raphaelmorim_luaworkshop2012
TRANSCRIPT
-
7/29/2019 raphaelmorim_luaworkshop2012
1/40
LuaFlow, an open source
Openflow Controller
Raphael [email protected]
Renato [email protected]
Workshop 2012
mailto:[email protected]:[email protected]:[email protected]:[email protected]:[email protected]:[email protected] -
7/29/2019 raphaelmorim_luaworkshop2012
2/40
Talk Overview
What is OpenFlow?
How OpenFlow Works
Lua Flow approach Demo
Next steps
-
7/29/2019 raphaelmorim_luaworkshop2012
3/40
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Operatng
Sysem
OperatngSysem
Operatng
Sysem
Operatng
Sysem
Operatng
Sysem
Ap
p
Ap
p
Ap
p
3
Curren InerneClosed o Innovatons in he Infrasrucure
-
7/29/2019 raphaelmorim_luaworkshop2012
4/40
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Ap
p
Ap
p
Ap
p
Specialized Packet
Forwarding Hardware
Operatng
Sysem
OperatngSysem
Operatng
Sysem
Operatng
Sysem
Operatng
Sysem
Ap
p
Ap
p
Ap
p
Nework Operatng Sysem
App App App
Software Defined Networking approach
to open it
-
7/29/2019 raphaelmorim_luaworkshop2012
5/40
App
Simple Packet
Forwarding
Hardware
Simple PacketForwarding
Hardware
Simple Packet
ForwardingHardware
App App
Simple Packet
Forwarding
HardwareSimple Packet
Forwarding
Hardware
Nework Operatng Sysem
1. Open inerface o hardware
3. Well-dened open API2. A leas one good operatng sysem
Exensible, possibly open-source
The Software-defined Network
-
7/29/2019 raphaelmorim_luaworkshop2012
6/40
What is OpenFlow?
-
7/29/2019 raphaelmorim_luaworkshop2012
7/40
Short Story: OpenFlow is an API
Control how packets are forwarded
Make deployed networks programmable not just configurable
Makes innovation easier
Goal (experimenters perspective): No more special purpose test-beds
Validate your experiments on deployedhardware with real traffic at full line speed
-
7/29/2019 raphaelmorim_luaworkshop2012
8/40
How Does
OpenFlow Work?
-
7/29/2019 raphaelmorim_luaworkshop2012
9/40
Eherne Swich
-
7/29/2019 raphaelmorim_luaworkshop2012
10/40
Daa Pah (Hardware)Daa Pah (Hardware)
Conrol PahConrol PahConrol Pah (Soware)Conrol Pah (Soware)
-
7/29/2019 raphaelmorim_luaworkshop2012
11/40
Daa Pah (Hardware)Daa Pah (Hardware)
Conrol PahConrol Pah OpenFlowOpenFlow
OpenFlow ConrollerOpenFlow Conroller
OpenFlow Proocol (SSL/TCP)
-
7/29/2019 raphaelmorim_luaworkshop2012
12/40
Conroller
PC
Hardware
Layer
Soware
Layer
Flow Table
MAC
src
MAC
ds
IP
Src
IP
Ds
TCP
spor
TCP
dpor Acton
OpenFlow Firmware
**5.6.7.8*** por 1
por 4por 3por 2por 1
1.2.3.45.6.7.8
OpenFlow Flow Table Abstraction
-
7/29/2019 raphaelmorim_luaworkshop2012
13/40
OpenFlow BasicsFlow Table Entries
Swich
PorMAC
src
MAC
ds
Eh
ypeVLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dpor
Rule Acton Sas
1. Forward packe o por(s)
2. Encapsulae and forward o conroller
3. Drop packe
4. Send o normal processing pipeline
5. Modify Fields
+ mask wha elds o mach
Packe + bye couners
-
7/29/2019 raphaelmorim_luaworkshop2012
14/40
ExamplesSwiching
*
Swich
Por
MAC
src
MAC
ds
Eh
ype
VLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dporActon
* 00:1f:.. * * * * * * * por6
Flow Swiching
por3
Swich
Por
MAC
src
MAC
ds
Eh
ype
VLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dporActon
00:20.. 00:1f.. 0800 vlan1 1.2.3.4 5.6.7.8 4 17264 80 por6
Firewall
*
Swich
Por
MAC
src
MAC
ds
Eh
ype
VLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dporForward
* * * * * * * * 22 drop
-
7/29/2019 raphaelmorim_luaworkshop2012
15/40
ExamplesRoutng
*
Swich
Por
MAC
src
MAC
ds
Eh
ype
VLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dporActon
* * * * * 5.6.7.8 * * * por6
VLAN Swiching
*
Swich
Por
MAC
src
MAC
ds
Eh
ype
VLAN
ID
IP
Src
IP
Ds
IP
Pro
TCP
spor
TCP
dporActon
* * vlan1 * * * * *
por6,
por7,
por9
00:1f..
-
7/29/2019 raphaelmorim_luaworkshop2012
16/40
OpenFlowSwitch.org
Controller
OpenFlowSwitch
PC
OpenFlow UsageDedicated OpenFlow Network
OpenFlowSwitch
OpenFlowSwitch
OpenFlow
Protocol
Rule Action Statistics
Rule Action Statistics Rule Action Statistics
AliceBob
-
7/29/2019 raphaelmorim_luaworkshop2012
17/40
Experiment Design Decisions
Forwarding logic (of course)
Centralized vs. distributed control
Fine vs. coarse grained rules Reactive vs. Proactive rule creation
Likely more: open research area
-
7/29/2019 raphaelmorim_luaworkshop2012
18/40
Centralized vs Distributed
Control
Centralized Control
OpenFlowSwitch
OpenFlowSwitch
OpenFlowSwitch
Conroller
Disribued Conrol
OpenFlowSwitch
OpenFlowSwitch
OpenFlowSwitch
Conroller
Conroller
Conroller
-
7/29/2019 raphaelmorim_luaworkshop2012
19/40
Flow Routing vs. AggregationBoth models are possible with OpenFlow
Flow-Based
Every flow is individually
set up by controller Exact-match flow entries Flow table contains one
entry per flow
Good for fine graincontrol, e.g. campusnetworks
Aggregaed
One ow enry covers large
groups of owsWildcard ow enries
Flow able conains one enry
per caegory of ows
Good for large number of
ows, e.g. backbone
-
7/29/2019 raphaelmorim_luaworkshop2012
20/40
Reactive vs. ProactiveBoth models are possible with OpenFlow
Reactive
First packet of flow
triggers controller toinsert flow entries
Efficient use of flowtable
Every flow incurs smalladditional flow setuptime
If control connectionlost, switch has limited
utility
Proactve
Conroller pre-populaes ow
able in swichZero additonal ow seup
tme
Loss of conrol connecton
does no disrup rac
Essentally requires
aggregaed (wildcard) rules
-
7/29/2019 raphaelmorim_luaworkshop2012
21/40
Examples of OpenFlow in Action
VM migration across subnets Identity-Based QoS
Energy-efficient data center network Network slicing Load balancing (DNS for instance)
-
7/29/2019 raphaelmorim_luaworkshop2012
22/40
-
7/29/2019 raphaelmorim_luaworkshop2012
23/40
Slide Credits
Guido Appenzeller
Nick McKeown
Guru Parulkar Brandon Heller
Rob Sherwood
Lots of others (this slide was also stolen)
-
7/29/2019 raphaelmorim_luaworkshop2012
24/40
LuaFlow's approach
-
7/29/2019 raphaelmorim_luaworkshop2012
25/40
Official Open Source controllers
NOX (Python/C)
Mixed approach
Beacon (Java) Focus in production environments
Java enterprise code
Trema (Ruby) Focus on prototyping testing
-
7/29/2019 raphaelmorim_luaworkshop2012
26/40
There's a strong correlation between thelength of code (number of tokens) and
programmers' productivity
e.g. Arc Programming Language [Paul Graham]
With smaller code:
- less time to write consistent code
- less chances for bugs
LuaFlow is specialized for programmers' productivity,
But not compromising efficiency
Write it short
-
7/29/2019 raphaelmorim_luaworkshop2012
27/40
... because we write it in C and Lua
(NOX written in C++ and Python, Beacon writtenin Java)
This is the main reason!
Why LuaFlow
-
7/29/2019 raphaelmorim_luaworkshop2012
28/40
switches{
switch1 = {datapath_id = "00:00:00:00:00:00:00:01"},
switch2 = {datapath_id = "00:00:00:00:00:00:00:02"},
}
hosts{
host1 = {mac = "00:00:00:00:00:03"},
host2 = {mac = "00:00:00:00:00:04"},
}
-- Connections: Connection.switch[port#] = {switch=port#} or-- Connection.switch[port#] = {host} or
-- Connection.host = {switch=port#}
Connection.host1 = { switch1 = 2}
Connection.host2 = { switch2 = 2}
Connection.switch1[1] = { switch2 = 1}
Network configuration file
-
7/29/2019 raphaelmorim_luaworkshop2012
29/40
-
7/29/2019 raphaelmorim_luaworkshop2012
30/40
-
7/29/2019 raphaelmorim_luaworkshop2012
31/40
-
7/29/2019 raphaelmorim_luaworkshop2012
32/40
-
7/29/2019 raphaelmorim_luaworkshop2012
33/40
# NOX Python
inst.install_datapath_flow(
dpid,
extract_flow(packet),
CACHE_TIMEOUT,
openflow.OFP_FLOW_PERMANENT,[[openflow.OFPAT_OUTPUT, [0, prt[0]]]],
bufid,
openflow.OFP_DEFAULT_PRIORITY,
inport,
buf
)
# Luaflow
add_simple_flow(dpid,
flow,
buffer_id,out_port,
cache_timeout)
VS
-
7/29/2019 raphaelmorim_luaworkshop2012
34/40
Catching network events
function switch_ready(dpid, features)function switch_ready(dpid, features)
print(">> New switch connected: " .. dpid)
fork,v in pairs(features) do
ifk == "ports"then
fori,p in ipairs(v) do
print("Port " .. i) fork1,v1 in pairs(p) do
print(k1, v1)
end
end
else
print(k, v) end
end
end
-
7/29/2019 raphaelmorim_luaworkshop2012
35/40
Catching network events
function packet_in(dpid, buffer_id, flow)
print(">> New packet (" .. buffer_id .. ") received from " .. dpid)
local idle_timeout = 10
local out_port = "all"
add_simple_flow(dpid, flow, buffer_id, out_port, idle_timeout)end
-
7/29/2019 raphaelmorim_luaworkshop2012
36/40
Base classes
base_config.lua custom_topology_config.lua Topology.lua Port.lua Host.lua Switch.lua
Link.lua Dijkstra.lua Controller.lua
Flow.lua
-
7/29/2019 raphaelmorim_luaworkshop2012
37/40
Base classes
require"Topology"
myTopology = Topology:new{name = "mininet"}
myTopology:load_config("custom_topology_config.lua")
function switch_ready(dpid, features)
print(">> New switch connected: " .. dpid) --TODO
--Insert switch features into switch objects
end
function packet_in(dpid, buffer_id, flow)
print(">> New packet received from " .. dpid)
route = myTopology:getRoute(flow.dl_src, flow.dl_dst)
...
end
-
7/29/2019 raphaelmorim_luaworkshop2012
38/40
Demo
-
7/29/2019 raphaelmorim_luaworkshop2012
39/40
Next steps
Pure lua controller using ffi/luajit
More real-world scenarios
Serious evaluation Open WRT Openflow wireless devices
Community pull-requests
Both ideas & Code
-
7/29/2019 raphaelmorim_luaworkshop2012
40/40
Questions?
Thank you all