SDNFV Test & ShowCase White Paper
2015.5.11-19 Beijing
Contents
1 SDNFV Test & ShowCase Activity Introduction ................................................................. 1
2 Participant Manufacturers and Equipment/Schemes ............................................................ 2
3 Schedule Arrangement .......................................................................................................... 3
4 Test Contents ......................................................................................................................... 5
4.1 OpenFlow 1.3 Conformance Test ............................................................................. 5
4.1.1 OFsuite Introduction ............................................................................................. 5
4.1.2 Brief Introduction of Conformance Test Topology and Content .......................... 5
4.2 OpenFlow 1.3 Interoperability Test .......................................................................... 6
4.2.1 Interoperability Test Scheme ................................................................................ 7
4.2.1.1 Testcase – TLS Encrypted Tunnel ................................................................ 7
4.2.1.2 Testcase - Group Table ................................................................................. 8
4.2.1.3 Testcase - Meter Table .................................................................................. 9
4.2.1.4 Testcase - Multiple Flow Table .................................................................. 10
4.2.1.5 Testcase – Controller Cluster ...................................................................... 11
4.2.1.6 Testcase – Hybrid Networking ................................................................... 12
4.2.2 Interoperability Test Problem ............................................................................. 13
4.2.2.1 Connection Problem ................................................................................... 13
4.2.2.2 Matching Problem ...................................................................................... 14
4.2.2.3 Instruction & Action Problems ................................................................... 14
4.2.2.4 Error Message Problem .............................................................................. 15
4.2.2.5 Controller Cluster Problem......................................................................... 15
4.2.2.6 Others ......................................................................................................... 15
4.3 Performance Test .................................................................................................... 15
4.3.1 Testcase – Switch Performance Test................................................................... 16
4.3.2 Testcase - Controller Performance Test .............................................................. 17
4.4 Brief Summary ....................................................................................................... 17
5 ShowCase Solution Demonstration .................................................................................... 19
6 Summary ............................................................................................................................. 28
7 Global SDN Certified Testing Center (SDNCTC) & IXIA ................................................ 30
1 SDNFV Test & ShowCase Activity Introduction
SDNFV ShowCase test activity is jointly held by Global SDN Certified Testing Center
(SDNCTC) and IXIA from 11th
May to 19th
May 2015 in Beijing. The test content of this SDNFV
ShowCase completely covers OpenFlow 1.3 conformance, interoperability, equipment performance
and newest NFV overall solution, and attracts over ten equipment manufacturers and solution
providers including Accton, GreeNet, H3C, Huawei, Mellanox, Pica8, Ruijie, Yunshan, NSFOCUS
and ZTE to participate.
With the development of SDN/NFV technology, manufacturer’ equipment and overall solutions
are more mature, and meanwhile, network providers and users have more urgent demand for more
flexible and extendible network. Based on that and conforming to the development tendency, this
SDNFV ShowCase activity gathers the industry’s leading manufacturers’ SDN/NFV equipment and
schemes, delivers the latest technology realization progress to the industry by testing, certification
and demonstration; at the same time, it provides a platform for manufacturers to communicate and
explore cooperation and hastens the whole industry development.
All SDN/NFV equipment and solutions are certified and tested by SDNCTC and IXIA.
OpenFlow 1.3 conformance test is completed by OFsuite, a self-developed testing suite by SDNCTC
and interoperability, performance and NFV overall solutions by testing tools of IXIA.
Venue of Global Future Network and SDN Technology Conference held on 18th
and 19th
May
has SDNFV ShowCase exhibition area, manufacturers with own schemes for testing conducted live
dynamic demonstration and explanation to nearly 1000 audience, guests and experts present. This
not only brought the first-hand information of latest technology realization progress to the industry,
but also gains good directional exchange and propaganda and promotion effects.
2 Participant Manufacturers and Equipment/Schemes
Statistical information of participant manufacturers and schemes in this SDNFV ShowCase is shown
as follows:
Table 1 Statistical Table of Participant Manufacturers, Equipment and Schemes
Manufacturers Equipment Schemes
Accton AOS5700-54X Switch
AOS6700-32X Switch
GreeNet NetDominator 8000
Controller
H3C VCF Controller
Network Virtualization
Function Server
vBRAS Virtualization Scheme
vFW Virtualization Scheme
Huawei CE6850HI Switch
Vyatta Controller
L2,L3 Line Speed Forwarding
Strategic Routing Schemes
Mellanox SX1012 Switch
Pica8 P-3922 Switch
Ruijie SE04 Controller
RG-S6010-48GT4XS Switch
S2910-24GT4XS-E Switch
Network Virtualization
Function Server
vBRAS Virtualization Scheme
Secure Access Control and WEB
Certification Scheme
ZTE ZENIC Controller
Yunshan&NSFOCUS N/A Remote Operation WAF Application Realization in
SDN Environment
Secure Behavior Analysis Based
on openflow in Cloud
Environment
Except SDN controller and switch equipment participating earlier, the participation of network
virtualization function servers is the new highlight of this activity. Among participant manufacturers,
there are familiar ones participating in every past testing activity, and also new ones appearing for
the first time. As to the sort of manufacturers, except traditional equipment manufacturers, it also
attracts cloud service and security scheme providers to come.
3 Schedule Arrangement
To verify the features of equipment and schemes and guarantee demonstration effect, from 11th
to15th May is the testing phase of SDNFC ShowCase, and OpenFlow 1.3 conformance,
interoperability and performance and NFV overall solution tests are arranged. Detailed testing
schedule please refer to the table below (schedule may be rearranged with actual live needs):
Table 2 Schedule Arrangement in Testing Phase
2015.5.11 2015.5.12 2015.5.13 2015.5.14 2015.5.15
AM
Launch Meeting
GreeNet
Controller
Pica8 Switch
GreeNet
Controller
Huawei Switch
GreeNet
Controller
Networking
Test
Yunshan &
NSFOCUS
(Remote
Scheme)
GreeNet
Controller
Accton Switch
ZTE
Controller
Accton Switch
ZTE
Controller
Pica8 Switch
IXIA
Mellanox
Scheme Test
Ruijie
Networking
Test
ZTE
Controller
Ruijie Switch
IXIA
Controller
Ruijie Switch
IXIA
Controller
Accton Switch
OFsuite
Huawei Switch
OFsuite
Ruijie Switch
IXIA
Controller
Huawei Switch
Ruijie
Controller
Huawei Switch
Ruijie
Controller
Pica8 Switch
IXIA
H3C vFW
Scheme
IXIA
Ruijie vBRAS
Scheme Test
PM
IXIA
Performance
GreeNet
Controller
GreeNet
Controller
Ruijie Switch
OFsuite
Ruijie Switch
ZTE Controller
Networking
Test
OFsuite
Accton Switch
OFsuite
Accton Switch
ZTE
ControllerHu
awei Switch
IXIA
H3C vBRAS
Scheme Test
OFsuite
Pica8 Switch
IXIA
Huawei policy
Routing
Scheme
IXIA
Huawei
Line Speed
Forwarding
Scheme
IXIA
Controller
Pica8 Switch
GreeNet
Controller
OVS
IXIA
Ruijie WEB
Certification
Scheme Test
Equipment
Package
RuijieControler
AcctonSwitch
ZTEController
OVS
From 18th
to 19th
May is the exhibition phase of SDNFV ShowCase, to better promote exchange,
live dynamic demonstration and small platform speeches of participant schemes are arranged.
Schedule in exhibition phase is arranged as follows:
Table 3 Schedule Arrangement in Exhibition Phase
2015.5.18 Small Platform Speeches
13:30-13:45 Mellanox: SDN Open-source Solution
14:00-14:15
Netronome::SDN and NFV Performance
Acceleration Technology
14:30-14:45 SDNFV ShowCase Test Activity Progress
15:00-1515 Ixia Hastens SDN/NFV Tests
15:30-15:45
Rui IT Solution Stimulates IT Framework
Transition
2015.5.19 Small Platform Speeches
09:30-09:45
NSFOCUS & Yunshan:SDN and Global
Flow Analysis in Cloud Environment
10:00-10:15
Huawei: Line Speed Forwarding and policy
Routing Scheme Introduction
10:30-10:45 H3C:NFV Product and Value
11:00-11:15
Ruijie:Introduction of vBRAS and WEB
Certification Scheme
4 Test Contents
In this section, test contents of SDNFV ShowCase will be introduced by type in detail.
4.1 OpenFlow 1.3 Conformance Test
OpenFlow 1.3 conformance test is protocol conformance test for switch equipment by officially
verified and approved OFsuite testing tools, based on ONF (Open Network Foundation) OpenFlow
1.3 conformance test specification which SDNCTC participated in editing. This testing specification
is edited on OpenFlow 1.3 protocol standard, including over 300 test cases, and equipment can apply
for OpenFlow 1.3 protocol conformance certification by ONF after passing all the test cases.
4.1.1 OFsuite Introduction
All OpenFlow 1.3 conformance tests of participant switches in this SDNFV ShowCase activity
are supported by OFsuite testing tools. OFsuite is the first OpenFlow 1.3 special test suite,
completely covering OpenFlow 1.3 conformance testing specification and verified by ONF. It can
provide switches’ application for ONF OpenFlow 1.3 conformance certification with overall
automated testing support. Meanwhile, OFsuite has rich monitoring and diagnosis features, which is
convenient to modify ad update switch equipment in the testing process.
4.1.2 Brief Introduction of Conformance Test Topology and Content
Figure 1 OpenFlow 1.3 Conformance Test Topology
Data channels Control channel
OF Switch
OFsuite can be run on any common Linux host, connect with OpenFlow switch equipment by
control channel and data channel interfaces, and can send and detect OpenFlow 1.3 protocol message
in control channel and produce needed traffic for test in data channel. Test cases cover following
contents:
–Control Channel
–Controller to Switch Messages
–Flow Table Miss
–Flow Table Matching
–Flow Table Actions/ Action Set
–Flow Table Modifications
–Counters
–Port Structure Protocol Message
–Action Header Protocol Message
–Switch Features Protocol Message
–Switch Config Protocol Message
–Flow Mod Protocol Message
–Multipart Reply Protocol Message
–Packet In/Packet Out Message
–Flow Removed Protocol Message
–Symmetric Message
–Error
Please refer to OpenFlow 1.3 conformance test specification officially published by ONF or
contact SDNCTC for detailed test cases. Each equipment will get a detailed testing report after
testing, and the report includes testing result, sniffer packet of testing process and Log files.
Since OFsuite tool can acquire real switch equipment conditions and feedbacks, by the
cooperation with SDNCTC and ONF, constantly edited OpenFlow 1.3 conformance test specification
can get closer to the reality and be optimized at last and simultaneously the approval situation of
manufacturers’ equipment are also improved greatly.
4.2 OpenFlow 1.3 Interoperability Test
Interoperability test is aimed at verifying work status of equipment in multi-manufacturer
environment, discovering and modifying interoperability and interconnection problems by
networking and interoperating different manufacturers’ equipment, and gives feedback of needed
standard modification advice to ONF when necessary, thus promoting the maturity and development
of the whole industry.
In the earlier interoperability test activities, test contents were mainly about basic functions of
OpenFlow 1.3 like control channel construction, L2 forwarding, L3 forwarding, multi-controller
host/backup switch. From the tendency of past activities, with gradual update and maturity of
manufacturers’ equipment, interoperability and interconnection problems are basically eliminated in
basic function aspect. This SDNFV ShowCase activity will focus on advanced features and function
interoperability and interconnection of OpenFlow 1.3 in interoperability test aspect.
Needed traffic generation of interoperability test, result verification and other functions are
realized by the support of testing instrument provided by IXIA.
4.2.1 Interoperability Test Scheme
4.2.1.1 Testcase – TLS Encrypted Tunnel
Based on security consideration, communication data between OpenFlow controller and switch can
be encrypted, and the encrypted tunnel helps to improve network security. TLS encrypted tunnel test
methods are as follows.
Test Topology
Figure 2 TLS Encrypted Tunnel Test Topology
Test Methods
1. Use TLS to build encrypted control tunnel between controllers and OF switches to
conduct topology discovery
2. OF controllers distribute flowtable to OF switches, match MAC, and test
instruments sending traffic and verify 2 layer flowtable forwarding
3. OF controllers distribute flowtable to OF switches, match IPv4 address, and test
instruments sending traffic and verify 3 layer flowtable forwarding
IXIA Test Tool
OF Switch1
OF Switch3
OF Switch2
OF Controller
4.2.1.2 Testcase - Group Table
Group table is an important feature of OpenFlow protocol, including All, Indirect, Select and Fast
Failover types, and protocol needs must support type All and Indirect. Group table test methods are
shown as follows, and manufactures choose group table type to do test according to support
conditions.
Test Topology
Figure 3 Group Table Test Topology
Test Methods
1. Build control tunnel between OF1.3 controllers and manufacturers’ OF1.3 switches
to conduct topology discovery
2. Test instrument sends traffic of 4 different destination MAC addresses to OF
switch1
IXIA Test Tool
OF Switch1
OF Switch2
OF Switch3
OF Switch4
OF Switch5
OF Controller
3. OF controller distributes flowtable to OF switch 1, match destination MAC address,
increase VLAN tag according to different MAC addresses and set different VLAN ID value
4. OF controller distributes flowtable to OF switch 2, match VLAN ID, point to group
table, and set All as the type in group table
5. OF controller distributes flowtable to OF switch 3, match VLAN ID, point to group
table, and set Indirect as the type in group table
6. OF controller distributes flowtable to OF switch 4, match VLAN ID, point to group
table, and set Select as the type in group table
7. OF controller distributes flowtable to OF switch 5, match VLAN ID, point to group
table, and set Fast Failover as the type in group table
8. Confirm whether each OF switch supports needed functions, and whether test
instruments sending flowtable forwarding is right.
4.2.1.3 Testcase - Meter Table
Meter Table is the new introduced feature of OpenFlow 1.3 protocol, mainly used to limit
traffic speed. This test activity tested and verified the basic speed limit function of Meter Table, and
the test topology and methods are as follows.
Test Topology
Figure 4 Meter Table Test Topology
IXIA Test Tool
OF Switch1
OF Switch2
OF Switch3
OF Controller
Test Methods
1. Build control tunnel between OF1.3 controllers and manufacturers’ OF1.3 switches
to conduct topology discovery
2. Test instrument respectively sends 100M IPv4 and IPv6 traffic to OF switch 1,and
sets o as priority
3. OF controllers distribute two flow entries to OF switch 1:
Flow entry 1: Match IPv4 address, and modify IPv4 dscp to 24
Flow entry 2: Match IPv6 address, and modify IPv6 dscp to 32
4. OF controller distributes flowtable to OF switch 2, match IPv4 address and IPv4
DSCP, point to meter table, and limit the traffic speed to 10M in meter table
5. OF controller distributes flowtable to OF switch 3, match IPv6 address and IPv6
DSCP, point to meter table, and limit the traffic speed to 20M in meter table
6. Check outgoing interface traffic of OF switch 2 and 3, confirm whether IPv4/IPv6
traffic modifies priority and limits speed
4.2.1.4 Testcase - Multiple Flow Table
Single flowtable limits the capability of hardware chips; multi-flowtable can make full use
of features of every hardware flowtable, and improve switch performance and extendibility. The test
activity tests multi-flowtable, and manufacturers choose proper matching fields and actions
according to protocol support conditions, and test methods are as follows.
Test Topology
Figure 5 Multiple Flow Table Test Topology
IXIA Test Tool
OF Controller
OF Switch1
OF Switch4
OF Switch3
OF Switch2
Test Methods
1. Build control tunnel between OF1.3 controllers and manufacturers’ OF1.3 switches
to conduct topology discovery
2. Test instruments send 2 flows to OF switch 1, one contains MAC1 and IPv4
address, and the other contains MAC2 and IPv6 address
3. OF controllers send 4 flow entries to OF switch 1:
Flow entry 1 :Match MAC1, modify to MAC3, and point to lower flowtable
(Flow entry 2)
Flow entry 2:Match MAC3, output
Flow entry 3:Match MAC2, add VLAN and point to lower flowtable (Flow
entry 4)
Flow entry 4:Match VLAN, output
4. OF controllers send 2 flow entries to OF switch 2:
Flow entry 1:Match IPv4 address, modify to IPv4 address 2, and point to lower
flowtable (Flow entry 2)
Flow entry 2:Match IPv4 address 2, output
5. OF controllers send 2 flow entries to OF switch 3:
Flow entry 1:Match IPv6 address, modify to IPv6 address 2, and point to lower
flowtable (Flow entry 2)
Flow entry 2:Match IPv6 address 2, output
6. OF controllers send 2 flow entries to OF switch 4:
Flow entry 1:Action is write metadata, and point to lower flowtable (Flow entry 2)
Flow entry 2:Match metadata, output
4.2.1.5 Testcase – Controller Cluster
As the network scale becomes bigger and services more complex, single controller cannot
satisfy the needs of network development. A complex network needs multiple controllers to
collaborate; the test activity conducts test of controller cluster and the test methods are as follows.
Test Topology
Figure 6 Controller Cluster Test Topology
Test Methods
1. Deploy cluster among multiple OF1.3 controllers, externally appearing as 1 OF
controller
2. Build control tunnel between OF switches and OF controllers
3. OF controllers distribute flowtable to OF switches, test whether instruments
sending traffic verification forwarding is normal, and confirm whether controller cluster
supports host/backup modes or load balance mode
4. Simulate that one or two controllers malfunction, and confirm whether it influences
OF switch forwarding; add and delete flowtable of OF switch to confirm whether it functions
normal
4.2.1.6 Testcase – Hybrid Networking
Network always has switches supporting different OpenFlow versions, and for hybrid
networking environment, and it is quite necessary that controllers can manage switches supporting
different protocol versions. Hybrid networking test schemes are as follows.
Test Topology
IXIA Test Tool
OF Switch
OF Controller cluster
Figure 7 Hybrid Networking Test Topology
Test Methods
1. Build control tunnel between OF controllers and each OF switch to conduct
topology discovery
2. OF controllers distribute flowtable to each OF switch, match MAC, test
instruments sending traffic and verify 2 layer flowtable forwarding
3. OF controllers distribute flowtable to each OF switch, match IPv4 address, test
instruments sending traffic and verify 3 layer flowtable forwarding
4.
4.2.2 Interoperability Test Problem
Without revealing specific manufacturer information, list interoperability problems discovered
in test process below:
4.2.2.1 Connection Problem
Unable to Identify OXM class
In the initial connection phase, connection establishment is not successful. Controllers cannot
identify OXM class of table features information sent by switches.
IXIA Test Tool
OF 1.0 Switch
OF 1.3 Switch
OF 1.4 Switch
OF Controller
Multi-version Negotiation
Connection establishment between switches supporting OF1.3 protocol and switches
supporting multiple OF protocol versions (OF1.4&OF1.3) is not successful
4.2.2.2 Matching Problem
Table 0 has limit in supporting matching field
Table 0 of OF switch has limit in matching field, only supporting matching In_port and
unable to matching others, needs to use other table to do tests in testing, and distributes flow entries
of Goto Table in Table 0 to do tests.
Matching combination has limits
OF switches cannot match the combination between In_port and any other matching field,
and switches return error messages.
4.2.2.3 Instruction & Action Problems
Output:All
Switch action is output to interface All, sends traffic verification, and all interfaces of switches
forward traffic, including input interface.
Output:In_port
Switches do not support output to in_port.
Pop vlan
Controllers distribute flow entries including pop vlan action to switches, and switches do not
return error messages, send traffic verification, data package forwards but vlan tag still exists.
Group of Fast Failover type cannot switch paths
When OF switches test Group type Fast Failover in Group Table, flow entries can distribute
normally, OF switches do not return any error messages; instruments malfunctions after sending
traffic and switches cannot automatically switch paths.
Meter does not realize speed limit
OF controllers configure Meter Table and distribute flow entries pointing to Meter, OF
switches do not return any error messages, instruments send traffic to verify speed limit, and
switches do not limit speed or the rate gap between speed limit and configuration is too large.
4.2.2.4 Error Message Problem
Do not return error messages to unsupported actions
Controllers distribute flow entries to switches, including actions unsupported by switches,
and switches do not return error message.
Wrong error type or error code
In special error conditions, switches return wrong error messages, returning wrong error type or
error code. For example, when switch version negotiation is not successful, it should return Hello
Failed message, but actually return the error type of Bad Request.
4.2.2.5 Controller Cluster Problem
Switches do not support clusters of more than 2 controllers
OF switches can only support clusters made up of 2 controllers, and cannot normally process
clusters contain 3 controllers, only applicable to test clusters of 2 controllers in the test.
Controllers of different manufacturers cannot make up clusters
Controllers of different manufacturers cannot collaboratively work in cluster because it lacks
the support of eastbound and westbound interface standard.
4.2.2.6 Others
Switches cannot process flow entries of priority 0
Table-miss flow entry distributed by controllers is priority 0, switches cannot normally
process flow entries of priority 0 can return error messages.
Ageing time is inaccurate
Ageing time of switch flow entries is inaccurate, with error over 10 seconds.
Add Vlan tag in Packet in message
When sending up data package to controllers, switches adds a vlan tag to data package.
Flow statistics are not supported
Switches do not support statistical function.
Counter cannot reset
Switches cannot reset counter.
4.3 Performance Test
Performance test is aimed at verifying whether the equipment has the deployment ability in
some scenario by calibrating some performance indicator of SDN controllers or switches. On this
SDNFV ShowCase, combined with the support conditions of IXIA tool, several key performance
indicators of equipment were chosen for test and certification.
4.3.1 Testcase – Switch Performance Test
Flowtable forwarding performance of OF switches is an important indicator of switch ability,
and the test activity tests the basic parameters of switch performance. Specific test contents are as
follows.
Test Topology
Figure 8 Switch Performance Test
Test Methods
1. Build control tunnel between stimulation controllers of test instruments and tested
OF switches
2. Test OF switches’ performance
A. Flowtable Capacity
a) Test tools distribute Flow mod(add) message at proper rate
b) Wait switches to return error messages of OFPET_FLOW_MOD_FAILED
c) After switches return error messages, test instruments request flowtable
number from switches
d) Test instruments send data traffic to verify whether the flowtable is effective
or not
B. Flowtable Forwarding Performance (sending byte 512):
a) Throughput of switches when only matching port
b) Throughput of Switches when matching port, source MAC, destination MAC,
vlan id, vlan priority, source IPv4 address, destination IPv4 address, dscp, tcp
and port number
c) Forwarding performance of switches when matching 1K flow entry
IXIA Test Tool
OF Switch
4.3.2 Testcase - Controller Performance Test
Controller performance determines the network scale and services that the controller can
manage and control. Only when the controller performance is guaranteed, the network can work
normally. The test activity tests following parameters of controllers.
Test Topology
Figure 9 Controller Performance Test
Test Methods
1. Build control tunnel between stimulation switches of OF test instruments and tested
OF controllers
2. Test OF controller performance
A. Supported OF session specifications
a) Build connection between OF test instruments stimulating many switches
and OF controllers
b) View the largest connection establishment number on test instruments
B. Flowtable distribution rate
a) OF test instrument stimulates single switch, and sends up information
including Packet_in message unable to match data packet information
b) Controllers receive Pack_in message, and distribute matching flow entries
according to containing data packet information
c) View the largest distribution rate of flow entries
4.4 Brief Summary
In OpenFlow1.3 conformance test aspect, use special test tool OFsuite, and with over 300 test cases
and 17 test groups, many kinds of switch equipment conducted complete test of all test cases. Each
manufacturer’s switches can interoperate with OFsuite successfully, and the passing rate of test cases
has greatly increased compared to past activities. Some manufacturers modify and pass tens of test
cases by live feedback from the test activity. Most manufacturers’ switches perform well in basic
IXIA Test Tool
OF Controller
function aspect, and have relatively good results in control tunnel building, flowtable matching and
protocol message. Test results of error messages and Multipart messages reflect many problems,
which manifest in the deviated understanding of protocols, some unrealized functions like TLS
encryption and statistics. The test activity’s test results and data of manufacturers’ switches have
already been sent back to each manufacturer.
In interoperability aspect, many manufacturers’ switches and controllers conducted networking
interoperation, and switches performed selective tests on interoperation test cases. Each
manufacturer’s switch equipment can realize topology discovery, link statistics, 2 layer forwarding
and other basic functions on controller interface, and some has relatively good support for functions
like Group and Meter, but functions like VxLAN, TLS encryption and Overlay still need switches to
optimize related realization. In current SDN market, OpenFlow1.3 protocol has already become the
mainstream realization of manufacturers, but chips are still the main factor limited equipment
realization, and solutions based on different switch chips still need severe flowtable limit to
interoperate. In the test activity, switches supporting OpenFlow1.4 also appear, but interoperation
and interconnection in hybrid networking still have some problems and need manufacturers to
constantly optimize the products. By test, it is also found that without eastbound and westbound
interface standard among controllers, controllers of different manufacturers can hardly work in
cluster.
Each manufacturer also actively participated in performance tests including controller and switch
performance. Some controller and switch equipment show outstanding performance. In general,
equipment performance of manufacturers is more stable, most switches support multi-flowtable, and
flowtable capacity increases, compared to the past.
In scheme test phase, the test activity introduced NFV test scenario for the first time, combining
NFV and SDN technology. SDN solutions from Huawei, Ruijie and H3C transferred their work
processed by traditional equipment earlier to SDN/NFV scenario, and used the global view and
centralized control ability of controllers to realize strategic routing, web certification, vBRAS and
other functions. Extensive application can be realized in storage or WAN traffic scheduling and
enterprise network scenario. Appearance of the whole solutions showed that the combination of SDN
and NFV has its natural advantages and meanwhile, represented the industry’s thinking and insight
of future network evolution.
5 ShowCase Solution Demonstration
得益于虚拟化的天然优势,解决了物理设备在云计算多租户网络中的部署难题,实现企业
在公有云中部署网络设备的需求,有效拓展网络设备的部署场景。
传统设备对云内安全无法精细管理,发挥虚拟设备的灵活优势,将云内安全、负载分担做
到租户级精细化控制,有效提升用户体验,方便运维管理。
通过为虚拟设备增加虚拟资源的方式来提升设备性能,不受物理设备的硬件限制,使得按
需扩容成为现实。
• 业务Portal:提供面向客户的计算/存储/网络业务界面,由云平台或者AC自己提供
• 云平台:统一管理业务资源,业务入口,实现计算/存储资源和网络资源的协同调度
• AC控制器:物理/虚拟网络资源统一控制,北向实现与业界主流云平台实现标准对接;南
向支持OPENFLOW/Netconf/OVSDB等接口,完成业务策略编排、网络建模和网络业务自
动化部署
• 物理网络层:基于传统二层、CSS+SVF、TRILL或VXLAN的Fabric
• 虚拟网络层:Overlay方案提供统一虚拟网络管理、提供vSwitch、vFW和vRouter等虚拟网
络组件
• 基于Mellanox端到端Ethernet和InfiniBand网络,支持10 / 25 / 40 / 50 / 56 / 100Gb/s等带宽;
• 支持OpenFlow 1.0,与主流的SDN Controller兼容,支持广泛的OpenFlow规则;
• 支持ONIE,基于开放接口安装网络OS,按需选择OS类型;
• 开放Switch SDK API,支持用户自定义开发和功能定制;
• 支持Puppet任务自动化
• MLAG Wizard,开源MLAG
• 支持Observium监控
• 提供OpenStack Plugin,实现OpenStack集成
.
Pica8 Data Center SDN Solution
© 2012 Pica8 Inc. All Rights Reserved. P a g e | 1 DOCUMENT TYPE HERE
Pica8 SDN Solution for Data Center
Pica8
基于 SDN 的 DCI 实现
传统路由设备与 SDN 技术的完美互通
丰富的路由策略配置
便捷的网络部署管理
基于标准的 OpenFlow 协议
全可编程架构:本地API支持C/C++、Java、Python三种编程语言。北向接口支持REST接
口,基于JSON和XML两种消息体编码格式。
内置网络虚拟化功能:ZENIC内部支持多种网络虚拟化的实现方式,可以兼容多租户的
VDC应用场景。
分布式集群架构:ZENIC支持分布式控制器,由主控控制器提供集群管理能力,由业务控
制器提供南向业务管理能力。ZENIC控制器集群可以同时支持负载分担和冗余备份。
丰富的南向接口管理:ZENIC支持OpenFlow1.0/1.3和OF-CONFIG南向接口,管理OF交换
机。ZENIC支持OVSDB,对基于OpenvSwitch架构的vSwitch进行配置管理。ZENIC还支持
NETCONF/CLI/SNMP等接口对传统设备进行管理。
6 Summary
With the rapid development of SDN/NFV technology, and compared to past activities, in this test
activity, each manufacturers not only were more mature and better in OpenFlow protocol
conformance and equipment interoperation, but also improved in every performance indicator;
meanwhile, they also had practical and specific embodiment in overall virtualization schemes,
boosting the confidence in the combination practice of SDN and NFV technologies. In conformance,
tested by special test tool OFsuite of OpenFlow 1.3 conformance, each manufacturer’s switches have
already greatly improved in pass rate of test cases, compared to past activities. Most manufacturers’
switches perform well in basic function test, having good results in control tunnel building, flowtable
matching and protocol message. The test results of error and Multipart messages reflected many
problems, and many manufacturers had deviated understanding of protocols. We gave feedback of
these cases in need of discussion and then advanced the standard optimization. At the same time,
functions of control layer are better and richer, and switch networking interoperation of many
manufacturers can all realize programmable topology discovery, link statistics, 2 layer forwarding
and other basic functions on controller interface, but functions like VxLAN, TLS encryption and
Overlay still need switches to optimize related realization. In current SDN market, OpenFlow1.3
protocol has already become the mainstream realization of manufacturers, but chips are still the main
factor limited equipment realization, and solutions based on different switch chips still need severe
flowtable limit to interoperate. In the test activity, switches supporting OpenFlow1.4 also appear, but
interoperation and interconnection in hybrid networking still have some problems and need
manufacturers to constantly optimize the products. By test, it is also found that without eastbound
and westbound interface standard among controllers, controllers of different manufacturers can
hardly work in cluster. As the network scale becomes larger and services more complex, single
controller cannot satisfy the need of network development, and collaborative work of multiple
controllers is the future tendency and urgently needs standardized eastbound and westbound
interfaces. In NFV, the application scenario is clear and the advantages are obvious, so it gains rapid
development and has mature realization. NFV solutions provided by some manufacturers, like
vBRAS and vFirewall, have already realized the virtualization function.
In scheme test phase, SDN solutions from Huawei, Ruijie and H3C transferred their work
processed by traditional equipment earlier to SDN/NFV scenario, and used the global view and
centralized control ability of controllers to realize strategic routing, web certification, vBRAS and
other functions. Extensive application can be realized in storage or WAN traffic scheduling and
enterprise network scenario. Appearance of the whole solutions showed that the combination of SDN
and NFV has its natural advantages and meanwhile, represented the industry’s thinking and insight
of future network evolution.
In the future, the test activity not only needs to further richen its contents with the industry
development, but also will invite colleagues from every aspect in the industry chain including startup
companies and software companies to jointly promote the exchange and cooperation in the industry.
7 Global SDN Certified Testing Center (SDNCTC) & IXIA
The global SDN certified testing center (www.sdnctc.com) is a neutral third party SDN/NFV
testing and certificating lab, devoting itself to R&D, testing and certificating, deployment and
promotion of SDN/NFV technology. SDNCTC actively works on the development of test
specification, test tools and testing and certificating ecosystem under the collaboration with
SDN/NFV international standards organizations like ONF. Meanwhile, SDNCTC also provide a
neutral testing and certification services globally, accelerating the improvement of technology and
products, guarantee the commercial deployment of SDN/NFV.
IXIA (NASDAQ:XXIA) provides application performance and security resilience solutions to
validate, secure, and optimize businesses’ physical and virtual networks. Enterprises, service
providers, network equipment manufacturers, and governments worldwide rely on Ixia’s solutions to
deploy new technologies and achieve efficient, secure, ongoing operation of their networks. Ixia's
powerful and versatile solutions, expert global support, and professional services equip organizations
to exceed customer expectations and achieve better business outcomes. For further information,
please browse our website www.ixiacom.com or www.ixiacom.cn.