:54:*
Fwd Port 100
* * *Routing* * * * * * * * 12
192.168.1.*
Port 1 Fwd Port 100
* * * *
Replication/SPAN * * * * * * * 14…24

25 Drop 100
* * Firewall/Security
* * * * * * * * *
0x0800 Controller 100
* * * * *
Inspection * * * * * *
Vlan10 80 Fwd Port 8 200
* 00:01:E7:*
* * * * *
Combinations * * *
80 Rewrite 200
* * *
Multi-action *
; NAT * * * 192.168.1.*
* * * 10.1.2.3;
Fwd port 9

10.* Local 200

*Local handling
* * * * * * * * * *
What Makes OpenFlow Different?
Actions
OPENFLOW CONTROLLER
Required Actions
Forward out all ports
1
except input port

2 2
Redirect to OpenFlow
Controller
FLOW
CPU 3
Forward to local
TABLE Forwarding Stack (CPU)

Perform action in flow

4
table
4 3
7
5 Forward to input port
SWITCH FORWARDING
5 ENGINE 6
Forward to destination
port

7 Drop Packet

1 6
OpenFlow Introduced Notable Features Flow-spec
Version Tuple
1.0 2009-12 Initial Specification [Still very prevalent in the market] 12

1.1 2011-02 Support for multiple flow tables; Added support for MPLS 15
Defined two operating modes – Hybrid | Pure OpenFlow
1.2 2011-12 Support for IPv6 34
Multiple Controller support
1.3 2012-06 Support for Rate Limiting; IPv6 Extensions, GRE 38
Version increasingly targeted by customers/manufacturers
1.3.1 2012-09 Support for Negotiation TLVs 38

1.3.2 2013-04 Support for controller-initiated connections 38

1.4 2013-10 Support for Rule change ‘transactions’ (1.4.1 April 2015) 40

1.3.3 2013-12 Update with IANA registered TCP port : 6653 40

Clarify multipart segmentation rules, clarify use of empty multipart messages
Specify the normal fragment handling is mandatory, drop/reasm optional

1.3.4 2014-03 Clarify table feature wildcard list should not include fields that are mandatory in some context 40
Only
Add section about control channel maintenance
Push MPLS should add a MPLS header before the IP header and before MPLS tags, not
before
VLAN which is not valid

1.5 2014-12 Egress Tables; Packet aware pipeline (IP, PPP); flexible encoding - OpenFlow 44
eXtensible Statistics (OXS); set-field action wildcard; Controller connection status
(1.5.1 April 2015)
OpenFlow is one Fish in the Sea of SDN

PCEP

APIs
SDN Protocols in Internet
Application Frameworks, Management Systems, Controllers, ...

“Protocols” OpenFlow I2RS PCEP BGP-LS/FS Neutron OMI Puppet NETCONF

Management OMI Puppet NETCONF

Agent Agent Agent
Orchestration OpenStack
Agent
Network Services BGP PCEP BGP-LS/FS
Agent Agent
Radius
Control SNMP I2RS
Agent
…
Forwarding OpenFlow
Agent

Device Operating Systems – Cisco IOS / NX-OS / IOS-XR

 Industry Communities, Projects and
Standards Bodies
Cisco Innovations:
FEX Architecture
Technical Advisory
802.1 Overlay
Board seat Open Network Research
Networking Project
Center at Stanford
University

Puppet Agent
Modules
Puppet Labs
Initiatives:
investor
Contributor - Neutron API
Technical Advisory Group Technical Committee Donabe
Chair, Management Area Cisco Innovations:
Working Groups: Projects OpenStack API for Nexus
Config, Hybrid, Extensibility, OpenStack Extensions
Futures/FPMOD/OF2.0

Founding Platinum member

Catalyzed initial Open Source
offering

Overlay Working Groups:

NVO3, L2VPN, TRILL, L3VPN, LISP, PWE3
Working Groups:
NETCONF, ALTO, CDNI, XMPP, SDNP,
Open Source Cloud I2AEX
Computing project PCE, FORCES
I2RS – Interface to Routing System
An Overview of Network
Controllers
What Is OpenDaylight?
• …an open source project formed by industry leaders and others under the
Linux Foundation with the mutual goal of furthering the adoption and innovation
of Software Defined Networking (SDN) through the creation of a common
vendor supported framework.
• Focus: Customers with some programming resources that desire a free,
community-supported SDN controller, especially if focus is on OpenFlow

Platinum Gold Silver

OpenDaylight Architectural Model
Hydrogen
• Released February 2014

Helium
• Released October 2014
• 1.87M+ lines of code
• 28 Projects
• 256 Contributors

Lithium
• June 2015

Beryllium
• Feb 2016
OpenDaylight Membership
Platinum Members
23 29
1
13 15
4

1.9M lines of code

since projects
launch
10,411
total
OpenDaylight

OpenFlow-enabled
devices that are
configured to this
controller
automatically show
up in the topology
OpenDaylight

Hosts can be added

or learned
Flow-specifications
can be defined or
reviewed
What Is OSC?
• Cisco’s reinvestment from the previous Extensible Network Controller
(XNC) to a new ‘Open SDN Controller (OSC)’
• Based on OpenDaylight “Helium”
• Includes Cisco value-added functions: installation helpers, log and metrics
aggregation, plug-in clustering, and monitoring
• http://cisco.com/go/opensdn or
https://developer.cisco.com/site/openSDN
• Focus: Customers with some programming resources that desire a
commercially supported edition of a free, community-supported SDN
controller, especially if focus is on OpenFlow
Cisco Commercial Distribution of OpenDaylight
Open SDN Controller vs Cisco XNC
Re-bases XNC on OpenDaylight Helium Release

Hydrogen Helium Lithium

XNC 1.x Open SDN Controller

Open SDN Controller vs OpenDaylight

“HELIUM” Open SDN Controller

Community Support Cisco Supported
OpenContrail DLUX Log
Plugin Aggregation
LISP Flow AAA MD-SAL Metrics
Mapping Aggregation
Group Policy BGP-LS
OVA Distribution
Defense4all Basic
L2 Switch Controller
Precluded Clustering Incremental
OpenDaylight Common Content Cisco
Content Value
VTN Project OVSDB Yang Tools PCEP One Click Install
Secure Network
SNMP4SDN Openflow Monitoring
Bootstrap Infra
Plugin
PacketCable Central Admin
PCMM Service Function
Plug-in Clustering
AD-SAL Chaining
SDNi Sample Apps To be contributed back
to the “open community”
Deployment Experience

One Click Installation

Open Virtualization (OVA) Format

VMware ESXi and Oracle Virtual

Box support

Single “click” to select standalone

vs clustered installation

Seamless software upgrades

Launched by Cisco Platform BU

Native Applications

Inventory
Augmented OpenDaylight
“Nodes” user interface

Device vendor

Platform IDs

Series numbers
Native Applications (cont’d)

OpenFlow Manager
OpenFlow topology
visualization

Advanced flow management

Flow based troubleshooting

JSON body preview

System Monitoring

Real Time Event Logging

Event visualization

Adhoc queries

Filtered queries
System Monitoring (cont’d)

Real Time Metrics

CPU utilisation

Memory usage

System load

Controller heap size

Network usage

Free disk space

APIs

RESTCONF and Java APIs

For provisioning, checking
configuration and operational
states and fault management

List of exposed Northbound APIs

available via DevNet and on
platform

SAL Binding, Common,

Connector and Core APIs
provided
What Is APIC-EM?
• A purpose-built, easy to use SDN controller
• Does NOT require programming experience [but does have REST NBI]
• Does NOT require HW/SW upgrades to take advantage of controller model
• Has specific applications built-in to address common network needs:
Policy Management, QoS Management, Zero-Touch Deployment and iWAN
• Available to SmartNet customers without charge
• Focus: Enterprise Customers with Few to No Programming Resources
that desires a Commercially-supported solution that preserves existing
investment and doesn’t require HW/SW upgrades
APIC-EM - Platform Architecture

APIC-EM Network PnP IWAN Path Trace Network Inventory APIC-EM

Applications Advanced Topology Visualiser Applications

APIC-EM Controller
Northbound REST APIs
`
Inventory Policy
RBAC Policy Analysis
APIC-EM Manager Programmer
APIC-EM
Services Services
Topology Data Access IWAN
Network PnP
Services Service Services

Addresses
Scale Out
Grapevine Elastic Service Infrastructure
and HA
Requirements
Network Information Base Provides “One Source of Truth”
Topology with Location

47
Path Trace

48
PnP App

49
EasyQoS
APIC-EM: IWAN Application
How to Get Ready
Remember This Inflection Point?
Telephony in 1998

• IP Telephony struggled until we got ‘hybrid engineers’ to translate between the

Circuit Switch ‘Tip & Ring’ and Packet Switch ‘Bits & Bytes’ camps
• Likewise, now, we need the next generation of ‘hybrid engineers’ to translate between
traditional network domain engineers and software/application developers
What Skills Would Be Helpful for a
Network Engineer Branching Out?
• Basic Programming constructs
(conditionals, loops, functions/procedures)
• Basic Python / Javascript
• REST / Web Services
• Regular Expression
• XML / XSLT
• Basic SQL
• Basic shell scripting - grep
• #1 - Communicating Effectively with Programmers
Job Roles: Cisco Network Programmability Evolution
Business Application
Business Application
Developer — Network
Developer
Programmability Aware

System Engineer/ Network

Network Designer Programmability
Developer

Network Engineer
Development Network
Programmability
Curriculum Designer

Network
Support Engineer Programmability
Engineer

Traditional Networking
Open Infrastructure
Infrastructure

http://www.cisco.com/web/learning/certifications/specialist
DevNet

http://
https://developer.cisco.com
Continue Your Education
• Demos in the Cisco campus
• Walk-in Self-Paced Labs
• DevNet Zone
• developer.cisco.com
• Meet the Expert 1:1 meetings
Thank you
Acronym Decoder Ring [Aka Glossary]
• SDN -- Software Defined Networking

• BGP-LS – Border Gateway Protocol – Link State

• onePK – one Platform Kit

• NFV – Network Functions Virtualization

• SS7 – Signaling System No. 7

• ATM LANE – Asynchronous Transfer Mode LAN Emulation

• GMPLS – Generalized Multi-Protocol Label Switching

• VPLS – Virtual Private LAN Service

• VPN – Virtual Private Network

• GRE – Generic Routing Encapsulation

• LISP – Locator/ID Separation Protocol

• SNMP – Simple Network Management Protocol

• NETCONF – Network Configuration Protocol [IETF Standard]

• EEM – Embedded Event Manager

Acronym Decoder Ring [Aka Glossary]
• CP – Control Plane

• DP – Data Plane

• CLI – Command-Line Interface

• API – Application Programmatic Interface

• GUI – Graphical User Interface

• OF – OpenFlow

• NAT – Network Address Translation

• TLV – Type-Length-Value

• PCEP – Path Computation Element (PCE) Communication Protocol

• I2RS – Interface To Routing System

• OTV – Overlay Transport Virtualization

• VXLAN – Virtual Extensible LAN

• REST – Representational State Transfer

• IDE – Integrated Development Environment

Acronym Decoder Ring [Aka Glossary]
• CA – Controlled Availability

• GA – General Availability

• EFT – Early Field Trial

• NVGRE – Network Virtualization using Generic Routing Encapsulation

• STT – Stateless Transport Tunneling

• ODL – OpenDaylight

• OSGi – Open Service Gateway Initiative

• NBI – North-Bound Interface

• SBI – South-Bound Interface

• iWAN – Intelligent Wide Area Network