Chapter 1 Overview
1.1 SDN concept
SDN (Software Defined Network) - software defined network. In order to get rid of the traditional network's dependence on network hardware and facilitate the adjustment, change and upgrade of the network, SDN came into being.
SDN is an emerging network architecture that separates network control functions from forwarding functions and realizes programmable control. This architecture will transfer the control layer from network devices to external computing devices, making the underlying infrastructure transparent and abstract for applications and network services, and the network can be regarded as a logical or virtual entity.
1.2 SDN characteristics
Separation of forwarding and control: The control plane of the network element is on the controller, which is responsible for protocol calculation and generating flow table; while the forwarding plane is only on the network device.
Centralized control: Device network elements are centrally managed and issued flow tables through the controller, so that there is no need to operate the devices one by one, but only need to configure the controller.
Open interface: Third-party applications only need to programmatically define a new network function through the open interface provided by the controller, and then run it on the controller.
The SDN controller is different from the network management and planning tools. The network management still needs the control plane of the device to be responsible for generating forwarding entries, which does not realize the separation of SDN forwarding and control. The planning entries delivered by the planning tool are parameters, while the SDN controller delivered The entry is a flow table, which is used by the forwarder to forward data packets.
1.3 Development Trend of SDN
- More open and flexible data plane
- Higher performance open source network hardware
- Smarter Network Operating System
- Function Virtualization of Network Devices
- Highly automated business orchestration
Development Trend of SDN Industry
- Innovative applications in data center scenarios
- Innovative applications for carrier network scenarios
- Realize industrial large-scale commercial deployment
Chapter 2 Analysis of SDN Architecture
2.1 SDN network architecture
SDN is a reconstruction of the traditional network architecture. The original distributed control network architecture is reconstructed into a centralized control network architecture. The SDN network architecture is shown in Figure 1-1.
Figure 1-1 SDN network architecture
Application layer: This layer is mainly various upper-layer applications.
Control layer: This layer is the control center of the system, responsible for the generation of internal switching paths and border service routes of the network.
Forwarding layer: This layer is mainly a forwarding network composed of forwarders and connectors. The forwarding entry is generated by the control layer.
2.2 Working principle of SDN architecture
The controller collects network element resource information, collects topology information, and generates internal switching routes of the SDN network.
Network element resource information includes transponder registration information, resource reporting process, MPLS label information, VLAN resource information, interface resource information, etc.;
Topology information includes node objects, interface objects, link objects, etc.;
The purpose of the controller to collect topology information is to calculate reasonable path information based on network resources and send it to the forwarder through the flow table.
Usually the controller acts as the server, and the transponder actively initiates a control protocol resume to the controller. After passing the authentication, the control protocol establishes a connection.
2.3 Analysis of three models of SDN
2.3.1 Network Virtualization Model
The simplest SDN model on the market is the network virtualization model, popularized by startup Nicira, which was acquired by VMware in 2012. The main goals of network virtualization are to remove the LAN partitioning limitations that exist in the virtual LAN (VLAN) standard, and to address scalability issues by enabling multicast in some Ethernet-based virtual network architectures.
2.3.2 " Incremental" approach
The second SDN model can be called the "progressive" model. The goal of this model is to enhance network software control and operations, but within the boundaries of current network technology. In order to achieve this, network service providers may need to benchmark, such as VXLAN, GRE, BGP and MPLS, and use these standards to partition the network into virtual communities and manage traffic and service quality. Providers may need to combine their solutions into the same set of management interfaces that can be used by cloud service environments, either through DevOps tools or cloud virtual interfaces.
2.3.3 OpenFlow model
The last SDN model is the OpenFlow model, which is also the one most closely related to SDN. OpenFlow replaces the traditional discovery-based forwarding table creation in switches or routers, and replaces it with centralized control forwarding, which also means that a centralized controller item corresponds to the forwarding table of each device. Doing so provides a central control node with complete rules, such as how the network is segmented or virtualized, how traffic is managed, etc. Any combination of controllers and switches supporting OpenFlow-compatible versions can be used in this SDN model. Finally, the biggest advantage of this SDN model is that this model is established based on the concept of SDN.
2.4 Model Analysis
Cloud providers struggling with VLAN segmentation restrictions, or facing VLAN multicast problems, may first focus on the SDN model of virtualized networks. This model can also overlay the progressive SDN model, although there are many problems with coordinating management interfaces. Providers with large investments in data center networking equipment may prefer this approach to avoid redundancy costs. The future mainstream development direction should be inclined to OpenFlow, so attention should be paid to service and equipment providers that support OpenFlow, especially when deploying new equipment.
Chapter 3 Traditional Architecture and SDN Architecture
3.1 Control and forwarding of traditional architecture data
The traditional network is a distributed control architecture, and each device includes an independent control plane and data plane.
Distributed control means that in a traditional IP network, the control plane for protocol calculation and the data plane for message forwarding are located on the same device. After route calculation and topology changes, each device must perform the route calculation process again, which is called the distributed control process. In a traditional IP network, each device independently collects network information, calculates independently, and only cares about its own route selection. The disadvantage of this model is that all devices lack uniformity in calculating paths.
3.2 Traditional network architecture
Traditional network architecture includes: management plane, control plane, and data plane.
Management plane: mainly includes the device management system and business management system. The device management system is responsible for the management of network topology, device interfaces, and device features, and can deliver configuration scripts to devices. The service management system is used to manage services, such as service performance monitoring and service alarm management.
Control plane: The main functions are protocol processing and calculation. For example, routing protocols are used to calculate routing information and generate routing tables.
Data plane: It means that the device completes the forwarding and processing of user services according to the instructions generated by the control plane. For example, the router forwards the received data packets through the corresponding outgoing interface according to the routing table generated by the routing protocol.
3.3 Advantages of SDN architecture
3.3.1 Hardware Standardization/Software Platformization
This concept is novel or not, and the software industry has been doing this since the day the OS was born. But the network equipment industry has not formed such a standard. I personally guess that the reason should be the monopoly of big manufacturers on the market. When each network equipment manufacturer launches its own equipment, the software and hardware are closely linked. After using the company's equipment, the corresponding software must be used, so that users can be locked in , so that users will not easily switch to other manufacturers' equipment. But SDN can form an ecosystem, which can solve this problem very well.
3.3.2 Simplified network
The network architecture of SDN simplifies the network, because the internal path calculation and establishment of the network are all completed by the controller. The controller calculates the flow table and directly sends the forwarder, thus eliminating many internal network protocols, such as RSVP, LDP, MBGP, PIM multicast protocol, etc. In the future, a large number of east-west protocols will disappear, and instead, the north-south control protocols will continue to evolve to meet the network architecture requirements of SDN.
3.3.3 Simple configuration management
In the previous course design, I checked the actual configuration of the firewall under the large network in the production environment, and I found that this thing is not a good configuration master. There are hundreds of addresses, policies, VPNs, etc., whether it is CLI or WebUI configuration, it is a kind of torture. Configuration hassle is a big problem with traditional network equipment. Another problem is the network management problem caused by the dynamic migration of servers. This problem is brought about by the server virtualization revolution, and the current network equipment basically has no solution to it. Therefore, the advantages of the SDN network architecture are reflected, which can be configured in a unified manner and reduce the workload.
3.3.4 Debug convenience
People who have never done network equipment may not know how hard it is to debug network software. General software debugging steps:
1. Information collection
2. Narrow down the problem space until the root cause is found
3. Repeat 1
For network software, information collection is a hurdle. You must be able to obtain the configuration of each related network device under the network topology and the logs when problems occur. This is definitely not an easy task. If you don't believe me, ask an engineer. They have to grab the log every day, and it is difficult to succeed once, but if they succeed twice or three times, the sky has eyes. Even if you successfully capture the required logs, think about the problem that AT&T will give you a route flapping problem, dozens of devices in a large network topology, several megabytes of configuration information, and tens of megabytes of logs. Relevant and irrelevant, they are all thrown to you anyway. You need a lot of time to find the reason, and it will really crash.
Because of the centralized control of SDN, it is possible to designate relevant network devices and enable the required debug switches at the same time to collect logs to the central cloud.
Run a set of predefined analysis tools to analyze the problem; create a virtualized environment and replay packets.
In the end, there may be a precedent for 80% of the problems; the remaining 20%, in the hands of engineers, is also a small range of valuable data, and even analysis reports.
3.4 Evolution of Traditional Network Architecture to SDN Network Architecture
3.4.1 Clear division of business traffic
The original business is divided according to the way that one application corresponds to one region. After using SDN, it will become a service system as a region division. Divide multiple working groups in each area to accurately distinguish business modules and understand the access relationship between businesses more clearly.
3.4.2 Unlimited horizontal expansion
In the existing SDN network, the gateway is deployed on each leaf node by using anycast gateway. Even if a new device joins the network, no matter where it is located, it can accurately enter the corresponding logical location.
3.4.3 Control plane and forwarding plane decoupling
In traditional network switching devices, the control plane and forwarding plane are tightly coupled and integrated into a separate device box. The control plane of each device is distributed to each node of the network, and it is difficult to have a global control of the network situation of the entire network. Therefore, an important concept of the SDN network is to separate the control plane of each individual network device from the physical hardware and hand it over to the virtualized network layer for processing. The entire virtualized network layer is loaded on the physical network to shield the underlying physical network. The difference of the forwarding equipment rebuilds the whole network in the virtual space.
3.4.4 Centralized network control
The control plane is centrally controlled, and the central controller can obtain global information of network resources and perform global allocation and optimization of resources according to business needs, such as service quality load balancing functions, etc. At the same time, after centralized control, the network devices of the entire network are managed by the central controller, making the deployment and maintenance of network nodes more agile.
Chapter 4 Summary
The traditional network has been developed for half a century, and many people have worked hard for it, condensing the wisdom and painstaking efforts of countless people, but its architecture has inherent defects and unmodifiability, resulting in many application scenarios. Insufficient performance, and it will only become more and more complicated.
Although SDN has not been born for a long time, it has already shown very strong vitality. Traditional networks still have great advantages in terms of security, reliability, maintainability, and performance. However, with the replacement and development of SDN-related equipment, the distance from traditional network architecture will be gradually narrowed. It will become weaker and weaker, and the advantages of SDN are beyond the reach of the traditional network architecture, so SDN will continue to occupy the territory of the traditional network and become the mainstream network architecture by virtue of its own advantages.