个人总结openflow与controller

Research Summary

 

1.      This summary is research works includethese topics:

a)       SDN controller common knowledge.

b)       OF spec v1.3.1 introduction.

c)       OPENDAYLIGHT (ODL) introduction.

d)       Small tips.

2.     SDN controller:A kind of network management software for SDN.

a)       We derivecontrol plane from network device to centralized server, and call this serveras SDN controller. Advantage:

                       i.             Makenetwork device cost down (for example, reduce CPU loading).

                     ii.             Tosupport SDN.

b)       SDN controlleris a plug-in of OPENSTACK, to do these tasks:

                       i.             Networksegmentation, by vlan or scope?

                     ii.             Topologyindependence forwarding by ACL or OF table?

                   iii.             Networktap by mirror?

                   iv.             Overlay& Underlay using encryption method, such as VxLAN?

c)       OF plug-inis a kind of plug-in software of SDN controller, and SDN controller is a kindof plug-in software of OPENSTACK network management, such as NEUTRON.

3.     OFspec v1.3.1:

a)       Port definition:

                       i.             OF port:OF switch port, include Physical port + logical port + reserved port.

                     ii.             Standardport: general switch port, include Physical port + logical port + reserved port.

                   iii.             Physicalport: switch physical port.

                   iv.             Logicalport: logic port mapping to physical port (including controller port) + LAGport + loopback port + tunnel port.

                     v.             Resavedport : port need by OF protocol, which is defined by OF spec, include thesetypes:

1.       Require:

a)       All: toall standard port except ingress port and OFPPC_NO_FWD port.

b)       Controller:To OF controller port.

c)       Table:To OF flow table entrance.

d)      IN_PORT:ingress port of this packet.

e)       Any: drop??

2.       Optional:

a)       Local:To local device stack.

b)       Normal:non-OF port.

c)       Flood:flood this packet to all normal port except ingress port, and will flood invlan.

                   vi.             If wewant to do multicast, use group table, port role is also defined here.

b)       OFflow table : (not important for controller)

                       i.             OFflow table is similar to ACL, using TCAM:

1.       Userdefines TCAM data, to specify user data.

2.       Userdefines TCAM input, to specify which fields of packet user want to get.

3.       Userdefine mask, to specify which fields user care about.

4.       Userdefines actions, to specify what action to do if this table hit.

5.       TCAMIP feature: TCAM could get result in one cycle; there are default actions in globalconfigure if TCAM look up miss.

                     ii.             OF pipelineis similar with ACL package inspect engine, difference is ACL-PIE is only one step,OF pipeline has multi steps. The entrance of a specific flow is called flowentry?

                   iii.             Grouptable is used for multi-actions such as multicast.

                   iv.             Metertable is used to record per-flow hit counter, which is used for softwareindication.

                     v.             Counteris hardware register to record table/group/entry/etc hit counter.

                   vi.             Instructionis to specify how to do actions if flow entry hit, such as do action immediately.

c)       OFchannel :

                       i.             OFchannel is setup between controller and switch, usually use TCP/TLS.

1.       Channelsetup :

a)       Channelsetup by controller using 1. Controller configure file; 2. Manual configure.

b)       After channelsetup, controller and switch must 1. Exchange OFPT_HELLO immediately; 2. NegotiateOF version before channel get into work.

c)       Ifconnection setup fails, controller and switch must echo OFPT_ERROR with OFPET_HELLO_FAILED.

2.       Channelinterrupt :

a)       Whatswitch do : 1. Enter “fail mode”; 2. drop packets to controller; 3. Flowentries exist until time out configured in “fail mode”

3.       Multi-controller: Use multi-controller to 1. HA; 2. LB; 3.Manage by controller

4.       Auxiliaryconnections: use backup link between controller and switch.

                     ii.             Messagedelivering and handling :

1.       OFprotocol need reliable message deliver and correct message order, so we have touse TCP/TLS while message delivering.

2.       Switchmust return error message if switch get error while processing message fromcontroller. Exception is Packet-out message fail because of port congestion,QOS drop, ACL drop, port link down.

3.       Switchmust send message to controller if switch state change, except this message is droppedby QoS or ACL etc of controller port.

4.       Messageorder while switch process:

a)       Usebarrier to order message. Switch must process and reply messages beforebarrier.

b)       Messageorder affects flow entry order.

c)       If twomessage dependence for each other, we have to use barrier

d)       OF protocol:

                       i.             3message type : controller-to-switch, asynchronous, and symmetric message

1.       Controller-to-switchwith these types:

a)       Feature:controller quarry switch ability, switch MUST response.

b)       Configure:controller configure switch ability, switch MUST response.

c)       Modify-state:1. add/delete/modify OF flow table or entry of group table; 2. Set portproperties such as PVID; 3. Response is required or not is not specify??

d)      Read-state:controller read some state of switch.

e)       Packet-out: controller trigger switch to send packets by using this message, this messagemust contain :

                                                                 i.             Packetor packet buffer ID in switch.

                                                               ii.             Actionlist.

f)        Barrier:A1-A2-Barrier-B1-B2, switch must process A1/A2 and response these packets ifneeded before process B1/B2.

g)       Role-request:controller sends this to quarry the device role connected.

h)       Asynchronous-Configuration:when switch connected multi-controllers, use this to set on controller port tofilter message sent to controller.

2.       Asynchronousmessage: do not need controller trigger, switch send asynchronous message toindicate controller that 1. A packet, which is wanted by controller, is coming;2. State, including port state and switch state, changed; 3. Error defined byswitch happened.

a)       Packet-in:A kind of message when switch send packets to controller. These events will makeswitch produce Packet-in:

                                                                 i.             OFflow table forward a packet to controller port.

                                                               ii.             Table-missconfiguration is set to controller port.

                                                             iii.             Compareto port based ACL trap packet to CPU, if port policy set trap a packet tocontroller, the packet will send through controller port using this type.

                                                             iv.             The packetcontroller received with Packet-in type must send out with Packet-out type.

b)       Flow-Removed:the message is sent by switch to controller, to inform controller that a flowentry is removed because 1. Controller want to delete it, refer Modify-state;2. The entry is time out.

c)       Port-state:the message is to inform controller a port state change, such as port link down.The message is the reply of Modify-state?

d)      Error: switch produce error message to controller

3.       Symmetric:

a)       Hello:between switch and controller, send by ether, to do what?

b)       Echorequest/reply: send by ether side, to keep alive and measure link bandwidth.

c)       Experimenter:extend user defined message.

4.     OPENDAYLIGHT:

a)       OPENDAYLIGHTis SDN controller, same as cisco ONE controller.

b)       Basictools:

                       i.             Usemaven as project management tool, compare with MAKE.

                     ii.             UseOSGI to:

1.       Makebundle become hot load/unload/start/stop/listen/call. A bundle is a kind of jarpackage with bundle description in MANIFAST.MF

2.       Be ahttp frame work to dispatch http request into different bundles, similar toHIBERNATE.

                   iii.             Sendhttp request using JSON.

                   iv.             Use OFplug-in or other plug-in to implement SAL layer.

                     v.             UseYANG tool to produce SAL java interface quickly.

c)       Reference:

                       i.             ODLdevelop guide.

                     ii.             SALdevelop guide.

                   iii.             Configuresystem.

                   iv.             Mavenarchetype.

d)       Example codes: ping example.

5.     Smalltips :

a)       HOLsolution: quarry if there is enough space of ring before insert packet into it.If there is no space, skip this packet to process low priority ring.

b)       IGMPentry management: use VID+DIP as bucket key to store list of SIP+DIP insoftware. Do NOT delete VID+DIP entry in hardware if NOT all station quite fromthis group.