N South/(Southbound)Interface 1.Interfaces 国家重点实验室 (APIs)# Use open standard protocols to Application Plane communicate between control Security Apps plane and data plane Include OpenFlow,ForCES, Network Apps OpFlex Business Apps North APls Programmatic control of abstracted network resources Northbound API(e.g.,REST API) employ open standard protocols Control Plane to communicate between app plane and control plane,so as to SDN Westbound API SDN Eastbound API SDN controller controller controller implement various applications Logically centralized control One of the common API of network resources Southbound API(e.g..OpenFlow) technologies used at the Data Plane northbound interface is the Representational State Transfer + (REST#表征状态转移) API.REST APIs use the Hardware HTTP/HTTPS#protocol to execute Virtual switches Physical switches common operations on resources SuILwaIc-bCIlleu IICLWUInIlly MICIlILCCLuIe represented by Uniform Resource Identifier(URI#)strings
1. Interfaces South/(Southbound) Interface (APIs)# – Use open standard protocols to communicate between control plane and data plane – Include OpenFlow, ForCES, OpFlex North APIs – employ open standard protocols to communicate between app plane and control plane, so as to implement various applications Software-Defined networking Architecture – One of the common API technologies used at the northbound interface is the Representational State Transfer (REST # 表征状态转移) API. REST APIs use the HTTP/HTTPS# protocol to execute common operations on resources represented by Uniform Resource Identifier (URI#) strings
国家重点实验室 ForCES Load Other Forwarding and Control Element Management Plane Routing Balancing Firewall Applications Separation OpFlex(Operation Flexible): Controller Portability An open policy protocol,to Based Northbound facilitate the communications in Interfaces Programm ability Intent Based south interface. >OpFlex supports a Declarative SDN control plane,focusing on Controller Control Plane Westbound Legacy centralizing the policy and then Eastbound Networks SDN Interfaces SDN Interfaces pushing out some of the Controller Controller intelligence to the data path ForCES Southbound OpenFlow East /(eastbound)Interface OpFlex Interface (APIs) Eastbound APls are used to import and export information Data Plane Hardw are Switches Software Switches Hardware Switches among distributed controllers. Some examples of these interfaces are[31]-[33]
East /(eastbound) Interface (APIs) – Eastbound APIs are used to import and export information among distributed controllers. Some examples of these interfaces are [31]–[33]. Software-Defined networking Architecture ForCES : Forwarding and Control Element Separation OpFlex (Operation Flexible): An open policy protocol, to facilitate the communications in south interface. OpFlex supports a Declarative control plane, focusing on centralizing the policy and then pushing out some of the intelligence to the data path
国家重点实验室 Load Other Management Plane Routing Firewall Balancing West APls Applications On the other hand, Controller Westbound APls enable Portability Based Northbound the communication Interfaces Programm ability Intent Based between legacy network devices (routers etc.)with SDN the controllers.Some Controller Control Plane Eastbound Westbound Legacy example solutions are Networks SDN SDN Interfaces discussed in [34]-[36]that Interfaces Controller Controller use open standard protocols to comm.between ForCES Southbound control plane and data plane. OpenFlow Figure and explanations are OpFlex Interface from“A Comprehensive Survey of Interface Protocols Data Plane Hardw are Switches Software Switches Hardw are Switches for Software Defined Networks",Zohaib Latif,et al
West APIs – On the other hand, Westbound APIs enable the communication between legacy network devices (routers etc.) with the controllers. Some example solutions are discussed in [34]–[36] that use open standard protocols to comm. between control plane and data plane. – Figure and explanations are from “A Comprehensive Survey of Interface Protocols for Software Defined Networks”, Zohaib Latif, et al. Software-Defined networking Architecture
Application A Application B 2.Protocols 国家重点实验室 Control Plane (Network OS) OpenFlow# OpenFlow Protocols Allow separation of control and data planes. Data Centralization of control. ·Flow based control.. Takes advantage of routing tables in forwarding devices(e.g., Ethernet switches and routers). ·SDN is not OpenFlow. SDN is a concept of the physical separation of the network control plane from the forwarding plane,and where a control plane controls several devices. OpenFlow is communication interface between the control and data plane of an SDN architecture. Allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers,both physical and virtual. Think of as a protocol used in switching devices and controllers interface
2. Protocols OpenFlow# • Allow separation of control and data planes. • Centralization of control. • Flow based control. OpenFlow Protocols Data Path (Hardware) Control Path OpenF Data low Plane Control Plane (Network OS) Application A Application B • Takes advantage of routing tables in forwarding devices (e.g., Ethernet switches and routers). • SDN is not OpenFlow. • SDN is a concept of the physical separation of the network control plane from the forwarding plane, and where a control plane controls several devices. • OpenFlow is communication interface between the control and data plane of an SDN architecture. • Allows direct access to and manipulation of the forwarding plane of network devices such as switches and routers, both physical and virtual. • Think of as a protocol used in switching devices and controllers interface
Basic OpenFlow:How Does it Work? 国家重点实验室 Controller manages the traffic(network flows)by manipulating(操作、处理、篡改) the flow table at switching/forwarding devices.Instructions are stored in flow tables. 。 When packet arrives at switch,match the header fields with flow entries in a flow table. If any entry matches,performs indicated actions and update the counters. If does not match,switch asks controller by sending a message with the packet Network Applications Communicate via secure Channel Intrusion MAC Routing Load Detection Flow Table (has 3 sections) Learning Algorithms Balancer System FLOW TABLE RULE ACTION STATS Control Plane SDN controller Packet counters 1. Forward packet to port(s) 2. Encapsulate and forward to controller Flow table 3 Drop packet 4. Send to normal processing pipeline 公华年年生中中中行单车中卡中卡华卡生市生时 Switch MAC MAC Eth VLAN IP IP TCP TCP Data Plane port src dst type D src dst psrc pdst
20 Basic OpenFlow: How Does it Work? • Controller manages the traffic (network flows) by manipulating (操作、处理、篡改) the flow table at switching/forwarding devices. Instructions are stored in flow tables. • When packet arrives at switch, match the header fields with flow entries in a flow table. • If any entry matches, performs indicated actions and update the counters. • If does not match, switch asks controller by sending a message with the packet header. Data Plane Control Plane : Flow Table (has 3 sections) Flow table Communicate via secure Channel