Software Defined Network PART 4
Southbound Interface Protocol
Overview of Southbound Interface Protocol
What is the Southbound Interface Protocol?
- A protocol designed for information exchange between the controller of the control plane and the switch of the data plane .
What is the design goal (main role) of the southbound interface protocol?
1. Realize the information interaction between the data plane and the control plane
- Collect data plane information upwards;
- Send down control policies to guide forwarding behavior.
2. Realize network configuration and management;
3. Realize path calculation, including link attributes (bandwidth and overhead), link status, and topology information, etc.;
What are the Southbound interface protocols?
OpenFlow protocol
- A southbound interface standard defined by ONF, which provides an open standard way for communication between controllers and switches
OF-Config protocol
- OpenFlow Management and Configuration Protocol (OpenFlow Management and Configuration Protocol, OF-Config ): An OpenFlow switch configuration protocol. It can be understood as the companion agreement of the openflow agreement .
OVSDB protocol
- Open source database management switch protocol (Open the vSwitch Database Management Protocol, OVSDB ): responsible for managing open source software switch ( OpenvSwitch open virtual switch databases, OVS), to achieve the virtual switch is programmable access and configuration management .
NETCONF protocol
- NETCONF protocol adopts Client/Server structure . Through NETCONF, the SDN controller configures and manages network devices .
SDN Controller as Server
SDN Switch as client
XMPP
- Extensible Messaging and Presence Protocol (eXtensible Messaging and Presence Protocol, XMPP ): Open for instant messaging, status, multi-party chat, voice and video calls, collaboration, lightweight middleware, content federation, and general XML data routing technology.
PCEP
- Path Computation Element Protocol (PCEP): It is proposed for MPLS network inter-domain traffic engineering (Traffic Engineering, TE) and other applications to support centralized path calculation.
Baidu MPLS stamp here: MPLS
MPLS
多协议标签交换(英语:Multi-Protocol Label Switching,缩写为MPLS):
是一种在开放的通信网上利用标签引导数据高速、高效传输的新技术。
多协议的含义:
是指MPLS不但可以支持多种网络层层面上的协议,还可以兼容第二层的多种数据链路层技术。
MPLS是利用标记(label)进行数据转发的。当分组进入网络时,要为其分配固定长度的短的标记,
并将标记与分组封装在一起,在整个转发过程中,交换节点仅根据标记进行转发。
I2RS
- Routing system interface (Interface to the Routing System, I2RS): SDN southbound interface protocol promoted by IETF;
- Core idea: Define open interfaces on the routing and forwarding system of traditional network equipment, so that external applications or control entities can read the information in the router, and dynamically issue routing status and policies to forwarding equipment based on topology changes, traffic statistics and other information , To support the programmability of the network.
OpFlex
- OpFlex is a southbound interface protocol proposed by Cisco;
- OpFlex is a policy control protocol within ACI.
Open Flow protocol
Openflow message type
- Controller-to-Switch message
- Asynchronous message [eɪˈsɪŋkrənəs]
- Symmetric message
controller-to-switch message
- Initiated by the controller , the switch may be required to reply to the corresponding message.
asynchronous message list
- Actively initiated by the switch to inform the controller of the arrival of new data packets and the change of switch status
symmetric message list
- Send by either party without the other party's permission or request
Openflow message format
- Openflow protocol data package: Openflow Header and Openflow Message
Openflow Header format:
Data structure of Openflow Header
/* Header on all OpenFlow packets. */
struct ofp_header {
uint8_t version; /* OpenFlow的协议版本号*/
uint8_t type; /*消息类型,是个常数*/
uint16_t length; /*数据包字节数*/
uint32_t xid; /*数据包的标识id*/
};
The openflow packet data type ofp_type is an enumerated type, and each message type is defined as a constant:
SDN communication process based on Openflow
The figure on the left shows the process of establishing a connection through hello information:
◆The controller opens the TCP port 6633 and waits for
the connection of the
switch ◆When the switch starts, try to connect to
the specified controller port;
◆The secure channel uses TLS (Transport
Layer Security) connection encryption;
◆The two parties are authenticated by exchanging certificates. The
follow-up process can refer to the information above
The figure on the right shows the different types of data packets under the packet capture software. The
information interaction process between the two PC terminals:
①The host sends a data packet to the network
②The flow table of the OF switch has no matching item, and
the data packet is reported to the controller through the Packetln event.
③The controller Send flow table (or PacketOut) ④Data
packet forwarding ⑤Same
as ② ⑥Same
as ③ ⑦Data
packet forwarding
OF-Config overview
OF-Config protocol
- OF-Config protocol is an OpenFlow switch management configuration protocol (OpenFlow Management and Configuration Protocol)
- OpenFlow's companion protocol (Considered a complementary protocol);
Correspondence between OF-Config protocol and OpenFlow protocol version
Protocol design requirements (Requirements)
- Specification Requirements
- Operational Requirements (Operational Requirements)
- Management Protocol Requirements
Specification Requirements
1. Controller connection settings
- Controller IP address, controller port number and transmission protocol (TLS or TCP).
2. Multiple Controllers
- Parameter configuration of multi-controller connection
3.OpenFlow logical switch
- The configuration of various resources, such as ports or queues.
4. Connection Interruption
- Configure the mode to enter after the connection fails.
Two modes: fail safe mode and fail independent mode
5. Encryption
- Identity authentication method
6. Queues
- Minimum rate (min-rate), maximum rate (max-rate), custom rate (experimenter)
7. Ports
- Prohibition of receiving (no-receive), prohibition of forwarding (no-forward), prohibition of Packet-in messages (no-packetin), management state (admin-state)
8. Capability Discovery
- Discoverability characteristics
9.Datapath ID
Operational Requirements
-
Support OF switch is configured by multiple OpenFlow configuration points
-
Support one OpenFlow configuration point to manage multiple OF exchanges
- Support one OpenFlow logical switch to be controlled by multiple controllers
- Support configuration of ports and queues of OpenFlow switches;
- Support the capability discovery of OpenFlow logical switches;
- Support configuration tunnels, such as IPinGRE, VXLAN and NVGRE
Management Protocol Requirements
- Ensure safety, support two-way authentication of switch and configuration point
- Support reliable transmission of configuration requests and responses
- Support connection setting by configuration point or switch
- Able to carry local switch configuration and a wide range of switch configurations
- Support configuration points to configure parameters on the switch and receive configuration parameters from the switch
- Support to create, change and delete configuration information on the switch, and support to report configuration results
- Support independent sending of configuration requests and asynchronous notification from the switch to the configuration point
- Support memory ability, extensibility, and report own attributes and abilities
OF-CONFIG data model
- OF-CONFIG uses XML to describe its data structure
- The data model consists of classes and class attributes
Each openflow switch includes multiple openflow logical switch instances
OF-CONFIG data model multiple identifiers
- OpenFlow Capable Switch
- OpenFlow Configuration Point
- OpenFlow Logical Switch
- Logical Switch Capabilities
- OpenFlow Controller
- OpenFlow Resource (Superclass)
- OpenFlow Port
- OpenFlow Port Feature
- OpenFlow Queue
- External Certificate
- Owned Certificate
- OpenFlow Flow Table
Take the OpenFlow switch data model as an example:
OF-CONFIG transmission protocol
•Transmit its content through the NETCONF protocol (RFC6241)
NETCONFIG protocol
What is the NETCONF protocol
• A new generation of network management protocol;
• The network configuration protocol NETCONF (Network Configuration Protocol) provides a mechanism for managing network devices;
• The NETCONF working group was established in 2003, and the updated version of RFC 6241 was released in 2011.
Advantages of NETCONF protocol (compared with SNMP)
Other features of NETCONF protocol
• Distinguish configuration data and status data, and provide different operations to add, delete, modify and check data.
- Configuration data (configuration data): data for configuring network equipment;
- State data: data reflecting the state of the device
- There are multiple configuration databases
NETCONF protocol framework
NETCONF transport layer
• Provide a reliable serial number sending mechanism for NETCONF connections;
• Provide authentication, data integrity and security assurance;
• SSH as its bearer protocol;
NETCONF RPC层
•Using RPC-based communication mechanism;
•: request
•: response
NETCONF operation layer
•Functions of obtaining, configuring, copying and deleting database information
NETCONF content layer
•Describes the configuration data involved in network management:
•Using YANG language for modeling, YANG has the following characteristics:
- Hierarchical tree structure
- Can be directly mapped to XML
- Good readability and easy to learn
- Reusable and extensible
Operation example-<get-config`>
Operation example-<edit-config`>
Operation example-<copy-config`>
• Create or replace the entire configuration database
• If the target exists, overwrite; otherwise, create a new database
Operation example-<delete-config`>
• The configuration database cannot be deleted.
Reference: MOCC SDN Network Courses of Chinese Universities